Bump???????

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: AMD A6-4400M APU with Radeon(tm) HD Graphics, AMD64 Family 21 Model 16 Stepping 1
Processor Count: 2
RAM: 3554 Mb
Graphics Card: AMD Radeon HD 7520G, 512 Mb
Hard Drives: C: Total - 449887 MB, Free - 361838 MB; D: Total - 25912 MB, Free - 3041 MB;
Motherboard: Hewlett-Packard, 184B
Antivirus: Windows Defender, Disabled


Hi, I recently downloaded some malware when I tried to download software for my new Scandisk MP3 player. I have used Malwarebytes and it seemed to fix the problem, but the next day all the issues came back. Now I'm seeing this yellow and blue shield saying I need need to run as administrator in order to open any new files I download (like different malware removal programs). I have tried right clicking and running as an administrator, and this doesn't allow me to install the new software. The only thing I can currently run at all is pre-existing software and Malwarebytes. Please let me know what I need to do! Thanks!

Put my old V25 in shop in egypt to update windows came back with loads of problems now living here afraid to try other shops. He has registered the pc to his name how can i reverse this. I changed my email password and use google 2 step verification he does not have my english phone number. Purchase PC in uk 2004 it worked fine up until then. What can i do. The other day i went to connect to internet here and instead of my mobile number appearing it came up with Fady says no! i think he has put some sort of hidden camera into the computer online banking appears secure nothing out of the ordinary but i have tried system restore but that did not work i also tried removing some programmes he put on the computer that also failed. I am not all that computer savvy so answers need to be for idiot. No new windows was installed still using old version

Any Anti-virus program can be un-installed from a pc.
What Anti-virus program do you now have installed?

Although Malwarebytes has done its job, there may be a need to run other scans on your pc.
I will need to ask one of our Malware Expert to check the log file - they are always busy and it may take some time

Edit
Let us know what Anti-virus program you are now using.
While waiting for a Malware Expert.
Run an online virus scan with ESET.
http://www.eset.com/us/online-scanner/
Click on Run ESET Online Scanner

Disable your existing Anti Virus following these instructions.
http://www.bleepingcomputer.com/foru...ware-programs/

Do not let ESET remove what it finds.
Untick the box next to Remove found threats

Post the log files - they can be found here.
C:\Program Files\ESET\EsetOnlineScanner\log.txt

Please note - Do not let ESET remove what it finds.
======
A message has been sent to a Malware Expert - but as said it may take some time to reply.

User receiving assistance at different forum.

I'm having a problem getting Proshopper off my computer - it's OS is Windows 7. If I go to uninstall it, it isn't there, no anti-malware has helped me, and I can't find the file anywhere on my computer, even looking under task manager. Any help would be appreciated - I'm a college student and I can't afford to pay someone to fix it.

I have a somewhat strange situation where a family member was living with us and may have maliciously put a program on my computer so that he can watch everything I'm doing and have access to all my files. It's known that he did this to another family member and since he's a programmer he wrote the program himself. Is it still possible to figure out by using Hijackthis or other utilities whether or not the computers on my network are safe or they've been tampered with?

I'm willing to format/reload windows on each computer but I'd like to know for sure if they have been compromised. Any help would be greatly appreciated!

Here's my TSG report:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 3:47:28 PM, on 9/13/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)

FIREFOX: 31.0 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
C:\Program Files (x86)\n52te\n52teHid.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\n52te\n52teTra.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Glyph\GlyphClient.exe
C:\Program Files (x86)\Glyph\glyphcrashhandler.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.5011\Battle.net.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cheryl\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ArcPluginIEBHO - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: WinToFlash Suggestor - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Jomantha] C:\Program Files (x86)\n52te\n52teHid.exe
O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
O4 - HKLM\..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcStd7_0_0 -reboot 1
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Cheryl\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_62F6791B316C2135405725A1F90AAFC3] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Intuit Data Protect.lnk = C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: QuickBooks_Standard_21.lnk = C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6A98BA0-D897-4393-9007-562227DC8B9E}: NameServer = 4.2.2.2,208.67.220.220
O18 - Protocol: intu-help-qb5 - {867FCB77-9823-4CD6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Arc Service (ArcService) - Perfect World Entertainment Inc - C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: QBIDPService (QBVSS) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17780 bytes

scmercier,
Do you actually have Trusteer Rapport running on the machine? Did you Uninstall it?
It no longer shows as an Uninstallable program.
It is immature, and purposely interferes with the Windows programming interface.
It can cause all kinds of trouble, esp. trying to fix a machine.
---------------------------------------------
Adobe Acrobat 4 is not a safe application with which to open Internet PDFs.
A corrupted PDF could infect the machine.
Be sure that any PDF online opens with Adobe Reader XI instead.
Adobe Acrobat 4 also has a cranky updater that can stall the machine while waiting.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

Java(TM) 6 Update 20 (64-bit)
Java(TM) 6 Update 20

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL

• Right click the OTL icon and choose "Run as administrator" to run it.
• Check the box at the top, labeled Include 64 bit scans
• Check the boxes labeled :
  • Scan All Users
  • LOP check
  • Purity check
  • Extra Registry > Use SafeList
• Make sure all other windows are closed to let it run uninterrupted.
• Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
The Extras.txt file will only appear the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

(Also tell me about Trusteer Rapport)
askey127

Yes, it's likely.

Please download Flash_Disinfector.exe by sUBs from HERE and save it to your desktop.

• Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
• The utility will prompt you to insert your flash drive. Please do so.
• Wait until it has finished scanning and then exit the program.
• Reboot your computer when done.

Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drive from future infection.

