mtdave
2013-09-09, 15:59
I still have a malware problem after many scans principally with the browsers (IE9 and Chrome) but the computer is dreadfully slow for much of the time including startup.
DDS log below:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.25.2
Run by NplDave at 7:20:21 on 2013-09-09
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.3039.1217 [GMT 1:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\ProgramData\banda larga tmn-HW\OnlineUpdate\ouc.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxeccoms.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\Program Files\SimpleFiles\SFUpdater.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\NCH Software\VRS\vrs.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\Android-Sync\AndroidSync.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
C:\Windows\system32\conhost.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\KiesAirMessage.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Program Files\MyTomTom 3\MyTomTomSA.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\System32\C2MP\TrayMenu.exe
C:\Program Files\JustCloud\JustCloud.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Android-Sync\bin\adb.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Sony\VAIO Update\VUAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\JustCloud\BackupStack.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.ybs.co.uk/
uWindow Title = Internet Explorer, optimized for Bing and MSN
uProxyServer = localhost:21320
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.5.0.2\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
BHO: SpeedBit Link Verification Helper: {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - c:\program files\dap\LinkVerifier.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.5.0.2\AVG Secure Search_toolbar.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [SpeedBitVideoAccelerator] "c:\program files\speedbit video accelerator\VideoAccelerator.exe" /startup
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [MyTomTomSA.exe] "c:\program files\mytomtom 3\MyTomTomSA.exe"
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [AndroidSync] c:\program files\android-sync\AndroidSync.exe -m
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
StartupFolder: c:\users\npldave\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\npldave\appdata\roaming\micros~1\windows\startm~1\programs\startup\justcl~1.lnk - c:\program files\justcloud\JustCloud.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\codecp~1.lnk - c:\windows\system32\c2mp\TrayMenu.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\codecp~2.lnk - c:\windows\system32\c2mp\UpdateChecker.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: &Verify with DAP - c:\program files\dap\dapverify.htm
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:\program files\speedbit video accelerator\SBLSP.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {C97916DC-21CA-4B1E-BF27-1D7B53B2A955} - hxxp://c2c.edp.pt/Click2Assist.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{2D7F1D2E-1696-4131-B2E3-342992C9D445} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CA75A816-A2BD-46A3-95F1-460CD29BC34D} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CA75A816-A2BD-46A3-95F1-460CD29BC34D}\2616278616D60313B696474756E6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CA75A816-A2BD-46A3-95F1-460CD29BC34D}\45865602C4F6467656 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{CA75A816-A2BD-46A3-95F1-460CD29BC34D}\5526562727F65747562723437686A7 : DHCPNameServer = 194.168.4.100 194.168.8.100 192.168.1.1
TCP: Interfaces\{CA75A816-A2BD-46A3-95F1-460CD29BC34D}\D616274796E6 : DHCPNameServer = 192.168.1.1 0.0.0.0
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.5.0\ViProtocol.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.66\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: skype.exe - "c:\program files\avg\avg pc tuneup\TUAutoReactivator32.exe"
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-7-10 39224]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-8-19 97008]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2012-9-4 50296]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-1-25 37664]
R1 RapportCerberus_56758;RapportCerberus_56758;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\baseline\RapportCerberus32_56758.sys [2013-8-20 330960]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-8-19 148688]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-8-19 222416]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2013-7-25 1432080]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 BackupStack;Computer Backup (JustCloud);c:\program files\justcloud\BackupStack.exe [2013-7-1 32808]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe -service --> c:\windows\system32\lxeccoms.exe -service [?]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-9-8 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-9-8 701512]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-8-19 1435928]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-9-7 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-9-7 1033688]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-8-14 3291008]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2013-7-2 93072]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesService32.exe [2013-8-30 1740088]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~1\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
R2 VRSService;VRS Recording System;c:\program files\nch software\vrs\vrs.exe [2013-1-26 1338568]
R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.5.0\ToolbarUpdater.exe [2013-8-14 1643184]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2013-3-18 73984]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-9-8 22856]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-10-22 4231680]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-8-3 9344]
R3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\drivers\stdriver32.sys [2013-1-26 49240]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesDriver32.sys [2013-8-21 12320]
R3 VUAgent;VUAgent;c:\program files\sony\vaio update\VUAgent.exe [2013-1-25 1013808]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S2 banda larga tmn. RunOuc;banda larga tmn. OUC;c:\program files\banda larga tmn-hw\updatedog\ouc.exe [2013-3-18 655712]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxecserv.exe [2013-1-27 193192]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-9-7 171928]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-2-2 83168]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2013-3-18 11136]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\drivers\ewusbwwan.sys [2013-3-18 354816]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2010-8-10 629760]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-2-2 181344]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudserd.sys [2013-2-2 181344]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]
.
