So earlier I posted that something on my computer is taking up a lot of space and I made a post(below) and while some programs have helped I still wanted to make sure that my computer is clear or if there is a virus/malware problem.
Can I please get some help.
-Thank you!
http://www.techsupportforum.com/foru...-962073-2.html
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16609 BrowserJavaVersion: 11.31.2
Run by Ania at 18:55:12 on 2015-02-20
Microsoft® Windows Vista Home Premium 6.0.6002.2.1252.1.1033.18.2429.853 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\system32\agrsmsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca
mStart Page = hxxp://searchou.com/?affil=7&uid=9e4dec57-8ac3-11e2-aa8c-00a0d187d85d
mDefault_Page_URL = hxxp://www.shoptoshiba.ca/welcome
uProxyOverride = <-loopback>;*.local
uURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_31\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_31\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [DAEMON Tools Lite] c:\program files\daemon tools lite\daemon.exe -autorun
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe
mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [Skytel] Skytel.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{E835AFF3-8243-4C30-9182-AEA11563E940} : DHCPNameServer = 192.168.0.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\40.0.2214.115\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 Spyware Info | Spyware Info
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\ania\appdata\roaming\mozilla\firefox\profiles\8948li1w.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287822&CUI=UN24258048271175528&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - google.ca
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=mcafee&type=A110US0&p=
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\google\update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre1.8.0_31\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\winamp detect\npwachk.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_16_0_0_305.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.newTab - false
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN112245682172798-1600&toolbarId=base&affiliateId=1600&Lan=en&utid=9eaf20110000000000000016441e7eef&q=
FF - user.js: extensions.zonealarm.id - 9eaf20110000000000000016441e7eef
FF - user.js: extensions.zonealarm.instlDay - 15419
FF - user.js: extensions.zonealarm.vrsn - 1.5.20.3
FF - user.js: extensions.zonealarm.vrsni - 1.5.20.3
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.5.20.38:10:07
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1600
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base
FF - user.js: extensions.zonealarm.instlRef - ZLN112245682172798-1600
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2015-2-7 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2015-2-7 206248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2015-2-7 787800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2015-2-7 423784]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2014-7-22 142648]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-2-7 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [2015-2-7 73480]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2015-2-7 50344]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2012-3-19 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-21 655944]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\avast software\avast\ng\vbox\VBoxAswDrv.sys [2015-2-7 218192]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\avast software\avast\ng\vbox\AvastVBoxSVC.exe [2015-2-7 3192344]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2007-9-2 7168]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-3-21 22344]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2009-6-10 347648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2015-1-23 23456]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2009-12-30 27192]
.
=============== Created Last 30 ================
.
2015-02-20 23:10:23 -------- d-----w- c:\program files\CCleaner
2015-02-20 22:21:34 -------- d-----w- c:\users\ania\appdata\roaming\SUPERAntiSpyware.com
2015-02-20 22:20:35 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2015-02-20 22:20:35 -------- d-----w- c:\program files\SUPERAntiSpyware
2015-02-20 07:32:31 9041640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{8b5e071b-107b-4731-9a9b-377b633c7eee}\mpengine.dll
2015-02-12 06:42:00 1810944 ----a-w- c:\windows\system32\jscript9.dll
2015-02-11 18:32:36 564224 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-11 18:30:31 2063360 ----a-w- c:\windows\system32\win32k.sys
2015-02-11 18:27:57 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-11 18:16:51 440760 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-02-11 18:16:14 306176 ----a-w- c:\windows\system32\scesrv.dll
2015-02-09 17:03:42 73816 ----a-w- c:\program files\mozilla firefox\wow_helper.exe
2015-02-08 02:31:15 -------- d-----w- c:\windows\system32\vbox
2015-02-08 02:28:13 -------- d-----w- c:\users\ania\appdata\roaming\AVAST Software
2015-02-08 02:25:15 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-02-08 02:25:13 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-02-08 02:25:12 73480 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2015-02-08 02:25:11 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-02-08 02:25:08 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-02-08 02:24:59 43152 ----a-w- c:\windows\avastSS.scr
2015-02-08 02:21:26 -------- d-----w- c:\program files\AVAST Software
2015-01-30 16:31:59 -------- d-----w- c:\program files\iPod
2015-01-30 16:31:47 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-01-30 16:31:47 -------- d-----w- c:\program files\iTunes
2015-01-25 22:50:42 -------- d-----w- c:\program files\Lame For Audacity
2015-01-24 00:06:55 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2015-01-24 00:06:54 -------- d-----w- c:\users\ania\appdata\local\eSupport.com
2015-01-24 00:06:50 -------- d-----w- c:\program files\eSupport.com
2015-01-24 00:03:01 -------- d-----w- c:\programdata\SystemRequirementsLab
2015-01-24 00:03:01 -------- d-----w- c:\program files\SystemRequirementsLab
2015-01-22 22:01:59 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2015-01-22 21:21:52 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2015-01-22 21:21:52 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2015-01-22 21:21:48 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2015-01-22 21:21:47 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2015-01-22 21:21:46 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2015-01-22 21:21:45 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2015-01-22 21:21:44 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2015-01-22 21:21:43 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2015-01-22 21:21:42 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2015-01-22 21:21:42 62744 ----a-w- c:\windows\system32\xinput1_2.dll
.