I have heard of two softwares- quickheal and avg! Suggest one of these people!

I've just acquired a computer about 6 years old, but it seems to be running quite slow and unresponsive at times. I've only had it a few days so not sure if there are any nasties lurking inside. Could anyone advise please.

Here you go:

Thanks!!!




DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280
Run by Hedfi at 19:38:31 on 2014-09-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8143.4651 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Common Files\Diagnostics\node\service.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Diagnostics\node\node.exe
C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Common Files\Diagnostics\node\service.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Common Files\Diagnostics\node\node.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\VirtualDJ\virtualdj8.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe
C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Diagnostics\node\node.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Diagnostics\node\node.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uProxyServer = 127.0.0.1:5050
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin .dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode
uRun: [Wisdom-soft ScreenHunter 6.0 Free] 0
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
StartupFolder: C:\Users\Hedfi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\L OGITE~1.LNK - C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{185D966C-AF11-4481-AFC4-9D2477505113} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CEB691D7-6103-4AE0-B482-A6FAF2A0F26E} : DHCPNameServer = 192.168.1.1
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin 64.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5REC
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Hedfi\AppData\Roaming\Mozilla\Firefox\Profiles\aqiaj4fo.default-1409598735615\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\np rndlhtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-8-31 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-8-31 224896]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-6-25 652784]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-6-25 28656]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-6-25 20464]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2014-9-2 56208]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-8-31 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-8-31 427360]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-6-25 98208]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-8-31 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-8-31 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-8-31 92008]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2012-12-27 204928]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-8-31 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-4-10 202248]
R2 Diagnostics;Diagnostics;C:\Program Files (x86)\Common Files\Diagnostics\node\service.exe [2014-8-21 56832]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2014-8-31 98304]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-2-6 15344]
R2 Intel(R) ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-2-19 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-2-19 154584]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
R2 Proxy;Proxy;C:\Program Files (x86)\Common Files\Diagnostics\node\service.exe [2014-8-21 56832]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-7-30 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-8-30 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-7-30 23552]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-6-25 224840]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2014-6-25 1915920]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-8-31 5052224]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2012-12-27 327296]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2014-6-25 81536]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-12-27 36480]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-12-27 341120]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-12-27 111232]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-12-27 30848]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-12-27 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-12-27 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-12-27 281728]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-12-27 551552]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2014-9-1 99616]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2014-8-31 3735552]
R3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-1-17 174368]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-6-25 368112]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-6-25 786416]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2009-10-7 327704]
R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-6-25 263896]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-6-25 805088]
R3 ysusb64;Yamaha Steinberg USB Audio;C:\Windows\System32\drivers\ysusb64.sys [2014-5-29 132712]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-13 111616]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-1-31 887232]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-8-31 1255736]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-09-15 22:46:48 -------- d-----w- C:\Program Files\Common Files\Steinberg
2014-09-15 22:46:48 -------- d-----w- C:\Program Files (x86)\Yamaha
2014-09-15 22:46:48 -------- d-----w- C:\Program Files (x86)\Common Files\Steinberg
2014-09-15 22:46:20 -------- d-----w- C:\Users\Hedfi\AppData\Local\Downloaded Installations
2014-09-15 04:02:02 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-15 04:01:03 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-09-15 04:01:03 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-09-15 04:01:03 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-09-15 04:01:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-15 03:31:45 -------- d-----w- C:\Program Files\HitmanPro
2014-09-15 03:25:54 -------- d-----w- C:\ProgramData\HitmanPro
2014-09-14 18:38:04 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-09-13 16:53:50 736952 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2014-09-13 16:53:39 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-09-13 16:53:30 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-09-13 04:19:59 977408 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2014-09-13 04:16:26 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-09-13 04:16:26 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-12 17:10:57 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E696FF1C-FD94-4362-930F-72BEAF3ED3D3}\mpengine.dll
2014-09-12 17:10:28 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-09-12 17:10:27 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-09-12 17:10:17 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-09-12 17:10:17 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-09-12 17:10:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-09-12 17:10:09 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-12 17:10:09 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-12 17:10:09 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-09-12 17:10:09 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-09-12 17:10:05 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-12 17:10:05 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-09-10 04:00:31 736952 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microso ft.MediaCenter.Sports.UI.dll
2014-09-10 04:00:15 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup .dll
2014-09-10 04:00:06 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-09-10 04:00:00 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\Spotlight Resources.dll
2014-09-10 00:44:54 -------- d-----w- C:\ProgramData\Protexis
2014-09-10 00:35:35 -------- d-----w- C:\ProgramData\eSellerate
2014-09-10 00:35:01 -------- d-----w- C:\ProgramData\SmartSound Software Inc
2014-09-10 00:35:01 -------- d-----w- C:\Program Files (x86)\SmartSound Software
