Issue:
Two weeks ago when I tried to install VLC, internet access (via IE, Chrome and FireFox) for all of my accounts (except admin account) stopped working. Please note, VLC never got successfully installed (I cannot find it on my computer). All browsers from my admin account continue to work. Windows is not able to detect any issues with LAN connectivity (in fact I see the byte count constantly changing).
My setup:
1) I am running windows 7
2)I do not have access to windows install disc or boot CD.
3) I do not have any valid backups or restore points
4) My LAN connection is wired (not wireless).
5) I have uninstalled IE and now have Chrome and FireFox (both of which also do not work on these accounts).
6) I have Norton 360 firewall and AutoProtect always turned on.
So far I have done the following:
1) If I switch the account type of other accounts to administrator - they still don't work.
2) If I create a new account (admin or Std) browsers still don't work.
3) Ran through malwarebytes and adware. I have Norton 360 installed
4) I disabled Norton firewall and Autoprotect, browsers still don't work.
5) With Old Rich's help on the Networking forum, we diagnosed that there is nothing wrong with accessing the network from the accounts on which Browsers don't work (see "Re: Administrator can get on the internet, but other users can't" on networking forum). I am able to successfully ping google.com from cmd window. So he suggested that I create a thread here.
6) I have followed your instructions and here is the output of DDS.TXT
DDS.TXT contents
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: BrowserJavaVersion: 11.25.2
Run by EMACHINES at 13:54:57 on 2015-03-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.1450 [GMT -4:00]
.
AV: Norton 360 *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton 360 *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe,
BHO: 1Password: {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
dRunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\EMACHI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\EMACHINES\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NofoXlderOptions = dword:0
uPolicies-Explorer: FolderOptions = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - {67C241CC-D372-4BC0-BA82-12652D200F0C} - C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: C:\Users\EMACHINES\AppData\Local\LocalTemperature\LT_Updater.dll
LSP: C:\windows\System32\Sendori.dll
DPF: {B1647320-9EC8-4B0F-BF53-93D4A43FA614} - hxxps://mydesk-pi02.morganstanley.com/prx/000/http/rc.ms.com:8180/mdp/prod/common/htdocs/SPX/2.3.0.10/TerminalSvcsTCS.cab
DPF: {F6A553B1-4B5F-4974-866F-98C1D1EBD3DE} - hxxps://mydesk-hq02.morganstanley.com/prx/000/http/mydeskwebapp.gslb.ms.com:8180/east/rcde_mydesk_prime/docs/SPX/c2.2.0.11/CPubAppsTCS.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{34B112AC-F141-4A7D-B1E6-42485FA68CEA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3DD8AF31-7E1B-404E-9955-BBA04F183CC6} : DHCPNameServer = 209.222.18.222 209.222.18.218
TCP: Interfaces\{CE8789A5-E15B-4335-B643-5CE18BC80551} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: bejeweled2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: blackhawk2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: bobthebuilder zoo-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: buildalot2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: escaperosecliffisland-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-mStart Page = hxxp://www.google.com
x64-BHO: 1Password: {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\CoIEPlg.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\CoIEPlg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-IE: {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - {67C241CC-D372-4BC0-BA82-12652D200F0C} - C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: bejeweled2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: blackhawk2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: bobthebuilder zoo-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: buildalot2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: escaperosecliffisland-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\EMACHINES\AppData\Roaming\Mozilla\Firefox\Profiles\xvsd274z.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=242154&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\windows\System32\drivers\N360x64\1506000.020\SymDS64.sys [2014-12-6 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\N360x64\1506000.020\SymEFA64.sys [2014-12-6 1148120]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150309.001\BHDrvx64.sys [2015-3-10 1622744]
R1 ccSet_N360;N360 Settings Manager;C:\windows\System32\drivers\N360x64\1506000.020\ccSetx64.sys [2014-12-6 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150313.001\IDSviA64.sys [2015-3-13 669400]
R1 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\N360x64\1506000.020\Ironx64.sys [2014-12-6 266968]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\N360x64\1506000.020\symnets.sys [2014-12-6 593112]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [2014-12-6 265040]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-19 142640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?]
