Problem:
On April 29 I inadvertently downloaded malware that infected my computer and all my browers with endless popups. A feature of this malware was that it blocked my seeing results in google that would help me get rid of it. After much time and sorrow I got rid of the popups on my desktop, but I cannot seem to get the popups out of my browser. I use Google Chrome - I even downloaded Opera browser and it immediately was infested with popups - some sites I can't even use because of the number of popups. Block and Surf is the name (one of many I assume) it goes by. If you could help me, I might be able to stop crying. Thanks, Diana
DDS REPORT
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17267 BrowserJavaVersion: 11.25.2
Run by Michael at 10:13:05 on 2015-05-07
Microsoft Windows 8 6.2.9200.0.1252.2.1033.18.3654.1462 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG Internet Security 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 *Enabled* {757AB44A-78C2-7D1A-E37F-CA42A037B368}
.
============== Running Processes ===============
.
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\CxAudMsg64.exe
C:\windows\system32\dashost.exe
C:\windows\SysWOW64\NLSSRV32.EXE
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Users\Michael\AppData\Roaming\C551F4B0-1430296537-E211-8422-208984368350\jnso59B.tmp
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Win Application\applications.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\LogonUI.exe
C:\windows\System32\dwm.exe
C:\windows\System32\LogonUI.exe
C:\windows\System32\dwm.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\System32\dwm.exe
C:\windows\system32\atieclxx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\system32\taskhostex.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
C:\windows\Explorer.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Super Driver Updater\SuperDriversUpdater.EXE
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://www.google.com
mStart Page = about:blank
uProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent.exe" /MINIMIZED
uRun: [SuperDriversUpdater] C:\Program Files (x86)\Super Driver Updater\SuperDriversUpdater.exe
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
mRun: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
mRun: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [Lenovo App Shop] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\QFSCHD160.EXE"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\WPLauncher.hta
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} -
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{CD977A49-DFED-447F-AB15-CB05F4999758} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CD977A49-DFED-447F-AB15-CB05F4999758}\C696C6F5265616E6F5E6F576275656E6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CD977A49-DFED-447F-AB15-CB05F4999758}\D4564456379676E63547574696F6 : DHCPNameServer = 192.168.0.1
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: BlockAndSurf: {79AAD48C-7658-E566-0E71-9D097E9E899C} -
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe /t
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-RunOnce: [RollbackOnline] C:\$WINDOWS.~BT\Sources\SetupPlatform.exe /rollbackonline
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8vwkqlb6.default\
FF - prefs.js: browser.search.selectedEngine - Trovi
FF - prefs.js: browser.startup.homepage - hxxp://www.trovi.com/?gd=&ctid=CT332989 ... 2915&SSPV=
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll
FF - plugin: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrlui.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll
FF - plugin: C:\Users\Michael\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\Drivers\avgidsha.sys [2015-3-11 213984]
R0 Avgloga;AVG Logging Driver;C:\windows\System32\Drivers\avgloga.sys [2015-3-11 344544]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\Drivers\avgmfx64.sys [2015-4-3 137184]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\Drivers\avgrkx64.sys [2015-3-20 40928]