=============== Created Last 30 ================
.
2013-09-08 13:45:28 -------- d-----w- c:\users\npldave\appdata\roaming\Malwarebytes
2013-09-08 13:45:05 -------- d-----w- c:\programdata\Malwarebytes
2013-09-08 13:45:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-08 13:45:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-05 16:07:49 36152 ----a-w- c:\windows\system32\TURegOpt.exe
2013-09-05 16:07:48 25400 ----a-w- c:\windows\system32\authuitu.dll
2013-09-05 16:07:06 -------- d-----w- c:\users\npldave\appdata\roaming\AVG
2013-09-05 16:06:09 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-09-05 15:49:21 -------- d-----w- c:\program files\BobyLyrics
2013-09-05 15:48:43 -------- d-----w- c:\users\npldave\appdata\roaming\SimpleFiles
2013-09-05 15:48:43 -------- d-----w- c:\program files\SimpleFiles
2013-09-05 13:24:29 -------- d-----w- c:\users\npldave\appdata\roaming\SparkTrust
2013-09-05 13:24:29 -------- d-----w- c:\users\npldave\appdata\roaming\DriverCure
2013-09-05 13:24:16 -------- d-----w- c:\programdata\SparkTrust
2013-09-05 11:38:59 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-09-05 11:38:25 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-09-05 11:08:51 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-09-01 12:28:30 -------- d-----w- c:\program files\JustCloud
2013-08-29 20:34:58 39896 ----a-w- c:\windows\system32\DiscHandler.exe
2013-08-23 13:22:25 -------- d-----w- c:\programdata\LightScribe
2013-08-23 13:16:02 -------- d-----w- c:\program files\LightScribe Template Labeler
2013-08-20 12:54:42 -------- d-----w- c:\users\npldave\appdata\roaming\EditPlus 3
2013-08-19 10:01:36 97008 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
.
==================== Find3M ====================
.
2013-08-14 17:57:36 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-07-29 06:00:47 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-29 06:00:47 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-26 13:24:22 6275760 ----a-w- c:\windows\system32\avcodec-lav-55.dll
2013-07-26 13:24:22 431792 ----a-w- c:\windows\system32\LAVSplitter.ax
2013-07-26 13:24:22 394416 ----a-w- c:\windows\system32\swscale-lav-2.dll
2013-07-26 13:24:22 296112 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll
2013-07-26 13:24:22 288944 ----a-w- c:\windows\system32\avutil-lav-52.dll
2013-07-26 13:24:22 245936 ----a-w- c:\windows\system32\LAVAudio.ax
2013-07-26 13:24:22 235184 ----a-w- c:\windows\system32\avfilter-lav-3.dll
2013-07-26 13:24:22 190640 ----a-w- c:\windows\system32\libbluray.dll
2013-07-26 13:24:22 150192 ----a-w- c:\windows\system32\avresample-lav-1.dll
2013-07-26 13:24:22 1239216 ----a-w- c:\windows\system32\avformat-lav-55.dll
2013-07-26 13:24:22 1190064 ----a-w- c:\windows\system32\LAVVideo.ax
2013-07-20 00:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-07-20 00:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-07-20 00:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 00:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-07-14 08:25:11 4188160 ----a-w- c:\program files\GUT9CEB.tmp
2013-07-10 00:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-06-22 11:17:09 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-22 11:17:09 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-22 11:17:09 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-11 19:49:33 8610696 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-05-17 08:37:56 4167680 ----a-w- c:\program files\GUT8B20.tmp
2013-01-27 10:11:00 4096000 ----a-w- c:\program files\GUT24DF.tmp
.
