Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Arcade Play Max attack...Help!!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Arcade Play Max attack...Help!!!

Unread postby jennick999 » July 28th, 2015, 8:26 am

What was once a fast laptop is now a snail speed laptop, plus Arcade play max is attacking my browser. It is taking about 10 times longer to load a webpage completely. Also, arcadeplaymax.com hijacks my browser on occasion or loads a second webpage randomly. I was looking for a add on so that windows media player would play mp4 files when this occurred. Something I dl'd will be the culprit. Please help

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17909 BrowserJavaVersion: 11.31.2
Run by Nick at 8:22:37 on 2015-07-28
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.7628.5217 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\atieclxx.exe
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\loggingserver.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\WUDFHost.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\taskhost.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
C:\windows\system32\GWX\GWX.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\windows\SYSTEM32\WISPTIS.EXE
C:\windows\SysWOW64\ctfmon.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.yahoo.com/
mWinlogon: Userinit = userinit.exe,
BHO: File Sanitizer for HP ProtectTools: {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: TunePro360: {5E04457F-D6D4-4A7E-8277-5EF1CA591CC7} - C:\Program Files (x86)\adlevel\TunePRO360.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [AVG-Secure-Search-Update_1113a] C:\Users\Nick\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=564d5ebb49aa47d38955759276bdfa74-5065cad16e605d0643dbfd7f402990fdb7e05dd3 /CMPID=1113a
uRun: [PCKeeper2] "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorun
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
mRun: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mRun: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
StartupFolder: C:\Users\Nick\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 192.168.1.1 65.32.5.112
TCP: Interfaces\{AF967914-6C2F-436F-A6B8-78F3F5EB54A2} : DHCPNameServer = 192.168.1.1 65.32.5.112
TCP: Interfaces\{AF967914-6C2F-436F-A6B8-78F3F5EB54A2}\142747C49607F6 : DHCPNameServer = 192.168.1.2
TCP: Interfaces\{AF967914-6C2F-436F-A6B8-78F3F5EB54A2}\142747C49607F6D2D41696E6D2F46666963656 : DHCPNameServer = 192.168.1.2
TCP: Interfaces\{AF967914-6C2F-436F-A6B8-78F3F5EB54A2}\A456E6E69636B6939393 : DHCPNameServer = 192.168.1.1 65.32.5.112
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.7.0\ViProtocol.dll
Notify: DeviceNP - DeviceNP.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = DPPassFilter scecli
mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [BtTray] "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
x64-Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [NUSB3MON] "C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
x64-Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [MfeEpePcMonitor] "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2012-4-11 82560]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2012-4-11 42624]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\windows\System32\drivers\amdkmpfd.sys [2013-10-21 31872]
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2015-5-12 253408]
R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2015-5-7 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2015-6-10 226784]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2015-3-20 40928]
R0 MfeEpeOpal;MfeEpeOpal;C:\windows\System32\drivers\MfeEpeOpal.sys [2012-3-21 93640]
R0 MfeEpePc;MfeEpePc;C:\windows\System32\drivers\MfeEpePc.sys [2012-3-21 158792]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R1 Avgdiska;AVG Disk Driver;C:\windows\System32\drivers\avgdiska.sys [2015-3-11 162784]
R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2015-6-26 293296]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2015-6-16 259040]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2015-5-12 281568]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [2015-7-18 63064]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2013-10-21 235520]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-8-7 211072]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-6-30 3518376]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-6-30 314304]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-8-15 2753720]
R2 DiagTrack;Diagnostics Tracking Service;C:\windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-3-14 152992]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-3-21 372824]
R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-3-14 365440]
R2 hpsrv;HP Service;C:\windows\System32\hpservice.exe [2012-3-15 33560]
R2 MbaeSvc;Malwarebytes Anti-Exploit Service;C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [2015-7-18 713016]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-3-21 1327104]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2013-9-27 124568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-4-24 1134584]
R2 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2013-10-22 498352]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\System32\vcsFPService.exe [2012-3-20 2694224]
R2 vToolbarUpdater18.7.0;vToolbarUpdater18.7.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe [2015-7-18 1842576]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-8-7 323584]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\windows\System32\drivers\amdhub30.sys [2012-1-4 103552]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\windows\System32\drivers\amdxhc.sys [2012-1-4 220288]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\windows\System32\drivers\ArcSoftVCapture.sys [2013-10-22 42816]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2013-10-21 95760]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2013-10-22 33944]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-3-15 1420160]
R3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2013-10-21 176880]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2015-7-18 25816]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-4-24 648808]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\drivers\usbfilter.sys [2013-10-22 56448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-7-18 1133880]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2013-10-22 88728]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2013-10-22 344216]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\windows\System32\drivers\btath_avdt.sys [2013-10-22 114840]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2013-10-22 178840]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2013-10-22 77464]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2013-10-22 135832]
S3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2013-10-22 574616]
S3 DAMDrv;DAMDrv;C:\windows\System32\drivers\DAMDrv64.sys [2012-11-9 64832]
S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-20 71168]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2012-11-19 477056]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-7-17 114688]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2015-7-18 63704]
S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2013-12-2 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2013-10-22 117552]
.