R0 LHDmgr;LHDmgr;C:\windows\System32\Drivers\LhdX64.sys [2013-1-10 39008]
R1 adgnetworkwfpdrv;adgnetworkwfpdrv;C:\windows\System32\Drivers\adgnetworkwfpdrv.sys [2015-4-29 52728]
R1 Avgdiska;AVG Disk Driver;C:\windows\System32\Drivers\avgdiska.sys [2015-3-11 162784]
R1 Avgfwfd;AVG network filter service;C:\windows\System32\Drivers\avgfwd6a.sys [2015-3-20 67040]
R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\Drivers\avgidsdrivera.sys [2015-4-9 284128]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\Drivers\avgldx64.sys [2015-4-15 256992]
R1 Avgwfpa;AVG Firewall Driver;C:\windows\System32\Drivers\avgwfpa.sys [2015-4-7 293856]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-8-13 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-6 361984]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-1-19 77128]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2015-4-15 1517480]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-4-15 311792]
R2 CxAudMsg;Conexant Audio Message Service;C:\windows\System32\CxAudMsg64.exe [2013-1-10 201376]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-7-16 69640]
R2 pusetufy;Address Print-head;C:\Users\Michael\AppData\Roaming\C551F4B0-1430296537-E211-8422-208984368350\jnso59B.tmp [2015-4-29 113664]
R2 webTinstMKTN84;webTinstMKTN84;C:\windows\System32\Drivers\webTinstMKTN84.sys [2015-4-29 50216]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\Drivers\AcpiVpc.sys [2012-5-15 33560]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\Drivers\mbam.sys [2015-4-29 25816]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2013-1-10 690832]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2015-3-2 14112]
R3 vm332avs;Lenovo Camera2;C:\windows\System32\Drivers\vm332avs.sys [2013-1-10 981112]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\windows\System32\Drivers\avgboota.sys [2015-3-27 21152]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-4-15 3438032]
S2 CoupoonService64;CoupoonService64;C:\Program Files (x86)\coupoon\iiwjljrnpc64.exe --> C:\Program Files (x86)\coupoon\iiwjljrnpc64.exe [?]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-4-29 1080120]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\Drivers\ssudbus.sys [2014-1-22 108800]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\Drivers\mwac.sys [2015-4-29 64216]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-15 289256]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2013-1-10 315536]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\Drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\Drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\Drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\windows\System32\Drivers\ssadserd.sys [2011-5-13 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\Drivers\ssudmdm.sys [2014-1-22 206080]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\Drivers\usbaapl64.sys [2014-8-15 54784]
S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2013-1-10 102376]
S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-4-29 1871160]
SUnknown SPPD;SPPD; [x]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
ShellExec: LightningViewer.exe: View="c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\LightningNavigator.exe" "-ViewDocument" "%1"
.
=============== Created Last 30 ================
.
2015-05-03 07:04:34 21040 ----a-w- C:\windows\System32\sdnclean64.exe
2015-05-03 07:04:30 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2015-05-03 07:04:16 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-29 20:31:03 -------- d-sh--w- C:\Recovery
2015-04-29 17:46:32 41784 ----a-w- C:\windows\System32\TURegOpt.exe
2015-04-29 17:46:25 30520 ----a-w- C:\windows\System32\authuitu.dll
2015-04-29 17:46:22 25912 ----a-w- C:\windows\SysWow64\authuitu.dll
2015-04-29 17:45:42 -------- d-----w- C:\Users\Michael\AppData\Roaming\AVG
2015-04-29 17:43:23 -------- d-----w- C:\Users\Michael\AppData\Local\Avg
