It's Cyber Monday - fantastic 70% discount

Buy Now

Limited time offer:

03

Days

/

00

Hrs

/

04

Min

/

04

Sec

I think it is a virus. I have constant browser hang ups and brief program not responding episodes

Posted 8/9/2014 7:31 PM
#97484
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
Hello <br/> <br/>I have a Toshiba Satellite C655 Laptop Computer <br/> <br/>I think that I have a virus, my browser, Mozilla Firefox, flashes; it is slow in its response, or it says not responding. I used my other browser Chrome and it is having the same problems. <br/> <br/>Also, when there is a forced shutdown or crash, my browser is not reopening all of the tabs as well as it is opening a tab or two that was closed by me. <br/> <br/>I received a false virus report from my antivirus program Avast, it said that I had a threat but when I tried to open the report I couldn’t. It then popped up a message that some component was mission, I looked into the scan history to see if it reported the same threat for that day and it said no virus found. <br/>This happend about two days ago, since then Avast has been running normally. <br/> <br/>I ran Malwarebyte and it says there are no threats. My computer is responding slowly with hang ups, flashing on and off the screen, of files and programs that are being used. <br/> <br/>I have had a few programs that have popped up false warning; my fire wall was reported as off and asked that I turn it on by clicking OK. I learned not to click popup messages on my computer the hard way. :nono: So, I go directly to the program and investigate. There was nothing wrong with the fire wall it was on. <br/> <br/>I would appreciated your help <br/> <br/>P.S. When I ran hijack this while it was scanning this message came up: For some reason your system denied access to the Hosts file. If any hijacked domains are in this file, Hijack this may Not be able to fix this. If that happens you need to edit the file yourself. To do this etc. <br/> <br/>Thank you in advance <br/>Beauty <br/> <br/>_____________________________ <br/>Logfile of Trend Micro HijackThis v2.0.5 <br/>Scan saved at 2:43:30 PM, on 8/9/2014 <br/>Platform: Windows 7 SP1 (WinNT 6.00.3505) <br/>MSIE: Internet Explorer v11.0 (11.00.9600.17207) <br/> <br/>FIREFOX: 31.0 (x86 en-US) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe <br/>C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>C:\Program Files (x86)\WordWeb\wweb32.exe <br/>C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Program Files (x86)\iTunes\iTunesHelper.exe <br/>C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe <br/>C:\Users\Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe <br/>C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE <br/>C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe <br/>C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin <br/>C:\Program Files (x86)\Mozilla Firefox\firefox.exe <br/>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe <br/>C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe <br/>C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe <br/>C:\Users\Toni\Desktop\HijackThis.exe <br/> <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll <br/>O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll <br/>O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll <br/>O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll <br/>O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll <br/>O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll <br/>O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 <br/>O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" <br/>O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini <br/>O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe <br/>O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin <br/>O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui <br/>O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" <br/>O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" <br/>O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler <br/>O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart <br/>O4 - HKCU\..\Run: [WordWeb] "C:\Program Files (x86)\WordWeb\wweb32.exe" -startup <br/>O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" <br/>O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe <br/>O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user') <br/>O4 - Startup: Dropbox.lnk = Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe <br/>O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE <br/>O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe <br/>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 <br/>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll <br/>O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll <br/>O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll <br/>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics <br/>O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll <br/>O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL <br/>O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll <br/>O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE <br/>O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) <br/>O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe <br/>O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe <br/>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) <br/>O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe <br/>O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) <br/>O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe <br/>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) <br/>O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe <br/>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) <br/>O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe <br/>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) <br/>O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe <br/>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) <br/>O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe <br/>O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe <br/>O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing) <br/>O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe <br/>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) <br/>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) <br/>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) <br/> <br/>-- <br/>End of file - 12725 bytes <br/> <br/> <br/>-------------------------------------------- <br/> <br/> <br/>Malwarebytes Anti-Malware <br/>www.malwarebytes.org <br/> <br/>Scan Date: 8/9/2014 <br/>Scan Time: 1:15:27 PM <br/>Logfile: Malwarebyte Report 8-9-14.txt <br/>Administrator: Yes <br/> <br/>Version: 2.00.2.1012 <br/>Malware Database: v2014.08.09.05 <br/>Rootkit Database: v2014.08.04.01 <br/>License: Free <br/>Malware Protection: Disabled <br/>Malicious Website Protection: Disabled <br/>Self-protection: Disabled <br/> <br/>OS: Windows 7 Service Pack 1 <br/>CPU: x64 <br/>File System: NTFS <br/>User: Toni <br/> <br/>Scan Type: Threat Scan <br/>Result: Completed <br/>Objects Scanned: 319604 <br/>Time Elapsed: 25 min, 20 sec <br/> <br/>Memory: Enabled <br/>Startup: Enabled <br/>Filesystem: Enabled <br/>Archives: Enabled <br/>Rootkits: Enabled <br/>Heuristics: Enabled <br/>PUP: Enabled <br/>PUM: Enabled <br/> <br/>Processes: 0 <br/>(No malicious items detected) <br/> <br/>Modules: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys: 0 <br/>(No malicious items detected) <br/> <br/>Registry Values: 0 <br/>(No malicious items detected) <br/> <br/>Registry Data: 0 <br/>(No malicious items detected) <br/> <br/>Folders: 0 <br/>(No malicious items detected) <br/> <br/>Files: 0 <br/>(No malicious items detected) <br/> <br/>Physical Sectors: 0 <br/>(No malicious items detected) <br/> <br/> <br/>(end) <br/> <br/>--------------------------------------------------------------------------- <br/> <br/> <br/>DDS (Ver_2012-11-20.01) - NTFS_AMD64 <br/>Internet Explorer: 11.0.9600.17207 