S3 AE1000;Linksys AE1000 Driver;C:\windows\System32\drivers\ae1000w7.sys [2012-11-25 1101600]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-3-11 114688]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-7-8 59392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-9-18 11880]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-7-8 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 Greg_Service;GRegService;C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [2009-8-28 1150496]
S4 SophosVirusRemovalTool;Sophos Virus Removal Tool;C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe --> C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [?]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-9-19 2365792]
S4 Updater Service;Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2010-6-7 243232]
.
=============== Created Last 30 ================
.
2015-03-15 16:10:10 -------- d-----w- C:\Users\EMACHINES\AppData\Local\Macromedia
2015-03-15 15:45:34 -------- d-----w- C:\windows\SysWow64\Adobe
2015-03-14 17:04:13 -------- d-----w- C:\Users\EMACHINES\AppData\Roaming\TeraCopy
2015-03-11 04:43:47 215552 ----a-w- C:\windows\System32\ubpm.dll
2015-03-11 04:42:59 465920 ----a-w- C:\windows\System32\WMPhoto.dll
2015-03-11 04:42:59 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll
2015-03-07 23:25:38 965232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuuc52.dll
2015-03-07 23:25:38 1266800 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuin52.dll
2015-03-07 23:25:38 10594416 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icudt52.dll
2015-03-07 21:01:05 -------- d-----w- C:\AdwCleaner
2015-03-07 19:32:39 -------- d-----w- C:\Users\EMACHINES\AppData\Local\LocalTemperature
2015-02-25 18:15:11 950272 ----a-w- C:\windows\System32\perftrack.dll
2015-02-25 18:15:11 91136 ----a-w- C:\windows\System32\wdi.dll
2015-02-25 18:15:11 76800 ----a-w- C:\windows\SysWow64\wdi.dll
2015-02-25 18:15:11 29696 ----a-w- C:\windows\System32\powertracker.dll
2015-02-18 13:47:58 17323192 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSO.DLL
2015-02-17 20:04:46 1202848 ----a-w- C:\windows\SysWow64\FM20.DLL
.
==================== Find3M ====================
.
2015-03-15 17:13:05 778928 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2015-03-15 17:13:05 142512 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-06 05:56:10 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2015-03-06 05:56:10 155576 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2015-03-06 05:42:39 210944 ----a-w- C:\windows\System32\wdigest.dll
2015-03-06 05:42:36 86528 ----a-w- C:\windows\System32\TSpkg.dll
2015-03-06 05:42:35 29184 ----a-w- C:\windows\System32\sspisrv.dll
2015-03-06 05:42:35 136192 ----a-w- C:\windows\System32\sspicli.dll
2015-03-06 05:42:33 341504 ----a-w- C:\windows\System32\schannel.dll
2015-03-06 05:42:33 28160 ----a-w- C:\windows\System32\secur32.dll
2015-03-06 05:42:29 314880 ----a-w- C:\windows\System32\msv1_0.dll
2015-03-06 05:42:29 309760 ----a-w- C:\windows\System32\ncrypt.dll
2015-03-06 05:42:27 728064 ----a-w- C:\windows\System32\kerberos.dll
2015-03-06 05:42:27 1461760 ----a-w- C:\windows\System32\lsasrv.dll
2015-03-06 05:42:20 22016 ----a-w- C:\windows\System32\credssp.dll
2015-03-06 05:41:46 31232 ----a-w- C:\windows\System32\lsass.exe
2015-03-06 05:41:31 64000 ----a-w- C:\windows\System32\auditpol.exe
2015-03-06 05:39:16 60416 ----a-w- C:\windows\System32\msobjs.dll
2015-03-06 05:38:57 146432 ----a-w- C:\windows\System32\msaudite.dll
2015-03-06 05:36:56 686080 ----a-w- C:\windows\System32\adtschema.dll
2015-03-06 05:10:34 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2015-03-06 05:10:30 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
