Virus

The computer was running very very slow, lots of pop ups, words turning into hyperlinks, home page changed to mysearchdial. I just want to make sure that I restored early enough (June 16 2014) before all this started

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16921
Run by Administrator at 15:35:26 on 2014-07-06
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3678.2184 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\system32\dwm.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\dashost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\TODDSrv.exe
C:\windows\Explorer.EXE
C:\Program Files\Toshiba\Teco\TecoService.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
C:\Program Files\Toshiba\Teco\TecoResident.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\msiexec.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uWindow Title = Internet Explorer provided by TOSHIBA
uDefault_Page_URL = hxxp://toshiba13.msn.com
mStart Page = hxxp://www.google.com
mWindow Title = Internet Explorer provided by TOSHIBA
mDefault_Page_URL = hxxp://toshiba13.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Facebook Update] "C:\Users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{79D4E137-6385-4DB0-99A6-CFFE8E40CD6D} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{79D4E137-6385-4DB0-99A6-CFFE8E40CD6D}\14E647F6E656C6C696 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{79D4E137-6385-4DB0-99A6-CFFE8E40CD6D}\642494355727675696C6C616E63656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{79D4E137-6385-4DB0-99A6-CFFE8E40CD6D}\C696E6B6379737 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{79D4E137-6385-4DB0-99A6-CFFE8E40CD6D}\E4544574541425 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{B4067A13-5C28-4342-9D44-F5FEB099CB73} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.google.com
x64-mWindow Title = Internet Explorer provided by TOSHIBA
x64-mDefault_Page_URL = hxxp://toshiba13.msn.com
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Quiknowledge: {323C6E6D-1621-470F-8A52-4FDEC4E75E40} -
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe
x64-Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\Drivers\aswRvrt.sys [2013-4-14 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\Drivers\aswVmm.sys [2013-4-14 205320]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\Drivers\PxHlpa64.sys [2013-4-14 52856]
R1 aswSnx;aswSnx;C:\windows\System32\Drivers\aswSnx.sys [2013-1-14 1032416]
R1 aswSP;aswSP;C:\windows\System32\Drivers\aswSP.sys [2013-1-14 409832]
R1 qknfd;qknfd;C:\windows\System32\Drivers\qknfd.sys [2014-2-5 58256]
R1 wStLibG64;wStLibG64;C:\windows\System32\Drivers\wStLibG64.sys [2014-3-25 61120]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-8-8 240640]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\Drivers\aswFsBlk.sys [2013-1-14 38984]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\Drivers\aswMonFlt.sys [2013-1-14 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-28 50344]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-3-16 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-3-16 701512]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\Teco\TecoService.exe [2013-8-9 328544]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\Drivers\TVALZFL.sys [2012-7-21 16768]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\Drivers\AtihdW86.sys [2012-7-17 98472]
R3 FwLnk;FwLnk Driver;C:\windows\System32\Drivers\FwLnk.sys [2012-12-13 9216]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\Drivers\mbam.sys [2014-3-16 25928]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2012-12-13 315536]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2012-12-13 683664]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\windows\System32\Drivers\rtwlane.sys [2012-6-29 1498256]
R3 TMachInfo;TMachInfo;C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2012-7-27 53384]
R3 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\Drivers\tos_sps64.sys [2012-12-13 499096]
R3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2012-7-28 458152]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\Drivers\usbfilter.sys [2012-12-13 58536]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-6-2 100864]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\Drivers\rtwlane.sys [2012-6-29 1498256]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WSDScan;WSD Scan Support;C:\windows\System32\Drivers\WSDScan.sys [2013-1-21 23552]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== File Associations ===============
.