==================== Find3M ====================
.
2015-02-09 16:57:55 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-02-09 16:49:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-09 16:49:53 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-01-14 01:49:16 367104 ----a-w- c:\windows\system32\html.iec
2015-01-14 01:42:51 1129472 ----a-w- c:\windows\system32\wininet.dll
2015-01-14 01:42:31 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2015-01-14 01:41:28 421376 ----a-w- c:\windows\system32\vbscript.dll
2015-01-14 01:41:09 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2015-01-14 01:40:35 11776 ----a-w- c:\windows\system32\mshta.exe
2015-01-14 01:40:33 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-12-23 05:50:16 249488 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 00:25:17 115200 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-06 03:14:51 153600 ----a-w- c:\windows\system32\profsvc.dll
2014-12-06 03:14:36 48640 ----a-w- c:\windows\system32\nlaapi.dll
2014-12-06 03:14:36 174080 ----a-w- c:\windows\system32\nlasvc.dll
2014-12-06 03:14:34 93184 ----a-w- c:\windows\system32\ncsi.dll
2014-12-03 02:06:01 278528 ----a-w- c:\windows\system32\schannel.dll
.
============= FINISH: 18:58:14.16 ===============
Can I please get some help.
-Thank you!
http://www.techsupportforum.com/foru...-962073-2.html
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16609 BrowserJavaVersion: 11.31.2
Run by Ania at 18:55:12 on 2015-02-20
Microsoft® Windows Vista Home Premium 6.0.6002.2.1252.1.1033.18.2429.853 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\system32\agrsmsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca
mStart Page = hxxp://searchou.com/?affil=7&uid=9e4dec57-8ac3-11e2-aa8c-00a0d187d85d
mDefault_Page_URL = hxxp://www.shoptoshiba.ca/welcome
uProxyOverride = <-loopback>;*.local
uURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_31\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_31\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [DAEMON Tools Lite] c:\program files\daemon tools lite\daemon.exe -autorun
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe
mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [Skytel] Skytel.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{E835AFF3-8243-4C30-9182-AEA11563E940} : DHCPNameServer = 192.168.0.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\40.0.2214.115\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 Spyware Info | Spyware Info
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\ania\appdata\roaming\mozilla\firefox\profiles\8948li1w.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287822&CUI=UN24258048271175528&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - google.ca
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=mcafee&type=A110US0&p=
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\google\update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre1.8.0_31\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\winamp detect\npwachk.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_16_0_0_305.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.newTab - false
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN112245682172798-1600&toolbarId=base&affiliateId=1600&Lan=en&utid=9eaf20110000000000000016441e7eef&q=
FF - user.js: extensions.zonealarm.id - 9eaf20110000000000000016441e7eef
FF - user.js: extensions.zonealarm.instlDay - 15419
FF - user.js: extensions.zonealarm.vrsn - 1.5.20.3
FF - user.js: extensions.zonealarm.vrsni - 1.5.20.3
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.5.20.38:10:07
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1600
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base
FF - user.js: extensions.zonealarm.instlRef - ZLN112245682172798-1600
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2015-2-7 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2015-2-7 206248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2015-2-7 787800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2015-2-7 423784]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2014-7-22 142648]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-2-7 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [2015-2-7 73480]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2015-2-7 50344]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2012-3-19 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-21 655944]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\avast software\avast\ng\vbox\VBoxAswDrv.sys [2015-2-7 218192]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\avast software\avast\ng\vbox\AvastVBoxSVC.exe [2015-2-7 3192344]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2007-9-2 7168]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-3-21 22344]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2009-6-10 347648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2015-1-23 23456]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2009-12-30 27192]
.