=============== Created Last 30 ================
.
2015-07-27 22:52:09 12222168 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FE6FF7BA-ED0A-4E5E-B679-4AFC42B9A009}\mpengine.dll
2015-07-22 14:22:53 12222168 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-07-20 18:05:58 70656 ----a-w- C:\windows\SysWow64\fontsub.dll
2015-07-20 18:05:58 46080 ----a-w- C:\windows\System32\atmlib.dll
2015-07-20 18:05:58 41984 ----a-w- C:\windows\System32\lpk.dll
2015-07-20 18:05:58 372224 ----a-w- C:\windows\System32\atmfd.dll
2015-07-20 18:05:58 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2015-07-20 18:05:58 299008 ----a-w- C:\windows\SysWow64\atmfd.dll
2015-07-20 18:05:58 25600 ----a-w- C:\windows\SysWow64\lpk.dll
2015-07-20 18:05:58 14336 ----a-w- C:\windows\System32\dciman32.dll
2015-07-20 18:05:58 10240 ----a-w- C:\windows\SysWow64\dciman32.dll
2015-07-20 18:05:58 100864 ----a-w- C:\windows\System32\fontsub.dll
2015-07-19 00:19:10 -------- d-----w- C:\ProgramData\Malwarebytes Anti-Exploit
2015-07-19 00:19:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-07-18 23:49:04 113880 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2015-07-18 23:48:38 63704 ----a-w- C:\windows\System32\drivers\mwac.sys
2015-07-18 23:48:38 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2015-07-18 23:48:38 109272 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2015-07-18 23:48:38 -------- d-----w- C:\ProgramData\Malwarebytes
2015-07-18 23:48:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-18 23:48:11 -------- d-----w- C:\Users\Nick\AppData\Local\Programs
2015-07-18 17:26:45 154826 ----a-w- C:\Program Files (x86)\uninstaller.exe
2015-07-18 17:26:45 -------- d-----w- C:\Program Files (x86)\TechVedic
2015-07-18 17:26:45 -------- d-----w- C:\Program Files (x86)\adlevel
2015-07-18 16:20:30 -------- d-----w- C:\Users\Nick\AppData\Local\Kromtech
2015-07-18 16:19:06 -------- d-----w- C:\Program Files (x86)\360
2015-07-18 16:19:01 -------- d-----w- C:\ProgramData\Kromtech
2015-07-18 16:09:09 -------- d-----w- C:\Users\Nick\AppData\Roaming\MPC-HC
2015-07-18 15:49:37 -------- d-----w- C:\Users\Nick\AppData\Local\WinZip
2015-07-17 15:11:16 1190000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{60A1B2FC-DC76-4EB2-8F23-DA0506E62699}\gapaengine.dll
2015-07-17 15:09:59 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2015-07-17 15:08:51 2087424 ----a-w- C:\windows\System32\ole32.dll
2015-07-07 07:46:28 189136 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\LICLUA.EXE
2015-07-01 10:36:25 -------- d-----w- C:\Program Files\Common Files\AV
.
==================== Find3M ====================
.