2014-09-10 00:34:26 -------- d--h--w- C:\Windows\msdownld.tmp
2014-09-10 00:34:26 -------- d-----w- C:\Windows\RegisteredPackages
2014-09-10 00:33:07 -------- d-----w- C:\ProgramData\InterVideo
2014-09-10 00:31:35 -------- d-----w- C:\Program Files (x86)\Common Files\Protexis
2014-09-10 00:31:29 -------- d-----w- C:\ProgramData\Corel
2014-09-10 00:28:59 517960 ----a-w- C:\Windows\System32\XAudio2_5.dll
2014-09-10 00:21:53 -------- d-----w- C:\Program Files (x86)\Corel
2014-09-03 00:49:53 -------- d-----w- C:\Users\Hedfi\AppData\Roaming\NVIDIA
2014-09-03 00:46:08 -------- d-----w- C:\Users\Hedfi\AppData\Local\LogiShrd
2014-09-03 00:38:28 56208 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2014-09-03 00:38:28 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2014-09-03 00:38:28 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2014-09-03 00:38:28 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2014-09-03 00:38:23 -------- d-----w- C:\Program Files (x86)\My Company Name
2014-09-01 19:14:33 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-09-01 19:14:10 -------- d-----w- C:\AdwCleaner
2014-09-01 18:00:37 -------- d-----w- C:\Users\Hedfi\AppData\Roaming\PCDr
2014-09-01 04:51:16 -------- d-----w- C:\Users\Hedfi\AppData\Local\Wisdom-soft
2014-09-01 04:23:52 99616 ----a-w- C:\Windows\System32\drivers\vrtaucbl.sys
2014-09-01 04:23:51 -------- d-----w- C:\Program Files\Virtual Audio Cable
2014-09-01 04:15:50 -------- d-----w- C:\Users\Hedfi\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786D D72EBFA46B1598278E07.1
2014-08-31 21:05:29 -------- d-----w- C:\Users\Hedfi\AppData\Local\SpacialAudio
2014-08-31 21:05:29 -------- d-----w- C:\ProgramData\firebird
2014-08-31 21:02:29 548864 ----a-w- C:\Windows\SysWow64\GDS32.DLL
2014-08-31 21:02:13 -------- d-----w- C:\Program Files (x86)\Firebird
2014-08-31 21:02:07 -------- d-----w- C:\Program Files (x86)\SpacialAudio
2014-08-31 20:34:40 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2014-08-31 20:29:02 -------- d-----w- C:\Users\Hedfi\AppData\Local\Adobe
2014-08-31 20:28:02 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-08-31 17:45:40 -------- d-----w- C:\Program Files (x86)\Common Files\Cache utility
2014-08-31 17:45:29 -------- d-----w- C:\Program Files (x86)\Common Files\Display settings
2014-08-31 17:45:25 -------- d-----w- C:\Program Files (x86)\Common Files\Hoist Search
2014-08-31 17:45:02 -------- d-----w- C:\Program Files (x86)\Common Files\DealAlly
2014-08-31 17:36:54 -------- d-----w- C:\Windows\SysWow64\Wat
2014-08-31 17:36:54 -------- d-----w- C:\Windows\System32\Wat
2014-08-31 06:51:54 -------- d-----w- C:\Windows\Migration
2014-08-31 06:42:57 -------- d-----w- C:\Windows\System32\MRT
2014-08-31 06:35:22 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-08-31 06:35:22 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2014-08-31 06:35:22 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-08-31 06:35:22 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2014-08-31 06:35:21 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2014-08-31 06:35:21 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2014-08-31 06:35:21 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2014-08-31 04:09:51 -------- d-----w- C:\Users\Hedfi\AppData\Roaming\Dell
2014-08-31 04:07:01 -------- d-----w- C:\Users\Hedfi\AppData\Local\softthinks
2014-08-31 04:07:00 -------- d-----w- C:\ProgramData\softthinks
2014-08-31 04:06:01 -------- d-----w- C:\Users\Hedfi\AppData\Roaming\AVAST Software
2014-08-31 04:05:31 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-08-31 04:05:31 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-08-31 04:05:30 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-08-31 04:05:29 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-08-31 04:05:29 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-08-31 04:05:29 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-08-31 04:05:28 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-08-31 04:05:24 43152 ----a-w- C:\Windows\avastSS.scr
2014-08-31 03:57:24 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-08-31 03:57:24 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-08-31 03:57:24 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-08-31 03:57:24 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-08-31 03:57:24 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-08-31 03:57:24 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-08-31 03:57:16 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-31 03:57:16 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-31 03:56:52 -------- d-s---w- C:\Windows\System32\CompatTel
2014-08-31 03:54:35 -------- d-----w- C:\ProgramData\SlimWare Utilities Inc
2014-08-31 03:54:34 -------- d-----w- C:\Program Files\SlimCleaner Plus
2014-08-31 03:54:25 -------- d-----w- C:\Users\Hedfi\AppData\Local\Downloaded Installers
2014-08-31 03:15:13 -------- d-----w- C:\ProgramData\Malwarebytes
2014-08-31 03:14:58 -------- d-----w- C:\Users\Hedfi\AppData\Local\Programs
2014-08-31 01:59:16 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2014-08-30 20:45:18 -------- d-----w- C:\Users\Hedfi\AppData\Local\ElevatedDiagnostics
2014-08-30 19:24:57 -------- d-----w- C:\Program Files\AVAST Software
2014-08-30 19:24:37 -------- d-----w- C:\Program Files (x86)\Common Files\Diagnostics
2014-08-30 19:24:29 -------- d-----w- C:\Program Files (x86)\Common Files\Common dictionary
2014-08-30 19:24:01 -------- d-----w- C:\ProgramData\AVAST Software
2014-08-30 19:23:32 -------- d-----w- C:\Program Files (x86)\VirtualDJ
2014-08-30 19:20:51 -------- d-----w- C:\Users\Hedfi\AppData\Local\Macromedia
2014-08-30 19:17:56 -------- d-----w- C:\Users\Hedfi\AppData\Local\SlimWare Utilities Inc
2014-08-30 19:17:55 -------- d-----w- C:\Program Files (x86)\DriverUpdate
2014-08-30 19:14:21 142336 ----a-w- C:\Windows\System32\poqexec.exe
2014-08-30 19:14:21 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2014-08-30 19:14:01 -------- d-----w- C:\Users\Hedfi\AppData\Roaming\RealNetworks
2014-08-30 19:12:58 692736 ----a-w- C:\Windows\System32\osk.exe
2014-08-30 19:06:32 -------- d-----w- C:\Users\Hedfi\AppData\Local\Apple Computer
2014-08-30 19:06:19 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2014-08-30 19:06:04 -------- d-----w- C:\Program Files\iPod
2014-08-30 19:06:03 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-30 19:06:03 -------- d-----w- C:\Program Files\iTunes
2014-08-30 19:06:03 -------- d-----w- C:\Program Files (x86)\iTunes
2014-08-30 19:05:28 -------- d-----w- C:\Users\Hedfi\AppData\Local\Apple
2014-08-30 19:04:56 -------- d-----w- C:\Program Files\Bonjour
2014-08-30 19:04:56 -------- d-----w- C:\Program Files (x86)\Bonjour
2014-08-30 19:04:48 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-08-30 19:00:28 -------- d-----w- C:\Users\Hedfi\AppData\Local\Skype
2014-08-30 19:00:17 -------- d-----r- C:\Program Files (x86)\Skype
2014-08-30 06:58:10 -------- d-sh--w- C:\Users\Hedfi\AppData\Local\EmieUserList
2014-08-30 06:58:10 -------- d-sh--w- C:\Users\Hedfi\AppData\Local\EmieSiteList
2014-08-30 06:58:06 -------- d-----w- C:\Users\Hedfi\AppData\Roaming\Intel Corporation
2014-08-30 06:57:06 -------- d-----w- C:\Users\Hedfi\AppData\Local\BMExplorer
2014-08-30 06:57:04 -------- d-----w- C:\Users\Hedfi\AppData\Roaming\Atheros
2014-08-30 06:56:47 -------- d-----w- C:\Users\Hedfi\AppData\Local\VirtualStore
.
==================== Find3M ====================
.
2014-09-10 17:59:06 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-10 17:59:06 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-30 19:13:02 505416 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-08-30 19:13:02 353864 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-08-05 13:20:00 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-07-25 06:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 03:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-06-25 15:07:32 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2014-06-25 15:06:54 878080 ----a-w- C:\Windows\System32\advapi32.dll
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
.
============= FINISH: 19:38:55.78 ===============