BrowserJavaVersion: 10.25.2 <br/>Run by Toni at 13:45:17 on 2014-08-09 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3964.1013 [GMT -4:00] <br/>. <br/>AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} <br/>. <br/>============== Running Processes =============== <br/>. <br/>C:\windows\system32\lsm.exe <br/>C:\windows\system32\svchost.exe -k DcomLaunch <br/>C:\windows\system32\svchost.exe -k RPCSS <br/>C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\windows\system32\svchost.exe -k LocalService <br/>C:\windows\system32\svchost.exe -k netsvcs <br/>C:\windows\system32\svchost.exe -k GPSvcGroup <br/>C:\windows\system32\svchost.exe -k NetworkService <br/>C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>C:\windows\System32\spoolsv.exe <br/>C:\windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE <br/>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>C:\Program Files\Bonjour\mDNSResponder.exe <br/>C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe <br/>C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe <br/>C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe <br/>C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe <br/>C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe <br/>C:\windows\system32\svchost.exe -k imgsvc <br/>C:\windows\system32\TODDSrv.exe <br/>C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe <br/>C:\windows\system32\taskhost.exe <br/>C:\windows\system32\Dwm.exe <br/>C:\windows\Explorer.EXE <br/>C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe <br/>C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe <br/>C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe <br/>C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe <br/>C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe <br/>C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>C:\Program Files (x86)\WordWeb\wweb32.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPHelper.exe <br/>C:\Windows\System32\StikyNot.exe <br/>C:\Users\Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe <br/>C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE <br/>C:\windows\system32\SearchIndexer.exe <br/>C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe <br/>C:\windows\system32\igfxext.exe <br/>C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin <br/>C:\windows\system32\igfxsrvc.exe <br/>C:\Program Files\Windows Media Player\wmpnetwk.exe <br/>C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe <br/>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe <br/>C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Program Files (x86)\iTunes\iTunesHelper.exe <br/>C:\Program Files\iPod\bin\iPodService.exe <br/>C:\windows\System32\svchost.exe -k LocalServicePeerNet <br/>C:\windows\system32\wbem\unsecapp.exe <br/>C:\windows\system32\wbem\wmiprvse.exe <br/>C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe <br/>C:\Program Files (x86)\Calibre2\calibre-parallel.exe <br/>C:\PROGRA~2\MICROS~3\Office12\WINWORD.EXE <br/>C:\windows\splwow64.exe <br/>C:\windows\system32\taskmgr.exe <br/>C:\windows\system32\taskhost.exe <br/>C:\ProgramData\FLEXnet\Connect\11\agent.exe <br/>C:\Program Files (x86)\Mozilla Firefox\firefox.exe <br/>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe <br/>C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe <br/>C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe <br/>C:\windows\system32\NOTEPAD.EXE <br/>C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe <br/>C:\windows\SysWOW64\NOTEPAD.EXE <br/>C:\windows\system32\taskeng.exe <br/>C:\windows\System32\cscript.exe <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uStart Page = hxxp://www.google.com <br/>BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll <br/>BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll <br/>BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll <br/>BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll <br/>BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll <br/>BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll <br/>uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler <br/>uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart <br/>uRun: [WordWeb] "C:\Program Files (x86)\WordWeb\wweb32.exe" -startup <br/>uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" <br/>uRun: [RESTART_STICKY_NOTES] C:\windows\System32\StikyNot.exe <br/>mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 <br/>mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" <br/>mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini <br/>mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe <br/>mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin <br/>mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui <br/>mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" <br/>mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot <br/>StartupFolder: C:\Users\Toni\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe <br/>StartupFolder: C:\Users\Toni\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE <br/>StartupFolder: C:\Users\Toni\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe <br/>uPolicies-Explorer: NoDrives = dword:0 <br/>mPolicies-Explorer: NoDrives = dword:0 <br/>mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 <br/>mPolicies-System: ConsentPromptBehaviorUser = dword:3 <br/>mPolicies-System: EnableUIADesktopToggle = dword:0 <br/>IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 <br/>IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll <br/>IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll <br/>IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab <br/>TCP: NameServer = 192.168.1.1 <br/>TCP: Interfaces\{04D47C4C-E24D-4E0E-BF88-C73D0EA3F096} : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{44BC72E1-6C5B-45BB-B54D-5A38787C9EB5} : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{44BC72E1-6C5B-45BB-B54D-5A38787C9EB5}\131364850353135393836343 : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{44BC72E1-6C5B-45BB-B54D-5A38787C9EB5}\34963736F62313630383 : DHCPNameServer = 209.18.47.61 209.18.47.62 <br/>Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll <br/>Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll <br/>Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll <br/>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>SSODL: WebCheck - <orphaned> <br/>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll <br/>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome <br/>x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll <br/>x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll <br/>x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll <br/>x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll <br/>x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll <br/>x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file> <br/>x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t <br/>x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe <br/>x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE <br/>x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe <br/>x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe <br/>x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe <br/>x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe <br/>x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" <br/>x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll <br/>x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> <br/>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> <br/>x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll <br/>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> <br/>x64-Notify: igfxcui - igfxdev.dll <br/>x64-SSODL: WebCheck - <orphaned> <br/>. <br/>================= FIREFOX =================== <br/>. <br/>FF - ProfilePath - C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\q3ak3z5f.default\ <br/>FF - prefs.js: browser.search.selectedEngine - Amazon.com <br/>FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ <br/>FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll <br/>FF - plugin: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll <br/>FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll <br/>FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll <br/>FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll <br/>FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll <br/>FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll <br/>FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll <br/>FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll <br/>FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll <br/>FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll <br/>FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll <br/>FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll <br/>FF - plugin: C:\Users\Toni\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll <br/>FF - plugin: C:\Users\Toni\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll <br/>FF - plugin: C:\Users\Toni\AppData\Roaming\Mozilla\plugins\npo1d.dll <br/>FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll <br/>FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll <br/>FF - plugin: C:\windows\SysWOW64\npmproxy.dll <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-3-29 65776] <br/>R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-3-29 224896] <br/>R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2013-3-29 1041168] <br/>R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2013-3-29 427360] <br/>R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] <br/>R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] <br/>R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672] <br/>R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-8-6 29208] <br/>R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-3-29 79184] <br/>R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-8-6 50344] <br/>R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176] <br/>R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520] <br/>R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-7-23 296808] <br/>R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-3-9 239680] <br/>R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2013-3-29 9216] <br/>R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-4-20 169584] <br/>R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2013-3-29 38096] <br/>S2 aswStm;aswStm;C:\windows\System32\drivers\aswstm.sys [2013-12-28 92008] <br/>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] <br/>S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] <br/>S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-7-9 111616] <br/>S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-4-3 19456] <br/>S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2013-3-29 243712] <br/>S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-2-14 56832] <br/>S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-4-3 30208] <br/>S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] <br/>S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2014-08-09 17:41:55 -------- d-----w- C:\Malwarebytes <br/>2014-08-06 16:15:16 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys <br/>2014-08-06 16:15:05 43152 ----a-w- C:\windows\avastSS.scr <br/>2014-08-03 22:11:06 -------- d-sh--w- C:\$RECYCLE.BIN <br/>2014-07-29 22:38:20 519168 ----a-w- C:\windows\System32\aepdu.dll <br/>2014-07-29 21:43:37 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) <br/>2014-07-29 19:19:34 536576 ----a-w- C:\windows\SysWow64\sqlite3.dll <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2014-08-09 17:15:06 122584 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys <br/>2014-08-06 16:15:07 92008 ----a-w- C:\windows\System32\drivers\aswstm.sys <br/>2014-08-06 16:15:07 79184 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys <br/>2014-08-06 16:15:07 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys <br/>2014-08-06 16:15:07 224896 ----a-w- C:\windows\System32\drivers\aswVmm.sys <br/>2014-08-06 16:15:07 1041168 ----a-w- C:\windows\System32\drivers\aswSnx.sys <br/>2014-08-06 16:15:06 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys <br/>2014-07-29 21:42:51 92888 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys <br/>2014-07-09 11:40:27 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2014-07-09 11:40:27 699056 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe <br/>2014-07-09 11:40:08 5659136 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe <br/>2014-06-30 02:04:49 424448 ----a-w- C:\windows\System32\aeinv.dll <br/>2014-06-19 01:06:55 2724864 ----a-w- C:\windows\System32\mshtml.tlb <br/>2014-06-19 01:06:24 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll <br/>2014-06-19 00:42:57 548352 ----a-w- C:\windows\System32\vbscript.dll <br/>2014-06-19 00:42:49 66048 ----a-w- C:\windows\System32\iesetup.dll <br/>2014-06-19 00:41:52 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll <br/>2014-06-19 00:41:16 83968 ----a-w- C:\windows\System32\MshtmlDac.dll <br/>2014-06-19 00:24:30 139264 ----a-w- C:\windows\System32\ieUnatt.exe <br/>2014-06-19 00:24:12 111616 ----a-w- C:\windows\System32\ieetwcollector.exe <br/>2014-06-19 00:23:53 752640 ----a-w- C:\windows\System32\jscript9diag.dll <br/>2014-06-19 00:14:28 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe <br/>2014-06-18 23:59:04 38400 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll <br/>2014-06-18 23:56:37 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb <br/>2014-06-18 23:51:38 5721088 ----a-w- C:\windows\System32\jscript9.dll <br/>2014-06-18 23:38:40 455168 ----a-w- C:\windows\SysWow64\vbscript.dll <br/>2014-06-18 23:37:23 61952 ----a-w- C:\windows\SysWow64\iesetup.dll <br/>2014-06-18 23:36:35 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll <br/>2014-06-18 23:35:55 62464 ----a-w- C:\windows\SysWow64\MshtmlDac.dll <br/>2014-06-18 23:27:45 1249280 ----a-w- C:\windows\System32\mshtmlmedia.dll <br/>2014-06-18 23:27:07 2040832 ----a-w- C:\windows\System32\inetcpl.cpl <br/>2014-06-18 23:23:27 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe <br/>2014-06-18 23:22:40 592896 ----a-w- C:\windows\SysWow64\jscript9diag.dll <br/>2014-06-18 23:06:10 32256 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll <br/>2014-06-18 22:58:27 2266112 ----a-w- C:\windows\System32\wininet.dll <br/>2014-06-18 22:52:18 4254720 ----a-w- C:\windows\SysWow64\jscript9.dll <br/>2014-06-18 22:46:23 1068032 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll <br/>2014-06-18 22:45:59 1964544 ----a-w- C:\windows\SysWow64\inetcpl.cpl <br/>2014-06-18 22:13:59 1791488 ----a-w- C:\windows\SysWow64\wininet.dll <br/>2014-06-18 02:18:30 692736 ----a-w- C:\windows\System32\osk.exe <br/>2014-06-18 01:51:32 646144 ----a-w- C:\windows\SysWow64\osk.exe <br/>2014-06-18 01:10:36 3157504 ----a-w- C:\windows\System32\win32k.sys <br/>2014-06-06 10:10:34 624128 ----a-w- C:\windows\System32\qedit.dll <br/>2014-06-06 09:44:17 509440 ----a-w- C:\windows\SysWow64\qedit.dll <br/>2014-06-05 14:45:15 1460736 ----a-w- C:\windows\System32\lsasrv.dll <br/>2014-06-05 14:26:58 22016 ----a-w- C:\windows\SysWow64\secur32.dll <br/>2014-06-05 14:25:49 96768 ----a-w- C:\windows\SysWow64\sspicli.dll <br/>2014-05-30 08:08:52 210944 ----a-w- C:\windows\System32\wdigest.dll <br/>2014-05-30 08:08:49 86528 ----a-w- C:\windows\System32\TSpkg.dll <br/>2014-05-30 08:08:47 340992 ----a-w- C:\windows\System32\schannel.dll <br/>2014-05-30 08:08:41 314880 ----a-w- C:\windows\System32\msv1_0.dll <br/>2014-05-30 08:08:41 307200 ----a-w- C:\windows\System32\ncrypt.dll <br/>2014-05-30 08:08:36 728064 ----a-w- C:\windows\System32\kerberos.dll <br/>2014-05-30 08:08:31 22016 ----a-w- C:\windows\System32\credssp.dll <br/>2014-05-30 07:52:51 172032 ----a-w- C:\windows\SysWow64\wdigest.dll <br/>2014-05-30 07:52:49 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll <br/>2014-05-30 07:52:45 247808 ----a-w- C:\windows\SysWow64\schannel.dll <br/>2014-05-30 07:52:41 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll <br/>2014-05-30 07:52:40 259584 ----a-w- C:\windows\SysWow64\msv1_0.dll <br/>2014-05-30 07:52:36 550912 ----a-w- C:\windows\SysWow64\kerberos.dll <br/>2014-05-30 07:52:30 17408 ----a-w- C:\windows\SysWow64\credssp.dll <br/>2014-05-30 06:45:52 497152 ----a-w- C:\windows\System32\drivers\afd.sys <br/>2014-05-12 11:26:10 63704 ----a-w- C:\windows\System32\drivers\mwac.sys <br/>2014-05-12 11:25:56 25816 ----a-w- C:\windows\System32\drivers\mbam.sys <br/>. <br/>============= FINISH: 13:46:55.45 =============== <br/> <br/> <br/>. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2012-11-20.01) <br/>. <br/>Microsoft Windows 7 Home Premium <br/>Boot Device: \Device\HarddiskVolume1 <br/>Install Date: 3/29/2013 2:06:11 PM <br/>System Uptime: 8/8/2014 1:23:03 PM (24 hours ago) <br/>. <br/>Motherboard: TOSHIBA | | Portable PC <br/>Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz | CPU | 2300/800mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 285 GiB total, 213.035 GiB free. <br/>D: is CDROM () <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>==== System Restore Points =================== <br/>. <br/>RP124: 8/3/2014 5:55:22 PM - ComboFix created restore point <br/>RP125: 8/6/2014 12:13:09 PM - avast! antivirus system restore point <br/>RP126: 8/6/2014 9:23:08 PM - Revo Uninstaller's restore point - Marshall Plan® Novel Writing Software <br/>RP127: 8/6/2014 9:24:12 PM - Removed Marshall Plan® Novel Writing Software <br/>RP128: 8/6/2014 9:28:21 PM - Installed Marshall Plan® Novel Writing Software <br/>RP129: 8/7/2014 1:52:15 AM - Revo Uninstaller's restore point - Marshall Plan® Novel Writing Software <br/>RP130: 8/7/2014 1:53:12 AM - Removed Marshall Plan® Novel Writing Software <br/>RP131: 8/7/2014 1:56:15 AM - Installed Marshall Plan® Novel Writing Software <br/>RP132: 8/9/2014 10:56:45 AM - Revo Uninstaller's restore point - µTorrent <br/>. <br/>==== Installed Programs ====================== <br/>. <br/>Adobe AIR <br/>Adobe Community Help <br/>Adobe Flash Player 14 ActiveX <br/>Adobe Flash Player 14 Plugin <br/>Adobe Media Player <br/>Adobe Photoshop CS5 <br/>Adobe Reader XI (11.0.06) <br/>Apple Application Support <br/>Apple Mobile Device Support <br/>Apple Software Update <br/>Atheros Driver Installation Program <br/>Avant Browser (remove only) <br/>avast! Free Antivirus <br/>Best Buy pc app <br/>Bonjour <br/>calibre <br/>CCleaner <br/>Conexant HD Audio <br/>D3DX10 <br/>Dragon NaturallySpeaking 11 <br/>Dropbox <br/>Foxit Cloud <br/>Foxit Reader <br/>Google Chrome <br/>Google Drive <br/>Google Talk Plugin <br/>Google Toolbar for Internet Explorer <br/>Google Update Helper <br/>iCloud <br/>IHA_MessageCenter <br/>Intel(R) Graphics Media Accelerator Driver <br/>Intel® Matrix Storage Manager <br/>iTunes <br/>Jarte 3.4 <br/>Java 7 Update 25 <br/>Java 7 Update 25 (64-bit) <br/>Java Auto Updater <br/>Java(TM) 6 Update 17 <br/>Junk Mail filter update <br/>KD Bestseller Analyzer <br/>KD Ebook Marketer <br/>KD Niche Finder <br/>KD Search Analyzer <br/>Label@Once 1.0 <br/>Malwarebytes Anti-Malware version 2.0.2.1012 <br/>Marshall Plan® Novel Writing Software <br/>Mesh Runtime <br/>Microsoft .NET Framework 4.5.1 <br/>Microsoft Application Error Reporting <br/>Microsoft Office 2007 Service Pack 3 (SP3) <br/>Microsoft Office Access MUI (English) 2007 <br/>Microsoft Office Access Setup Metadata MUI (English) 2007 <br/>Microsoft Office Enterprise 2007 <br/>Microsoft Office Excel MUI (English) 2007 <br/>Microsoft Office File Validation Add-In <br/>Microsoft Office Groove MUI (English) 2007 <br/>Microsoft Office Groove Setup Metadata MUI (English) 2007 <br/>Microsoft Office InfoPath MUI (English) 2007 <br/>Microsoft Office Office 64-bit Components 2007 <br/>Microsoft Office OneNote MUI (English) 2007 <br/>Microsoft Office Outlook MUI (English) 2007 <br/>Microsoft Office PowerPoint MUI (English) 2007 <br/>Microsoft Office Proof (English) 2007 <br/>Microsoft Office Proof (French) 2007 <br/>Microsoft Office Proof (Spanish) 2007 <br/>Microsoft Office Proofing (English) 2007 <br/>Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) <br/>Microsoft Office Publisher MUI (English) 2007 <br/>Microsoft Office Shared 64-bit MUI (English) 2007 <br/>Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 <br/>Microsoft Office Shared MUI (English) 2007 <br/>Microsoft Office Shared Setup Metadata MUI (English) 2007 <br/>Microsoft Office Word MUI (English) 2007 <br/>Microsoft Silverlight <br/>Microsoft SQL Server 2005 Compact Edition [ENU] <br/>Microsoft Text-to-Speech Engine 4.0 (English) <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 <br/>Microsoft_VC80_ATL_x86 <br/>Microsoft_VC80_ATL_x86_x64 <br/>Microsoft_VC80_CRT_x86 <br/>Microsoft_VC80_CRT_x86_x64 <br/>Microsoft_VC80_MFC_x86 <br/>Microsoft_VC80_MFC_x86_x64 <br/>Microsoft_VC80_MFCLOC_x86 <br/>Microsoft_VC80_MFCLOC_x86_x64 <br/>Microsoft_VC90_ATL_x86 <br/>Microsoft_VC90_ATL_x86_x64 <br/>Microsoft_VC90_CRT_x86 <br/>Microsoft_VC90_CRT_x86_x64 <br/>Microsoft_VC90_MFC_x86 <br/>Microsoft_VC90_MFC_x86_x64 <br/>Mobysaurus Thesaurus <br/>Movie Magic Screenwriter 6 <br/>Mozilla Firefox 31.0 (x86 en-US) <br/>Mozilla Maintenance Service <br/>MSVCRT <br/>MSVCRT_amd64 <br/>MSXML 4.0 SP2 (KB954430) <br/>MSXML 4.0 SP2 (KB973688) <br/>OpenOffice.org 3.4.1 <br/>Outline 4D <br/>PDF-Viewer <br/>PDF Settings CS5 <br/>PlayReady PC Runtime amd64 <br/>PlayReady PC Runtime x86 <br/>Power Structure <br/>RAR Password Unlocker 4.2.0.0 <br/>RealDownloader <br/>RealNetworks - Microsoft Visual C++ 2008 Runtime <br/>RealNetworks - Microsoft Visual C++ 2010 Runtime <br/>RealPlayer <br/>Realtek USB 2.0 Card Reader <br/>RealUpgrade 1.1 <br/>Revo Uninstaller 1.95 <br/>Scrivener Update <br/>Security Task Manager 1.7g <br/>Security Update for CAPICOM (KB931906) <br/>Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) <br/>Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) <br/>Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) <br/>Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition <br/>Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition <br/>Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition <br/>Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition <br/>Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition <br/>Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition <br/>Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition <br/>Skype Click to Call <br/>Skype™ 6.16 <br/>StoryView 2.0 <br/>SUPERAntiSpyware <br/>Synaptics Pointing Device Driver <br/>TheSage <br/>TOSHIBA Application Installer <br/>TOSHIBA Assist <br/>Toshiba Book Place <br/>TOSHIBA Bulletin Board <br/>TOSHIBA Disc Creator <br/>TOSHIBA Face Recognition <br/>TOSHIBA Hardware Setup <br/>TOSHIBA HDD/SSD Alert <br/>TOSHIBA Media Controller <br/>TOSHIBA Media Controller Plug-in <br/>TOSHIBA Quality Application <br/>TOSHIBA Recovery Media Creator <br/>TOSHIBA ReelTime <br/>TOSHIBA Service Station <br/>TOSHIBA Supervisor Password <br/>TOSHIBA Value Added Package <br/>TOSHIBA Web Camera Application <br/>ToshibaRegistration <br/>Update for 2007 Microsoft Office System (KB967642) <br/>Update for Microsoft Office 2007 Help for Common Features (KB963673) <br/>Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition <br/>Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition <br/>Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition <br/>Update for Microsoft Office Access 2007 Help (KB963663) <br/>Update for Microsoft Office Excel 2007 Help (KB963678) <br/>Update for Microsoft Office Infopath 2007 Help (KB963662) <br/>Update for Microsoft Office OneNote 2007 Help (KB963670) <br/>Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition <br/>Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition <br/>Update for Microsoft Office Outlook 2007 Help (KB963677) <br/>Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition <br/>Update for Microsoft Office Powerpoint 2007 Help (KB963669) <br/>Update for Microsoft Office Publisher 2007 Help (KB963667) <br/>Update