2015-07-17 14:55:40 778416 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2015-07-17 14:55:39 142512 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-09 17:59:59 17856 ----a-w- C:\windows\System32\CompatTelRunner.exe
2015-07-09 17:58:56 192000 ----a-w- C:\windows\System32\wuwebv.dll
2015-07-09 17:58:55 98304 ----a-w- C:\windows\System32\wudriver.dll
2015-07-09 17:58:55 3154944 ----a-w- C:\windows\System32\wucltux.dll
2015-07-09 17:58:41 726528 ----a-w- C:\windows\System32\generaltel.dll
2015-07-09 17:58:34 91136 ----a-w- C:\windows\System32\WinSetupUI.dll
2015-07-09 17:58:31 765440 ----a-w- C:\windows\System32\invagent.dll
2015-07-09 17:58:26 433664 ----a-w- C:\windows\System32\devinv.dll
2015-07-09 17:58:25 12288 ----a-w- C:\windows\System32\wu.upgrade.ps.dll
2015-07-09 17:58:24 1085440 ----a-w- C:\windows\System32\appraiser.dll
2015-07-09 17:58:23 67584 ----a-w- C:\windows\System32\acmigration.dll
2015-07-09 17:58:23 227328 ----a-w- C:\windows\System32\aepdu.dll
2015-07-09 17:58:20 37376 ----a-w- C:\windows\System32\wuapp.exe
2015-07-09 17:50:11 1145856 ----a-w- C:\windows\System32\aeinv.dll
2015-07-09 17:43:25 93184 ----a-w- C:\windows\SysWow64\wudriver.dll
2015-07-09 17:43:25 173056 ----a-w- C:\windows\SysWow64\wuwebv.dll
2015-07-09 17:42:47 34816 ----a-w- C:\windows\SysWow64\wuapp.exe
2015-07-05 10:08:23 300704 ------w- C:\windows\System32\MpSigStub.exe
2015-07-04 17:48:36 1414656 ----a-w- C:\windows\SysWow64\ole32.dll
2015-07-02 21:08:53 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2015-07-02 20:40:34 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2015-07-01 20:56:03 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2015-07-01 20:56:03 155584 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2015-07-01 20:49:53 210944 ----a-w- C:\windows\System32\wdigest.dll
2015-07-01 20:49:47 86528 ----a-w- C:\windows\System32\TSpkg.dll
2015-07-01 20:49:45 29184 ----a-w- C:\windows\System32\sspisrv.dll
2015-07-01 20:49:45 136192 ----a-w- C:\windows\System32\sspicli.dll
2015-07-01 20:49:42 342016 ----a-w- C:\windows\System32\schannel.dll
2015-07-01 20:49:42 28160 ----a-w- C:\windows\System32\secur32.dll
2015-07-01 20:49:41 1216512 ----a-w- C:\windows\System32\rpcrt4.dll
2015-07-01 20:49:23 309760 ----a-w- C:\windows\System32\ncrypt.dll
2015-07-01 20:49:22 315392 ----a-w- C:\windows\System32\msv1_0.dll
2015-07-01 20:49:11 729088 ----a-w- C:\windows\System32\kerberos.dll
2015-07-01 20:49:11 1461760 ----a-w- C:\windows\System32\lsasrv.dll
2015-07-01 20:48:34 44032 ----a-w- C:\windows\System32\cryptbase.dll
2015-07-01 20:48:34 22016 ----a-w- C:\windows\System32\credssp.dll
2015-07-01 20:47:38 31232 ----a-w- C:\windows\System32\lsass.exe
2015-07-01 20:47:18 64000 ----a-w- C:\windows\System32\auditpol.exe
2015-07-01 20:43:51 60416 ----a-w- C:\windows\System32\msobjs.dll
2015-07-01 20:43:37 146432 ----a-w- C:\windows\System32\msaudite.dll
2015-07-01 20:39:24 686080 ----a-w- C:\windows\System32\adtschema.dll
2015-07-01 20:30:43 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2015-07-01 20:30:40 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
2015-07-01 20:30:37 248832 ----a-w- C:\windows\SysWow64\schannel.dll
2015-07-01 20:30:37 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2015-07-01 20:30:33 221184 ----a-w- C:\windows\SysWow64\ncrypt.dll
2015-07-01 20:30:32 259584 ----a-w- C:\windows\SysWow64\msv1_0.dll
2015-07-01 20:30:27 552960 ----a-w- C:\windows\SysWow64\kerberos.dll
2015-07-01 20:30:21 36864 ----a-w- C:\windows\SysWow64\cryptbase.dll