.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/30/2014 2:52:56 AM
System Uptime: 9/15/2014 6:51:27 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0KWVT8
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz | CPU 1 | 3601/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 908 GiB total, 836.197 GiB free.
D: is CDROM (CDFS)
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 932 GiB total, 783.975 GiB free.
Y: is FIXED (NTFS) - 24 GiB total, 12.834 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP23: 9/9/2014 8:27:29 PM - Installed DirectX
RP24: 9/9/2014 8:32:55 PM - Installed InterVideo AVControlSDK
RP25: 9/9/2014 8:34:46 PM - Installed SmartSound Common Data
RP26: 9/9/2014 8:35:09 PM - Installed SmartSound Quicktracks 5
RP27: 9/12/2014 1:10:14 PM - Windows Update
RP28: 9/13/2014 12:16:06 AM - Windows Update
RP29: 9/14/2014 11:13:59 PM - Windows Backup
RP30: 9/14/2014 11:39:02 PM - Checkpoint by HitmanPro
RP31: 9/15/2014 6:46:33 PM - Installed Yamaha Steinberg USB Driver
.
==== Installed Programs ======================
.
Accidental Damage Services Agreement
Adobe AIR
Adobe Audition CS6
Adobe Dreamweaver CS5.5
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Help Manager
Adobe Reader XI MUI
Adobe Widget Browser
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Bluetooth Suite (64)
avast! Free Antivirus
Banctec Service Agreement
bl
Bonjour
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Complete Care Business Service Agreement
Consumer In-Home Service Agreement
Contents
Corel VideoStudio Pro X6
Dell Backup and Recovery
Dell Backup and Recovery - Support Software
Dell Digital Delivery
Dell Edoc Viewer
Dell Home Systems Service Agreement
Dell Product Registration
Dell WLAN and Bluetooth Client Installation
DSC/AA Factory Installer
Firebird 2.5.0.26074 (Win32)
Google Chrome
Google Update Helper
HitmanPro 3.7
ICA
Intel(R) Chipset Device Software
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Update Manager
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
IPM_VS_Pro
iTunes
Logitech Vid
Logitech Webcam Software
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Office
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mozilla Firefox 31.0 (x86 en-US)
Mozilla Maintenance Service
MSI to redistribute MS VS2005 CRT libraries
My Dell
NVIDIA Control Panel 332.35
NVIDIA Install Application
ph
Premium Service Agreement
QualxServ Service Agreement
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek Card Reader
Realtek High Definition Audio Driver
RealUpgrade 1.1
SAM Broadcaster v4
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Setup
Share
Share64
SHOUTcast Source DSP Plug-in v2
Skype Click to Call
Skype™ 6.18
SmartSound Common Data
SmartSound Quicktracks 5
TeamViewer 9
UpdateService
Virtual Audio Cable 4.14
VirtualDJ 8
VSClassic
VSHelp
VSPro
Winamp
Windows Media Encoder 9 Series
Yamaha Steinberg USB Driver
.
==== Event Viewer Messages From Past Week ========
.
9/8/2014 1:54:22 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{185D966C-AF11-4481-AFC4-9D2477505113} because another computer on the network has the same name. The server could not start.
9/15/2014 6:53:19 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
9/10/2014 12:46:24 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================

