hi, it's been a long time since I had to post for help and it's the same problem I had b4. new pc, same problem;
pc running at 100% all the time
I was using MSE and IOLA when I started having this problem.
I ran full scans with no results.
I uninstalled MSE and installed AVG
I ran a full scan and it found 2 infections that it removed.
Still running at 100%
I uninstalled a bunch of programs with REVO.
Still running at 100%
IE is also acting up. sluggish, jerky, won't search or go to typed in site addy.
when I ran GMER, pc crashed and wouldn't cough up a ark.txt file
I tried to run it twice and twice PC crashed.
here is the DDS.txt file
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16618 BrowserJavaVersion: 10.7.2
Run by Charlotte at 1:25:55 on 2013-06-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4086.2531 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWlan.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Ralink\Common\RaUI.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - <orphaned>
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: <No Name>: {3c35ad63-af1d-4e21-b484-b6651a8efcf9} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll
uRun: [cdloader] "C:\Users\Charlotte\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RALINK~1.LNK - C:\Program Files (x86)\Ralink\Common\RaUI.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 24.159.64.23 24.217.201.67 24.177.176.38
TCP: Interfaces\{23C65ED1-BCAC-42F1-AC63-620489B2C1F1} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{3099C557-03D5-4341-888F-8F1734DA3462} : DHCPNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
TCP: Interfaces\{5181F761-7E2B-42A7-BCFE-3BB6AD67083C} : DHCPNameServer = 68.87.72.134 68.87.77.134
TCP: Interfaces\{F7AE6B2A-FEF1-4BB1-A158-FED231FA9BC3} : DHCPNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
TCP: Interfaces\{F7AE6B2A-FEF1-4BB1-A158-FED231FA9BC3}\2656C6B696E6E2661323 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{F7AE6B2A-FEF1-4BB1-A158-FED231FA9BC3}\5444D20534F5E4564777F627B6 : DHCPNameServer = 192.168.2.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R0 bdisk;COMODO Disk Raw Access Filter;C:\Windows\System32\drivers\bdisk.sys [2010-12-2 79064]
R0 CBUfs;CBUfs;C:\Windows\System32\drivers\cbufs.sys [2010-12-2 141888]
R0 cbvd;COMODO Encrypted Virtual Disk;C:\Windows\System32\drivers\CBVD.sys [2012-8-9 603632]
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-1-21 14456]
R0 reparse;reparse;C:\Windows\System32\drivers\cbreparse.sys [2012-8-9 604632]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-6-10 45856]
R1 CFRMD;CFRMD;C:\Windows\System32\drivers\CFRMD.sys [2010-10-28 78528]
R1 CFRPD;CFRPD;C:\Windows\System32\drivers\CFRPD.sys [2010-10-28 36840]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2011-10-4 23464]
R1 JSWPSLWF;JumpStart Wireless Filter Driver;C:\Windows\System32\drivers\jswpslwfx.sys [2008-10-1 26624]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 Cleaner_Validator;COMODO System - Cleaner Service;C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [2010-10-28 362432]
R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-9-1 82160]
R3 fdrawcmd;Low-level Floppy Driver;C:\Windows\System32\drivers\fdrawcmd.sys [2008-9-27 32408]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
R3 vdbus;Virtual Disk Bus Enumerator;C:\Windows\System32\drivers\vdbus.sys [2010-12-2 631096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCAMp50a64.sys [2011-5-8 43328]
S3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCASp50a64.sys [2011-5-8 41280]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-6 19456]
S3 SydexFDD;Sydex Floppy Driver;C:\Windows\SysWOW64\drivers\SYDEXFDD.SYS [2013-1-11 13199]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-6 57856]
S3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288]
S3 WNA1000;NETGEAR WNA1000 USB2.0 Wireless Card Service;C:\Windows\System32\drivers\WNA1000w7x.sys [2009-10-21 767488]
S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;C:\Windows\System32\drivers\WUSB54GCv3.sys [2011-5-8 797184]