2015-03-06 05:10:26 248832 ----a-w- C:\windows\SysWow64\schannel.dll
2015-03-06 05:10:26 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2015-03-06 05:10:22 259584 ----a-w- C:\windows\SysWow64\msv1_0.dll
2015-03-06 05:10:22 221184 ----a-w- C:\windows\SysWow64\ncrypt.dll
2015-03-06 05:10:18 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2015-03-06 05:10:11 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2015-03-06 05:09:31 50176 ----a-w- C:\windows\SysWow64\auditpol.exe
2015-03-06 05:09:19 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2015-03-06 05:07:50 60416 ----a-w- C:\windows\SysWow64\msobjs.dll
2015-03-06 05:07:43 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2015-03-06 05:06:20 686080 ----a-w- C:\windows\SysWow64\adtschema.dll
2015-02-26 03:25:44 3204096 ----a-w- C:\windows\System32\win32k.sys
2015-02-20 04:41:01 41984 ----a-w- C:\windows\System32\lpk.dll
2015-02-20 04:40:59 100864 ----a-w- C:\windows\System32\fontsub.dll
2015-02-20 04:40:56 14336 ----a-w- C:\windows\System32\dciman32.dll
2015-02-20 04:40:55 46080 ----a-w- C:\windows\System32\atmlib.dll
2015-02-20 04:13:49 70656 ----a-w- C:\windows\SysWow64\fontsub.dll
2015-02-20 04:13:46 10240 ----a-w- C:\windows\SysWow64\dciman32.dll
2015-02-20 04:13:43 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2015-02-20 04:12:51 25600 ----a-w- C:\windows\SysWow64\lpk.dll
2015-02-20 03:29:16 372224 ----a-w- C:\windows\System32\atmfd.dll
2015-02-20 03:09:16 299008 ----a-w- C:\windows\SysWow64\atmfd.dll
2015-02-20 03:06:02 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2015-02-20 03:05:49 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2015-02-20 02:50:14 66560 ----a-w- C:\windows\System32\iesetup.dll
2015-02-20 02:49:29 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2015-02-20 02:49:19 584192 ----a-w- C:\windows\System32\vbscript.dll
2015-02-20 02:47:56 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2015-02-20 02:35:17 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2015-02-20 02:35:05 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2015-02-20 02:34:24 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2015-02-20 02:32:34 6035456 ----a-w- C:\windows\System32\jscript9.dll
2015-02-20 02:26:12 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2015-02-20 02:22:35 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2015-02-20 02:13:57 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2015-02-20 02:09:08 503296 ----a-w- C:\windows\SysWow64\vbscript.dll
2015-02-20 02:08:59 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2015-02-20 02:08:13 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2015-02-20 02:06:44 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2015-02-20 01:56:54 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2015-02-20 01:56:07 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2015-02-20 01:47:06 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2015-02-20 01:46:45 2125824 ----a-w- C:\windows\System32\inetcpl.cpl
2015-02-20 01:41:52 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-02-20 01:30:39 4300288 ----a-w- C:\windows\SysWow64\jscript9.dll
2015-02-20 01:28:25 2358784 ----a-w- C:\windows\System32\wininet.dll
2015-02-20 01:24:21 2052608 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2015-02-20 01:23:19 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2015-02-20 01:01:25 1888256 ----a-w- C:\windows\SysWow64\wininet.dll
2015-02-05 01:00:11 5070512 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2015-02-04 03:16:29 609280 ----a-w- C:\windows\System32\generaltel.dll