Hey, just wondered if anyone could help with this, I've got some suspicious processes in task manager as well... csrss.exe, RtVOsd.exe,
Thanks,
mango

computer very slow and difficult. Please take a look at hijack this log

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 17:16:07, on 16/09/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
CHROME: 37.0.2062.120

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Mark\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Mark\AppData\Roaming\Tonido\tonido.exe
C:\Program Files (x86)\NETGEAR\WNDA3200\WNDA3200WPSMgr.exe
C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\eMule\emule.exe
C:\Users\Mark\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Mark\AppData\Local\PicRec\wsystem.exe
C:\Users\Mark\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe
C:\Users\Mark\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock.exe
C:\Program Files (x86)\Opera\Opera.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a...=893012860&ir=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a...=893012860&ir=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13821;https=127.0.0.1:13821
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\ctbr.dll
O2 - BHO: ArcadeGiant Games - {4FD3B33A-372C-439E-BB87-017365EC693C} - C:\Users\Mark\AppData\Local\ArcadeGiant\agiantie.dll (file missing)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Safer-Surf - {F78C2503-45C4-A54D-7BDA-39620601C08D} - C:\Program Files (x86)\ver1Safer-Surf\178.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\ctbr.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] "C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Mark\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Tonido] "C:\Users\Mark\AppData\Roaming\Tonido\launcher.exe" /nobrowser
O4 - HKCU\..\Run: [Google Update] "C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Mark\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [iLivid] "C:\Users\Mark\AppData\Local\iLivid\iLivid.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Mark\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Bubble Dock] "C:\Users\Mark\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup
O4 - HKCU\..\Run: [WindApp] "C:\Users\Mark\AppData\Roaming\Store\WindApp\WindApp Update.exe" /winstartup
O4 - Startup: Dropbox.lnk = Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: NETGEAR WNDA3200 Smart Wizard.lnk = C:\Program Files (x86)\NETGEAR\WNDA3200\WNDA3200WPSMgr.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll
O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (Egg Money Manager Digital Safe) - https://moneymanager.egg.com/Pinsafe...nttracking.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\ctbr.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\NETGEAR\WNDA3200\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: Maxiget Update Service (mglupdate) (mglupdate) - Maxiget Ltd. - C:\Program Files (x86)\Maxiget\Updater\MaxigetUpdater.exe
O23 - Service: Maxiget Update Service (mglupdatem) (mglupdatem) - Maxiget Ltd. - C:\Program Files (x86)\Maxiget\Updater\MaxigetUpdater.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: PicRec Update (picrecupd) - PicRec - C:\Program Files\Common Files\PicRec\PicRecHelper\picrecs.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Safer-Surf - Unknown owner - C:\Program Files (x86)\ver1Safer-Surf\u8Safer-SurfuA178.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Seagate Scheduler2 Service (SgtSch2Svc) - Seagate - C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: sogr - Unknown owner - C:\Windows\Microsoft\sogr\WindowsUpdater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UpdatingService - Unknown owner - C:\Windows\Microsoft\UpdatingService\NewVersionDownloader.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: WajamUpdater - Unknown owner - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: NETGEAR WNDA3200 Device Checking Service (WDCS_WNDA3200) - Unknown owner - C:\Program Files (x86)\NETGEAR\WNDA3200\WifiDevChkSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18164 bytes

Started a few days ago when comp become slower and Microsoft Security Essentials kept prompting danger messages asking me to clean and scan and restart, and in all fairness didn't manage the comp's security much for a while. Did one scan, cleaned some stuff then it got worse, and basically every time I restart there are all these back to back prompts from MSE, all following the same pattern, and there is a lot of prompt to send the viruses info to Microsoft for information so it is probably something really new.


So I ran through a whole gauntlet of stuff: when searching for problems like this I decided to take one action on a tech support forum and ran Sophos Anti-Rootkit, turned out a bunch of results but none were Recommended for removal (which the guide says means it does not recognize them) but I decided to clean out the majority that looked suspicious or in files I didn't care for, and this thing got worse from then on I think. I looked up top free antiviruses, got Panda Cloudware, scanned, caught some stuff...then I had some slowing down comp issues and whenever I play League of Legends it resets the graphic settings during each game loading. Some of the reboots made it behave as slow as a snail, couldn't even get the USB port recognized.


Cleared some HD space which was part of the issue, and managed to finally get Windows Offline Defender working, did a quick and a full scan, overall just 2 viruses spotted. I thought that would be the end of it but nope, I still get the MSE prompts. However the computer works much better now, but I just want the virus dead for good. But I think maybe something was damaged because my mIRC for instance moves in lag and in and out of unresponsive, can't even connect.


Here is an overall list and details of known symptoms so far:
-Sometimes the comp moves slower depending on what I do.
-MSE and even Panda keep prompting for PC to restart, even tho' I just started it.
-I get a lot of prompts to send the discovered viruses to Microsoft (and I often do) but I don't remember their names, except one: kazeem...will record more when I am prompted again.
-I also got some Internet Explorer download windows open for no reason asking me to dl some obviously shady stuff out of nowhere and where do I want it saved. This was spammed at 2-3 windows at once several times in a row whenever MSE ran scans.
-League of Legends resets my resolution settings with each new loading screen for a match.
-After WDO scan I keep getting one of those Windows Red X prompt window saying some dll is missing: namely splashscreen.dll
-Oh and I leak a ton of memory for no reason, if I am on a browser and say a game at once it tells me I need to shut one of them down because not enough virtual memory.