S4 COSService.exe;Comodo Online Storage Service;C:\Program Files\COMODO\COMODO BackUp\COSService.exe [2010-12-2 670640]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=NOTEPAD.EXE %1
FileExt: .vbs: VBSFile=NOTEPAD.EXE %1
FileExt: .js: JSFile=NOTEPAD.EXE %1
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2013-06-12 12:16:59 73728 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe
2013-06-11 19:48:14 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-11 19:46:49 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-06-11 19:46:48 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-06-11 19:46:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-06-11 19:46:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-06-11 05:10:53 -------- d-----w- C:\Users\Charlotte\AppData\Roaming\SparkTrust
2013-06-11 05:10:53 -------- d-----w- C:\Users\Charlotte\AppData\Roaming\DriverCure
2013-06-11 04:58:25 -------- d-----w- C:\ProgramData\SparkTrust
2013-06-11 04:41:41 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2013-06-11 04:38:11 -------- d-----w- C:\Users\Charlotte\AppData\Local\AVG SafeGuard toolbar
2013-06-11 04:37:50 -------- d-----w- C:\Users\Charlotte\AppData\Roaming\AVG2013
2013-06-11 04:35:04 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-06-11 04:34:49 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2013-06-11 04:34:44 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2013-06-11 04:32:24 -------- d--h--w- C:\$AVG
2013-06-11 04:32:24 -------- d-----w- C:\ProgramData\AVG2013
2013-06-11 04:30:08 -------- d-----w- C:\Program Files (x86)\AVG
2013-06-11 04:25:56 -------- d-----w- C:\Users\Charlotte\AppData\Local\MFAData
2013-06-11 04:25:56 -------- d-----w- C:\Users\Charlotte\AppData\Local\Avg2013
2013-06-11 04:25:56 -------- d-----w- C:\ProgramData\MFAData
2013-06-10 19:04:03 -------- d-----w- C:\Users\Charlotte\AppData\Local\DriverTuner
2013-06-10 19:03:48 -------- d-----w- C:\Program Files (x86)\DriverTuner
2013-06-10 08:06:33 -------- d-----w- C:\Users\Charlotte\AppData\Roaming\VSRevoGroup
2013-06-10 04:16:59 -------- d-----w- C:\ProgramData\Ralink
2013-06-10 04:13:57 -------- d-----w- C:\Program Files (x86)\Ralink
2013-06-09 04:41:16 -------- d-----w- C:\Users\Charlotte\AppData\Local\Adobe
2013-06-09 02:30:14 15030 ----a-w- C:\Windows\cscmondump.bin
2013-06-09 01:28:53 26624 ----a-w- C:\Windows\SysWow64\drivers\jswpslwfx.sys
2013-05-28 00:11:56 448512 ----a-w- C:\Windows\System32\drivers\rtl8187.sys
2013-05-28 00:11:47 614400 ----a-w- C:\Windows\SysWow64\Rtlihvs.dll
2013-05-28 00:11:47 380928 ----a-w- C:\Windows\RtlUI2.exe
2013-05-28 00:11:47 188416 ----a-w- C:\Windows\SysWow64\RTLExtUI.dll
2013-05-28 00:11:46 -------- d-----w- C:\Program Files (x86)\REALTEK
2013-05-28 00:11:45 451072 ----a-w- C:\Windows\SysWow64\ISSRemoveSP.exe
2013-05-28 00:11:02 -------- d-----w- C:\Windows\System32\RtlGina
2013-05-15 09:11:09 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-15 09:11:09 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-15 09:11:09 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-15 09:10:56 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-05-15 09:10:55 111448 ----a-w- C:\Windows\System32\consent.exe
2013-05-15 09:10:54 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-05-15 09:10:54 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-15 09:10:38 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-05-15 09:10:37 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-05-15 09:10:36 3153920 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2013-06-12 12:16:59 48640 ----a-w- C:\Windows\SysWow64\mshtmler.dll
2013-06-10 07:31:14 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-10 07:31:14 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-29 16:28:40 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe
2013-05-29 16:28:30 26184 ----a-w- C:\Windows\System32\smrgdf.exe
2013-05-29 16:12:36 2155688 ----a-w- C:\Windows\System32\Incinerator64.dll
2013-05-29 16:12:34 2097472 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-03-29 07:53:48 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-03-21 08:08:24 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
.
