It seems like my laptop may have a Virus. Last week my web browsers stopped working, I had to do a restore point. It happen again tonight and it also stopped my Avast from working. I don't know if it's a virus but I rather be safe than sorry. I want to make note that I'm not sure if I turn my Avast off the right way, I did disable it though for an hour. I also got several errors while doing these scans. oh and I also want to note I can't back up any of files nor do I have a disk to put in to redo my computer. I know these photo's so I scanned wrong but I took these before I went back and redid it the right way. the errors still happen.
This one happen with the first scan. I tried to do what it says but I could not figure it out. It did run the scan though.
![]()
This one happen during the beginning and the end of the last scan.
![]()
This one happen at the end of the last scan right after the one above.
![]()
Finally my logs
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453
Run by Manda at 14:27:14 on 2013-02-12
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.1634.681 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\dwm.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{406A6EC4-A42A-4564-810E-0501F8EED96A} : DHCPNameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{416E6AA1-1188-4938-A06E-9D63136D012C} : DHCPNameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{416E6AA1-1188-4938-A06E-9D63136D012C}\0484F6D65603532403 : DHCPNameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{416E6AA1-1188-4938-A06E-9D63136D012C}\44F6C6C686F6573756 : DHCPNameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{416E6AA1-1188-4938-A06E-9D63136D012C}\D414E4441424541425F5E4564777F627B6 : DHCPNameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{416E6AA1-1188-4938-A06E-9D63136D012C}\F6572786F6D656 : DHCPNameServer = 97.81.22.195 71.92.29.130 24.217.201.67
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2012-7-23 79528]
R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2012-7-23 26280]
R1 aswnet;avast! AG Firewall Core Driver;C:\Windows\System32\Drivers\aswnet.sys [2012-12-27 468144]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2012-12-27 984144]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2012-12-27 370288]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-9-19 92536]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-9-19 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-2 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-6 361984]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2012-12-27 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2012-12-27 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-12-27 44808]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-12-5 71032]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-12-5 384888]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-10 85504]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-7-9 35232]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-2 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-2 682344]
R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2013-2-6 625304]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-7-17 98472]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-2-2 24176]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-9-19 266896]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-9-19 683664]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2012-9-19 57000]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2012-12-5 393080]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-31 645952]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-9-19 41272]
S3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-9-19 43832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-9-28 53760]
.
=============== Created Last 30 ================
.
2013-02-07 19:55:42 199872 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10192.bin
2013-02-06 22:49:53 -------- d-----w- C:\Program Files (x86)\PANDORA.TV
2013-02-06 22:49:01 -------- d-----w- C:\Program Files (x86)\The KMPlayer
2013-02-03 04:22:53 -------- d-----w- C:\Program Files (x86)\BlueStacks
2013-02-03 04:21:28 -------- d-----w- C:\ProgramData\BlueStacksSetup
2013-02-03 04:21:28 -------- d-----w- C:\ProgramData\BlueStacks
2013-02-02 18:12:54 -------- d-----w- C:\Users\Manda\AppData\Roaming\Malwarebytes
2013-02-02 18:12:41 -------- d-----w- C:\ProgramData\Malwarebytes
2013-02-02 18:12:36 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-02-02 18:12:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-02 18:09:24 -------- d-----w- C:\Users\Manda\AppData\Local\Programs
2013-01-24 05:05:43 -------- d-----w- C:\Users\Manda\AppData\Local\ElevatedDiagnostics
.
==================== Find3M ====================
.