for Microsoft Office Script Editor Help (KB963671) <br/>Update for Microsoft Office Word 2007 Help (KB963665) <br/>Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) <br/>VLC media player 2.0.8 <br/>Windows Live Communications Platform <br/>Windows Live Essentials <br/>Windows Live ID Sign-in Assistant <br/>Windows Live Installer <br/>Windows Live Language Selector <br/>Windows Live Mail <br/>Windows Live Mesh <br/>Windows Live Mesh ActiveX Control for Remote Connections <br/>Windows Live Messenger <br/>Windows Live MIME IFilter <br/>Windows Live Movie Maker <br/>Windows Live Photo Common <br/>Windows Live Photo Gallery <br/>Windows Live PIMT Platform <br/>Windows Live Remote Client <br/>Windows Live Remote Client Resources <br/>Windows Live Remote Service <br/>Windows Live Remote Service Resources <br/>Windows Live SOXE <br/>Windows Live SOXE Definitions <br/>Windows Live UX Platform <br/>Windows Live UX Platform Language Pack <br/>Windows Live Writer <br/>Windows Live Writer Resources <br/>Windows Media Player 64-bit Plug-in Fix <br/>Windows Media Player Plus! 2.6 <br/>WinRAR archiver <br/>WMP Tag Plus 2.2 <br/>Wondershare Dr.Fone(Build 2.0.1.3) <br/>WordWeb Pro <br/>Writer's DreamKit <br/>Xiph.Org Open Codecs 0.85.17777 <br/>yWriter5 <br/>ZoneAlarm Firewall <br/>ZoneAlarm Security <br/>. <br/>==== Event Viewer Messages From Past Week ======== <br/>. <br/>8/8/2014 12:54:29 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. <br/>8/8/2014 12:54:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} <br/>8/8/2014 12:54:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} <br/>8/8/2014 12:54:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} <br/>8/8/2014 12:54:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} <br/>8/8/2014 12:54:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} <br/>8/8/2014 12:54:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} <br/>8/8/2014 12:54:01 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswRvrt aswSnx aswSP aswTdi aswVmm DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl <br/>8/8/2014 12:54:01 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. <br/>8/8/2014 12:54:01 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. <br/>8/8/2014 12:54:01 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. <br/>8/8/2014 12:54:01 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>8/8/2014 12:54:01 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>8/8/2014 12:54:01 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>8/8/2014 12:54:00 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>8/8/2014 12:54:00 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. <br/>8/8/2014 12:54:00 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. <br/>8/8/2014 12:54:00 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. <br/>8/8/2014 12:54:00 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. <br/>8/3/2014 6:09:26 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. <br/>8/3/2014 6:08:32 PM, Error: Application Popup [1060] - \??\C:\james\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. <br/>. <br/>==== End Of File ===========================
Posted 8/9/2014 7:51 PM
#97485
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
If I am doing this wrong I apologize. I ran the hijack this as administrator as suggested by the program and it ran without a message popping up like I received in the the first run through. I am posting it in case it contains info not included in the first posted file. <br/> <br/>Beauty <br/>----------------- <br/> <br/> <br/>Logfile of Trend Micro HijackThis v2.0.5 <br/>Scan saved at 3:39:48 PM, on 8/9/2014 <br/>Platform: Windows 7 SP1 (WinNT 6.00.3505) <br/>MSIE: Internet Explorer v11.0 (11.00.9600.17207) <br/> <br/>FIREFOX: 31.0 (x86 en-US) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe <br/>C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>C:\Program Files (x86)\WordWeb\wweb32.exe <br/>C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Program Files (x86)\iTunes\iTunesHelper.exe <br/>C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe <br/>C:\Users\Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe <br/>C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE <br/>C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe <br/>C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin <br/>C:\Program Files (x86)\Mozilla Firefox\firefox.exe <br/>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe <br/>C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe <br/>C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe <br/>C:\Users\Toni\Desktop\HijackThis.exe <br/> <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll <br/>O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll <br/>O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll <br/>O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll <br/>O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll <br/>O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll <br/>O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 <br/>O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" <br/>O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini <br/>O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe <br/>O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin <br/>O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui <br/>O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" <br/>O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" <br/>O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler <br/>O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart <br/>O4 - HKCU\..\Run: [WordWeb] "C:\Program Files (x86)\WordWeb\wweb32.exe" -startup <br/>O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" <br/>O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe <br/>O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user') <br/>O4 - Startup: Dropbox.lnk = Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe <br/>O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE <br/>O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe <br/>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 <br/>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll <br/>O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll <br/>O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll <br/>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics <br/>O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll <br/>O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL <br/>O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll <br/>O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE <br/>O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) <br/>O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe <br/>O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe <br/>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) <br/>O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe <br/>O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) <br/>O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe <br/>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) <br/>O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe <br/>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) <br/>O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe <br/>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) <br/>O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe <br/>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) <br/>O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe <br/>O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe <br/>O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing) <br/>O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe <br/>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) <br/>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) <br/>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) <br/> <br/>-- <br/>End of file - 12725 bytes
Posted 8/10/2014 2:21 AM
#97486
User avatar

Robert Mateescu Advanced member

Date Joined Nov 2016
Total Posts: 427
Hi Beauty, <br/> <br/>Please download AdwCleaner from here . <br/>If Avast detects it as infected, turn your antivirus off and run and download it again. <br/> <br/>Moreover, I recommend you to uninstall Avast and check if this fixes the issue. <br/> <br/> <br/>Best wishes!
Robert Mateescu
Senior Support Technician EN
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Contact our Support team directly via Live Chat for immediate assistance: http://www.bullguard.com/support.aspx!
Posted 8/10/2014 5:49 PM
#97489
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
Hello Robert <br/> <br/>When I ran the Adware Cleaner, in files I unchecked the "C:\Program Files\Uninstaller" I did not know if I should have allowed that to be removed. If you say it should I will download and run the Adware Cleaner again. <br/> <br/>You also suggested removing my anitvirus software "Avast". I am a bit confused by this are you say permanently, this would leave me without antivirus protection, or remove and reinstall it. <br/> <br/>My browser is still doing the flash and hangup and my computer is still slow, ex I will type and I have to wait for the letters to appear. Last but not least, my browser tabs would reset, that is is new. <br/> <br/>Thank you <br/>Beauty <br/> <br/>----------------------------------------------------- <br/> <br/># AdwCleaner v3.304 - Report created 10/08/2014 at 13:21:50 <br/># Updated 08/08/2014 by Xplode <br/># Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) <br/># Username : Toni - TONI-PC <br/># Running from : C:\Users\Toni\Desktop\AdwCleaner.exe <br/># Option : Clean <br/> <br/>***** [ Services ] ***** <br/> <br/> <br/>***** [ Files / Folders ] ***** <br/> <br/>[x] Not Deleted : C:\Program Files\Uninstaller <br/> <br/>***** [ Scheduled Tasks ] ***** <br/> <br/> <br/>***** [ Shortcuts ] ***** <br/> <br/> <br/>***** [ Registry ] ***** <br/> <br/>Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck <br/> <br/>***** [ Browsers ] ***** <br/> <br/>-\\ Internet Explorer v11.0.9600.17207 <br/> <br/> <br/>-\\ Mozilla Firefox v31.0 (x86 en-US) <br/> <br/>[ File : C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\q3ak3z5f.default\prefs.js ] <br/> <br/> <br/>-\\ Google Chrome v36.0.1985.125 <br/> <br/>[ File : C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\preferences ] <br/> <br/>Deleted [Extension] : eofcbnmajmjmplflapaojjnihcjkigck <br/> <br/>************************* <br/> <br/>AdwCleaner[R0].txt - [22443 octets] - [15/12/2013 20:17:58] <br/>AdwCleaner[R1].txt - [1458 octets] - [02/02/2014 17:13:09] <br/>AdwCleaner[R2].txt - [2406 octets] - [29/07/2014 15:18:50] <br/>AdwCleaner[R3].txt - [1480 octets] - [10/08/2014 13:15:33] <br/>AdwCleaner[S0].txt - [22505 octets] - [15/12/2013 20:27:50] <br/>AdwCleaner[S1].txt - [1437 octets] - [02/02/2014 17:16:00] <br/>AdwCleaner[S2].txt - [2494 octets] - [29/07/2014 15:22:33] <br/>AdwCleaner[S3].txt - [1408 octets] - [10/08/2014 13:21:50] <br/> <br/>########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1468 octets] ##########
Posted 8/11/2014 11:19 AM
#97492
User avatar

Robert Mateescu Advanced member

Date Joined Nov 2016
Total Posts: 427
Hi Beauty, <br/> <br/>The uninstall is only to test if the issue is caused by the antivirus. <br/>Uninstall it and restart the computer. <br/>Next, download Combofix from here. Restart your computer in Safe Mode and run it. <br/>Do not open any programs during the Combofix scan. Once it finishes, a log will be displayed on your desktop. Restart again in Normal mode. <br/>Finally, go to Start and type cmd. Right click on cmd.exe ->Run as administrator. In the Command Prompt (black) window, type sfc /scannow [Enter]. <br/>Reboot the machine after the scan completes and check if the issue persists. <br/> <br/>Reinstall Avast and let me know if there is any change. <br/> <br/>Best wishes!
Robert Mateescu
Senior Support Technician EN
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Contact our Support team directly via Live Chat for immediate assistance: http://www.bullguard.com/support.aspx!
Posted 8/12/2014 4:06 AM
#97498
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
Hi Robert <br/> <br/>I followed all of the instruction you gave me. <br/> <br/>I did have a problem with the combofix. I rename it Grace, downloaded it and placed it on the desktop in a spot that I would be able to find it when I was in safe mode. In safe mode it had completely disappeared. I search for it in safe mode, it was not there. I re-downloaded in normal windows naming it with letters and number and placed it inside a fold, that worked, it was in the folder in safe mode. Back in normal windows I searched for it to make sure it had disappeared. It is not on my C: drive anywhere with the Name of Grace, the spot I had placed it in is empty. <br/> <br/>The scan that you had me perform finished with this message “resource protection did not find any integrity violations” <br/> <br/>There is no improvement with the browser, it seem worst it is slower in response, the hangup and flashing has increased. Removing Avast and reinstalling did not change how things are working <br/> <br/>Thank you <br/> <br/>Beauty <br/> <br/> <br/>-------------------------------------------------------------- <br/> <br/> <br/>ComboFix 14-08-06.02 - Toni 08/11/2014 15:20:55.5.2 - x64 MINIMAL <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3964.2789 [GMT -4:00] <br/>Running from: c:\users\Toni\Desktop\combo\Hi5.exe <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/> * Created a new restore point <br/>. <br/>. <br/>((((((((((((((((((((((((( Files Created from 2014-07-11 to 2014-08-11 ))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>2014-08-11 19:28 . 2014-08-11 19:28 -------- d-----w- c:\users\Public\AppData\Local\temp <br/>2014-08-11 19:28 . 2014-08-11 19:28 -------- d-----w- c:\users\Default\AppData\Local\temp <br/>2014-08-11 18:50 . 2014-08-11 18:50 -------- d-s---w- c:\windows\SysWow64\Microsoft <br/>2014-08-09 18:10 . 2014-08-09 18:10 -------- d-----w- c:\programdata\Oracle <br/>2014-08-09 18:09 . 2014-08-09 18:09 -------- d-----w- c:\program files (x86)\Common Files\Java <br/>2014-08-09 18:09 . 2014-08-09 18:09 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll <br/>2014-08-09 18:09 . 2014-08-09 18:09 -------- d-----w- c:\program files (x86)\Java <br/>2014-08-09 17:41 . 2014-08-09 17:43 -------- d-----w- C:\Malwarebytes <br/>2014-07-29 21:43 . 2014-07-29 22:11 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) <br/>2014-07-29 19:19 . 2010-08-30 12:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll <br/>. <br/>. <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2014-08-09 17:15 . 2014-06-12 18:16 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys <br/>2014-07-29 22:44 . 2013-04-03 03:45 96441528 ----a-w- c:\windows\system32\MRT.exe <br/>2014-07-29 21:42 . 2014-06-12 18:15 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys <br/>2014-07-09 11:40 . 2013-03-29 19:50 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2014-07-09 11:40 . 2013-03-29 19:50 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe <br/>2014-07-09 11:40 . 2014-07-09 11:40 5659136 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe <br/>2014-06-20 20:14 . 2014-07-09 08:06 266424 ----a-w- c:\windows\system32\iedkcs32.dll <br/>2014-06-19 01:39 . 2014-07-09 08:05 23464448 ----a-w- c:\windows\system32\mshtml.dll <br/>2014-06-19 01:06 . 2014-07-09 08:06 2724864 ----a-w- c:\windows\system32\mshtml.tlb <br/>2014-06-19 01:06 . 2014-07-09 08:06 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll <br/>2014-06-19 00:48 . 2014-07-09 08:06 2768384 ----a-w- c:\windows\system32\iertutil.dll <br/>2014-06-19 00:42 . 2014-07-09 08:06 548352 ----a-w- c:\windows\system32\vbscript.dll <br/>2014-06-19 00:42 . 2014-07-09 08:06 66048 ----a-w- c:\windows\system32\iesetup.dll <br/>2014-06-19 00:41 . 2014-07-09 08:06 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll <br/>2014-06-19 00:41 . 2014-07-09 08:06 83968 ----a-w- c:\windows\system32\MshtmlDac.dll <br/>2014-06-19 00:32 . 2014-07-09 08:06 51200 ----a-w- c:\windows\system32\jsproxy.dll <br/>2014-06-19 00:31 . 2014-07-09 08:06 33792 ----a-w- c:\windows\system32\iernonce.dll <br/>2014-06-19 00:26 . 2014-07-09 08:06 598016 ----a-w- c:\windows\system32\ieui.dll <br/>2014-06-19 00:24 . 2014-07-09 08:06 139264 ----a-w- c:\windows\system32\ieUnatt.exe <br/>2014-06-19 00:24 . 2014-07-09 08:06 111616 ----a-w- c:\windows\system32\ieetwcollector.exe <br/>2014-06-19 00:23 . 2014-07-09 08:06 752640 ----a-w- c:\windows\system32\jscript9diag.dll <br/>2014-06-19 00:14 . 2014-07-09 08:06 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe <br/>2014-06-19 00:09 . 2014-07-09 08:06 452608 ----a-w- c:\windows\system32\dxtmsft.dll <br/>2014-06-18 23:59 . 2014-07-09 08:06 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll <br/>2014-06-18 23:56 . 2014-07-09 08:06 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb <br/>2014-06-18 23:53 . 2014-07-09 08:06 195584 ----a-w- c:\windows\system32\msrating.dll <br/>2014-06-18 23:51 . 2014-07-09 08:06 5721088 ----a-w- c:\windows\system32\jscript9.dll <br/>2014-06-18 23:50 . 2014-07-09 08:06 85504 ----a-w- c:\windows\system32\mshtmled.dll <br/>2014-06-18 23:48 . 2014-07-09 08:06 292864 ----a-w- c:\windows\system32\dxtrans.dll <br/>2014-06-18 23:39 . 2014-07-09 08:06 608768 ----a-w- c:\windows\system32\ie4uinit.exe <br/>2014-06-18 23:38 . 2014-07-09 08:06 455168 ----a-w- c:\windows\SysWow64\vbscript.dll <br/>2014-06-18 23:37 . 2014-07-09 08:06 61952 ----a-w- c:\windows\SysWow64\iesetup.dll <br/>2014-06-18 23:36 . 2014-07-09 08:06 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll <br/>2014-06-18 23:35 . 2014-07-09 08:06 62464 ----a-w- c:\windows\SysWow64\MshtmlDac.dll <br/>2014-06-18 23:33 . 2014-07-09 08:06 631808 ----a-w- c:\windows\system32\msfeeds.dll <br/>2014-06-18 23:27 . 2014-07-09 08:06 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll <br/>2014-06-18 23:27 . 2014-07-09 08:06 2040832 ----a-w- c:\windows\system32\inetcpl.cpl <br/>2014-06-18 23:23 . 2014-07-09 08:06 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe <br/>2014-06-18 23:22 . 2014-07-09 08:06 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll <br/>2014-06-18 23:06 . 2014-07-09 08:06 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll <br/>2014-06-18 22:58 . 2014-07-09 08:06 2266112 ----a-w- c:\windows\system32\wininet.dll <br/>2014-06-18 22:52 . 2014-07-09 08:06 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll <br/>2014-06-18 22:51 . 2014-07-09 08:06 13527040 ----a-w- c:\windows\system32\ieframe.dll <br/>2014-06-18 22:46 . 2014-07-09 08:06 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll <br/>2014-06-18 22:45 . 2014-07-09 08:06 1964544 ----a-w- c:\windows\SysWow64\inetcpl.cpl <br/>2014-06-18 22:34 . 2014-07-09 08:06 1393664 ----a-w- c:\windows\system32\urlmon.dll <br/>2014-06-18 22:15 . 2014-07-09 08:06 846336 ----a-w- c:\windows\system32\ieapfltr.dll <br/>2014-06-18 22:13 . 2014-07-09 08:06 1791488 ----a-w- c:\windows\SysWow64\wininet.dll <br/>2014-06-18 02:18 . 2014-07-09 08:06 692736 ----a-w- c:\windows\system32\osk.exe <br/>2014-06-18 01:51 . 2014-07-09 08:06 646144 ----a-w- c:\windows\SysWow64\osk.exe <br/>2014-06-18 01:10 . 2014-07-09 08:06 3157504 ----a-w- c:\windows\system32\win32k.sys <br/>2014-06-06 10:10 . 2014-07-09 08:06 624128 ----a-w- c:\windows\system32\qedit.dll <br/>2014-06-06 09:44 . 2014-07-09 08:06 509440 ----a-w- c:\windows\SysWow64\qedit.dll <br/>2014-06-05 14:45 . 2014-07-09 08:05 1460736 ----a-w- c:\windows\system32\lsasrv.dll <br/>2014-06-05 14:26 . 2014-07-09 08:05 22016 ----a-w- c:\windows\SysWow64\secur32.dll <br/>2014-06-05 14:25 . 2014-07-09 08:05 96768 ----a-w- c:\windows\SysWow64\sspicli.dll <br/>2014-05-30 06:45 . 2014-07-09 08:06 497152 ----a-w- c:\windows\system32\drivers\afd.sys <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] <br/>@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] <br/>2014-06-24 22:04 131480 ----a-w- c:\users\Toni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] <br/>@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] <br/>2014-06-24 22:04 131480 ----a-w- c:\users\Toni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] <br/>@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] <br/>2014-06-24 22:04 131480 ----a-w- c:\users\Toni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll <br/>. <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2010-11-14 222496] <br/>"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-06-27 24477056] <br/>"WordWeb"="c:\program files (x86)\WordWeb\wweb32.exe" [2009-11-09 65216] <br/>"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-03-29 39408] <br/>"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU] <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] <br/>"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136] <br/>"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] <br/>"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] <br/>"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2007-04-16 259624] <br/>"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-06 43848] <br/>"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] <br/>"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] <br/>"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-06 152392] <br/>"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2014-04-12 295512] <br/>"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896] <br/>. <br/>c:\users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>Dropbox.lnk - c:\users\Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-21 35464216] <br/>OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680] <br/>OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104] <br/>. <br/>c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe "c:\programdata\Best Buy pc app\Best Buy pc app.application" [2011-2-25 15776] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] <br/>"ConsentPromptBehaviorAdmin"= 5 (0x5) <br/>"ConsentPromptBehaviorUser"= 3 (0x3) <br/>"EnableUIADesktopToggle"= 0 (0x0) <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] <br/>"aux"=wdmaud.drv <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] <br/>@="" <br/>. <br/>R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x] <br/>R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x] <br/>R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x] <br/>R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x] <br/>R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] <br/>R2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [x] <br/>R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [x] <br/>R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x] <br/>R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] <br/>R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] <br/>R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x] <br/>R3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x] <br/>R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] <br/>R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x] <br/>R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] <br/>R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x] <br/>R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] <br/>R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] <br/>R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] <br/>R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] <br/>R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] <br/>R4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x] <br/>R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] <br/>S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x] <br/>S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x] <br/>. <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] <br/>2014-07-17 08:49 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/>. <br/>2014-08-11 c:\windows\Tasks\Adobe Flash Player Updater.job <br/>- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-29 11:40] <br/>. <br/>2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29 20:49] <br/>. <br/>2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29 20:49] <br/>. <br/>2014-08-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1354588641-1740646661-3474411197-1001Core.job <br/>- c:\users\Toni\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-16 17:01] <br/>. <br/>2014-08-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1354588641-1740646661-3474411197-1001UA.job <br/>- c:\users\Toni\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-16 17:01] <br/>. <br/>2014-08-09 c:\windows\Tasks\ReclaimerUpdateFiles_Toni.job <br/>- c:\users\Toni\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-28 21:51] <br/>. <br/>2014-08-11 c:\windows\Tasks\ReclaimerUpdateXML_Toni.job <br/>- c:\users\Toni\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-28 21:51] <br/>. <br/>2014-08-11 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Toni.job <br/>- c:\users\Toni\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-28 21:51] <br/>. <br/>2013-04-02 c:\windows\Tasks\{C766DC32-1469-4EA4-9657-09DB09FB6E92}.job <br/>- c:\program files (x86)\mozilla firefox\firefox.exe [2014-07-31 20:54] <br/>. <br/>. <br/>--------- X64 Entries ----------- <br/>. <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] <br/>@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] <br/>2014-06-24 22:04 164760 ----a-w- c:\users\Toni\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] <br/>@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] <br/>2014-06-24 22:04 164760 ----a-w- c:\users\Toni\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] <br/>@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] <br/>2014-06-24 22:04 164760 ----a-w- c:\users\Toni\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] <br/>@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] <br/>2014-06-24 22:04 164760 ----a-w- c:\users\Toni\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" <br/>[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] <br/>2014-06-27 18:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" <br/>[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] <br/>2014-06-27 18:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" <br/>[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] <br/>2014-06-27 18:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" <br/>[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] <br/>2014-06-27 18:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" <br/>[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] <br/>2014-06-27 18:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" <br/>[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] <br/>2014-06-27 18:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768] <br/>"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU] <br/>"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU] <br/>"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU] <br/>"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU] <br/>"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376] <br/>"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU] <br/>"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uLocal Page = c:\windows\system32\blank.htm <br/>uStart Page = hxxp://www.google.com <br/>mLocal Page = c:\windows\SysWOW64\blank.htm <br/>IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 <br/>Trusted Zone: verizon.net\activate <br/>Trusted Zone: verizon.net\activatemydsl <br/>Trusted Zone: verizon.net\activatemyfios <br/>Trusted Zone: verizon.net\activatemyhsi <br/>Trusted Zone: verizon.net\activatemywifi <br/>Trusted Zone: verizon.net\wbadownload <br/>TCP: DhcpNameServer = 192.168.1.1 <br/>FF - ProfilePath - c:\users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\q3ak3z5f.default\ <br/>FF - prefs.js: browser.search.selectedEngine - Amazon.com <br/>FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/>. <br/>Toolbar-Locked - (no file) <br/>ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) <br/>AddRemove-Mobysaurus Thesaurus - c:\windows\system32\SpoonUninstall.exe <br/>AddRemove-RealPlayer 16.0 - c:\program files (x86)\Real\RealPlayer\Update\r1puninst.exe <br/>. <br/>. <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="FlashBroker" <br/>"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] <br/>"Enabled"=dword:00000001 <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] <br/>@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="IFlashBroker5" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] <br/>@="{00020424-0000-0000-C000-000000000046}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>"Version"="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="FlashBroker" <br/>"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] <br/>"Enabled"=dword:00000001 <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] <br/>@Denied: (A 2) (Everyone) <br/>@="Shockwave Flash Object" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx" <br/>"ThreadingModel"="Apartment" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] <br/>@="0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] <br/>@="ShockwaveFlash.ShockwaveFlash.14" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] <br/>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] <br/>@="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] <br/>@="ShockwaveFlash.ShockwaveFlash" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] <br/>@Denied: (A 2) (Everyone) <br/>@="Macromedia Flash Factory Object" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx" <br/>"ThreadingModel"="Apartment" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] <br/>@="FlashFactory.FlashFactory.1" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] <br/>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] <br/>@="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] <br/>@="FlashFactory.FlashFactory" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="IFlashBroker5" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] <br/>@="{00020424-0000-0000-C000-000000000046}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>"Version"="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Wondershare\Wondershare Helper Compact\1868852841\ws\System32\WindowsPowerShell\v1.0;c:\program files (x86)\Windows Live\Shared;c:\program files (x86)\Calibre2\*PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC*PROCESSOR_ARCHITECTURE=x86*PROCESSOR_ARCHITEW6432=AMD64*PROCESSOR_IDENTIFIER=Intel6] <br/>"JoinUserExperience"=dword:00000001 <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] <br/>@Denied: (Full) (Everyone) <br/>. <br/>Completion time: 2014-08-11 15:30:11 <br/>ComboFix-quarantined-files.txt 2014-08-11 19:30 <br/>ComboFix2.txt 2014-08-03 22:15 <br/>ComboFix3.txt 2013-04-01 01:07 <br/>ComboFix4.txt 2013-03-30 15:41 <br/>ComboFix5.txt 2014-08-11 19:20 <br/>. <br/>Pre-Run: 227,568,525,312 bytes free <br/>Post-Run: 226,827,182,080 bytes free <br/>. <br/>- - End Of File - - C1E4169F780830D7035B0338105EFB7C <br/>5B5E648D12FCADC244C1EC30318E1EB9
Posted 8/14/2014 12:52 PM
#97506
User avatar

Robert Mateescu Advanced member

Date Joined Nov 2016
Total Posts: 427
Hi Beauty, <br/> <br/>I have reviewed all the logs and your computer is not infected. <br/>Check for Windows updates and update your Internet Explorer (as your version is outdated). <br/> <br/>If the problem persists, download "All in one repair" from here and run it. <br/>Skip the Malwarebytes and Windows file integrity scans, as you have already ran them. <br/> <br/>Best wishes!
Robert Mateescu
Senior Support Technician EN
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Contact our Support team directly via Live Chat for immediate assistance: http://www.bullguard.com/support.aspx!
Posted 8/15/2014 5:13 PM
#97511
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
Hi Robert <br/> <br/>Than you for your help. I will do as you suggested. It's good to know I do not have any viruses. <br/> <br/> <br/>All the best <br/> <br/>Beauty
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Friday, December 2, 2016, 6:55 PM (GMT +1)
There are a total of 61,157 posts in 13,447 threads.
In the last 3 days there were 1 new threads and 1 reply posts.

Who's online

This forum has 37,966 registered members. Please welcome our newest member, Don Tee.
There are currently no users on-line.