2015-07-01 20:30:21 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2015-07-01 20:29:46 50176 ----a-w- C:\windows\SysWow64\auditpol.exe
2015-07-01 20:29:34 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2015-07-01 20:29:34 665088 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2015-07-01 20:27:04 60416 ----a-w- C:\windows\SysWow64\msobjs.dll
2015-07-01 20:26:52 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2015-07-01 20:24:59 686080 ----a-w- C:\windows\SysWow64\adtschema.dll
2015-07-01 19:27:34 159232 ----a-w- C:\windows\System32\drivers\mrxsmb.sys
2015-07-01 19:26:43 290816 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
2015-07-01 19:26:37 129024 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys
2015-06-27 02:47:11 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2015-06-27 02:43:26 5923840 ----a-w- C:\windows\System32\jscript9.dll
2015-06-27 01:58:17 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2015-06-27 01:39:37 4520448 ----a-w- C:\windows\SysWow64\jscript9.dll
2015-06-26 13:49:10 293296 ----a-w- C:\windows\System32\drivers\avgidsdrivera.sys
2015-06-25 08:57:44 3207168 ----a-w- C:\windows\System32\win32k.sys
2015-06-20 20:06:50 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2015-06-20 19:50:10 66560 ----a-w- C:\windows\System32\iesetup.dll
2015-06-20 19:49:17 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2015-06-20 19:49:09 417792 ----a-w- C:\windows\System32\html.iec
2015-06-20 19:49:08 584192 ----a-w- C:\windows\System32\vbscript.dll
2015-06-20 19:48:29 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2015-06-20 19:34:46 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2015-06-20 19:34:45 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2015-06-20 19:25:28 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2015-06-20 18:46:53 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2015-06-20 18:46:48 2125824 ----a-w- C:\windows\System32\inetcpl.cpl
2015-06-20 18:26:01 2427392 ----a-w- C:\windows\System32\wininet.dll
2015-06-19 18:25:41 504320 ----a-w- C:\windows\SysWow64\vbscript.dll
2015-06-19 18:25:35 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2015-06-19 18:24:43 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2015-06-19 18:24:27 341504 ----a-w- C:\windows\SysWow64\html.iec
2015-06-19 18:23:26 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2015-06-19 18:13:10 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2015-06-19 17:57:45 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-06-19 17:40:04 2052608 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2015-06-19 17:39:13 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2015-06-19 17:15:43 1951232 ----a-w- C:\windows\SysWow64\wininet.dll
2015-06-17 17:47:05 404992 ----a-w- C:\windows\System32\gdi32.dll
2015-06-17 17:37:03 312320 ----a-w- C:\windows\SysWow64\gdi32.dll
2015-06-17 05:01:52 1202856 ----a-w- C:\windows\SysWow64\FM20.DLL
2015-06-16 19:55:04 259040 ----a-w- C:\windows\System32\drivers\avgldx64.sys
2015-06-15 21:50:42 112064 ----a-w- C:\windows\System32\consent.exe
2015-06-15 21:45:42 504320 ----a-w- C:\windows\System32\msihnd.dll
2015-06-15 21:45:42 3242496 ----a-w- C:\windows\System32\msi.dll
2015-06-15 21:45:34 70656 ----a-w- C:\windows\System32\appinfo.dll
2015-06-15 21:45:34 1941504 ----a-w- C:\windows\System32\authui.dll
2015-06-15 21:44:47 128000 ----a-w- C:\windows\System32\msiexec.exe
2015-06-15 21:43:35 337408 ----a-w- C:\windows\SysWow64\msihnd.dll
.