Here are my specs...
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Celeron(R) CPU B815 @ 1.60GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 2
RAM: 4000 Mb
Graphics Card: Intel(R) HD Graphics Family, 1808 Mb
Hard Drives: C: Total - 155143 MB, Free - 1278 MB; D: Total - 149998 MB, Free - 1 MB;
Motherboard: ASUSTeK Computer Inc., K54C
Antivirus: Panda Free Antivirus, Disabled (Because it wouldn't allow SysInfo)


And here are some of my other suspicions and info regarding what this might be from this thread at the end:http://answers.microsoft.com/en-us/p...3-39b6211bcc24


....the last post. I would quote it here but it seems none of the PHP on the forums are working for me as I write this. Anyway, it also seems it can be an MSE lookalike virus, and although my problem wasn't as sever as his, but it looks like the same thing in that it seems to replicate just by hovering your mouse over anything (hence all the prompts, and not dying after all the scans).


That's all I have for now, waiting on the instructions. If I need to remember anything else about it let me know. Thanks.

Can you also post the the second log from FRST "Addition.txt" It will have been save to the following folder:

C:\FRST\Logs

OK so an update. I've uninstalled alot of the obvious junk on the computer. It's running better, but not a lot better. I've ran the malwarebytes tool and that's cleaned up a few suspects aswell. Is there anything else I need to do?

my computer is infected and some guy at a site called techiesupport hijackedmy PC then offered to fix it for lie 400.00 US i dont have that kind of money ill make a generous donation to who ever can fix it but it wont be 400.00 and ill be forever in your debt

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: AMD A6-5200 APU with Radeon(TM) HD Graphics, AMD64 Family 22 Model 0 Stepping 1
Processor Count: 4
RAM: 7629 Mb
Graphics Card: AMD Radeon HD 8400, 512 Mb
Hard Drives: C: Total - 705570 MB, Free - 666835 MB;
Motherboard: AMD, Larne
Antivirus: Avira Desktop, Updated and Enabled


I ran a full system scan of my Toshiba satellite and got an error and warning. there was an error in ARK library and a warning in swapfile.sys. it couldn't be scanned. what is an ARK library and does anything need to be done about that. does swapfile need to be scanned or fixed? thanks for your help.