2015-02-04 03:16:20 762368 ----a-w- C:\windows\System32\invagent.dll
2015-02-04 03:16:16 414720 ----a-w- C:\windows\System32\devinv.dll
2015-02-04 03:16:14 894976 ----a-w- C:\windows\System32\appraiser.dll
2015-02-04 03:16:13 227328 ----a-w- C:\windows\System32\aepdu.dll
2015-02-04 03:16:13 192000 ----a-w- C:\windows\System32\aepic.dll
2015-02-04 03:13:28 1098752 ----a-w- C:\windows\System32\aeinv.dll
2015-02-03 03:34:39 693176 ----a-w- C:\windows\System32\winload.efi
2015-02-03 03:34:38 5554104 ----a-w- C:\windows\System32\ntoskrnl.exe
2015-02-03 03:34:36 94656 ----a-w- C:\windows\System32\drivers\mountmgr.sys
2015-02-03 03:33:29 616360 ----a-w- C:\windows\System32\winresume.efi
2015-02-03 03:30:58 631808 ----a-w- C:\windows\System32\evr.dll
2015-02-03 03:29:19 8704 ----a-w- C:\windows\System32\pcaevts.dll
2015-02-03 03:28:49 2048 ----a-w- C:\windows\System32\mferror.dll
2015-02-03 03:28:14 6656 ----a-w- C:\windows\System32\apisetschema.dll
2015-02-03 03:19:12 663552 ----a-w- C:\windows\System32\drivers\PEAuth.sys
2015-02-03 03:16:31 3973048 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2015-02-03 03:16:31 3917760 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2015-02-03 03:11:55 50176 ----a-w- C:\windows\SysWow64\rrinstaller.exe
2015-02-03 03:11:48 23040 ----a-w- C:\windows\SysWow64\mfpmp.exe
2015-02-03 03:11:18 12625408 ----a-w- C:\windows\SysWow64\wmploc.DLL
2015-02-03 03:09:03 2048 ----a-w- C:\windows\SysWow64\mferror.dll
2015-02-03 03:08:07 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2015-02-03 02:32:25 61440 ----a-w- C:\windows\System32\drivers\appid.sys
2015-01-30 23:56:51 459336 ----a-w- C:\windows\System32\drivers\cng.sys
2015-01-27 23:36:21 1239720 ----a-w- C:\windows\System32\aitstatic.exe
2015-01-17 02:48:38 1067520 ----a-w- C:\windows\System32\msctf.dll
2015-01-17 02:30:42 828928 ----a-w- C:\windows\SysWow64\msctf.dll
.
============= FINISH: 13:55:09.07 ===============
Two weeks ago when I tried to install VLC, internet access (via IE, Chrome and FireFox) for all of my accounts (except admin account) stopped working. Please note, VLC never got successfully installed (I cannot find it on my computer). All browsers from my admin account continue to work. Windows is not able to detect any issues with LAN connectivity (in fact I see the byte count constantly changing).
My setup:
1) I am running windows 7
2)I do not have access to windows install disc or boot CD.
3) I do not have any valid backups or restore points
4) My LAN connection is wired (not wireless).
5) I have uninstalled IE and now have Chrome and FireFox (both of which also do not work on these accounts).
6) I have Norton 360 firewall and AutoProtect always turned on.
So far I have done the following:
1) If I switch the account type of other accounts to administrator - they still don't work.
2) If I create a new account (admin or Std) browsers still don't work.
3) Ran through malwarebytes and adware. I have Norton 360 installed
4) I disabled Norton firewall and Autoprotect, browsers still don't work.
5) With Old Rich's help on the Networking forum, we diagnosed that there is nothing wrong with accessing the network from the accounts on which Browsers don't work (see "Re: Administrator can get on the internet, but other users can't" on networking forum). I am able to successfully ping google.com from cmd window. So he suggested that I create a thread here.
6) I have followed your instructions and here is the output of DDS.TXT
DDS.TXT contents
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: BrowserJavaVersion: 11.25.2
Run by EMACHINES at 13:54:57 on 2015-03-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.1450 [GMT -4:00]
.