============= FINISH: 8:23:29.49 ===============

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17909 BrowserJavaVersion: 11.31.2
Run by Nick at 8:22:37 on 2015-07-28
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.7628.5217 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\atieclxx.exe
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\loggingserver.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\WUDFHost.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\taskhost.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
C:\windows\system32\GWX\GWX.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\windows\SYSTEM32\WISPTIS.EXE
C:\windows\SysWOW64\ctfmon.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.yahoo.com/
mWinlogon: Userinit = userinit.exe,
BHO: File Sanitizer for HP ProtectTools: {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: TunePro360: {5E04457F-D6D4-4A7E-8277-5EF1CA591CC7} - C:\Program Files (x86)\adlevel\TunePRO360.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [AVG-Secure-Search-Update_1113a] C:\Users\Nick\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=564d5ebb49aa47d38955759276bdfa74-5065cad16e605d0643dbfd7f402990fdb7e05dd3 /CMPID=1113a
uRun: [PCKeeper2] "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorun
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
mRun: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mRun: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
StartupFolder: C:\Users\Nick\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 192.168.1.1 65.32.5.112
TCP: Interfaces\{AF967914-6C2F-436F-A6B8-78F3F5EB54A2} : DHCPNameServer = 192.168.1.1 65.32.5.112
TCP: Interfaces\{AF967914-6C2F-436F-A6B8-78F3F5EB54A2}\142747C49607F6 : DHCPNameServer = 192.168.1.2
TCP: Interfaces\{AF967914-6C2F-436F-A6B8-78F3F5EB54A2}\142747C49607F6D2D41696E6D2F46666963656 : DHCPNameServer = 192.168.1.2
TCP: Interfaces\{AF967914-6C2F-436F-A6B8-78F3F5EB54A2}\A456E6E69636B6939393 : DHCPNameServer = 192.168.1.1 65.32.5.112
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.7.0\ViProtocol.dll
Notify: DeviceNP - DeviceNP.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = DPPassFilter scecli
mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [BtTray] "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
x64-Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [NUSB3MON] "C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
x64-Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [MfeEpePcMonitor] "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2012-4-11 82560]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2012-4-11 42624]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\windows\System32\drivers\amdkmpfd.sys [2013-10-21 31872]
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2015-5-12 253408]
R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2015-5-7 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2015-6-10 226784]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2015-3-20 40928]
R0 MfeEpeOpal;MfeEpeOpal;C:\windows\System32\drivers\MfeEpeOpal.sys [2012-3-21 93640]
R0 MfeEpePc;MfeEpePc;C:\windows\System32\drivers\MfeEpePc.sys [2012-3-21 158792]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R1 Avgdiska;AVG Disk Driver;C:\windows\System32\drivers\avgdiska.sys [2015-3-11 162784]
R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2015-6-26 293296]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2015-6-16 259040]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2015-5-12 281568]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [2015-7-18 63064]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2013-10-21 235520]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-8-7 211072]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-6-30 3518376]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-6-30 314304]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-8-15 2753720]
R2 DiagTrack;Diagnostics Tracking Service;C:\windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-3-14 152992]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-3-21 372824]
R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-3-14 365440]
R2 hpsrv;HP Service;C:\windows\System32\hpservice.exe [2012-3-15 33560]
R2 MbaeSvc;Malwarebytes Anti-Exploit Service;C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [2015-7-18 713016]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-3-21 1327104]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2013-9-27 124568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-4-24 1134584]
R2 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2013-10-22 498352]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\System32\vcsFPService.exe [2012-3-20 2694224]
R2 vToolbarUpdater18.7.0;vToolbarUpdater18.7.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe [2015-7-18 1842576]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-8-7 323584]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\windows\System32\drivers\amdhub30.sys [2012-1-4 103552]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\windows\System32\drivers\amdxhc.sys [2012-1-4 220288]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\windows\System32\drivers\ArcSoftVCapture.sys [2013-10-22 42816]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2013-10-21 95760]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2013-10-22 33944]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-3-15 1420160]
R3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2013-10-21 176880]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2015-7-18 25816]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-4-24 648808]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\drivers\usbfilter.sys [2013-10-22 56448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-7-18 1133880]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2013-10-22 88728]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2013-10-22 344216]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\windows\System32\drivers\btath_avdt.sys [2013-10-22 114840]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2013-10-22 178840]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2013-10-22 77464]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2013-10-22 135832]
S3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2013-10-22 574616]
S3 DAMDrv;DAMDrv;C:\windows\System32\drivers\DAMDrv64.sys [2012-11-9 64832]
S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-20 71168]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2012-11-19 477056]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-7-17 114688]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2015-7-18 63704]
S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2013-12-2 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2013-10-22 117552]
.