Antivirus Pro
Report file date: Tuesday, September 16, 2014 11:37

The program is running as an unrestricted full version.
Online services are available.
Licensee :
Serial number : 2224088325-PEPWE-0000001
Platform : Windows 8.1
Windows version : (plain) [6.2.9200]
Boot mode : Normally booted
Username :
Computer name : HOME
Version information:
BUILD.DAT : 14.0.6.570 94332 Bytes 8/15/2014 10:30:00
AVSCAN.EXE : 14.0.6.548 1046608 Bytes 8/11/2014 19:13:00
AVSCANRC.DLL : 14.0.6.522 52816 Bytes 8/11/2014 19:13:00
LUKE.DLL : 14.0.6.522 57936 Bytes 8/11/2014 19:13:29
AVSCPLR.DLL : 14.0.6.548 92752 Bytes 8/11/2014 19:13:00
AVREG.DLL : 14.0.6.522 262224 Bytes 8/11/2014 19:12:55
avlode.dll : 14.0.6.526 603728 Bytes 8/11/2014 19:12:52
avlode.rdf : 14.0.4.46 64835 Bytes 9/8/2014 12:41:18
XBV00010.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:32
XBV00011.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:32
XBV00012.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:32
XBV00013.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:32
XBV00014.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:32
XBV00015.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:32
XBV00016.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00017.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00018.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00019.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00020.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00021.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00022.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00023.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00024.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00025.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00026.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00027.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00028.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00029.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00030.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00031.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00032.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00033.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:33
XBV00034.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:34
XBV00035.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:34
XBV00036.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:34
XBV00037.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:34
XBV00038.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:34
XBV00039.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:34
XBV00040.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:34
XBV00041.VDF : 8.11.165.190 2048 Bytes 8/7/2014 23:19:34
XBV00054.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:28
XBV00055.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:28
XBV00056.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:28
XBV00057.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:28
XBV00058.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:28
XBV00059.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:28
XBV00060.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:28
XBV00061.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:28
XBV00062.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:28
XBV00063.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00064.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00065.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00066.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00067.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00068.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00069.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00070.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00071.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00072.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00073.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00074.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00075.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00076.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00077.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00078.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00079.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00080.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00081.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00082.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00083.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00084.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00085.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00086.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00087.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00088.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00089.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00090.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00091.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00092.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00093.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00094.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00095.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00096.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:29
XBV00097.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00098.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00099.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00100.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00101.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00102.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00103.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00104.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00105.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00106.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00107.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00108.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00109.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00110.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00111.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00112.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00113.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00114.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00115.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00116.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00117.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00118.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00119.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00120.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00121.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00122.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00123.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00124.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00125.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00126.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00127.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00128.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00129.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00130.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:30
XBV00131.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00132.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00133.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00134.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00135.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00136.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00137.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00138.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00139.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00140.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00141.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00142.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00143.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00144.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00145.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00146.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00147.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00148.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00149.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00150.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00151.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00152.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00153.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00154.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00155.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00156.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00157.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00158.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00159.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00160.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00161.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00162.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00163.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00164.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00165.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:31
XBV00166.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00167.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00168.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00169.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00170.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00171.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00172.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00173.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00174.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00175.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00176.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00177.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00178.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00179.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00180.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00181.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00182.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00183.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00184.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00185.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00186.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00187.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00188.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00189.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00190.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00191.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00192.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00193.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00194.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00195.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00196.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00197.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00198.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:32
XBV00199.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00200.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00201.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00202.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00203.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00204.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00205.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00206.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00207.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00208.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00209.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00210.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00211.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00212.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00213.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00214.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00215.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00216.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00217.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00218.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00219.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00220.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00221.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00222.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:33
XBV00223.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00224.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00225.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00226.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00227.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00228.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00229.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00230.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00231.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00232.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00233.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00234.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00235.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00236.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00237.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00238.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00239.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00240.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00241.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00242.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00243.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00244.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00245.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00246.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00247.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00248.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00249.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00250.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00251.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00252.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00253.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00254.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00255.VDF : 8.11.172.30 2048 Bytes 9/15/2014 13:17:34
XBV00000.VDF : 7.11.70.0 66736640 Bytes 4/4/2013 15:16:59
XBV00001.VDF : 7.11.74.226 2201600 Bytes 4/30/2013 15:16:59
XBV00002.VDF : 7.11.80.60 2751488 Bytes 5/28/2013 15:16:59
XBV00003.VDF : 7.11.85.214 2162688 Bytes 6/21/2013 15:16:59
XBV00004.VDF : 7.11.91.176 3903488 Bytes 7/23/2013 15:16:59
XBV00005.VDF : 7.11.98.186 6822912 Bytes 8/29/2013 15:16:59
XBV00006.VDF : 7.11.139.38 15708672 Bytes 3/27/2014 15:16:59
XBV00007.VDF : 7.11.152.100 4193792 Bytes 6/2/2014 15:38:10
XBV00008.VDF : 8.11.165.192 4251136 Bytes 8/7/2014 23:19:32
XBV00009.VDF : 8.11.172.30 2094080 Bytes 9/15/2014 13:17:28
XBV00042.VDF : 8.11.172.54 36864 Bytes 9/15/2014 17:09:05
XBV00043.VDF : 8.11.172.78 8704 Bytes 9/15/2014 17:09:05
XBV00044.VDF : 8.11.172.102 2048 Bytes 9/15/2014 17:09:05
XBV00045.VDF : 8.11.172.128 23040 Bytes 9/15/2014 21:09:00
XBV00046.VDF : 8.11.172.132 2048 Bytes 9/15/2014 21:09:00
XBV00047.VDF : 8.11.172.136 13824 Bytes 9/15/2014 23:09:01
XBV00048.VDF : 8.11.172.140 13312 Bytes 9/16/2014 15:03:36
XBV00049.VDF : 8.11.172.142 6144 Bytes 9/16/2014 15:03:36
XBV00050.VDF : 8.11.172.144 4608 Bytes 9/16/2014 15:03:36
XBV00051.VDF : 8.11.172.146 9216 Bytes 9/16/2014 15:03:36
XBV00052.VDF : 8.11.172.148 16384 Bytes 9/16/2014 15:03:36
XBV00053.VDF : 8.11.172.150 9728 Bytes 9/16/2014 15:03:36
LOCAL000.VDF : 8.11.172.150 110131712 Bytes 9/16/2014 15:04:26
Engine version : 8.3.24.24
AEVDF.DLL : 8.3.1.6 133992 Bytes 8/20/2014 14:57:13
AESCRIPT.DLL : 8.2.0.22 436136 Bytes 9/4/2014 12:48:00
AESCN.DLL : 8.3.2.2 139456 Bytes 7/21/2014 15:30:24
AESBX.DLL : 8.2.20.24 1409224 Bytes 5/9/2014 15:16:42
AERDL.DLL : 8.2.0.138 704888 Bytes 5/9/2014 15:16:42
AEPACK.DLL : 8.4.0.50 792488 Bytes 8/7/2014 23:19:12
AEOFFICE.DLL : 8.3.0.24 223144 Bytes 9/15/2014 13:17:21
AEHEUR.DLL : 8.1.4.1282 7477160 Bytes 9/15/2014 13:17:20
AEHELP.DLL : 8.3.1.0 278728 Bytes 5/28/2014 16:22:41
AEGEN.DLL : 8.1.7.28 450752 Bytes 6/22/2014 15:37:48
AEEXP.DLL : 8.4.2.32 247712 Bytes 9/2/2014 13:48:37
AEEMU.DLL : 8.1.3.4 399264 Bytes 8/7/2014 23:18:54
AEDROID.DLL : 8.4.2.24 442568 Bytes 6/22/2014 15:37:58
AECORE.DLL : 8.3.2.6 243712 Bytes 8/7/2014 23:18:53
AEBB.DLL : 8.1.2.0 60448 Bytes 8/7/2014 23:18:53
AVWINLL.DLL : 14.0.6.522 24144 Bytes 8/11/2014 19:12:47
AVPREF.DLL : 14.0.6.522 50256 Bytes 8/11/2014 19:12:55
AVREP.DLL : 14.0.6.522 219216 Bytes 8/11/2014 19:12:56
AVARKT.DLL : 14.0.5.368 226384 Bytes 7/3/2014 15:02:57
AVEVTLOG.DLL : 14.0.6.522 182352 Bytes 8/11/2014 19:12:51
SQLITE3.DLL : 14.0.6.522 452176 Bytes 8/11/2014 19:13:37
AVSMTP.DLL : 14.0.6.522 76368 Bytes 8/11/2014 19:13:01
NETNT.DLL : 14.0.6.522 13392 Bytes 8/11/2014 19:13:29
RCIMAGE.DLL : 14.0.6.522 4886608 Bytes 8/11/2014 19:12:47
RCTEXT.DLL : 14.0.6.558 76024 Bytes 8/28/2014 12:04:45
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Start of the scan: Tuesday, September 16, 2014 11:37
Start scanning boot sectors:
Boot sector 'HDD0(C:)'
[INFO] No virus was found!
Starting search for hidden objects.
Error in ARK library
The scan of running processes will be started:
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'svchost.exe' - '26' Module(s) have been scanned
Scan process 'atiesrxx.exe' - '16' Module(s) have been scanned
Scan process 'svchost.exe' - '107' Module(s) have been scanned
Scan process 'svchost.exe' - '163' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '114' Module(s) have been scanned
Scan process 'svchost.exe' - '72' Module(s) have been scanned
Scan process 'spoolsv.exe' - '70' Module(s) have been scanned
Scan process 'sched.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'AdaptiveSleepService.exe' - '27' Module(s) have been scanned
Scan process 'armsvc.exe' - '27' Module(s) have been scanned
Scan process 'avguard.exe' - '120' Module(s) have been scanned
Scan process 'SkypeC2CAutoUpdateSvc.exe' - '28' Module(s) have been scanned
Scan process 'SkypeC2CPNRSvc.exe' - '22' Module(s) have been scanned
Scan process 'OfficeClickToRun.exe' - '88' Module(s) have been scanned
Scan process 'CxAudMsg64.exe' - '36' Module(s) have been scanned
Scan process 'dts_apo_service.exe' - '59' Module(s) have been scanned
Scan process 'TODDSrv.exe' - '18' Module(s) have been scanned
Scan process 'TecoService.exe' - '49' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '32' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'avmailc7.exe' - '37' Module(s) have been scanned
Scan process 'avwebg7.exe' - '57' Module(s) have been scanned
Scan process 'svchost.exe' - '55' Module(s) have been scanned
Scan process 'svchost.exe' - '51' Module(s) have been scanned
Scan process 'dashost.exe' - '65' Module(s) have been scanned
Scan process 'DllHost.exe' - '28' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '60' Module(s) have been scanned
Scan process 'GamesAppIntegrationService.exe' - '32' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '80' Module(s) have been scanned
Scan process 'TMachInfo.exe' - '47' Module(s) have been scanned
Scan process 'taskhost.exe' - '83' Module(s) have been scanned
Scan process 'dwm.exe' - '38' Module(s) have been scanned
Scan process 'atieclxx.exe' - '45' Module(s) have been scanned
Scan process 'taskhostex.exe' - '51' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '50' Module(s) have been scanned
Scan process 'Explorer.EXE' - '225' Module(s) have been scanned
Scan process 'LiveComm.exe' - '99' Module(s) have been scanned
Scan process 'skydrive.exe' - '93' Module(s) have been scanned
Scan process 'RuntimeBroker.exe' - '61' Module(s) have been scanned
Scan process 'CAudioFilterAgent64.exe' - '33' Module(s) have been scanned
Scan process 'UMonit64.exe' - '41' Module(s) have been scanned
Scan process 'TCrdMain_Win8.exe' - '57' Module(s) have been scanned
Scan process 'TecoResident.exe' - '39' Module(s) have been scanned
Scan process 'Skype.exe' - '126' Module(s) have been scanned
Scan process 'AMDQuickStream.exe' - '47' Module(s) have been scanned
Scan process 'avgnt.exe' - '102' Module(s) have been scanned
Scan process 'SYNTPHELPER.EXE' - '17' Module(s) have been scanned
Scan process 'CSISYNCCLIENT.EXE' - '89' Module(s) have been scanned
Scan process 'ToshibaServiceStation.exe' - '95' Module(s) have been scanned
Scan process 'SettingSyncHost.exe' - '83' Module(s) have been scanned
Scan process 'MOM.exe' - '67' Module(s) have been scanned
Scan process 'CCC.exe' - '214' Module(s) have been scanned
Scan process 'avcenter.exe' - '175' Module(s) have been scanned
Scan process 'avscan.exe' - '104' Module(s) have been scanned
Scan process 'vssvc.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '41' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '26' Module(s) have been scanned
Scan process 'wininit.exe' - '17' Module(s) have been scanned
Scan process 'lsass.exe' - '64' Module(s) have been scanned
Scan process 'WinLogon.exe' - '28' Module(s) have been scanned
Starting to scan executable files (registry):
The registry was scanned ( '1222' files ).