2013-02-04 21:36:29 81248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-04 21:36:29 693600 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-29 06:55:55 468144 ----a-w- C:\Windows\System32\drivers\aswnet.sys
2012-12-16 08:28:20 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-06 04:23:00 170496 ----a-w- C:\Windows\System32\TimeBrokerServer.dll
2012-12-06 04:22:59 178176 ----a-w- C:\Windows\System32\SystemEventsBrokerServer.dll
2012-12-04 04:21:42 368640 ----a-w- C:\Windows\System32\sppwinob.dll
2012-12-04 03:59:08 4055552 ----a-w- C:\Windows\System32\win32k.sys
2012-11-29 05:05:57 707584 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2012-11-29 05:05:57 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll
2012-11-27 07:00:32 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2012-11-27 07:00:29 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2012-11-27 06:59:13 329960 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-11-27 06:39:46 1122768 ----a-w- C:\Windows\System32\Taskmgr.exe
2012-11-27 04:49:20 1027152 ----a-w- C:\Windows\SysWow64\Taskmgr.exe
2012-11-27 04:20:50 1048064 ----a-w- C:\Windows\SysWow64\mstsc.exe
2012-11-27 04:20:42 179200 ----a-w- C:\Windows\SysWow64\wpnapps.dll
2012-11-27 04:20:35 891904 ----a-w- C:\Windows\SysWow64\winmde.dll
2012-11-27 04:20:31 798208 ----a-w- C:\Windows\SysWow64\WebcamUi.dll
2012-11-27 04:20:29 46592 ----a-w- C:\Windows\SysWow64\vds_ps.dll
2012-11-27 04:20:28 560128 ----a-w- C:\Windows\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:23 1217536 ----a-w- C:\Windows\SysWow64\storagewmi.dll
2012-11-27 04:20:15 680960 ----a-w- C:\Windows\System32\vds.exe
2012-11-27 04:20:07 702464 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2012-11-27 04:20:07 1123840 ----a-w- C:\Windows\System32\mstsc.exe
2012-11-27 04:18:59 888832 ----a-w- C:\Windows\System32\nshwfp.dll
2012-11-27 04:18:39 5974528 ----a-w- C:\Windows\System32\mstscax.dll
2012-11-27 04:18:13 1071104 ----a-w- C:\Windows\System32\IKEEXT.DLL
2012-11-27 04:18:06 378880 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2012-11-27 04:17:32 718848 ----a-w- C:\Windows\System32\BFE.DLL
2012-11-27 04:17:31 2302464 ----a-w- C:\Windows\System32\authui.dll
2012-11-27 03:57:32 18432 ----a-w- C:\Windows\System32\drivers\BtaMPM.sys
2012-11-27 03:56:29 31104 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:44 29952 ----a-w- C:\Windows\System32\drivers\BthhfHid.sys
2012-11-26 04:21:18 71168 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll
2012-11-26 04:20:09 86016 ----a-w- C:\Windows\System32\ncryptsslp.dll
2012-11-20 08:00:23 6971624 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-11-20 05:24:19 1164800 ----a-w- C:\Windows\SysWow64\Display.dll
2012-11-20 05:24:17 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:23 1184256 ----a-w- C:\Windows\System32\Display.dll
2012-11-20 05:17:20 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll
2012-11-20 05:02:46 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL
2012-11-20 04:59:26 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL
2012-11-20 04:56:27 27136 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-11-20 04:56:11 83456 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2012-11-20 04:54:31 39936 ----a-w- C:\Windows\System32\drivers\hidi2c.sys
2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 14:29:05.75 ===============
This one happen with the first scan. I tried to do what it says but I could not figure it out. It did run the scan though.
This one happen during the beginning and the end of the last scan.
This one happen at the end of the last scan right after the one above.
Finally my logs
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453
Run by Manda at 14:27:14 on 2013-02-12
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.1634.681 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\dwm.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{406A6EC4-A42A-4564-810E-0501F8EED96A} : DHCPNameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{416E6AA1-1188-4938-A06E-9D63136D012C} : DHCPNameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{416E6AA1-1188-4938-A06E-9D63136D012C}\0484F6D65603532403 : DHCPNameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{416E6AA1-1188-4938-A06E-9D63136D012C}\44F6C6C686F6573756 : DHCPNameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{416E6AA1-1188-4938-A06E-9D63136D012C}\D414E4441424541425F5E4564777F627B6 : DHCPNameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{416E6AA1-1188-4938-A06E-9D63136D012C}\F6572786F6D656 : DHCPNameServer = 97.81.22.195 71.92.29.130 24.217.201.67
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2012-7-23 79528]
R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2012-7-23 26280]
R1 aswnet;avast! AG Firewall Core Driver;C:\Windows\System32\Drivers\aswnet.sys [2012-12-27 468144]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2012-12-27 984144]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2012-12-27 370288]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-9-19 92536]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-9-19 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-2 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-6 361984]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2012-12-27 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2012-12-27 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-12-27 44808]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-12-5 71032]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-12-5 384888]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-10 85504]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-7-9 35232]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-2 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-2 682344]
R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2013-2-6 625304]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-7-17 98472]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-2-2 24176]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-9-19 266896]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-9-19 683664]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2012-9-19 57000]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2012-12-5 393080]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-31 645952]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-9-19 41272]
S3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-9-19 43832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-9-28 53760]
.
=============== Created Last 30 ================
.