AV: Norton 360 *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton 360 *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe,
BHO: 1Password: {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
dRunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\EMACHI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\EMACHINES\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NofoXlderOptions = dword:0
uPolicies-Explorer: FolderOptions = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - {67C241CC-D372-4BC0-BA82-12652D200F0C} - C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: C:\Users\EMACHINES\AppData\Local\LocalTemperature\LT_Updater.dll
LSP: C:\windows\System32\Sendori.dll
DPF: {B1647320-9EC8-4B0F-BF53-93D4A43FA614} - hxxps://mydesk-pi02.morganstanley.com/prx/000/http/rc.ms.com:8180/mdp/prod/common/htdocs/SPX/2.3.0.10/TerminalSvcsTCS.cab
DPF: {F6A553B1-4B5F-4974-866F-98C1D1EBD3DE} - hxxps://mydesk-hq02.morganstanley.com/prx/000/http/mydeskwebapp.gslb.ms.com:8180/east/rcde_mydesk_prime/docs/SPX/c2.2.0.11/CPubAppsTCS.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{34B112AC-F141-4A7D-B1E6-42485FA68CEA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3DD8AF31-7E1B-404E-9955-BBA04F183CC6} : DHCPNameServer = 209.222.18.222 209.222.18.218
TCP: Interfaces\{CE8789A5-E15B-4335-B643-5CE18BC80551} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: bejeweled2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: blackhawk2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: bobthebuilder zoo-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: buildalot2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: escaperosecliffisland-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-mStart Page = hxxp://www.google.com
x64-BHO: 1Password: {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\CoIEPlg.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\CoIEPlg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-IE: {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - {67C241CC-D372-4BC0-BA82-12652D200F0C} - C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: bejeweled2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: blackhawk2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: bobthebuilder zoo-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: buildalot2-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: escaperosecliffisland-wt.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\EMACHINES\AppData\Roaming\Mozilla\Firefox\Profiles\xvsd274z.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=242154&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\windows\System32\drivers\N360x64\1506000.020\SymDS64.sys [2014-12-6 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\N360x64\1506000.020\SymEFA64.sys [2014-12-6 1148120]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150309.001\BHDrvx64.sys [2015-3-10 1622744]
R1 ccSet_N360;N360 Settings Manager;C:\windows\System32\drivers\N360x64\1506000.020\ccSetx64.sys [2014-12-6 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150313.001\IDSviA64.sys [2015-3-13 669400]
R1 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\N360x64\1506000.020\Ironx64.sys [2014-12-6 266968]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\N360x64\1506000.020\symnets.sys [2014-12-6 593112]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [2014-12-6 265040]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-19 142640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?]
S3 AE1000;Linksys AE1000 Driver;C:\windows\System32\drivers\ae1000w7.sys [2012-11-25 1101600]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-3-11 114688]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-7-8 59392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-9-18 11880]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-7-8 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 Greg_Service;GRegService;C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [2009-8-28 1150496]
S4 SophosVirusRemovalTool;Sophos Virus Removal Tool;C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe --> C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [?]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-9-19 2365792]
S4 Updater Service;Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2010-6-7 243232]
.
=============== Created Last 30 ================
.
2015-03-15 16:10:10 -------- d-----w- C:\Users\EMACHINES\AppData\Local\Macromedia
2015-03-15 15:45:34 -------- d-----w- C:\windows\SysWow64\Adobe
2015-03-14 17:04:13 -------- d-----w- C:\Users\EMACHINES\AppData\Roaming\TeraCopy
2015-03-11 04:43:47 215552 ----a-w- C:\windows\System32\ubpm.dll
2015-03-11 04:42:59 465920 ----a-w- C:\windows\System32\WMPhoto.dll
2015-03-11 04:42:59 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll
2015-03-07 23:25:38 965232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuuc52.dll
2015-03-07 23:25:38 1266800 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuin52.dll
2015-03-07 23:25:38 10594416 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icudt52.dll
2015-03-07 21:01:05 -------- d-----w- C:\AdwCleaner
2015-03-07 19:32:39 -------- d-----w- C:\Users\EMACHINES\AppData\Local\LocalTemperature
2015-02-25 18:15:11 950272 ----a-w- C:\windows\System32\perftrack.dll
2015-02-25 18:15:11 91136 ----a-w- C:\windows\System32\wdi.dll
2015-02-25 18:15:11 76800 ----a-w- C:\windows\SysWow64\wdi.dll
2015-02-25 18:15:11 29696 ----a-w- C:\windows\System32\powertracker.dll
2015-02-18 13:47:58 17323192 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSO.DLL
2015-02-17 20:04:46 1202848 ----a-w- C:\windows\SysWow64\FM20.DLL
.