2015-04-29 17:41:24 -------- d-----w- C:\ProgramData\AVG
2015-04-29 17:21:35 -------- d-----w- C:\Users\Michael\AppData\Roaming\AVG2015
2015-04-29 17:14:29 -------- d-----w- C:\Users\Michael\AppData\Roaming\TuneUp Software
2015-04-29 17:07:12 -------- d--h--w- C:\$AVG
2015-04-29 17:07:11 -------- d-----w- C:\ProgramData\AVG2015
2015-04-29 17:04:49 -------- d-----w- C:\Program Files (x86)\AVG
2015-04-29 17:01:00 -------- d--h--w- C:\ProgramData\Common Files
2015-04-29 17:00:59 -------- d-----w- C:\Users\Michael\AppData\Local\MFAData
2015-04-29 17:00:59 -------- d-----w- C:\Users\Michael\AppData\Local\Avg2015
2015-04-29 17:00:59 -------- d-----w- C:\ProgramData\MFAData
2015-04-29 16:59:01 136408 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2015-04-29 16:57:14 64216 ----a-w- C:\windows\System32\drivers\mwac.sys
2015-04-29 16:57:14 107736 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2015-04-29 16:57:13 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2015-04-29 16:57:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-29 11:10:22 52728 ----a-w- C:\windows\System32\drivers\adgnetworkwfpdrv.sys
2015-04-29 11:06:13 279 ----a-w- C:\windows\SysWow64\drivers\vwifikerneldrv.sys
2015-04-29 11:06:13 279 ----a-w- C:\windows\SysWow64\d3dx9_11.dll.tmp
2015-04-29 11:03:25 -------- d-----w- C:\Users\Michael\AppData\Roaming\Performix LLC
2015-04-29 11:03:23 -------- d-----w- C:\ProgramData\Adguard
2015-04-29 10:11:29 -------- d-----w- C:\Users\Michael\AppData\Local\SuperDriversUpdater
2015-04-29 09:19:22 2178 ----a-w- C:\windows\patsearch.bin
2015-04-29 09:19:08 50216 ----a-w- C:\windows\System32\drivers\webTinstMKTN84.sys
2015-04-29 09:15:09 -------- d-----w- C:\Users\Michael\AppData\Local\avaavaevy
2015-04-29 09:13:13 -------- d-----w- C:\Program Files (x86)\SafeGuard
2015-04-29 09:07:41 -------- d-----w- C:\Users\Michael\AppData\Local\SmartWeb
2015-04-29 08:52:30 -------- d-----w- C:\ProgramData\PastaLeadsAgent
2015-04-29 08:52:09 -------- d-----w- C:\Program Files\Common Files\PastaLeads
2015-04-29 08:43:08 -------- d-----w- C:\Users\Michael\AppData\Local\C551F4B0-1430282581-E211-8422-208984368350
2015-04-29 08:40:25 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{02BA41E8-22BE-4590-9FEF-C9C4E59EC26E}\offreg.dll
2015-04-29 08:35:37 -------- d-----w- C:\Users\Michael\AppData\Roaming\C551F4B0-1430296537-E211-8422-208984368350
2015-04-29 08:34:18 -------- d-----w- C:\Users\Michael\AppData\Local\globalUpdate
2015-04-29 08:34:18 -------- d-----w- C:\Program Files (x86)\globalUpdate
2015-04-29 08:33:40 -------- d-----w- C:\Program Files (x86)\FlashBeat
2015-04-29 08:29:00 -------- d-----w- C:\Program Files (x86)\Shopperz
2015-04-29 08:28:29 -------- d-----w- C:\Program Files (x86)\Super Driver Updater
2015-04-29 08:28:20 -------- d-----w- C:\Program Files (x86)\Priceless
2015-04-28 18:17:45 12032440 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{02BA41E8-22BE-4590-9FEF-C9C4E59EC26E}\mpengine.dll
2015-04-27 22:20:26 12032440 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-04-15 17:06:02 256992 ----a-w- C:\windows\System32\drivers\avgldx64.sys
2015-04-15 08:38:35 861696 ----a-w- C:\windows\System32\drivers\http.sys
2015-04-15 08:38:21 6971712 ----a-w- C:\windows\System32\ntoskrnl.exe
2015-04-15 08:38:21 1822696 ----a-w- C:\windows\System32\ntdll.dll
2015-04-15 08:38:18 1409496 ----a-w- C:\windows\SysWow64\ntdll.dll
2015-04-15 08:38:03 74752 ----a-w- C:\windows\System32\clfsw32.dll
2015-04-15 08:38:03 361280 ----a-w- C:\windows\System32\drivers\clfs.sys
2015-04-15 08:38:02 57856 ----a-w- C:\windows\SysWow64\clfsw32.dll
2015-04-09 18:11:14 284128 ----a-w- C:\windows\System32\drivers\avgidsdrivera.sys
2015-04-07 19:04:37 -------- d-----w- C:\Program Files (x86)\iTunes
2015-04-07 19:04:36 -------- d-----w- C:\Program Files\iPod
2015-04-07 19:04:34 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-07 19:04:34 -------- d-----w- C:\Program Files\iTunes
2015-04-07 16:39:26 293856 ----a-w- C:\windows\System32\drivers\avgwfpa.sys
.