=============== Created Last 30 ================
.
2015-07-27 22:52:09 12222168 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FE6FF7BA-ED0A-4E5E-B679-4AFC42B9A009}\mpengine.dll
2015-07-22 14:22:53 12222168 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-07-20 18:05:58 70656 ----a-w- C:\windows\SysWow64\fontsub.dll
2015-07-20 18:05:58 46080 ----a-w- C:\windows\System32\atmlib.dll
2015-07-20 18:05:58 41984 ----a-w- C:\windows\System32\lpk.dll
2015-07-20 18:05:58 372224 ----a-w- C:\windows\System32\atmfd.dll
2015-07-20 18:05:58 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2015-07-20 18:05:58 299008 ----a-w- C:\windows\SysWow64\atmfd.dll
2015-07-20 18:05:58 25600 ----a-w- C:\windows\SysWow64\lpk.dll
2015-07-20 18:05:58 14336 ----a-w- C:\windows\System32\dciman32.dll
2015-07-20 18:05:58 10240 ----a-w- C:\windows\SysWow64\dciman32.dll
2015-07-20 18:05:58 100864 ----a-w- C:\windows\System32\fontsub.dll
2015-07-19 00:19:10 -------- d-----w- C:\ProgramData\Malwarebytes Anti-Exploit
2015-07-19 00:19:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-07-18 23:49:04 113880 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2015-07-18 23:48:38 63704 ----a-w- C:\windows\System32\drivers\mwac.sys
2015-07-18 23:48:38 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2015-07-18 23:48:38 109272 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2015-07-18 23:48:38 -------- d-----w- C:\ProgramData\Malwarebytes
2015-07-18 23:48:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-18 23:48:11 -------- d-----w- C:\Users\Nick\AppData\Local\Programs
2015-07-18 17:26:45 154826 ----a-w- C:\Program Files (x86)\uninstaller.exe
2015-07-18 17:26:45 -------- d-----w- C:\Program Files (x86)\TechVedic
2015-07-18 17:26:45 -------- d-----w- C:\Program Files (x86)\adlevel
2015-07-18 16:20:30 -------- d-----w- C:\Users\Nick\AppData\Local\Kromtech
2015-07-18 16:19:06 -------- d-----w- C:\Program Files (x86)\360
2015-07-18 16:19:01 -------- d-----w- C:\ProgramData\Kromtech
2015-07-18 16:09:09 -------- d-----w- C:\Users\Nick\AppData\Roaming\MPC-HC
2015-07-18 15:49:37 -------- d-----w- C:\Users\Nick\AppData\Local\WinZip
2015-07-17 15:11:16 1190000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{60A1B2FC-DC76-4EB2-8F23-DA0506E62699}\gapaengine.dll
2015-07-17 15:09:59 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2015-07-17 15:08:51 2087424 ----a-w- C:\windows\System32\ole32.dll
2015-07-07 07:46:28 189136 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\LICLUA.EXE
2015-07-01 10:36:25 -------- d-----w- C:\Program Files\Common Files\AV
.
==================== Find3M ====================
.