==================== Find3M ====================
.
2015-03-15 17:13:05 778928 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2015-03-15 17:13:05 142512 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-06 05:56:10 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2015-03-06 05:56:10 155576 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2015-03-06 05:42:39 210944 ----a-w- C:\windows\System32\wdigest.dll
2015-03-06 05:42:36 86528 ----a-w- C:\windows\System32\TSpkg.dll
2015-03-06 05:42:35 29184 ----a-w- C:\windows\System32\sspisrv.dll
2015-03-06 05:42:35 136192 ----a-w- C:\windows\System32\sspicli.dll
2015-03-06 05:42:33 341504 ----a-w- C:\windows\System32\schannel.dll
2015-03-06 05:42:33 28160 ----a-w- C:\windows\System32\secur32.dll
2015-03-06 05:42:29 314880 ----a-w- C:\windows\System32\msv1_0.dll
2015-03-06 05:42:29 309760 ----a-w- C:\windows\System32\ncrypt.dll
2015-03-06 05:42:27 728064 ----a-w- C:\windows\System32\kerberos.dll
2015-03-06 05:42:27 1461760 ----a-w- C:\windows\System32\lsasrv.dll
2015-03-06 05:42:20 22016 ----a-w- C:\windows\System32\credssp.dll
2015-03-06 05:41:46 31232 ----a-w- C:\windows\System32\lsass.exe
2015-03-06 05:41:31 64000 ----a-w- C:\windows\System32\auditpol.exe
2015-03-06 05:39:16 60416 ----a-w- C:\windows\System32\msobjs.dll
2015-03-06 05:38:57 146432 ----a-w- C:\windows\System32\msaudite.dll
2015-03-06 05:36:56 686080 ----a-w- C:\windows\System32\adtschema.dll
2015-03-06 05:10:34 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2015-03-06 05:10:30 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
2015-03-06 05:10:26 248832 ----a-w- C:\windows\SysWow64\schannel.dll
2015-03-06 05:10:26 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2015-03-06 05:10:22 259584 ----a-w- C:\windows\SysWow64\msv1_0.dll
2015-03-06 05:10:22 221184 ----a-w- C:\windows\SysWow64\ncrypt.dll
2015-03-06 05:10:18 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2015-03-06 05:10:11 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2015-03-06 05:09:31 50176 ----a-w- C:\windows\SysWow64\auditpol.exe
2015-03-06 05:09:19 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2015-03-06 05:07:50 60416 ----a-w- C:\windows\SysWow64\msobjs.dll
2015-03-06 05:07:43 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2015-03-06 05:06:20 686080 ----a-w- C:\windows\SysWow64\adtschema.dll
2015-02-26 03:25:44 3204096 ----a-w- C:\windows\System32\win32k.sys
2015-02-20 04:41:01 41984 ----a-w- C:\windows\System32\lpk.dll
2015-02-20 04:40:59 100864 ----a-w- C:\windows\System32\fontsub.dll
2015-02-20 04:40:56 14336 ----a-w- C:\windows\System32\dciman32.dll
2015-02-20 04:40:55 46080 ----a-w- C:\windows\System32\atmlib.dll
2015-02-20 04:13:49 70656 ----a-w- C:\windows\SysWow64\fontsub.dll
2015-02-20 04:13:46 10240 ----a-w- C:\windows\SysWow64\dciman32.dll
2015-02-20 04:13:43 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2015-02-20 04:12:51 25600 ----a-w- C:\windows\SysWow64\lpk.dll
2015-02-20 03:29:16 372224 ----a-w- C:\windows\System32\atmfd.dll
2015-02-20 03:09:16 299008 ----a-w- C:\windows\SysWow64\atmfd.dll
2015-02-20 03:06:02 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2015-02-20 03:05:49 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2015-02-20 02:50:14 66560 ----a-w- C:\windows\System32\iesetup.dll
2015-02-20 02:49:29 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2015-02-20 02:49:19 584192 ----a-w- C:\windows\System32\vbscript.dll