============= FINISH: 7:20:58.08 ===============
DDS log below:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.25.2
Run by NplDave at 7:20:21 on 2013-09-09
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.3039.1217 [GMT 1:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\ProgramData\banda larga tmn-HW\OnlineUpdate\ouc.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxeccoms.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\Program Files\SimpleFiles\SFUpdater.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\NCH Software\VRS\vrs.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\Android-Sync\AndroidSync.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
C:\Windows\system32\conhost.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\KiesAirMessage.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Program Files\MyTomTom 3\MyTomTomSA.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\System32\C2MP\TrayMenu.exe
C:\Program Files\JustCloud\JustCloud.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Android-Sync\bin\adb.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Sony\VAIO Update\VUAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\JustCloud\BackupStack.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.ybs.co.uk/
uWindow Title = Internet Explorer, optimized for Bing and MSN
uProxyServer = localhost:21320
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.5.0.2\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
BHO: SpeedBit Link Verification Helper: {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - c:\program files\dap\LinkVerifier.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.5.0.2\AVG Secure Search_toolbar.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [SpeedBitVideoAccelerator] "c:\program files\speedbit video accelerator\VideoAccelerator.exe" /startup
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [MyTomTomSA.exe] "c:\program files\mytomtom 3\MyTomTomSA.exe"
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [AndroidSync] c:\program files\android-sync\AndroidSync.exe -m
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
StartupFolder: c:\users\npldave\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\npldave\appdata\roaming\micros~1\windows\startm~1\programs\startup\justcl~1.lnk - c:\program files\justcloud\JustCloud.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\codecp~1.lnk - c:\windows\system32\c2mp\TrayMenu.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\codecp~2.lnk - c:\windows\system32\c2mp\UpdateChecker.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: &Verify with DAP - c:\program files\dap\dapverify.htm
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:\program files\speedbit video accelerator\SBLSP.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {C97916DC-21CA-4B1E-BF27-1D7B53B2A955} - hxxp://c2c.edp.pt/Click2Assist.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{2D7F1D2E-1696-4131-B2E3-342992C9D445} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CA75A816-A2BD-46A3-95F1-460CD29BC34D} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CA75A816-A2BD-46A3-95F1-460CD29BC34D}\2616278616D60313B696474756E6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CA75A816-A2BD-46A3-95F1-460CD29BC34D}\45865602C4F6467656 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{CA75A816-A2BD-46A3-95F1-460CD29BC34D}\5526562727F65747562723437686A7 : DHCPNameServer = 194.168.4.100 194.168.8.100 192.168.1.1
TCP: Interfaces\{CA75A816-A2BD-46A3-95F1-460CD29BC34D}\D616274796E6 : DHCPNameServer = 192.168.1.1 0.0.0.0
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.5.0\ViProtocol.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.66\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: skype.exe - "c:\program files\avg\avg pc tuneup\TUAutoReactivator32.exe"
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-7-10 39224]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-8-19 97008]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2012-9-4 50296]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-1-25 37664]
R1 RapportCerberus_56758;RapportCerberus_56758;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\baseline\RapportCerberus32_56758.sys [2013-8-20 330960]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-8-19 148688]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-8-19 222416]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2013-7-25 1432080]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 BackupStack;Computer Backup (JustCloud);c:\program files\justcloud\BackupStack.exe [2013-7-1 32808]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe -service --> c:\windows\system32\lxeccoms.exe -service [?]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-9-8 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-9-8 701512]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-8-19 1435928]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-9-7 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-9-7 1033688]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-8-14 3291008]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2013-7-2 93072]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesService32.exe [2013-8-30 1740088]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~1\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
R2 VRSService;VRS Recording System;c:\program files\nch software\vrs\vrs.exe [2013-1-26 1338568]
R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.5.0\ToolbarUpdater.exe [2013-8-14 1643184]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2013-3-18 73984]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-9-8 22856]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-10-22 4231680]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-8-3 9344]
R3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\drivers\stdriver32.sys [2013-1-26 49240]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesDriver32.sys [2013-8-21 12320]
R3 VUAgent;VUAgent;c:\program files\sony\vaio update\VUAgent.exe [2013-1-25 1013808]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S2 banda larga tmn. RunOuc;banda larga tmn. OUC;c:\program files\banda larga tmn-hw\updatedog\ouc.exe [2013-3-18 655712]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxecserv.exe [2013-1-27 193192]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-9-7 171928]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-2-2 83168]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2013-3-18 11136]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\drivers\ewusbwwan.sys [2013-3-18 354816]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2010-8-10 629760]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-2-2 181344]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudserd.sys [2013-2-2 181344]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]
.