Starting the file scan:
Begin scan in 'C:\' <TI10684100B>
C:\swapfile.sys
[WARNING] The file could not be opened!

End of the scan: Tuesday, September 16, 2014 12:28
Used time: 50:59 Minute(s)
The scan has been done completely.
31154 Scanned directories
304007 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
304006 Files not concerned
1860 Archives were scanned
1 Warnings
0 Notes
70 Objects were scanned with rootkit scan
0 Hidden objects were found

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Intel(R) Core(TM) Duo CPU T2400 @ 1.83GHz, x86 Family 6 Model 14 Stepping 12
Processor Count: 2
RAM: 2038 Mb
Graphics Card: Mobile Intel(R) 945GM Express Chipset Family, 128 Mb
Hard Drives: C: Total - 76316 MB, Free - 64300 MB;
Motherboard: TOSHIBA, Portable PC
Antivirus: McAfee Anti-Virus and Anti-Spyware, Updated: Yes, On-Demand Scanner: Enabled I was getting an "open com3 port" message when i tried to use my rs232/usb connection on a processor board in my automatic gate systems controller. discovered that i did not have "device manager
" on my laptop. purchased a driver download from an online provider. In process of downloading drivers, I was advised by rep. that my IP address had a lot of junk on it, and that it had infected my laptop and wpold infect anything i used on it, they wanted 450.00 to clean it up. this maybe true, but i am leary that they might be trying to take me for ride. So, my question is: can an IP address be infected and is it my responsibility to pay for it to be cleaned up?