==================== Find3M ====================
.
2015-04-13 22:07:53 791520 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2015-04-13 22:07:53 177632 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-03 13:34:12 137184 ----a-w- C:\windows\System32\drivers\avgmfx64.sys
2015-03-27 12:40:48 21152 ----a-w- C:\windows\System32\drivers\avgboota.sys
2015-03-20 16:20:42 67040 ----a-w- C:\windows\System32\drivers\avgfwd6a.sys
2015-03-20 16:18:18 40928 ----a-w- C:\windows\System32\drivers\avgrkx64.sys
2015-03-11 16:16:06 162784 ----a-w- C:\windows\System32\drivers\avgdiska.sys
2015-03-11 16:13:36 344544 ----a-w- C:\windows\System32\drivers\avgloga.sys
2015-03-11 16:13:28 213984 ----a-w- C:\windows\System32\drivers\avgidsha.sys
2015-03-10 05:28:47 2237952 ----a-w- C:\windows\System32\wininet.dll
2015-03-10 05:28:39 600576 ----a-w- C:\windows\System32\vbscript.dll
2015-03-10 05:27:11 3959296 ----a-w- C:\windows\System32\jscript9.dll
2015-03-10 05:27:09 949760 ----a-w- C:\windows\System32\inetcomm.dll
2015-03-10 03:49:49 1763328 ----a-w- C:\windows\SysWow64\wininet.dll
2015-03-10 03:49:44 523776 ----a-w- C:\windows\SysWow64\vbscript.dll
2015-03-10 03:49:02 2864640 ----a-w- C:\windows\SysWow64\jscript9.dll
2015-03-10 03:49:00 737280 ----a-w- C:\windows\SysWow64\inetcomm.dll
2015-03-06 07:39:21 588800 ----a-w- C:\windows\System32\SHCore.dll
2015-03-06 07:39:16 412672 ----a-w- C:\windows\System32\schannel.dll
2015-03-06 05:48:32 452608 ----a-w- C:\windows\SysWow64\SHCore.dll
2015-03-06 05:48:28 318464 ----a-w- C:\windows\SysWow64\schannel.dll
2015-03-04 07:26:50 596480 ----a-w- C:\windows\System32\AutoUpdate.exe
2015-03-04 07:26:50 467952 ----a-w- C:\windows\System32\NotificationUI.exe
2015-03-04 06:41:12 695808 ----a-w- C:\windows\System32\WSShared.dll
2015-03-04 06:41:11 163840 ----a-w- C:\windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-04 04:53:22 568832 ----a-w- C:\windows\SysWow64\WSShared.dll
2015-03-04 04:53:22 124928 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-03 13:17:35 295552 ------w- C:\windows\System32\MpSigStub.exe
2015-02-26 04:35:57 4063232 ----a-w- C:\windows\System32\win32k.sys
2015-02-23 10:51:56 915968 ----a-w- C:\windows\System32\uxtheme.dll
2015-02-23 10:51:56 53760 ----a-w- C:\windows\System32\UXInit.dll
2015-02-23 10:50:34 67072 ----a-w- C:\windows\System32\iesetup.dll
2015-02-23 10:50:34 136704 ----a-w- C:\windows\System32\iesysprep.dll
2015-02-23 10:49:36 1509376 ----a-w- C:\windows\System32\inetcpl.cpl
2015-02-23 09:17:52 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2015-02-23 09:15:57 84480 ----a-w- C:\windows\System32\INETRES.dll
2015-02-23 08:51:29 441856 ----a-w- C:\windows\System32\html.iec
2015-02-21 05:31:18 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2015-02-21 05:30:11 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2015-02-21 05:30:11 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2015-02-21 05:29:25 1441280 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2015-02-21 05:09:51 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2015-02-21 05:07:30 84480 ----a-w- C:\windows\SysWow64\INETRES.dll
2015-02-21 04:42:37 361984 ----a-w- C:\windows\SysWow64\html.iec
2015-02-21 03:00:32 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
2015-02-20 13:59:14 46080 ----a-w- C:\windows\System32\atmlib.dll
2015-02-20 11:56:16 366592 ----a-w- C:\windows\System32\atmfd.dll
2015-02-20 08:10:01 35328 ----a-w- C:\windows\SysWow64\atmlib.dll
2015-02-20 07:24:08 304128 ----a-w- C:\windows\SysWow64\atmfd.dll
2014-06-24 05:22:59 1837904 ----a-w- C:\Program Files (x86)\uTorrent.exe
.
