DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.67.2
Run by Elisha at 12:58:22 on 2014-09-16
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1013.137 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\windows\OEM02Mon.exe
C:\windows\System32\WLTRAY.EXE
C:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\wuauclt.exe
C:\windows\System32\hkcmd.exe
C:\windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\program files\Common Files\InstallShield\UpdateService\issch.exe
C:\windows\sttray.exe
C:\windows\System32\wpcumi.exe
C:\program files\ATT-SST\pcTrayApp.exe
C:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\program files\real\realplayer\Update\realsched.exe
C:\program files\HP\HP Software Update\hpwuschd2.exe
C:\program files\Common Files\Java\Java Update\jusched.exe
C:\program files\AVG\AVG2015\avgui.exe
C:\program files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
C:\program files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
C:\program files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\program files\Google\Chrome\Application\chrome.exe
C:\program files\Google\Chrome\Application\chrome.exe
C:\program files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = Preserve
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.yahoo.com
uProxyOverride = <-loopback>
uURLSearchHooks: {D8278076-BC68-4484-9233-6E7F1628B56C} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: {878B8524-AED5-4870-9A96-A515440DAC75} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [HP Deskjet 3510 series (NET)] "c:\program files\hp\hp deskjet 3510 series\bin\ScanToPCActivationApp.exe" -deviceID "CN29J1368G05R7:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
uRun: [RocketTab] "c:\users\elisha\appdata\local\rockettab\Client.exe"
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [ATT-SST_McciTrayApp] "c:\program files\att-sst\pcTrayApp.exe"
mRun: [tvncontrol] "c:\program files\showmypcservice\tvnserver.exe" -controlservice -slave
mRun: [RoxioDragToDisc] "c:\program files\roxio\drag-to-disc\DrgToDsc.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstall ... 0gtNElKTUg"&"inst=NzctNzQzMDkxNTk1LUZQOSs2LUJBUjlHKzEtVEI5KzItRkwrOS1RSVgxKzQtWDIwMTArMi1GMTBNMTBEKzEtTElDKzItRkwxMCsxLVZJUCsxLVNQMSsxLUREVCs2MzU1Mi1MU0QrMi1ERDEwRisxLVNUMTBGQVBQKzEtTDEwTSsxLUYxME0xMkFOKzEtRjEwTTEyQSsxLUYxME0xMkFCKzEtVTEwKzEtU1QxMkZPSSsxLUYxME0xMkFVKzE"&"prod=90"&"ver=2012.0.1809"&"mid=fd43461e52aa4868bb0ada11aac08b4c-0a03ed3f9f3f3f32ad864c4e6ad8c25f0045554e
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - c:\program files\amazon\add to wish list ie extension\run.htm
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: $talisma_url$
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1007
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{257F135A-D7D6-4F90-A4E8-B20FD9AC49A8} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{4B537344-FA15-45A8-895F-A7535BAB4A63} : DHCPNameServer = 192.168.1.254
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\37.0.2062.120\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-6-18 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-7-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-8-6 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-18 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-18 121624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-7-24 204056]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-18 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-8-20 193304]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-7-2 199448]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-12-28 47640]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-9-15 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-9-15 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-9-15 51928]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2013-7-10 13464]
.
=============== Created Last 30 ================
.
2014-09-16 12:53:39 -------- d-----w- c:\users\elisha\appdata\roaming\AVG2015
2014-09-16 12:52:35 -------- d-----w- c:\users\elisha\appdata\roaming\TuneUp Software
2014-09-16 12:51:19 -------- d-----w- c:\programdata\AVG2015
2014-09-16 12:39:04 -------- d-----w- c:\users\elisha\appdata\local\MFAData
2014-09-16 12:39:04 -------- d-----w- c:\users\elisha\appdata\local\Avg2015
2014-09-16 12:31:25 8806800 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c6c1639f-9ba7-4a5e-8c73-c3dc268dd151}\mpengine.dll
2014-09-15 22:50:50 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-15 22:50:03 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-09-15 22:50:03 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-09-15 22:50:03 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-15 22:50:03 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-09-15 20:02:37 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-09-15 19:48:09 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2014-09-15 19:03:11 9318 ----a-w- c:\users\elisha\appdata\local\Setup.exe
2014-09-15 19:03:00 1011840 ----a-w- c:\users\elisha\appdata\local\Malware360Installer.exe
2014-09-15 19:02:48 -------- d-----w- c:\users\elisha\appdata\local\RocketTab
2014-09-12 14:31:28 -------- d-----w- c:\users\elisha\appdata\roaming\DriverCure
2014-09-12 14:31:27 -------- d-----w- c:\users\elisha\appdata\roaming\SpeedyPC Software
2014-09-12 14:30:47 -------- d-----w- c:\programdata\SpeedyPC Software
2014-08-21 01:49:40 193304 ----a-w- c:\windows\system32\drivers\avgldx86.sys
.