=============== Created Last 30 ================
.
2015-02-20 23:10:23 -------- d-----w- c:\program files\CCleaner
2015-02-20 22:21:34 -------- d-----w- c:\users\ania\appdata\roaming\SUPERAntiSpyware.com
2015-02-20 22:20:35 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2015-02-20 22:20:35 -------- d-----w- c:\program files\SUPERAntiSpyware
2015-02-20 07:32:31 9041640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{8b5e071b-107b-4731-9a9b-377b633c7eee}\mpengine.dll
2015-02-12 06:42:00 1810944 ----a-w- c:\windows\system32\jscript9.dll
2015-02-11 18:32:36 564224 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-11 18:30:31 2063360 ----a-w- c:\windows\system32\win32k.sys
2015-02-11 18:27:57 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-11 18:16:51 440760 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-02-11 18:16:14 306176 ----a-w- c:\windows\system32\scesrv.dll
2015-02-09 17:03:42 73816 ----a-w- c:\program files\mozilla firefox\wow_helper.exe
2015-02-08 02:31:15 -------- d-----w- c:\windows\system32\vbox
2015-02-08 02:28:13 -------- d-----w- c:\users\ania\appdata\roaming\AVAST Software
2015-02-08 02:25:15 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-02-08 02:25:13 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-02-08 02:25:12 73480 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2015-02-08 02:25:11 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-02-08 02:25:08 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-02-08 02:24:59 43152 ----a-w- c:\windows\avastSS.scr
2015-02-08 02:21:26 -------- d-----w- c:\program files\AVAST Software
2015-01-30 16:31:59 -------- d-----w- c:\program files\iPod
2015-01-30 16:31:47 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-01-30 16:31:47 -------- d-----w- c:\program files\iTunes
2015-01-25 22:50:42 -------- d-----w- c:\program files\Lame For Audacity
2015-01-24 00:06:55 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2015-01-24 00:06:54 -------- d-----w- c:\users\ania\appdata\local\eSupport.com
2015-01-24 00:06:50 -------- d-----w- c:\program files\eSupport.com
2015-01-24 00:03:01 -------- d-----w- c:\programdata\SystemRequirementsLab
2015-01-24 00:03:01 -------- d-----w- c:\program files\SystemRequirementsLab
2015-01-22 22:01:59 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2015-01-22 21:21:52 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2015-01-22 21:21:52 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2015-01-22 21:21:48 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2015-01-22 21:21:47 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2015-01-22 21:21:46 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2015-01-22 21:21:45 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2015-01-22 21:21:44 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2015-01-22 21:21:43 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2015-01-22 21:21:42 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2015-01-22 21:21:42 62744 ----a-w- c:\windows\system32\xinput1_2.dll
.
==================== Find3M ====================
.
2015-02-09 16:57:55 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-02-09 16:49:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-09 16:49:53 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-01-14 01:49:16 367104 ----a-w- c:\windows\system32\html.iec
2015-01-14 01:42:51 1129472 ----a-w- c:\windows\system32\wininet.dll
2015-01-14 01:42:31 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2015-01-14 01:41:28 421376 ----a-w- c:\windows\system32\vbscript.dll
2015-01-14 01:41:09 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2015-01-14 01:40:35 11776 ----a-w- c:\windows\system32\mshta.exe
2015-01-14 01:40:33 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-12-23 05:50:16 249488 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 00:25:17 115200 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-06 03:14:51 153600 ----a-w- c:\windows\system32\profsvc.dll
2014-12-06 03:14:36 48640 ----a-w- c:\windows\system32\nlaapi.dll
2014-12-06 03:14:36 174080 ----a-w- c:\windows\system32\nlasvc.dll
2014-12-06 03:14:34 93184 ----a-w- c:\windows\system32\ncsi.dll
2014-12-03 02:06:01 278528 ----a-w- c:\windows\system32\schannel.dll
.
============= FINISH: 18:58:14.16 ===============