FileExt: .txt: soffice.StarWriterDocument.6="C:\Program Files (x86)\OpenOffice 4\program\swriter.exe" -o "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2014-06-20 19:55:32 -------- d-----w- C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-06-20 19:55:32 -------- d-----w- C:\ProgramData\bf09cbdb954ee94e
2014-06-20 19:55:31 -------- d-----w- C:\Users\Administrator\AppData\Local\Torch
2014-06-20 19:55:30 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo
2014-06-20 19:52:37 -------- d-----w- C:\ProgramData\InstallMate
2014-06-11 00:40:54 484352 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-06-11 00:40:53 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2014-06-11 00:40:53 365568 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2014-06-11 00:40:52 2239488 ----a-w- C:\windows\System32\wininet.dll
2014-06-11 00:40:40 1084928 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2014-06-11 00:40:39 148992 ----a-w- C:\Program Files\Internet Explorer\jsdebuggeride.dll
2014-06-11 00:37:48 3958784 ----a-w- C:\windows\System32\jscript9.dll
2014-06-11 00:37:10 2862080 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-06-11 00:37:08 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
2014-06-11 00:36:46 3246592 ----a-w- C:\windows\System32\rdpcorets.dll
2014-06-11 00:36:45 235520 ----a-w- C:\windows\System32\rdpudd.dll
2014-06-11 00:36:44 1301504 ----a-w- C:\windows\System32\gdi32.dll
2014-06-11 00:36:43 1023488 ----a-w- C:\windows\SysWow64\gdi32.dll
2014-06-11 00:36:25 619008 ----a-w- C:\windows\System32\drivers\srv2.sys
2014-06-11 00:36:24 328024 ----a-w- C:\windows\System32\drivers\Classpnp.sys
2014-06-11 00:36:23 309760 ----a-w- C:\windows\System32\wusa.exe
2014-06-11 00:36:22 305152 ----a-w- C:\windows\SysWow64\wusa.exe
2014-06-11 00:30:56 2233176 ----a-w- C:\windows\System32\drivers\tcpip.sys
2014-06-11 00:30:52 1845760 ----a-w- C:\windows\System32\msxml3.dll
2014-06-11 00:30:51 1419264 ----a-w- C:\windows\SysWow64\msxml3.dll
.
==================== Find3M ====================
.
2014-05-31 05:16:07 703992 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-05-31 05:16:07 105464 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-24 02:47:45 915968 ----a-w- C:\windows\System32\uxtheme.dll
2014-05-24 02:47:44 53760 ----a-w- C:\windows\System32\UXInit.dll
2014-05-24 02:46:07 67072 ----a-w- C:\windows\System32\iesetup.dll
2014-05-24 02:46:07 136704 ----a-w- C:\windows\System32\iesysprep.dll
2014-05-24 02:45:26 1508864 ----a-w- C:\windows\System32\inetcpl.cpl
2014-05-24 01:26:54 1766400 ----a-w- C:\windows\SysWow64\wininet.dll
2014-05-24 01:26:46 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2014-05-24 01:25:49 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-05-24 01:25:49 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2014-05-24 01:25:25 1440768 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-05-24 01:09:41 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2014-05-24 01:03:36 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-05-23 22:37:13 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
2014-04-19 09:39:36 628024 ----a-w- C:\windows\System32\NotificationUI.exe
2014-04-19 08:45:39 693760 ----a-w- C:\windows\System32\WSShared.dll
2014-04-19 08:45:39 163840 ----a-w- C:\windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 06:57:49 566784 ----a-w- C:\windows\SysWow64\WSShared.dll
2014-04-19 06:57:49 124928 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 09:27:03 172888 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-04-12 09:10:31 578048 ----a-w- C:\windows\System32\winlogon.exe
2014-04-12 09:09:43 208896 ----a-w- C:\windows\System32\wdigest.dll
2014-04-12 09:09:39 1043968 ----a-w- C:\windows\System32\usercpl.dll
2014-04-12 09:09:34 94720 ----a-w- C:\windows\System32\TSpkg.dll
2014-04-12 09:09:19 588288 ----a-w- C:\windows\System32\SHCore.dll
2014-04-12 09:08:37 318464 ----a-w- C:\windows\System32\msv1_0.dll
2014-04-12 09:08:17 439808 ----a-w- C:\windows\System32\lsm.dll
2014-04-12 09:08:17 1281536 ----a-w- C:\windows\System32\lsasrv.dll
2014-04-12 09:08:10 827904 ----a-w- C:\windows\System32\kerberos.dll
2014-04-12 09:07:36 20480 ----a-w- C:\windows\System32\credssp.dll
2014-04-12 07:23:59 178688 ----a-w- C:\windows\SysWow64\wdigest.dll
2014-04-12 07:23:52 961536 ----a-w- C:\windows\SysWow64\usercpl.dll
2014-04-12 07:23:49 76800 ----a-w- C:\windows\SysWow64\TSpkg.dll
2014-04-12 07:23:40 452608 ----a-w- C:\windows\SysWow64\SHCore.dll
2014-04-12 07:23:14 273920 ----a-w- C:\windows\SysWow64\msv1_0.dll
2014-04-12 07:22:58 666624 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-04-12 07:22:33 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2014-04-12 06:58:06 14848 ----a-w- C:\windows\System32\workerdd.dll
.
============= FINISH: 15:37:09.77 ===============

Attached Files

	attach.zip (2.4 KB)
	ark.zip (1.6 KB)