==================== Find3M ====================
.
2014-09-15 19:00:34 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-15 19:00:33 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-08-25 10:53:44 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-07-24 18:09:20 204056 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-07-18 19:55:24 230680 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-07-02 14:01:44 199448 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-06-19 01:16:30 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-06-19 01:03:36 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-06-19 01:03:34 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2014-06-19 01:03:34 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2013-04-02 13:40:11 4096000 ----a-w- c:\program files\GUT800.tmp
.
============= FINISH: 13:01:08.25 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 2/6/2010 5:08:58 PM
System Uptime: 9/16/2014 9:45:00 AM (4 hours ago)
.
Motherboard: Dell Inc. | | 0KU927
Processor: Intel(R) Core(TM)2 Duo CPU T5450 @ 1.66GHz | Microprocessor | 1000/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 193.817 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0000
Service: tunmp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: WAN Miniport (L2TP)
Device ID: ROOT\MS_L2TPMINIPORT\0000
Manufacturer: Microsoft
Name: WAN Miniport (L2TP)
PNP Device ID: ROOT\MS_L2TPMINIPORT\0000
Service: Rasl2tp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: WAN Miniport (Network Monitor)
Device ID: ROOT\MS_NDISWANBH\0000
Manufacturer: Microsoft
Name: WAN Miniport (Network Monitor)
PNP Device ID: ROOT\MS_NDISWANBH\0000
Service: NdisWan
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: WAN Miniport (IP)
Device ID: ROOT\MS_NDISWANIP\0000
Manufacturer: Microsoft
Name: WAN Miniport (IP)
PNP Device ID: ROOT\MS_NDISWANIP\0000
Service: NdisWan
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: WAN Miniport (IPv6)
Device ID: ROOT\MS_NDISWANIPV6\0000
Manufacturer: Microsoft
Name: WAN Miniport (IPv6)
PNP Device ID: ROOT\MS_NDISWANIPV6\0000
Service: NdisWan
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: WAN Miniport (PPPOE)
Device ID: ROOT\MS_PPPOEMINIPORT\0000
Manufacturer: Microsoft
Name: WAN Miniport (PPPOE)
PNP Device ID: ROOT\MS_PPPOEMINIPORT\0000
Service: RasPppoe
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: WAN Miniport (PPTP)
Device ID: ROOT\MS_PPTPMINIPORT\0000
Manufacturer: Microsoft
Name: WAN Miniport (PPTP)
PNP Device ID: ROOT\MS_PPTPMINIPORT\0000
Service: PptpMiniport
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: WAN Miniport (SSTP)
Device ID: ROOT\MS_SSTPMINIPORT\0000
Manufacturer: Microsoft
Name: WAN Miniport (SSTP)
PNP Device ID: ROOT\MS_SSTPMINIPORT\0000
Service: RasSstp
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 15 Plugin
Adobe Reader X (10.1.11)
Advanced Audio FX Engine
Advanced Video FX Engine
Amazon Add to Wish List IE Extension 1.2
AT&T Troubleshoot & Resolve Tool
AVG 2015
Broadcom 440x 10/100 Integrated Controller
Catalina Savings Printer
CCleaner
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Dell Driver Download Manager
Dell Resource CD
DELL Webcam Center
DELL Webcam Manager
Dell Wireless WLAN Card
Google Chrome
Google Drive
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Deskjet 3510 series Basic Device Software
HP Deskjet 3510 series Help
HP Deskjet 3510 series Product Improvement Study
HP FWUpdateEDO2
HP Photo Creations
HP Update
HPDiagnosticAlert
Intel Matrix Storage Manager
Intel(R) Graphics Media Accelerator Driver
Java 7 Update 67
Java Auto Updater
Laptop Integrated Webcam Driver (1.00.10.0320)
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Palm Desktop
QuickSet
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
SigmaTel Audio
Sonic Activation Module
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Visual Studio 2012 x86 Redistributables