2015-07-17 14:55:40 778416 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2015-07-17 14:55:39 142512 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-09 17:59:59 17856 ----a-w- C:\windows\System32\CompatTelRunner.exe
2015-07-09 17:58:56 192000 ----a-w- C:\windows\System32\wuwebv.dll
2015-07-09 17:58:55 98304 ----a-w- C:\windows\System32\wudriver.dll
2015-07-09 17:58:55 3154944 ----a-w- C:\windows\System32\wucltux.dll
2015-07-09 17:58:41 726528 ----a-w- C:\windows\System32\generaltel.dll
2015-07-09 17:58:34 91136 ----a-w- C:\windows\System32\WinSetupUI.dll
2015-07-09 17:58:31 765440 ----a-w- C:\windows\System32\invagent.dll
2015-07-09 17:58:26 433664 ----a-w- C:\windows\System32\devinv.dll
2015-07-09 17:58:25 12288 ----a-w- C:\windows\System32\wu.upgrade.ps.dll
2015-07-09 17:58:24 1085440 ----a-w- C:\windows\System32\appraiser.dll
2015-07-09 17:58:23 67584 ----a-w- C:\windows\System32\acmigration.dll
2015-07-09 17:58:23 227328 ----a-w- C:\windows\System32\aepdu.dll
2015-07-09 17:58:20 37376 ----a-w- C:\windows\System32\wuapp.exe
2015-07-09 17:50:11 1145856 ----a-w- C:\windows\System32\aeinv.dll
2015-07-09 17:43:25 93184 ----a-w- C:\windows\SysWow64\wudriver.dll
2015-07-09 17:43:25 173056 ----a-w- C:\windows\SysWow64\wuwebv.dll
2015-07-09 17:42:47 34816 ----a-w- C:\windows\SysWow64\wuapp.exe
2015-07-05 10:08:23 300704 ------w- C:\windows\System32\MpSigStub.exe
2015-07-04 17:48:36 1414656 ----a-w- C:\windows\SysWow64\ole32.dll
2015-07-02 21:08:53 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2015-07-02 20:40:34 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2015-07-01 20:56:03 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2015-07-01 20:56:03 155584 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2015-07-01 20:49:53 210944 ----a-w- C:\windows\System32\wdigest.dll
2015-07-01 20:49:47 86528 ----a-w- C:\windows\System32\TSpkg.dll
2015-07-01 20:49:45 29184 ----a-w- C:\windows\System32\sspisrv.dll
2015-07-01 20:49:45 136192 ----a-w- C:\windows\System32\sspicli.dll
2015-07-01 20:49:42 342016 ----a-w- C:\windows\System32\schannel.dll
2015-07-01 20:49:42 28160 ----a-w- C:\windows\System32\secur32.dll
2015-07-01 20:49:41 1216512 ----a-w- C:\windows\System32\rpcrt4.dll
2015-07-01 20:49:23 309760 ----a-w- C:\windows\System32\ncrypt.dll
2015-07-01 20:49:22 315392 ----a-w- C:\windows\System32\msv1_0.dll
2015-07-01 20:49:11 729088 ----a-w- C:\windows\System32\kerberos.dll
2015-07-01 20:49:11 1461760 ----a-w- C:\windows\System32\lsasrv.dll
2015-07-01 20:48:34 44032 ----a-w- C:\windows\System32\cryptbase.dll
2015-07-01 20:48:34 22016 ----a-w- C:\windows\System32\credssp.dll
2015-07-01 20:47:38 31232 ----a-w- C:\windows\System32\lsass.exe
2015-07-01 20:47:18 64000 ----a-w- C:\windows\System32\auditpol.exe
2015-07-01 20:43:51 60416 ----a-w- C:\windows\System32\msobjs.dll
2015-07-01 20:43:37 146432 ----a-w- C:\windows\System32\msaudite.dll
2015-07-01 20:39:24 686080 ----a-w- C:\windows\System32\adtschema.dll
2015-07-01 20:30:43 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2015-07-01 20:30:40 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
2015-07-01 20:30:37 248832 ----a-w- C:\windows\SysWow64\schannel.dll
2015-07-01 20:30:37 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2015-07-01 20:30:33 221184 ----a-w- C:\windows\SysWow64\ncrypt.dll
2015-07-01 20:30:32 259584 ----a-w- C:\windows\SysWow64\msv1_0.dll
2015-07-01 20:30:27 552960 ----a-w- C:\windows\SysWow64\kerberos.dll
2015-07-01 20:30:21 36864 ----a-w- C:\windows\SysWow64\cryptbase.dll
2015-07-01 20:30:21 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2015-07-01 20:29:46 50176 ----a-w- C:\windows\SysWow64\auditpol.exe
2015-07-01 20:29:34 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2015-07-01 20:29:34 665088 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2015-07-01 20:27:04 60416 ----a-w- C:\windows\SysWow64\msobjs.dll
2015-07-01 20:26:52 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2015-07-01 20:24:59 686080 ----a-w- C:\windows\SysWow64\adtschema.dll