============= FINISH: 1:27:57.43 ===============
pc running at 100% all the time
I was using MSE and IOLA when I started having this problem.
I ran full scans with no results.
I uninstalled MSE and installed AVG
I ran a full scan and it found 2 infections that it removed.
Still running at 100%
I uninstalled a bunch of programs with REVO.
Still running at 100%
IE is also acting up. sluggish, jerky, won't search or go to typed in site addy.
when I ran GMER, pc crashed and wouldn't cough up a ark.txt file
I tried to run it twice and twice PC crashed.
here is the DDS.txt file
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16618 BrowserJavaVersion: 10.7.2
Run by Charlotte at 1:25:55 on 2013-06-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4086.2531 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWlan.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Ralink\Common\RaUI.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - <orphaned>
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: <No Name>: {3c35ad63-af1d-4e21-b484-b6651a8efcf9} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll
uRun: [cdloader] "C:\Users\Charlotte\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RALINK~1.LNK - C:\Program Files (x86)\Ralink\Common\RaUI.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 24.159.64.23 24.217.201.67 24.177.176.38
TCP: Interfaces\{23C65ED1-BCAC-42F1-AC63-620489B2C1F1} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{3099C557-03D5-4341-888F-8F1734DA3462} : DHCPNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
TCP: Interfaces\{5181F761-7E2B-42A7-BCFE-3BB6AD67083C} : DHCPNameServer = 68.87.72.134 68.87.77.134
TCP: Interfaces\{F7AE6B2A-FEF1-4BB1-A158-FED231FA9BC3} : DHCPNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
TCP: Interfaces\{F7AE6B2A-FEF1-4BB1-A158-FED231FA9BC3}\2656C6B696E6E2661323 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{F7AE6B2A-FEF1-4BB1-A158-FED231FA9BC3}\5444D20534F5E4564777F627B6 : DHCPNameServer = 192.168.2.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R0 bdisk;COMODO Disk Raw Access Filter;C:\Windows\System32\drivers\bdisk.sys [2010-12-2 79064]
R0 CBUfs;CBUfs;C:\Windows\System32\drivers\cbufs.sys [2010-12-2 141888]
R0 cbvd;COMODO Encrypted Virtual Disk;C:\Windows\System32\drivers\CBVD.sys [2012-8-9 603632]
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-1-21 14456]
R0 reparse;reparse;C:\Windows\System32\drivers\cbreparse.sys [2012-8-9 604632]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-6-10 45856]
R1 CFRMD;CFRMD;C:\Windows\System32\drivers\CFRMD.sys [2010-10-28 78528]
R1 CFRPD;CFRPD;C:\Windows\System32\drivers\CFRPD.sys [2010-10-28 36840]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2011-10-4 23464]
R1 JSWPSLWF;JumpStart Wireless Filter Driver;C:\Windows\System32\drivers\jswpslwfx.sys [2008-10-1 26624]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 Cleaner_Validator;COMODO System - Cleaner Service;C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [2010-10-28 362432]
R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-9-1 82160]
R3 fdrawcmd;Low-level Floppy Driver;C:\Windows\System32\drivers\fdrawcmd.sys [2008-9-27 32408]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
R3 vdbus;Virtual Disk Bus Enumerator;C:\Windows\System32\drivers\vdbus.sys [2010-12-2 631096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCAMp50a64.sys [2011-5-8 43328]
S3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCASp50a64.sys [2011-5-8 41280]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-6 19456]
S3 SydexFDD;Sydex Floppy Driver;C:\Windows\SysWOW64\drivers\SYDEXFDD.SYS [2013-1-11 13199]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-6 57856]
S3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288]
S3 WNA1000;NETGEAR WNA1000 USB2.0 Wireless Card Service;C:\Windows\System32\drivers\WNA1000w7x.sys [2009-10-21 767488]
S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;C:\Windows\System32\drivers\WUSB54GCv3.sys [2011-5-8 797184]
S4 COSService.exe;Comodo Online Storage Service;C:\Program Files\COMODO\COMODO BackUp\COSService.exe [2010-12-2 670640]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=NOTEPAD.EXE %1