2015-02-20 02:47:56 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2015-02-20 02:35:17 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2015-02-20 02:35:05 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2015-02-20 02:34:24 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2015-02-20 02:32:34 6035456 ----a-w- C:\windows\System32\jscript9.dll
2015-02-20 02:26:12 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2015-02-20 02:22:35 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2015-02-20 02:13:57 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2015-02-20 02:09:08 503296 ----a-w- C:\windows\SysWow64\vbscript.dll
2015-02-20 02:08:59 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2015-02-20 02:08:13 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2015-02-20 02:06:44 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2015-02-20 01:56:54 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2015-02-20 01:56:07 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2015-02-20 01:47:06 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2015-02-20 01:46:45 2125824 ----a-w- C:\windows\System32\inetcpl.cpl
2015-02-20 01:41:52 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-02-20 01:30:39 4300288 ----a-w- C:\windows\SysWow64\jscript9.dll
2015-02-20 01:28:25 2358784 ----a-w- C:\windows\System32\wininet.dll
2015-02-20 01:24:21 2052608 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2015-02-20 01:23:19 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2015-02-20 01:01:25 1888256 ----a-w- C:\windows\SysWow64\wininet.dll
2015-02-05 01:00:11 5070512 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2015-02-04 03:16:29 609280 ----a-w- C:\windows\System32\generaltel.dll
2015-02-04 03:16:20 762368 ----a-w- C:\windows\System32\invagent.dll
2015-02-04 03:16:16 414720 ----a-w- C:\windows\System32\devinv.dll
2015-02-04 03:16:14 894976 ----a-w- C:\windows\System32\appraiser.dll
2015-02-04 03:16:13 227328 ----a-w- C:\windows\System32\aepdu.dll
2015-02-04 03:16:13 192000 ----a-w- C:\windows\System32\aepic.dll
2015-02-04 03:13:28 1098752 ----a-w- C:\windows\System32\aeinv.dll
2015-02-03 03:34:39 693176 ----a-w- C:\windows\System32\winload.efi
2015-02-03 03:34:38 5554104 ----a-w- C:\windows\System32\ntoskrnl.exe
2015-02-03 03:34:36 94656 ----a-w- C:\windows\System32\drivers\mountmgr.sys
2015-02-03 03:33:29 616360 ----a-w- C:\windows\System32\winresume.efi
2015-02-03 03:30:58 631808 ----a-w- C:\windows\System32\evr.dll
2015-02-03 03:29:19 8704 ----a-w- C:\windows\System32\pcaevts.dll
2015-02-03 03:28:49 2048 ----a-w- C:\windows\System32\mferror.dll
2015-02-03 03:28:14 6656 ----a-w- C:\windows\System32\apisetschema.dll
2015-02-03 03:19:12 663552 ----a-w- C:\windows\System32\drivers\PEAuth.sys
2015-02-03 03:16:31 3973048 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2015-02-03 03:16:31 3917760 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2015-02-03 03:11:55 50176 ----a-w- C:\windows\SysWow64\rrinstaller.exe
2015-02-03 03:11:48 23040 ----a-w- C:\windows\SysWow64\mfpmp.exe
2015-02-03 03:11:18 12625408 ----a-w- C:\windows\SysWow64\wmploc.DLL
2015-02-03 03:09:03 2048 ----a-w- C:\windows\SysWow64\mferror.dll
2015-02-03 03:08:07 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2015-02-03 02:32:25 61440 ----a-w- C:\windows\System32\drivers\appid.sys
2015-01-30 23:56:51 459336 ----a-w- C:\windows\System32\drivers\cng.sys
2015-01-27 23:36:21 1239720 ----a-w- C:\windows\System32\aitstatic.exe
2015-01-17 02:48:38 1067520 ----a-w- C:\windows\System32\msctf.dll
2015-01-17 02:30:42 828928 ----a-w- C:\windows\SysWow64\msctf.dll
.
============= FINISH: 13:55:09.07 ===============