2013-02-07 19:55:42 199872 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10192.bin
2013-02-06 22:49:53 -------- d-----w- C:\Program Files (x86)\PANDORA.TV
2013-02-06 22:49:01 -------- d-----w- C:\Program Files (x86)\The KMPlayer
2013-02-03 04:22:53 -------- d-----w- C:\Program Files (x86)\BlueStacks
2013-02-03 04:21:28 -------- d-----w- C:\ProgramData\BlueStacksSetup
2013-02-03 04:21:28 -------- d-----w- C:\ProgramData\BlueStacks
2013-02-02 18:12:54 -------- d-----w- C:\Users\Manda\AppData\Roaming\Malwarebytes
2013-02-02 18:12:41 -------- d-----w- C:\ProgramData\Malwarebytes
2013-02-02 18:12:36 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-02-02 18:12:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-02 18:09:24 -------- d-----w- C:\Users\Manda\AppData\Local\Programs
2013-01-24 05:05:43 -------- d-----w- C:\Users\Manda\AppData\Local\ElevatedDiagnostics
.
==================== Find3M ====================
.
2013-02-04 21:36:29 81248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-04 21:36:29 693600 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-29 06:55:55 468144 ----a-w- C:\Windows\System32\drivers\aswnet.sys
2012-12-16 08:28:20 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-06 04:23:00 170496 ----a-w- C:\Windows\System32\TimeBrokerServer.dll
2012-12-06 04:22:59 178176 ----a-w- C:\Windows\System32\SystemEventsBrokerServer.dll
2012-12-04 04:21:42 368640 ----a-w- C:\Windows\System32\sppwinob.dll
2012-12-04 03:59:08 4055552 ----a-w- C:\Windows\System32\win32k.sys
2012-11-29 05:05:57 707584 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2012-11-29 05:05:57 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll
2012-11-27 07:00:32 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2012-11-27 07:00:29 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2012-11-27 06:59:13 329960 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-11-27 06:39:46 1122768 ----a-w- C:\Windows\System32\Taskmgr.exe
2012-11-27 04:49:20 1027152 ----a-w- C:\Windows\SysWow64\Taskmgr.exe
2012-11-27 04:20:50 1048064 ----a-w- C:\Windows\SysWow64\mstsc.exe
2012-11-27 04:20:42 179200 ----a-w- C:\Windows\SysWow64\wpnapps.dll
2012-11-27 04:20:35 891904 ----a-w- C:\Windows\SysWow64\winmde.dll
2012-11-27 04:20:31 798208 ----a-w- C:\Windows\SysWow64\WebcamUi.dll
2012-11-27 04:20:29 46592 ----a-w- C:\Windows\SysWow64\vds_ps.dll
2012-11-27 04:20:28 560128 ----a-w- C:\Windows\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:23 1217536 ----a-w- C:\Windows\SysWow64\storagewmi.dll
2012-11-27 04:20:15 680960 ----a-w- C:\Windows\System32\vds.exe
2012-11-27 04:20:07 702464 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2012-11-27 04:20:07 1123840 ----a-w- C:\Windows\System32\mstsc.exe
2012-11-27 04:18:59 888832 ----a-w- C:\Windows\System32\nshwfp.dll
2012-11-27 04:18:39 5974528 ----a-w- C:\Windows\System32\mstscax.dll
2012-11-27 04:18:13 1071104 ----a-w- C:\Windows\System32\IKEEXT.DLL
2012-11-27 04:18:06 378880 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2012-11-27 04:17:32 718848 ----a-w- C:\Windows\System32\BFE.DLL
2012-11-27 04:17:31 2302464 ----a-w- C:\Windows\System32\authui.dll
2012-11-27 03:57:32 18432 ----a-w- C:\Windows\System32\drivers\BtaMPM.sys
2012-11-27 03:56:29 31104 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:44 29952 ----a-w- C:\Windows\System32\drivers\BthhfHid.sys
2012-11-26 04:21:18 71168 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll
2012-11-26 04:20:09 86016 ----a-w- C:\Windows\System32\ncryptsslp.dll
2012-11-20 08:00:23 6971624 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-11-20 05:24:19 1164800 ----a-w- C:\Windows\SysWow64\Display.dll
2012-11-20 05:24:17 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:23 1184256 ----a-w- C:\Windows\System32\Display.dll
2012-11-20 05:17:20 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll
2012-11-20 05:02:46 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL
2012-11-20 04:59:26 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL
2012-11-20 04:56:27 27136 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-11-20 04:56:11 83456 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2012-11-20 04:54:31 39936 ----a-w- C:\Windows\System32\drivers\hidi2c.sys
2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 14:29:05.75 ===============