FileExt: .vbs: VBSFile=NOTEPAD.EXE %1
FileExt: .js: JSFile=NOTEPAD.EXE %1
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2013-06-12 12:16:59 73728 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe
2013-06-11 19:48:14 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-11 19:46:49 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-06-11 19:46:48 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-06-11 19:46:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-06-11 19:46:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-06-11 05:10:53 -------- d-----w- C:\Users\Charlotte\AppData\Roaming\SparkTrust
2013-06-11 05:10:53 -------- d-----w- C:\Users\Charlotte\AppData\Roaming\DriverCure
2013-06-11 04:58:25 -------- d-----w- C:\ProgramData\SparkTrust
2013-06-11 04:41:41 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2013-06-11 04:38:11 -------- d-----w- C:\Users\Charlotte\AppData\Local\AVG SafeGuard toolbar
2013-06-11 04:37:50 -------- d-----w- C:\Users\Charlotte\AppData\Roaming\AVG2013
2013-06-11 04:35:04 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-06-11 04:34:49 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2013-06-11 04:34:44 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2013-06-11 04:32:24 -------- d--h--w- C:\$AVG
2013-06-11 04:32:24 -------- d-----w- C:\ProgramData\AVG2013
2013-06-11 04:30:08 -------- d-----w- C:\Program Files (x86)\AVG
2013-06-11 04:25:56 -------- d-----w- C:\Users\Charlotte\AppData\Local\MFAData
2013-06-11 04:25:56 -------- d-----w- C:\Users\Charlotte\AppData\Local\Avg2013
2013-06-11 04:25:56 -------- d-----w- C:\ProgramData\MFAData
2013-06-10 19:04:03 -------- d-----w- C:\Users\Charlotte\AppData\Local\DriverTuner
2013-06-10 19:03:48 -------- d-----w- C:\Program Files (x86)\DriverTuner
2013-06-10 08:06:33 -------- d-----w- C:\Users\Charlotte\AppData\Roaming\VSRevoGroup
2013-06-10 04:16:59 -------- d-----w- C:\ProgramData\Ralink
2013-06-10 04:13:57 -------- d-----w- C:\Program Files (x86)\Ralink
2013-06-09 04:41:16 -------- d-----w- C:\Users\Charlotte\AppData\Local\Adobe
2013-06-09 02:30:14 15030 ----a-w- C:\Windows\cscmondump.bin
2013-06-09 01:28:53 26624 ----a-w- C:\Windows\SysWow64\drivers\jswpslwfx.sys
2013-05-28 00:11:56 448512 ----a-w- C:\Windows\System32\drivers\rtl8187.sys
2013-05-28 00:11:47 614400 ----a-w- C:\Windows\SysWow64\Rtlihvs.dll
2013-05-28 00:11:47 380928 ----a-w- C:\Windows\RtlUI2.exe
2013-05-28 00:11:47 188416 ----a-w- C:\Windows\SysWow64\RTLExtUI.dll
2013-05-28 00:11:46 -------- d-----w- C:\Program Files (x86)\REALTEK
2013-05-28 00:11:45 451072 ----a-w- C:\Windows\SysWow64\ISSRemoveSP.exe
2013-05-28 00:11:02 -------- d-----w- C:\Windows\System32\RtlGina
2013-05-15 09:11:09 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-15 09:11:09 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-15 09:11:09 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-15 09:10:56 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-05-15 09:10:55 111448 ----a-w- C:\Windows\System32\consent.exe
2013-05-15 09:10:54 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-05-15 09:10:54 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-15 09:10:38 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-05-15 09:10:37 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-05-15 09:10:36 3153920 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2013-06-12 12:16:59 48640 ----a-w- C:\Windows\SysWow64\mshtmler.dll
2013-06-10 07:31:14 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-10 07:31:14 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-29 16:28:40 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe
2013-05-29 16:28:30 26184 ----a-w- C:\Windows\System32\smrgdf.exe
2013-05-29 16:12:36 2155688 ----a-w- C:\Windows\System32\Incinerator64.dll
2013-05-29 16:12:34 2097472 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-03-29 07:53:48 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-03-21 08:08:24 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
.
============= FINISH: 1:27:57.43 ===============