============= FINISH: 10:15:13.94 ===============
ATTACH
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 7/25/2013 10:57:03 AM
System Uptime: 4/29/2015 7:36:47 PM (183 hours ago)
.
Motherboard: LENOVO | | Lenovo G585
Processor: AMD E1-1500 APU with Radeon(tm) HD Graphics | Socket FT1 | 1480/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 251 GiB total, 189.456 GiB free.
D: is FIXED (NTFS) - 25 GiB total, 23.293 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Microsoft Teredo Tunneling Adapter
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
RP78: 4/22/2015 3:45:54 PM - Windows Update
RP79: 4/29/2015 4:40:55 AM - Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
RP80: 5/1/2015 5:45:40 PM - Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
RP81: 5/5/2015 11:39:11 PM - Software Removal Tool
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 17 NPAPI
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
µTorrent
AVG 2015
AVG PC TuneUp 2015
AVG PC TuneUp 2015 (en-US)
Bonjour
Canon MP Navigator 2.2
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
ChromecastApp
Conexant HD Audio
Dolby Advanced Audio v2
Energy Management
Google Chrome
Google Update Helper
iTunes
Java 7 Update 55
Java 8 Update 25
Java Auto Updater
Lenovo App Shop
Lenovo EasyCamera
Lenovo OneKey Recovery
Lenovo Photos
Lenovo PowerDVD10
Lenovo Solution Center
Lenovo YouCam
Malwarebytes Anti-Malware version 2.1.6.1022
McAfee Security Scan Plus
Microsoft Office
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Mozilla Firefox 37.0.2 (x86 en-US)
Mozilla Maintenance Service
OpenOffice 4.1.0
PhotoScape
PowerXpressHybrid
Qualcomm Atheros Client Installation Program
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Shared C Run-time for x64
SolSuite 2014 v14.0
Spybot - Search & Destroy
Synaptics Pointing Device Driver
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)
WinRAR 5.10 (32-bit)
WordPerfect Office IFilter 32-bit
WordPerfect Office IFilter 64-bit
WordPerfect Office X6
WordPerfect Office X6 - Common Files
WordPerfect Office X6 - Common Files English
WordPerfect Office X6 - IPM
WordPerfect Office X6 - Lightning Files
WordPerfect Office X6 - Lightning Files English
WordPerfect Office X6 - Oxford
WordPerfect Office X6 - Presentations Files
WordPerfect Office X6 - Presentations Files English
WordPerfect Office X6 - Quattro Pro Files
WordPerfect Office X6 - Quattro Pro Files English
WordPerfect Office X6 - Setup Files
WordPerfect Office X6 - System Files
WordPerfect Office X6 - WordPerfect Files
WordPerfect Office X6 - WordPerfect Files English
WordPerfect Office X6 - WT
.
==== Event Viewer Messages From Past Week ========
.
5/4/2015 3:44:34 AM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.
4/30/2015 3:26:59 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x600000001f9cf. The name of the file is "<unable to determine file name>".
4/30/2015 3:26:59 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x300000001f69a. The name of the file is "<unable to determine file name>".
4/30/2015 3:26:59 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. A corruption was found in a file system index structure. The file reference number is 0x1000000001446. The name of the file is "\Windows\servicing\Packages". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".
.
==== End Of File ===========================
I would appreciate some help - my problem is summarized at the top of this message