2015-07-01 19:27:34 159232 ----a-w- C:\windows\System32\drivers\mrxsmb.sys
2015-07-01 19:26:43 290816 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
2015-07-01 19:26:37 129024 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys
2015-06-27 02:47:11 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2015-06-27 02:43:26 5923840 ----a-w- C:\windows\System32\jscript9.dll
2015-06-27 01:58:17 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2015-06-27 01:39:37 4520448 ----a-w- C:\windows\SysWow64\jscript9.dll
2015-06-26 13:49:10 293296 ----a-w- C:\windows\System32\drivers\avgidsdrivera.sys
2015-06-25 08:57:44 3207168 ----a-w- C:\windows\System32\win32k.sys
2015-06-20 20:06:50 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2015-06-20 19:50:10 66560 ----a-w- C:\windows\System32\iesetup.dll
2015-06-20 19:49:17 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2015-06-20 19:49:09 417792 ----a-w- C:\windows\System32\html.iec
2015-06-20 19:49:08 584192 ----a-w- C:\windows\System32\vbscript.dll
2015-06-20 19:48:29 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2015-06-20 19:34:46 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2015-06-20 19:34:45 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2015-06-20 19:25:28 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2015-06-20 18:46:53 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2015-06-20 18:46:48 2125824 ----a-w- C:\windows\System32\inetcpl.cpl
2015-06-20 18:26:01 2427392 ----a-w- C:\windows\System32\wininet.dll
2015-06-19 18:25:41 504320 ----a-w- C:\windows\SysWow64\vbscript.dll
2015-06-19 18:25:35 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2015-06-19 18:24:43 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2015-06-19 18:24:27 341504 ----a-w- C:\windows\SysWow64\html.iec
2015-06-19 18:23:26 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2015-06-19 18:13:10 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2015-06-19 17:57:45 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-06-19 17:40:04 2052608 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2015-06-19 17:39:13 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2015-06-19 17:15:43 1951232 ----a-w- C:\windows\SysWow64\wininet.dll
2015-06-17 17:47:05 404992 ----a-w- C:\windows\System32\gdi32.dll
2015-06-17 17:37:03 312320 ----a-w- C:\windows\SysWow64\gdi32.dll
2015-06-17 05:01:52 1202856 ----a-w- C:\windows\SysWow64\FM20.DLL
2015-06-16 19:55:04 259040 ----a-w- C:\windows\System32\drivers\avgldx64.sys
2015-06-15 21:50:42 112064 ----a-w- C:\windows\System32\consent.exe
2015-06-15 21:45:42 504320 ----a-w- C:\windows\System32\msihnd.dll
2015-06-15 21:45:42 3242496 ----a-w- C:\windows\System32\msi.dll
2015-06-15 21:45:34 70656 ----a-w- C:\windows\System32\appinfo.dll
2015-06-15 21:45:34 1941504 ----a-w- C:\windows\System32\authui.dll
2015-06-15 21:44:47 128000 ----a-w- C:\windows\System32\msiexec.exe
2015-06-15 21:43:35 337408 ----a-w- C:\windows\SysWow64\msihnd.dll
.
============= FINISH: 8:23:29.49 ===============
jennick999
Active Member
 
Posts: 10
Joined: July 28th, 2015, 8:11 am
Advertisement
Register to Remove

Re: Arcade Play Max attack...Help!!!

Unread postby Gary R » July 29th, 2015, 4:50 am

Incomplete Log

By posting an incomplete DDS log (no attach.txt) it is likely that your topic will be passed by and you will not receive the help you're looking for.
We need to know what's running on your computer so that we can provide the appropriate instructions.

May I draw your attention to THIS topic, which you should have read, that states what we need you to post, so we can help you.
If you still need help, please start a new thread an include your full DDS logs:
  • DDS.txt.
  • Attach.txt.
  • Details of the problems you're experiencing.
If for any reason you can't run DDS, please let us know in your post.


This topic will now be closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 294 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware