I was editing some home video files and my computer was running very slow. I edited the files, then tried to run them with WMV. I got an error message, "server execution failed". Kept getting it over and over.

Perplexed, I opened google chrome to google what this meant. Chrome would not open, same error -- "server execution failed." I thought I should try a system restore, but I can't do that either -- I don't remember the exact error (it wasn't server execution failed) but it was something like invalid path.

My young adult son is on the computer now, on his account. The local files on his account run fine but he can't run chrome on his account either.

I'm posting this here because I suspect something malevolent is at work. What info should I provide?

Hello TSF, One of the most respected communities on the internet, heroic I must add.

I have had posted here before and have my problems resolved, i am having one again, I am experiencing slow browsing, even the GMER.exe had to be downloaded via a VPN.
-------------------------------------------------------------------------------

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7600.16385
Run by Psio at 15:01:25 on 2014-09-18
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3317.1913 [GMT 5:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\ProgramData\CharJi EVO\OnlineUpdate\ouc.exe
C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\ProgramData\MobileBrServ\mbbservice.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\Ctxfihlp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\CharJi EVO\CharJi EVO.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Razer\Lachesis 5600\LachesisSysTray.exe
C:\Windows\vmsnap3.exe
C:\Windows\Domino.exe
C:\Users\Psio\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Hotspot Shield\bin\hsscp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hotspot Shield\bin\af_proxy_cmd.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Hotspot Shield\bin\openvpn.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Hotspot Shield\bin\fbwmgr.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Hotspot Shield\bin\fbw.exe
C:\Program Files\Hotspot Shield\bin\fbw.exe
C:\Program Files\Hotspot Shield\bin\fbw.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.us.com/v/2/?guid={F3EFB0A8-424E-4713-8C76-039B4347E9CA}&serpv=17
uDefault_Page_URL = hxxp://search.us.com/v/2/?guid={F3EFB0A8-424E-4713-8C76-039B4347E9CA}&serpv=17
uProxyServer = hxxp=127.0.0.1:8555;https=127.0.0.1:8555
uProxyOverride = <local>127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
uRun: [uTorrent] "c:\users\psio\appdata\roaming\utorrent\uTorrent.exe" /MINIMIZED
uRun: [Wondershare Helper Compact.exe] "c:\program files\common files\wondershare\wondershare helper compact\WSHelperSetup.exe"
uRun: [GoogleChromeAutoLaunch_155C386C43597D4A43CA95FE82403925] "c:\program files\google\chrome\application\chrome.exe" --no-startup-window
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Razer Lachesis Driver] c:\program files\razer\lachesis 5600\LachesisSysTray.exe
mRun: [VMSnap3] c:\windows\VMSnap3.exe
mRun: [Domino] c:\windows\Domino.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
TCP: NameServer = 8.8.8.8
TCP: Interfaces\{598DFB1B-A8E1-448C-81CE-6DDE08599A1D} : NameServer = 182.176.32.29 119.159.255.36
TCP: Interfaces\{64D09A72-59F2-408A-BD34-76CA52C84E0F} : DHCPNameServer = 8.8.8.8
TCP: Interfaces\{7AC50C25-A9ED-48AC-87AF-F5EFE1CB3B1D} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{9664AEDF-E8FB-42F0-B420-5AA9ED0AAA57} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{ED6E7E2E-2072-43C9-87D9-F01AEC075170} : NameServer = 210.2.181.6,210.2.177.7
TCP: Interfaces\{ED6E7E2E-2072-43C9-87D9-F01AEC075170} : DHCPNameServer = 62.113.218.106 8.8.8.8
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\37.0.2062.120\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\psio\appdata\roaming\mozilla\firefox\profiles\lx9486hm.default-1390572488719\
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_15_0_0_152.dll
.
============= SERVICES / DRIVERS ===============
.
R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2014-5-17 39624]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2014-1-16 217600]
R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\skype\toolbars\autoupdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\skype\toolbars\pnrsvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\cmw_srv.exe [2014-5-17 919040]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2013-2-6 276048]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\programdata\mobilebrserv\mbbService.exe [2014-1-28 239696]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2014-1-16 2320920]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2014-1-16 86656]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2011-8-22 171096]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2011-8-22 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2011-8-22 72792]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k6232.sys [2014-1-16 224424]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2014-9-17 11904]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\drivers\ewusbwwan.sys [2014-9-17 381952]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2014-9-17 77824]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2014-5-7 37064]
S2 CharJi EVO. RunOuc;CharJi EVO. OUC;c:\program files\charji evo\updatedog\ouc.exe [2014-9-17 656976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MgAssistService;MgAssist Service;c:\program files\mobogenie\mgassist.exe --> c:\program files\mobogenie\MgAssist.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2014-4-3 315008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2014-1-16 79360]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2011-8-22 171096]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2011-8-22 1324120]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2011-8-22 72792]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2014-4-28 80184]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2014-9-17 95232]
S3 vvftav303;vvftav303;c:\windows\system32\drivers\vvftav303.sys [2014-6-2 480128]
S3 ZSMC0303;A4 TECH PC Camera H;c:\windows\system32\drivers\usbVM303.sys [2014-6-2 1472768]
.
=============== Created Last 30 ================
.
2014-09-17 18:28:51 95232 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2014-09-17 18:28:51 861696 ----a-w- c:\windows\system32\drivers\mod7700.sys
2014-09-17 18:28:51 77824 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2014-09-17 18:28:51 70528 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2014-09-17 18:28:51 381952 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys
2014-09-17 18:28:51 27776 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2014-09-17 18:28:51 25856 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2014-09-17 18:28:51 208384 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2014-09-17 18:28:51 199168 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2014-09-17 18:28:51 19200 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2014-09-17 18:28:51 11904 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2014-09-17 18:28:51 101248 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2014-09-17 16:06:21 -------- d-----w- c:\users\psio\appdata\local\My Games
2014-09-16 21:47:50 -------- d-----w- c:\programdata\CharJi EVO
2014-09-16 21:47:20 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2014-09-16 21:47:20 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2014-09-16 21:46:35 -------- d-----w- c:\program files\CharJi EVO
2014-09-16 21:46:19 -------- d-----w- c:\programdata\DatacardService
2014-09-05 01:41:41 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{989a0a3e-6ddc-4b43-abf7-d292f42182b1}\offreg.dll
.
==================== Find3M ====================
.
2014-09-14 22:33:51 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-14 22:33:51 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
============= FINISH: 15:02:07.79 ===============

Attached Files

Attach.zip (5.3 KB)

explorer always opens up to ask.com. why can't I change it to my own option?

Hi,
This is my first time posting, so sorry about the quality.
Whenever I start cmd up, I get this message:


This hasn't been there before, but now I can't do anything with my heroku account, as the error interferes with it:

Hi,

I've been on here before with what was believed to be malware issues but I got flustered and chickened out when you kind people tried to help. Well it appears now that things are slowly beginning to go wrong on my Windows 7 laptop.

My AVG 2014 antivirus has now been blocked by group policy and Microsoft Word no longer works. I tried getting the latter fixed with some help on here but I was advised that this needed doing on here as the malware was probably the cause behind it.

As I say, I did seek help before but chickened out but now I'm prepared to be more patient this time and not get ahead of myself like I had done before. Below is the dds file that was asked of me to put in this and the attached zip file is there too.

Hopefully we can sort it out this time, thank you!


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.5.1
Run by Lee at 19:49:22 on 2014-10-01
.
============== Running Processes ================
.
C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\mswinext.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.orange.co.uk/
uSearch Bar = Preserve
mStart Page = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [yfIxvc+7aguFK1eWH1Rn4Gs=] "C:\Users\Lee\AppData\Roaming\AVG\AWL2014\TuningIndex\TsWpfWrp.exe"
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{62874ADB-F69F-436B-B020-5CDB60F5721D} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{62874ADB-F69F-436B-B020-5CDB60F5721D}\244584F6D65684572623D2237425A5 : DHCPNameServer = 192.168.0.5 192.168.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://acer.msn.com
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? McMPFSvc;McAfee Personal Firewall Service
R? MWLService;MyWinLocker Service
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? SkypeUpdate;Skype Updater
R? WatAdminSvc;Windows Activation Technologies Service
R? wlcrasvc;Windows Live Mesh remote connections service
S? AMD External Events Utility;AMD External Events Utility
S? AtiHDAudioService;ATI Function Driver for HD Audio Service
S? AVG Security Toolbar Service;AVG Security Toolbar Service
S? Avgdiska;AVG Disk Driver
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHA;AVGIDSHA
S? Avgldx64;AVG AVI Loader Driver
S? Avgloga;AVG Logging Driver
S? Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx64;AVG Anti-Rootkit Driver
S? Avgtdia;AVG TDI Driver
S? avgwd;AVG WatchDog
S? cvhsvc;Client Virtualization Handler
S? DsiWMIService;Dritek WMI Service
S? ePowerSvc;Acer ePower Service
S? ETD;ELAN PS/2 Port Input Device
S? GREGService;GREGService
S? k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0
S? mwlPSDFilter;mwlPSDFilter
S? mwlPSDNServ;mwlPSDNServ
S? mwlPSDVDisk;mwlPSDVDisk
S? NOBU;Norton Online Backup
S? NTI IScheduleSvc;NTI IScheduleSvc
S? Sftfs;Sftfs
S? sftlist;Application Virtualization Client
S? Sftplay;Sftplay
S? Sftredir;Sftredir
S? Sftvol;Sftvol
S? sftvsa;Application Virtualization Service Agent
S? Updater Service;Updater Service
S? usbfilter;AMD USB Filter Driver
.
=============== Created Last 30 ================
.
2014-09-26 21:26:41 -------- d-s---w- C:\Windows\System32\CompatTel
2014-09-26 19:24:38 574976 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-26 19:24:38 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-09-23 19:48:42 -------- d-----w- C:\ProgramData\Virtualized Applications
2014-09-23 18:50:28 -------- d-----w- C:\Users\Lee\AppData\Local\Adobe
2014-09-22 19:07:01 -------- d-----w- C:\ProgramData\UxejIkno
2014-09-15 19:22:51 -------- d-----w- C:\Users\Lee\AppData\Local\yinerqjj
.
==================== Find3M ====================
.
2014-09-23 18:52:37 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-23 18:52:37 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-06 09:50:04 123672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2014-07-21 20:03:12 244504 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
.
============= FINISH: 19:54:36.91 ===============

Attached Files

attach.zip.zip (2.8 KB)

Computer is very slow when pulling up programs. But the main issue is I can not get on the internet using my modem/router. I have to use Xinfinity WiFi(public) to get on the net.
Any help would be greatly appreciated.

The log s that you have requested:


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280 BrowserJavaVersion: 11.20.2
Run by Michael at 5:11:22 on 2014-10-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.9207.7417 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Privatefirewall *Enabled* {16337F50-A853-219F-6DEC-E7BDA0A7E8E7}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Coupons\CouponPrinterService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Users\Michael\Desktop\u1404.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uProxyServer = 127.0.0.1:9666
uProxyOverride = 127.0.0.1
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll
uRun: [cdloader] "C:\Users\Michael\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Privatefirewall] C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{9FE962B4-543C-42CF-96E2-273E8745A632} : NameServer = 0.0.0.0
TCP: Interfaces\{9FE962B4-543C-42CF-96E2-273E8745A632} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{CE50AA8A-8E04-44E2-B523-DA4AD973E63A} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{CE50AA8A-8E04-44E2-B523-DA4AD973E63A}\3716E64697234363 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\hz902z2f.default\
FF - prefs.js: browser.startup.homepage - hxxp://xfinity.comcast.net/
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-30 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-10-30 224896]
R0 BTOWSVF;BTOWSVF;C:\Windows\System32\drivers\BTOWSVF.sys [2014-2-9 52480]
R0 KSafeDISK;KSafeDISK;C:\Windows\System32\drivers\KSafeDISK.sys [2014-2-9 52992]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2014-1-11 55952]
R0 Sahdad64;HDD Filter Driver;C:\Windows\System32\drivers\Sahdad64.sys [2014-1-11 27120]
R0 Saibad64;Volume Filter Driver;C:\Windows\System32\drivers\Saibad64.sys [2014-1-11 19952]
R0 SysCow;SysCow;C:\Windows\System32\drivers\syscowad64v.sys [2010-5-23 164848]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-12-28 26176]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2013-10-30 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-10-30 427360]
R1 BTOWSFF;BTOWSFF;C:\Windows\System32\drivers\BTOWSFF.sys [2014-2-9 33024]
R1 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2014-5-16 20160]
R1 pwipf6;Privacyware Filter Driver;C:\Windows\System32\drivers\pwipf6.sys [2014-1-11 133152]
R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\System32\drivers\SaibVdAd64.sys [2014-1-11 27632]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-12-28 4791872]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-25 203776]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-4-25 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-10-30 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-5 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-3 50344]
R2 CouponPrinterService;Coupon Printer Service;C:\Program Files (x86)\Coupons\CouponPrinterService.exe [2014-2-13 178160]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2014-1-3 14624]
R2 PFNet;Privacyware network service;C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe [2013-12-17 374600]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-7-4 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-7-4 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-7-4 171928]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2013-12-28 71472]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-11-2 115216]
R3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-1-18 25632]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech HD Webcam C615(UVC);C:\Windows\System32\drivers\LVUVC64.sys [2011-3-3 4865568]
R3 Neo_VPN;VPN Client Device Driver - VPN;C:\Windows\System32\drivers\Neo_0110.sys [2014-10-10 28768]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-10-25 242720]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-10-25 295424]
S2 CGVPNCliService;CyberGhost 5 Client Service;C:\Program Files\CyberGhost 5\Service.exe [2014-10-12 64624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-7-13 340976]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-10-25 673088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-12-28 57024]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-12 111616]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-10-30 19456]
S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-7-13 1095664]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-11-3 16152]
S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\System32\drivers\tapoas.sys [2010-8-3 30720]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-15 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-10-30 1255736]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-10-10 172344]
S4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-2-9 457200]
S4 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-7-15 21488]
S4 BOTService;BOTService;C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-7-14 211440]
S4 WiseBootAssistant;Wise Boot Assistant;C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2014-1-11 580232]
.
=============== Created Last 30 ================
.
2014-10-12 13:02:11 -------- d-----w- C:\Users\Michael\AppData\Local\CyberGhost
2014-10-12 13:02:06 -------- d-----w- C:\Program Files\TAP-Windows
2014-10-12 13:01:58 -------- d-----w- C:\Program Files\CyberGhost 5
2014-10-12 04:32:09 -------- d-----w- C:\Program Files\SecurityKISS Tunnel
2014-10-11 17:30:38 -------- d-----w- C:\Program Files (x86)\DivX
2014-10-11 17:30:05 -------- d-----w- C:\ProgramData\DivX
2014-10-11 16:02:32 -------- d-----w- C:\Program Files\PeerBlock
2014-10-11 02:51:31 28768 ----a-w- C:\Windows\System32\drivers\Neo_0110.sys
2014-10-11 02:44:30 135736 ----a-w- C:\Windows\System32\vpncmd.exe
2014-10-11 02:44:18 -------- d-----w- C:\Program Files\SoftEther VPN Client
2014-10-10 23:05:42 -------- d-----w- C:\Users\Michael\AppData\Roaming\OpenVPN Technologies
2014-10-10 23:05:42 -------- d-----w- C:\Users\Michael\AppData\Local\OpenVPN Technologies
2014-10-10 23:05:26 -------- d-----w- C:\Program Files (x86)\OpenVPN Technologies
2014-10-10 07:05:53 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{66A6E298-27E6-4626-8158-D40AC46702D1}\mpengine.dll
2014-10-01 19:06:17 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-10-01 19:06:16 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-26 02:22:50 -------- d-----w- C:\Users\Michael\AppData\Local\Opera Software
2014-09-26 02:22:49 -------- d-----w- C:\Users\Michael\AppData\Roaming\Opera Software
2014-09-25 20:20:16 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-25 20:20:16 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-21 01:25:03 -------- d-----w- C:\Users\Michael\AppData\Local\Deployment
2014-09-20 01:16:54 -------- d-----w- C:\SUPERDelete
2014-09-17 22:07:36 -------- d-----w- C:\Program Files (x86)\Coupons
.
==================== Find3M ====================
.
2014-10-14 06:55:20 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-03 21:09:42 20160 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys
2014-09-24 10:02:53 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 10:02:53 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-15 13:06:02 278152 ------w- C:\Windows\System32\MpSigStub.exe
2014-09-15 07:45:26 28960 ----a-w- C:\Windows\System32\RegBootDefrag.exe
2014-09-05 02:10:43 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-05 02:05:42 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-08-28 20:29:27 444912 ----a-w- C:\Windows\CouponPrinter.ocx
2014-08-28 20:29:26 659440 ----a-w- C:\Windows\couponprinter_x64.ocx
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-22 23:51:59 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-22 21:17:32 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-08-01 11:53:22 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-08-01 11:35:06 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-07-25 06:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 03:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
.
============= FINISH: 5:11:40.42 ===============

Attached Files

	attach.zip (3.9 KB)
	art.zip (2.2 KB)

For a few days now, when I log into my computer in the morning, there's a window from Symantec warning about this trojan.
The risk log looks like this:

Filename,Risk,Action,Risk Type,Original Location,Computer,User,Status,Current Location,Primary Action,Secondary Action,Logged By,Action Description,Date and Time
"DWH1CF.tmp","Trojan.Gen.2","Log only","File","C:\Documents and Settings\mypc\Local Settings\Temp\","PC1399-mypc","SYSTEM","Log only","C:\Documents and Settings\mypc\Local Settings\Temp\","Clean security risk","Quarantine","Auto-Protect scan","The file was left unchanged.","10/10/2014 3:47:16 PM"
"DWH1E9.tmp","Trojan.Gen.2","Log only","File","C:\Documents and Settings\mypc\Local Settings\Temp\","PC1399-mypc","SYSTEM","Log only","C:\Documents and Settings\mypc\Local Settings\Temp\","Clean security risk","Quarantine","Auto-Protect scan","The file was left unchanged.","10/11/2014 12:19:54 AM"
"DWH24E.tmp","Trojan.Gen.2","Log only","File","C:\Documents and Settings\mypc\Local Settings\Temp\","PC1399-mypc","SYSTEM","Log only","C:\Documents and Settings\mypc\Local Settings\Temp\","Clean security risk","Quarantine","Auto-Protect scan","The file was left unchanged.","10/13/2014 2:05:46 AM"

If I clear my tmp files, those particular files get deleted without issues, but then the next day I get the same warning from Symantec.
I did a full scan using Symantec, but it found nothing except for a google tracking cookie.
I'm not sure now what to do? Symantec's webpage for Trojan.Gen.2 says it is a generic definition for a various number of threats, so maybe this is some kind of false-positive?

Here is the DDS.txt

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.55.2
Run by mypc at 11:24:27 on 2014-10-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2642 [GMT -4:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Symantec Endpoint Protection *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Input Director\InputDirector.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Microsoft\BingBar\BBSvc.EXE
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Input Director\IDWinService.exe
C:\Program Files\Input Director\InputDirectorSessionHelper.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Microsoft Office2007\Office12\OUTLOOK.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Page = hxxp://www.live.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HttpWatch Basic: {F1F69322-008F-4895-B2BF-AD194219825A} - c:\program files\httpwatch\httpwatchsc.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
EB: HttpWatch Basic: {2B4C4770-27FD-4A09-B17D-33CA580965FB} - c:\program files\httpwatch\httpwatch.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\mypc\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [FlashMute] c:\program files\flashmute\FlashMute.exe
uRun: [InputDirector] "c:\program files\input director\InputDirector.exe" /hide
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [HttpWatch_RegIEPlugin] c:\program files\httpwatch\regieplugin.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\mi3369~1\office12\EXCEL.EXE/3000
IE: HttpWatch Basic - c:\program files\httpwatch\httpwatch.dll/1351
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "c:\program files\fiddler2\Fiddler.exe"
IE: {D103E85B-5D67-42c1-8C83-F01079DBAB26} - {2B4C4770-27FD-4A09-B17D-33CA580965FB}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242915025859
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: NameServer = 192.168.2.133 192.168.2.165 192.168.2.11
TCP: Interfaces\{817EB3FB-074C-42E2-AC71-23D4ADCD4F53} : DHCPNameServer = 192.168.2.133 192.168.2.165 192.168.2.11
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LMIinit - LMIinit.dll
Notify: NavLogon - <no file>
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mypc\application data\mozilla\firefox\profiles\8h8rabrv.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\httpwatch\firefox\components\httpwatchff.dll
FF - plugin: c:\documents and settings\mypc\application data\mozilla\firefox\profiles\8h8rabrv.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\documents and settings\mypc\local settings\application data\google\update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\mypc\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: c:\program files\httpwatch\firefox\components\nphttpwatchff.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_14_0_0_125.dll
FF - ExtSQL: !HIDDEN! 2012-01-23 11:10; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2009-5-8 24064]
R2 ASFAgent;ASF Agent;c:\program files\intel\asf agent\ASFAgent.exe [2007-4-19 133968]
R2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2012-3-21 108456]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2012-3-21 108456]
R2 InputDirector;Input Director Service;c:\program files\input director\IDWinService.exe [2010-2-1 36864]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2013-3-28 47640]
R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2012-3-21 1851224]
R2 TeamViewer9;TeamViewer 9;c:\program files\teamviewer\version9\TeamViewer_Service.exe [2014-1-29 4799760]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2009-5-8 144480]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2014-9-15 111408]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20141014.025\NAVENG.SYS [2014-10-15 95704]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20141014.025\NAVEX15.SYS [2014-10-15 1636696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 AiCharger;AiCharger;c:\windows\system32\drivers\AiCharger.sys [2013-12-18 13952]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2012-3-21 23960]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\notepad++.exe="c:\program files\notepad++\notepad++.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2014-09-25 15:35:57 -------- d-----w- c:\program files\Input Director
.
==================== Find3M ====================
.
.
============= FINISH: 11:24:34.44 ===============

Attach.txt and Atk.txt are attached.

Attached Files

attach.zip (8.2 KB)

Hi guys.
Somehow Tuvaro has infected my PC. Don't know how, but it's there.
I did the usual research on it and have tried as much as I can.
I thought it was gone untill this happens.

I have Windows 7. On my Desktop I have a shortcut to Firefox. One of the fixes is to change the properties of the desktop shotcut to remove the extra bit Tuvaro adds. Once I'd done this, I dragged this to the taskbar to pin it there. I usually use this to open Firefox.

While browsing a small window opens (Taskmgr.exe), which is similar to the CMD window. This then closes after a few seconds. There is no content.
After this happens, the taskbar shortcut will then always opens Tuvaro.com
It doesn't change the home page. It just changes the properties of the shortcut.
Is there a way to check if taskmgr.exe has been modified? :banghead:

:smile:First of thanks for letting me join, great site!!! Im just wondering if someone can help...I new to this software 'hijack this', can someone help to find anything on this list that's a little suspect!? thanks lee



Logfile of HijackThis v1.99.1
Scan saved at 6:04:01 PM, on 16-Oct-14
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Running processes:
C:\Windows\vsnp2std.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\FixCamera.exe
C:\Windows\tsnp2std.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\lee\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = msn
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
O4 - HKCU\..\Run: [SysDir] "C:\ProgramData\SysApp\SysDir.exe" /Hide
O4 - HKCU\..\Run: [Driver Support] C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} - http://mauimanakai3.viewnetcam.com/JpegInst.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {66D393D5-4D80-497C-9F4F-F3839E090202} - http://www.pysoft.com/Downloads/WebCamPlayerOCX.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://luvar.himolde.no/activex/AxisCamControl.cab
O16 - DPF: {A3D93B25-4601-49D2-B3AF-F447C73D561F} (Sony SNC-RZ25 Control) - http://24.227.115.174:8000/program/SonySncRz25View.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} - http://211.172.30.188:82/wg_webeye.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - MSN Games - Free Online Games
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {EAEFAD15-8753-45EF-94B0-1BAA7970CC21} (pmpeg4cam Class) - http://mauimanakai3.viewnetcam.com/MpegInst.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: BT Help Wizard - Alcatel-Lucent - C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\MAHostService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GoToAssist - Unknown owner - C:\Program Files (x86)\Citrix\GoToAssist\570\g2aservice.exe" Start=service (file missing)
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: pcCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
O23 - Service: pcCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\pcCMService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

The past few days my pc has been acting up really bad. After bootup it will work fine for about 5 minutes and then completely freeze up forcing me to do a hard reboot. I've tried running a malwarebytes scan in safe mode, but once it hits this file: c:\windows\syswow64\msvcr100.dll it freezes the scan and I'm forced to do a hard reboot again. Before hitting that point in the scan malwarebytes will detect 24 PUP objects in the registry, but I'm unable to do anything about it. Running windows 7 pro and any help is greatly appreciated.

well, for few days, I've been seeing that some text files were a bit edited, and the volume was raised a bit higher, and sometimes the browser's zoom was maximized, and there were some changes in browsers too, and everytime when I shutdown the computer, I get a message where it says "this program prevents the shutdown. Force shutdown?" and it doesn't say the program's name, and I also saw that the Windows firewall and Malwarebytes harmful website block were turned off sometimes.

I have ZoneAlarm antivirus+firewall, Malwarebytes Anti-Malware premium, and Superantispyware. My computer is a HP Pavilion 15 with Windows 8.1.

Hi, ive a problem with advertisement popups, new pages opening and words being highlights on forums etc

Ive run the pc in safe mode and done full scans using th following programs

adwcleaner
mcafee
hitman pro
malwarebytes
superantispyware professional

None of them are picking up anything..

Soon as i start the pc and browse the internet the same problem continues..

Theres nothing in program files that shouldnt be there

Any advice/help would be appreciated. Cheers

To Whom It May Concern:

I had an issue with my desktop for the last month. My Firefox and Chrome have been slow to start: takes about 15 seconds for them to start and then they cycle when I try to browse. The browsing has been noticeably slow.

I defragmented my computer, I cleaned the registry, I ran AVAST virus scan and Malware. Malware found some issues and quarantined them.
But the issue with the browsers persisted. I even disabled plug-ins.

I uninstalled Firefox and Chrome and switched to IE. At first IE worked fine, but now I have trouble loading multiple internet tabs for credible websites like PCMag, CDNet, Amazon, etc.

Please help, b/c I feel there is some virus-like issue.
I attached the DNS scan results as a txt file.

Attached Files

DNS.txt (114.7 KB)

Hi there,

I believe that I have some sort of virus on my Laptop (windows 8.1).
When I go to download from a site - such as google chrome, or Libra Office, the search appears to create false links which mimic the real sites.
I have then clicked on these links thinking they were safe and my Avast flares up recognising it as a bad download, or in the case of the chrome download it sends me to unsafe ad websites to confirm installation.

Any idea how I can get rid of whatever it is that is causing this?

Thanks,

Olivia

Was directed here by another user in the laptop forum. Said it may be an issue with malware or rootkit.

Here's my original post:

Here's the DDS txt and I attached the files. things to note... while trying to run the gmer it kept restarting and i'd get the blue screen of death.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17344 BrowserJavaVersion: 10.71.2
Run by Heartbreak Hill at 13:42:12 on 2014-10-19
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8047.6416 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Serviio\bin\ServiioService.exe
C:\Program Files\Serviio\bin\ServiioService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\rundll32.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Serviio\bin\ServiioConsole.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\HEARTB~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Serviio.lnk - C:\Program Files\Serviio\bin\ServiioConsole.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.0.1 205.171.2.226
TCP: Interfaces\{78109E5D-C429-4605-9D2A-352A82508D9C} : DHCPNameServer = 192.168.0.1 205.171.2.226
TCP: Interfaces\{78109E5D-C429-4605-9D2A-352A82508D9C}\A5978554C4F5234303 : DHCPNameServer = 192.168.2.1
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Heartbreak Hill\AppData\Roaming\Mozilla\Firefox\Profiles\7g19ppoh.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=903578&p=
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2014-10-17 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-3-16 203264]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-9-15 89352]
R2 Serviio;Serviio;C:\Program Files\Serviio\bin\ServiioService.exe [2014-3-20 359936]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr28x.sys [2009-6-10 620544]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-10-16 111616]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-10-9 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-10-11 1255736]
.
=============== Created Last 30 ================
.
2014-10-17 21:12:27 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{065FB48E-43C1-4791-AF79-796FF5DC3D67}\mpengine.dll
2014-10-17 10:00:59 90624 ----a-w- C:\Windows\System32\AESTCo64.dll
2014-10-17 10:00:59 68608 ----a-w- C:\Windows\System32\AESTAR64.dll
2014-10-17 10:00:59 487424 ----a-w- C:\Windows\sttray64.exe
2014-10-17 10:00:59 442368 ----a-w- C:\Windows\System32\AESTEC64.dll
2014-10-17 10:00:59 3348480 ----a-w- C:\Windows\System32\stlang64.dll
2014-10-17 10:00:59 162816 ----a-w- C:\Windows\System32\AESTAC64.dll
2014-10-17 10:00:59 12772352 ----a-w- C:\Windows\System32\idtcpl64.cpl
2014-10-17 10:00:13 209920 ----a-w- C:\Windows\System32\staco64.dll
2014-10-17 09:56:48 505856 ----a-w- C:\Windows\System32\drivers\stwrt64.sys
2014-10-17 09:56:47 644608 ------w- C:\Windows\System32\stapi64.dll
2014-10-17 09:56:47 431616 ----a-w- C:\Windows\System32\stcplx64.dll
2014-10-17 09:56:47 1464832 ----a-w- C:\Windows\System32\stapo64.dll
2014-10-17 09:56:42 -------- d-----w- C:\Program Files\IDT
2014-10-16 10:44:44 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-16 10:42:22 1943696 ----a-w- C:\Windows\System32\dfshim.dll
2014-10-16 10:42:22 156824 ----a-w- C:\Windows\SysWow64\mscorier.dll
2014-10-16 10:42:22 156312 ----a-w- C:\Windows\System32\mscorier.dll
2014-10-16 10:42:22 1131664 ----a-w- C:\Windows\SysWow64\dfshim.dll
2014-10-16 10:42:21 73880 ----a-w- C:\Windows\System32\mscories.dll
2014-10-16 10:42:20 81560 ----a-w- C:\Windows\SysWow64\mscories.dll
2014-10-15 20:22:16 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-15 12:05:12 3241472 ----a-w- C:\Windows\System32\msi.dll
2014-10-15 12:05:11 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-15 12:05:04 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-10-15 12:05:03 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-10-15 12:05:00 3221504 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-10-14 09:46:24 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Roaming\Anvsoft
2014-10-14 09:42:06 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Roaming\AVS4YOU
2014-10-14 09:40:43 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia
2014-10-14 09:39:58 24576 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2014-10-14 09:39:58 1700352 ----a-w- C:\Windows\SysWow64\GdiPlus.dll
2014-10-14 09:39:58 -------- d-----w- C:\ProgramData\AVS4YOU
2014-10-14 09:39:58 -------- d-----w- C:\Program Files (x86)\AVS4YOU
2014-10-14 07:00:17 -------- d-----w- C:\Program Files\Serviio
2014-10-14 06:54:12 -------- d-----w- C:\Program Files\CCleaner
2014-10-12 16:32:59 -------- d-----w- C:\AdwCleaner
2014-10-12 00:52:34 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Local\SKIDROW
2014-10-11 23:38:45 -------- d-----w- C:\Program Files (x86)\Hitman Absolution
2014-10-11 23:38:32 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Local\Programs
2014-10-11 23:35:48 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Roaming\DAEMON Tools Lite
2014-10-11 23:35:46 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Roaming\RHEng
2014-10-11 23:34:50 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2014-10-11 23:16:32 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-10-11 23:16:32 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-10-11 21:01:17 2871808 ----a-w- C:\Windows\explorer.exe
2014-10-11 21:01:17 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2014-10-11 21:01:04 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-10-11 21:01:04 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-10-11 20:34:34 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2014-10-11 20:34:34 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2014-10-11 20:27:21 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-10-11 20:27:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-10-11 20:24:37 67072 ----a-w- C:\Windows\splwow64.exe
2014-10-11 20:24:37 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2014-10-11 07:59:52 -------- d-----w- C:\Windows\System32\appmgmt
2014-10-11 07:47:33 91928 ----a-w- C:\Windows\System32\xinput1_3.dll
2014-10-11 07:47:33 68888 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2014-10-11 04:49:48 -------- d-----w- C:\Windows\SysWow64\Wat
2014-10-11 04:49:48 -------- d-----w- C:\Windows\System32\Wat
2014-10-11 04:15:13 -------- d-----w- C:\Windows\Migration
2014-10-11 03:42:12 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-11 02:52:39 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-10-11 01:55:42 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-10-11 01:55:42 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2014-10-11 01:55:42 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-10-11 01:55:42 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2014-10-11 01:55:41 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2014-10-11 01:55:41 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2014-10-11 01:55:41 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2014-10-11 01:42:49 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2014-10-11 01:42:48 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2014-10-11 01:42:48 5120 ----a-w- C:\Windows\System32\wmi.dll
2014-10-11 01:37:14 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-10-11 01:37:14 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-10-11 01:37:13 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-10-11 01:37:13 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-10-11 01:37:13 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-10-11 01:37:13 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-10-11 01:37:04 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-10-11 01:37:04 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-10-11 01:33:44 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Local\ATI
2014-10-11 01:30:49 0 ----a-w- C:\Windows\ativpsrm.bin
2014-10-11 01:26:59 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-10-11 01:26:40 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-10-11 01:26:40 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-10-11 01:26:24 484864 ----a-w- C:\Windows\System32\wer.dll
2014-10-11 01:26:24 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-10-11 01:26:21 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2014-10-11 01:26:21 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2014-10-11 01:26:10 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2014-10-11 01:26:10 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2014-10-11 01:26:09 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-10-11 01:26:09 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-10-11 01:26:08 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-10-11 01:24:47 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2014-10-11 01:23:44 95744 ----a-w- C:\Windows\System32\synceng.dll
2014-10-11 01:22:59 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll
2014-10-11 01:21:59 395776 ----a-w- C:\Windows\System32\webio.dll
2014-10-11 01:20:59 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2014-10-11 01:19:56 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-10-11 01:09:10 -------- d-----w- C:\ProgramData\SystemRequirementsLab
2014-10-11 01:06:12 -------- d-----w- C:\ProgramData\Oracle
2014-10-11 01:01:15 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2014-10-11 00:58:12 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2014-10-11 00:56:31 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-10-11 00:56:31 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-10-11 00:53:21 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2014-10-11 00:53:21 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2014-10-11 00:53:21 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2014-10-09 10:48:25 -------- d-----w- C:\Windows\System32\SPReview
2014-10-09 09:09:36 -------- d-----w- C:\Windows\System32\EventProviders
2014-10-09 08:35:00 -------- d-----w- C:\Windows\Hewlett-Packard
2014-10-09 08:08:14 -------- d-----w- C:\Program Files\CPUID
2014-10-09 07:39:31 -------- d-----w- C:\Program Files (x86)\Hp
2014-10-09 07:21:34 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2014-10-09 07:21:14 59392 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2014-10-09 07:21:14 12288 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-09 07:21:13 14967808 ----a-w- C:\Program Files\DVD Maker\OmdBase.dll
2014-10-09 07:19:59 372736 ----a-w- C:\Windows\System32\wbem\WmiPrvSE.exe
2014-10-09 07:18:59 762368 ----a-w- C:\Windows\System32\sdcpl.dll
2014-10-09 07:17:58 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2014-10-09 07:09:25 -------- d-----w- C:\Program Files\Core Temp
2014-10-08 18:53:35 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-10-08 04:09:48 955888 ----a-w- C:\Windows\System32\npDeployJava1.dll
2014-10-08 04:09:48 839152 ----a-w- C:\Windows\System32\deployJava1.dll
2014-10-08 01:43:15 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Roaming\uTorrent
2014-10-08 01:29:25 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Local\Diagnostics
2014-10-07 23:28:15 -------- d-----w- C:\Program Files (x86)\VideoLAN
2014-10-07 23:15:20 -------- d-----w- C:\Windows\Panther
2014-10-07 22:04:51 -------- d-----w- C:\DRIVERS
2014-10-07 22:01:51 -------- d-----w- C:\SWTOOLS
2014-10-07 21:51:31 -------- d-----w- C:\Intel
2014-10-07 21:41:09 -------- d-----w- C:\SWSetup
2014-10-07 21:13:00 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Local\ElevatedDiagnostics
2014-10-07 21:09:25 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Local\Macromedia
2014-10-07 21:09:12 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-07 21:09:12 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-10-07 21:08:34 -------- d-----w- C:\Users\Heartbreak Hill\AppData\Local\Adobe
2014-10-07 19:46:32 -------- d-sh--w- C:\Windows\Installer
2014-10-07 19:40:40 -------- d-s---w- C:\Windows\System32\CompatTel
2014-10-07 19:40:29 278152 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-07 19:40:10 142336 ----a-w- C:\Windows\System32\poqexec.exe
2014-10-07 19:40:10 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
.
==================== Find3M ====================
.
2014-10-11 03:42:12 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-10 02:05:59 276480 ----a-w- C:\Windows\System32\generaltel.dll
2014-10-10 02:05:42 507392 ----a-w- C:\Windows\System32\aepdu.dll
2014-10-10 02:00:38 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-10-09 10:51:45 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2014-10-09 10:51:44 175616 ----a-w- C:\Windows\System32\msclmd.dll
2014-10-02 06:23:02 225752 ----a-w- C:\Windows\apppatch\AppPatch64\SPVCLdr64.dll
2014-09-25 22:32:04 2017280 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-09-25 22:31:02 2108416 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 01:56:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-09-19 01:55:49 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-09-19 01:40:43 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-09-19 01:40:03 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-09-19 01:39:58 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-09-19 01:38:27 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-09-19 01:36:57 5829632 ----a-w- C:\Windows\System32\jscript9.dll
2014-09-19 01:26:00 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-09-19 01:25:49 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-09-19 01:25:12 4201472 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-09-19 01:25:09 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-09-19 01:18:02 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-19 01:14:57 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-09-19 01:06:47 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-09-19 01:02:07 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-09-19 01:01:47 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-09-19 01:01:03 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-09-19 00:59:40 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-09-19 00:50:16 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-09-19 00:49:31 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-09-19 00:40:12 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-09-19 00:36:23 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-09-19 00:33:18 2309632 ----a-w- C:\Windows\System32\wininet.dll
2014-09-19 00:18:55 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-09-18 23:59:11 1810944 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-09-13 01:58:18 77312 ----a-w- C:\Windows\System32\packager.dll
2014-09-13 01:40:05 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-19 03:11:28 693176 ----a-w- C:\Windows\System32\winload.efi
2014-08-19 03:10:10 616352 ----a-w- C:\Windows\System32\winresume.efi
2014-08-19 03:08:04 503808 ----a-w- C:\Windows\System32\srcore.dll
2014-08-19 03:08:04 50176 ----a-w- C:\Windows\System32\srclient.dll
2014-08-19 03:08:03 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2014-08-19 03:07:51 58880 ----a-w- C:\Windows\System32\appidapi.dll
2014-08-19 03:07:51 32256 ----a-w- C:\Windows\System32\appidsvc.dll
2014-08-19 03:07:33 296960 ----a-w- C:\Windows\System32\rstrui.exe
2014-08-19 03:07:11 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2014-08-19 03:07:11 146944 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2014-08-19 02:41:39 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2014-08-19 02:41:22 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2014-08-19 02:06:56 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
2014-08-01 11:53:22 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-08-01 11:35:06 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-07-25 06:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 03:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
.
============= FINISH: 13:43:09.93 ===============

Attached Files

attach.zip (2.2 KB)

The other day I was using Internet Explorer to attempt to access Facebook and other various websites, mainly that one and also one for my gas card. I get a notice (ref: screenshot attached) "Internet Explorer cannot display the web page". I have tried alternate browsers that seem to be working just fine but I still can't get there through internet explorer. My virus scanner does not find anything and I also tried running Malwarebytes and even after that was finished I still cannot connect to pages through internet explorer. Please help!

DDS.TXT --

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16584 BrowserJavaVersion: 10.21.2
Run by Alice Hill at 17:56:05 on 2014-10-17
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.1506 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\Windows\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\loggingserver.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Xobni\XobniService.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\TeamViewer\Version9\tv_w32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\ctfmon.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\aol\1214701326\ee\aolsoftware.exe
c:\program files\teamviewer\version9\TeamViewer_Desktop.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=desktop
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [AVG-Secure-Search-Update_0214c] c:\users\alice hill\appdata\roaming\avg 0214c campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=a4dbc530bc670c5ab30e1eb9e40926d7-a651e01b4afe16d1e3aff2752be053466aa4acf2 /CMPID=0214c
uRun: [Facebook Update] "c:\users\alice hill\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [vProt] "c:\program files\avg web tuneup\vprot.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: $talisma_url$
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{8A4855E0-B760-4AE6-87AD-6F8DE11CFC73} : DHCPNameServer = 68.94.156.1 68.94.157.1
TCP: Interfaces\{A4F475D9-5B85-44FB-AE20-7CAA32D57D13} : DHCPNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\3.1.0\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\38.0.2125.104\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 Spyware Info | Spyware Info
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-6-17 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-6-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-8-6 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-17 27416]
R0 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-10-1 110296]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-30 121624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-7-21 200984]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-17 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-6-17 188696]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-6-17 197400]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2014-8-4 42784]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-8-25 3242000]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2014-8-25 289328]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-1-18 1153368]
R2 TeamViewer9;TeamViewer 9;c:\program files\teamviewer\version9\TeamViewer_Service.exe [2014-3-15 4799760]
R2 vToolbarUpdater3.1.0;vToolbarUpdater3.1.0;c:\program files\common files\avg secure search\vtoolbarupdater\3.1.0\ToolbarUpdater.exe [2014-8-4 1814040]
R2 XobniService;XobniService;c:\program files\xobni\XobniService.exe [2009-8-11 46824]
R3 P1130VID;Creative WebCam NX Pro;c:\windows\system32\drivers\P1130Vid.sys [2004-5-4 90229]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2014-8-26 542312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-12-6 375120]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
.
=============== Created Last 30 ================
.
2014-10-16 02:28:16 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-16 02:28:16 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-16 02:28:16 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-16 02:25:15 2054656 ----a-w- c:\windows\system32\win32k.sys
2014-10-16 02:07:15 143360 ----a-w- c:\windows\system32\drivers\fastfat.sys
2014-10-16 02:04:13 66560 ----a-w- c:\windows\system32\packager.dll
2014-10-01 21:42:44 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-01 21:40:49 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 21:40:49 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 21:40:48 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-09-24 08:00:33 2048 ----a-w- c:\windows\system32\tzres.dll
.
==================== Find3M ====================
.
2014-09-23 19:51:12 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-23 19:51:12 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-19 22:44:32 1810432 ----a-w- c:\windows\system32\jscript9.dll
2014-09-19 22:38:15 1129472 ----a-w- c:\windows\system32\wininet.dll
2014-09-19 22:37:34 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2014-09-19 22:36:04 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2014-09-19 22:35:46 421376 ----a-w- c:\windows\system32\vbscript.dll
2014-09-19 22:34:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-09-19 22:34:22 11776 ----a-w- c:\windows\system32\mshta.exe
2014-08-23 01:03:46 297984 ----a-w- c:\windows\system32\gdi32.dll
2014-08-04 14:01:56 42784 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2014-07-25 07:35:46 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-22 02:03:22 200984 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
.
============= FINISH: 17:57:52.77 ===============

Attached Thumbnails

 

Attached Files

attach.zip (4.5 KB)

Hi. My laptop is showing a connectivity error when I try to go to many, but weirdly not all, websites. I can only use Explorer; Chrome won't open at all. Help please? Thank you.

I don't have access to my Window Install disc. It's somewhere, but I don't know where.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16584 BrowserJavaVersion: 1.6.0_31
Run by Bryan at 8:42:10 on 2014-10-20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3002.1678 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\SMINST\BLService.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\rundll32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Garmin\Express Tray\ExpressTray.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
dURLSearchHooks: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - <orphaned>
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [GarminExpressTrayApp] "c:\program files\garmin\express tray\ExpressTray.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\2.0"
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AvastUI.exe] "c:\program files\alwil software\avast5\AvastUI.exe" /nogui
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\$MCREB~1.LNK -
uPolicies-Explorer: RestrictRun = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: RestrictRun = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} - hxxp://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{0083FEBB-952E-493B-BF0D-66433D6CFD5A} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\38.0.2125.101\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bryan.bryan-pc\appdata\roaming\mozilla\firefox\profiles\9tqfcy1m.default\
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=mcafee&type=B110US0D20131115&p=
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: network.proxy.type - 0
FF - component: c:\users\bryan.bryan-pc\appdata\roaming\mozilla\firefox\profiles\9tqfcy1m.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\musicnotes\npmusicn.dll
FF - plugin: c:\program files\musicnotes\NPSibelius.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_270.dll
FF - ExtSQL: !HIDDEN! 2009-09-02 03:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-4-6 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-4-6 192352]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-9-5 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2009-10-27 414520]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-8-16 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-10-27 67824]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-3 50344]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-9-18 450904]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\sminst\BLService.exe [2008-6-27 361808]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-10-25 24652]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-6-27 193840]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-4 113664]
R3 OA004Ufd;Creative Camera OA004 Upper Filter Driver;c:\windows\system32\drivers\OA004Ufd.sys [2008-6-3 144672]
R3 OA004Vid;Creative Camera OA004 Function Driver;c:\windows\system32\drivers\OA004Vid.sys [2008-7-17 269760]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-9-23 19968]
S2 0111521413804696mcinstcleanup;McAfee Application Installer Cleanup (0111521413804696);c:\users\bryan~1.bry\appdata\local\temp\011152~1.exe -cleanup -nolog --> c:\users\bryan~1.bry\appdata\local\temp\011152~1.EXE -cleanup -nolog [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;c:\windows\system32\drivers\libusb0.sys [2013-9-23 35776]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2013-1-10 37064]
.
=============== Created Last 30 ================
.
2014-10-20 00:33:11 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-20 00:33:10 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-20 00:33:10 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-20 00:28:22 2054656 ----a-w- c:\windows\system32\win32k.sys
2014-10-20 00:11:49 143360 ----a-w- c:\windows\system32\drivers\fastfat.sys
2014-10-20 00:08:31 66560 ----a-w- c:\windows\system32\packager.dll
2014-10-15 05:56:04 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{92f8f4c4-c828-4dc5-85f0-27b1aa90451a}\offreg.dll
2014-10-14 20:14:53 8806800 ------w- c:\programdata\microsoft\windows defender\definition updates\{92f8f4c4-c828-4dc5-85f0-27b1aa90451a}\mpengine.dll
2014-10-12 14:36:17 -------- d-----w- c:\users\bryan.bryan-pc\appdata\local\Garmin
2014-10-12 14:34:24 -------- d-----w- c:\programdata\Ant
2014-10-12 14:32:33 -------- d-----w- c:\users\bryan.bryan-pc\appdata\roaming\Garmin
2014-10-12 14:31:55 -------- d-----w- c:\programdata\Garmin
2014-10-12 14:31:23 -------- d-----w- c:\program files\Garmin
2014-10-12 14:29:25 -------- d-----w- c:\programdata\Package Cache
2014-09-24 07:00:32 2048 ----a-w- c:\windows\system32\tzres.dll
.
==================== Find3M ====================
.
2014-09-23 21:46:51 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-23 21:46:51 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-19 22:44:32 1810432 ----a-w- c:\windows\system32\jscript9.dll
2014-09-19 22:38:15 1129472 ----a-w- c:\windows\system32\wininet.dll
2014-09-19 22:37:34 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2014-09-19 22:36:04 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2014-09-19 22:35:46 421376 ----a-w- c:\windows\system32\vbscript.dll
2014-09-19 22:34:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-09-19 22:34:22 11776 ----a-w- c:\windows\system32\mshta.exe
2014-09-15 13:06:04 231568 ------w- c:\windows\system32\MpSigStub.exe
2014-08-23 01:03:46 297984 ----a-w- c:\windows\system32\gdi32.dll
2014-08-16 20:32:52 779536 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-16 20:32:52 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-16 20:32:51 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-16 20:32:51 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-16 20:32:51 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-16 20:32:45 43152 ----a-w- c:\windows\avastSS.scr
2014-07-25 06:35:46 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
.
============= FINISH: 8:42:57.89 ===============

Attached Files

ark.zip (4.9 KB)

I keep getting this in my Avast report and shows quarantined. however, reading previous posts, I am having some of the same issues. My CPU processor and fan seem to run a lot more. Can I get rid of this completely from my system?

Hello...first of all,thanks to you guys for looking at my problem.
Probably my computer might have been effected by a virus or a malware.
weird errors are popping up every time i open some kind of applications.
some say's its a visual c++ run time error (R2600 floating point error).
i tried to uninstall such application but an NSIS error occired saying unable to uninstall the program.
I've attached required files....
here is the required DDS.txt file:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207 BrowserJavaVersion: 10.71.2
Run by NANNU at 11:33:58 on 2014-10-22
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1943.446 [GMT -7:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Users\NANNU\AppData\Roaming\uTorrent\uTorrent.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Users\NANNU\Downloads\Compressed\gmer\gmer.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.trovi.com/?gd=&ctid=CT3325977&octid=EB_ORIGINAL_CTID&ISID=B88D4C25-259A-4E90-BA7B-1290CC9FBA60&SearchSource=55&CUI=&UM=6&UP=SPE25787FB-1E50-4B35-BB20-889B7B281F53&SSPV=
uSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
uDefault_Page_URL = about:blank
uDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
mStart Page = about:blank
mSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
mDefault_Page_URL = about:blank
mDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
mCustomizeSearch = hxxp://www.bing.com/search?q={searchTerms}
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Gosaveneow: {55a3f6c9-eb09-4238-ae72-851f62998b0a} - C:\Program Files (x86)\Gosaveneow\binQJaJSGDnafK.dll
BHO: YoutUbeAdBloocke: {5d1855c3-ddb6-4644-889d-c9c59c32ecd3} - C:\Program Files (x86)\YoutUbeAdBloocke\kAcDcvRoCpXjTy.dll
BHO: GOSave: {6012f5b5-730a-4eab-b542-7617917502be} - C:\Program Files (x86)\GOSave\tRhyS5uQ5t3FQb.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: QUICKfind BHO Object: {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
uRun: [uTorrent] "C:\Users\NANNU\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [ApacheTomcatMonitor7.0_Tomcat7] "C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe" //MS//Tomcat7
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [fst_in_96] <no file>
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{0DD83D61-9D69-47C3-9DC4-107F181A2886} : NameServer =
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\3547166666 : DHCPNameServer = 10.128.128.128
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\37169602072796E63656373713 : DHCPNameServer = 182.18.174.3 182.18.174.4
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\37169602072796E63656373723 : DHCPNameServer = 172.16.0.1
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{6BBEB587-8F06-4B90-AFED-8A42059F6ACB} : DHCPNameServer = 172.16.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.44\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
x64-mDefault_Page_URL = about:blank
x64-mDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Gosaveneow: {55a3f6c9-eb09-4238-ae72-851f62998b0a} - C:\Program Files (x86)\Gosaveneow\binQJaJSGDnafK.x64.dll
x64-BHO: YoutUbeAdBloocke: {5d1855c3-ddb6-4644-889d-c9c59c32ecd3} - C:\Program Files (x86)\YoutUbeAdBloocke\kAcDcvRoCpXjTy.x64.dll
x64-BHO: GOSave: {6012f5b5-730a-4eab-b542-7617917502be} - C:\Program Files (x86)\GOSave\tRhyS5uQ5t3FQb.x64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-10-20 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-10-20 224896]
R1 {0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64;{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64;C:\Windows\System32\drivers\{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64.sys [2014-9-11 61112]
R1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64;{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64;C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys [2014-8-30 61120]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-10-20 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-10-20 427360]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-10-20 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-10-20 79184]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-20 50344]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-9-5 180136]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-1-19 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-1-19 339616]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-1-19 110752]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-1-19 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-1-19 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-1-19 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-1-19 280992]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-1-19 550560]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2014-10-5 90112]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2014-8-1 259688]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-8-1 685160]
R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-4-6 21264]
R3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\System32\drivers\teamviewervpn.sys [2014-10-13 35112]
S2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-10-20 92008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 MySQL4;MySQL4;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL4 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL41;MySQL41;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL41 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL5;MySQL5;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL5 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL501;MySQL501;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL501 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL51;MySQL51;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL51 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 UpdaterSvcNetTock;UpdaterSvcNetTock;"C:\Program Files (x86)\NetTock\updater.exe" --> C:\Program Files (x86)\NetTock\updater.exe [?]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2014-10-5 13952]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2014-10-5 104448]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2014-10-5 30720]
S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2014-10-5 238080]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-25 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S4 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-8-1 98208]
S4 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-1-19 106144]
S4 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]
S4 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-8-1 13592]
S4 Idea Net Setter. RunOuc;Idea Net Setter. OUC;C:\Program Files (x86)\Idea Net Setter\UpdateDog\ouc.exe --> C:\Program Files (x86)\Idea Net Setter\UpdateDog\ouc.exe [?]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-8-1 161560]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 520192]
S4 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-10-13 4799760]
S4 Tomcat7;Apache Tomcat 7.0 Tomcat7;"C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //RS//Tomcat7 --> C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe [?]
S4 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-8-1 363800]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-10-22 06:50:49 -------- d-----w- C:\ProgramData\MySQL
2014-10-21 06:00:43 -------- d-----w- C:\Users\NANNU\AppData\Roaming\AVAST Software
2014-10-20 13:06:39 -------- d-----w- C:\VC++
2014-10-20 12:59:41 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-10-20 12:59:40 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-10-20 12:35:25 43152 ----a-w- C:\Windows\avastSS.scr
2014-10-20 12:07:01 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-10-20 12:07:00 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-10-20 12:06:59 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-10-20 12:06:59 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-10-20 12:06:55 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-10-20 12:05:18 -------- d-----w- C:\Program Files\AVAST Software
2014-10-20 11:58:04 -------- d-----w- C:\ProgramData\AVAST Software
2014-10-19 09:05:24 -------- d-sh--w- C:\Users\NANNU\AppData\Local\EmieUserList
2014-10-19 09:05:24 -------- d-sh--w- C:\Users\NANNU\AppData\Local\EmieSiteList
2014-10-18 15:49:25 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F4A6B61-B632-4B66-AC6B-0DB8DD0B5AAA}\offreg.dll
2014-10-17 17:06:18 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-17 16:48:39 -------- d-----w- C:\Windows\pss
2014-10-16 15:31:31 -------- d-----w- C:\ProgramData\RegInOut
2014-10-16 11:38:06 -------- d-----w- C:\Users\NANNU\AppData\Local\ElevatedDiagnostics
2014-10-15 03:00:03 103140 --sh--r- C:\cknvm.exe
2014-10-14 18:33:08 -------- d-----w- C:\Program Files\paint.net
2014-10-14 18:29:29 -------- d-----w- C:\Users\NANNU\AppData\Local\paint.net
2014-10-14 18:21:04 -------- d-----w- C:\Windows\Migration
2014-10-14 18:10:49 23752 ----a-w- C:\Windows\SysWow64\drivers\efimon.sys
2014-10-14 08:56:57 -------- d-----w- C:\Users\NANNU\.eclipse
2014-10-14 08:55:49 -------- d-----w- C:\Program Files (x86)\eclipse
2014-10-14 08:54:25 -------- d-----w- C:\eclipse
2014-10-14 08:36:46 -------- d-----w- C:\Program Files (x86)\Apache Software Foundation
2014-10-14 07:57:00 -------- d-----w- C:\ATI
2014-10-13 14:45:48 20240 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\TeamViewer_PrintProcessor.dll
2014-10-13 14:44:28 -------- d-----w- C:\Users\NANNU\AppData\Roaming\TeamViewer
2014-10-13 14:44:11 35112 ----a-w- C:\Windows\System32\drivers\teamviewervpn.sys
2014-10-13 14:44:10 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-10-13 10:09:13 -------- d-----w- C:\Servers
2014-10-13 10:04:10 -------- d-----w- C:\RemoteSystemsTempFiles
2014-10-13 10:04:03 -------- d-----w- C:\.metadata
2014-10-13 09:57:55 -------- d-----w- C:\Program Files (x86)\mysql-connector-java-5.0.8
2014-10-13 09:56:36 -------- d-----w- C:\Users\NANNU\AppData\Local\Eclipse
2014-10-13 09:56:14 -------- d-----w- C:\Users\NANNU\workspace
2014-10-10 12:57:17 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F4A6B61-B632-4B66-AC6B-0DB8DD0B5AAA}\mpengine.dll
2014-10-08 17:31:20 -------- d-----w- C:\xampp
2014-10-06 09:50:08 -------- d-----w- C:\Users\NANNU\Graboid
2014-10-06 09:44:36 -------- d-----w- C:\Users\NANNU\AppData\Local\pyGraboid
2014-10-06 09:17:00 -------- d-----w- C:\Users\NANNU\AppData\Roaming\Graboid Inc
2014-10-05 12:01:56 -------- d-----w- C:\ProgramData\Cloud Plus
2014-10-05 11:54:13 -------- d-----w- C:\Program Files (x86)\Idea Net Setter
2014-10-05 11:53:59 -------- d-----w- C:\ProgramData\DatacardService
2014-10-02 13:54:04 447752 ----a-w- C:\Windows\SysWow64\vp6vfw.dll
2014-10-02 13:53:57 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
2014-10-02 12:13:41 -------- d-----w- C:\Users\NANNU\AppData\Local\Microsoft Games
2014-10-02 12:12:27 -------- d-----w- C:\Sims3
2014-10-02 12:10:15 -------- d-----w- C:\Users\NANNU\AppData\Roaming\PowerISO
2014-09-26 04:41:00 -------- d-----w- C:\Users\NANNU\AppData\Local\Hewlett-Packard_Developme
2014-09-25 12:45:15 260096 ----a-w- C:\Windows\SysWow64\RICHTX32.ocx
2014-09-25 12:45:15 209608 ----a-w- C:\Windows\SysWow64\tabctl32.ocx
2014-09-25 12:45:15 140288 ----a-w- C:\Windows\SysWow64\comdlg32.ocx
2014-09-25 12:45:15 124688 ----a-w- C:\Windows\SysWow64\Mswinsck.ocx
2014-09-25 12:45:15 115016 ----a-w- C:\Windows\SysWow64\MSInet.ocx
2014-09-25 12:45:14 -------- d-----w- C:\Program Files (x86)\ITSecTeam
2014-09-25 11:05:37 -------- d-----w- C:\Users\NANNU\AppData\Local\Mozilla
2014-09-24 14:52:39 -------- d-----w- C:\Users\NANNU\AppData\Roaming\Microsoft Corporation
2014-09-24 14:30:10 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2014-09-24 14:30:10 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2014-09-24 14:24:12 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2014-09-24 14:24:08 -------- d-----w- C:\Program Files\IIS
2014-09-24 14:24:07 -------- d-----w- C:\Program Files (x86)\IIS
2014-09-24 14:23:30 2118848 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2014-09-24 14:13:51 -------- d-----w- C:\Windows\SysWow64\1033
2014-09-24 14:12:39 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-09-24 14:08:28 -------- d-----w- C:\Windows\System32\1033
2014-09-24 14:08:15 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0
2014-09-24 14:08:15 -------- d-----w- C:\Program Files\Microsoft Help Viewer
2014-09-23 07:56:41 -------- d-----w- C:\Program Files\apache-tomcat-8.0.12
.
==================== Find3M ====================
.
2014-10-22 17:20:45 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-22 17:20:45 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-10-16 16:26:25 562688 ----a-w- C:\install.exe
2014-09-20 14:45:52 65344 ----a-w- C:\Windows\SysWow64\PhysXLoader.dll
2014-09-15 16:06:02 278152 ------w- C:\Windows\System32\MpSigStub.exe
2014-09-10 20:47:30 61112 ----a-w- C:\Windows\System32\drivers\{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64.sys
2014-08-28 20:20:00 61120 ----a-w- C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys
2014-08-25 16:23:59 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-25 16:22:36 878080 ----a-w- C:\Windows\System32\advapi32.dll
2014-08-25 16:19:10 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-25 16:15:45 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2014-08-25 16:15:45 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2014-08-12 23:00:10 4575232 ----a-w- C:\Windows\SysWow64\GPhotos.scr
.
============= FINISH: 11:36:21.08 ===============

Attached Files

attach.zip (9.5 KB)

Hello,
I wonder how to fix this issue
Memory card was working fine on my Samsung SII until I connected to an open wi-fi network,

Folders' names changed to have Meu μ at the beginning of its names .
i see this only when i browse MMC contents on the mobile but when I connect the MMC to my computer and explore it I don't see the meu μ sign

,Paramount photos,videos and documents which I didn't have the chance to move to my PC are on this tiny (thing) *

Kindly inform me how to recover every thing from the MMC before doing any format,
I cannot take the risk,please tell me what to do,
MMC is 4 GB yet some files show properties to be 27 GB !
Doesn't allow me to copy when connected to PC through a MMC reader,

other MMC cards work fine,Please help*
Thank you,

http://im64.gulfup.com/sMM3KJ.jpg

1h

Http://im64.gulfup.com/TsF5uD.jpg

2

Http://im64.gulfup.com/vQW0jW.jpg
3

http://im64.gulfup.com/SZDJUu.jpg
4


Tried ALL the useless data recovery software with no benefit at all. Didn't format and will not format the card, hope to find the professional exceptional help here :)