=============== Created Last 30 ================
.
2013-09-08 13:45:28 -------- d-----w- c:\users\npldave\appdata\roaming\Malwarebytes
2013-09-08 13:45:05 -------- d-----w- c:\programdata\Malwarebytes
2013-09-08 13:45:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-08 13:45:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-05 16:07:49 36152 ----a-w- c:\windows\system32\TURegOpt.exe
2013-09-05 16:07:48 25400 ----a-w- c:\windows\system32\authuitu.dll
2013-09-05 16:07:06 -------- d-----w- c:\users\npldave\appdata\roaming\AVG
2013-09-05 16:06:09 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-09-05 15:49:21 -------- d-----w- c:\program files\BobyLyrics
2013-09-05 15:48:43 -------- d-----w- c:\users\npldave\appdata\roaming\SimpleFiles
2013-09-05 15:48:43 -------- d-----w- c:\program files\SimpleFiles
2013-09-05 13:24:29 -------- d-----w- c:\users\npldave\appdata\roaming\SparkTrust
2013-09-05 13:24:29 -------- d-----w- c:\users\npldave\appdata\roaming\DriverCure
2013-09-05 13:24:16 -------- d-----w- c:\programdata\SparkTrust
2013-09-05 11:38:59 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-09-05 11:38:25 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-09-05 11:08:51 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-09-01 12:28:30 -------- d-----w- c:\program files\JustCloud
2013-08-29 20:34:58 39896 ----a-w- c:\windows\system32\DiscHandler.exe
2013-08-23 13:22:25 -------- d-----w- c:\programdata\LightScribe
2013-08-23 13:16:02 -------- d-----w- c:\program files\LightScribe Template Labeler
2013-08-20 12:54:42 -------- d-----w- c:\users\npldave\appdata\roaming\EditPlus 3
2013-08-19 10:01:36 97008 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
.
==================== Find3M ====================
.
2013-08-14 17:57:36 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-07-29 06:00:47 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-29 06:00:47 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-26 13:24:22 6275760 ----a-w- c:\windows\system32\avcodec-lav-55.dll
2013-07-26 13:24:22 431792 ----a-w- c:\windows\system32\LAVSplitter.ax
2013-07-26 13:24:22 394416 ----a-w- c:\windows\system32\swscale-lav-2.dll
2013-07-26 13:24:22 296112 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll
2013-07-26 13:24:22 288944 ----a-w- c:\windows\system32\avutil-lav-52.dll
2013-07-26 13:24:22 245936 ----a-w- c:\windows\system32\LAVAudio.ax
2013-07-26 13:24:22 235184 ----a-w- c:\windows\system32\avfilter-lav-3.dll
2013-07-26 13:24:22 190640 ----a-w- c:\windows\system32\libbluray.dll
2013-07-26 13:24:22 150192 ----a-w- c:\windows\system32\avresample-lav-1.dll
2013-07-26 13:24:22 1239216 ----a-w- c:\windows\system32\avformat-lav-55.dll
2013-07-26 13:24:22 1190064 ----a-w- c:\windows\system32\LAVVideo.ax
2013-07-20 00:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-07-20 00:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-07-20 00:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 00:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-07-14 08:25:11 4188160 ----a-w- c:\program files\GUT9CEB.tmp
2013-07-10 00:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-06-22 11:17:09 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-22 11:17:09 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-22 11:17:09 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-11 19:49:33 8610696 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-05-17 08:37:56 4167680 ----a-w- c:\program files\GUT8B20.tmp
2013-01-27 10:11:00 4096000 ----a-w- c:\program files\GUT24DF.tmp
.
============= FINISH: 7:20:58.08 ===============