Askey;
still a bit disappointed in this computer, it used to run faster and that was before I maxed out my ram. do you think you've done all possible? I used to be able to easily run two browsers in this game I play. They have added more graphics to it so it could be that. If theres anything else you can try, I would appreciate it

work50schappert@yahoo.com
Hi. I'm not sure if its malware, nevermind. It's an extension/toolbar add-on, ActiveX control that will not disable. Here is the name "PricceDownuloaadEr" 6MnX.x64.dll Class ID {43613F88-95F1-0380-8066-18699A9EE330}
Folder C:\ProgramData\PricceDownuloaadEr
That's all the info. I have. Thank you and I hope you can help me out soon. :)

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz, Intel64 Family 6 Model 15 Stepping 6
Processor Count: 2
RAM: 2021 Mb
Graphics Card: Intel(R) G965 Express Chipset Family, 384 Mb
Hard Drives: C: Total - 114370 MB, Free - 71427 MB; E: Total - 99 MB, Free - 61 MB; F: Total - 238372 MB, Free - 110085 MB;
Motherboard: Intel Corporation, DG965LV
Antivirus: Microsoft Security Essentials, Updated and Enabled

I'm getting a message that says: Unsupported 16-Bit Application ,This program or feature" \??\C:\Users\prest_000\AppData\Roaming\Microsoft\Temp\dllhost.exe" cannot start or run due to incompatibility with 64-bit versions of Windows.Please contact the software vendor to ask if a 64-bit windows compatible version is available. I don't know what to do .Is this a virus or something ,the box will not close either so i can't ignore it ,please help me.I am new to this website so i may not be posting in the right place.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 4
RAM: 3892 Mb
Graphics Card: Intel(R) HD Graphics, 1722 Mb
Hard Drives: C: Total - 238368 MB, Free - 112592 MB; D: Total - 238468 MB, Free - 237812 MB;
Motherboard: Dell Inc., 021CN3
Antivirus: avast! Antivirus, Updated and Enabled

I first noticed a problem when Internet Explorer had trouble opening and staying open>saying IE had terminated abnormally>asking if I wanted to restore previous session>ignoring when I answered either Y or N>blinking with a black screen>freezing the cursor>crashing to a blue screen.

I have 2 pgms called Internet Explorer, one in the "Program Files" folder and a second in the "Program Files (x86)" folder. I don’t know if I am supposed to have 2 pgms.

I often have both Chrome and IE open at the same time. Chrome does not seem to have a problem. I can get to Outlook by using Chrome to call up msn.com and then logging in to Outlook on msn.com.

I tried to repair IE, but the “best” I could do was upgrade from IE10 to IE11. The problem didn’t go away. I tried many things, including several MicrosoftFixIt programs. I have since noticed that some updates have failed, some Windows 7 files are missing or corrupt, and a variety of other bad things have happened. Additionally, I am puzzled that some items I thought I had removed show up in the logs below.

Windows 7 – Home Premium v6.1a, Internet Explorer 11. More details in Belarc Advisor.

Some clues:
Code 8004FF80
Code 0x80070057 – Root Cause – RC_Data Store
Code 0x80070643 – cancelled by wizard from MS Download page. Code indicates various IE issues.
FixIt – jumped to IE Microsoft Automated Troubleshooting Services
Wizard cancelled Microsoft Security Essentials - 4.6.305.0 (KB2965031)
Several efforts led to message “Your system administrator has set policies to prevent this installation.” I AM THE SYSTEM ADMINISTRATOR!

I have backed up my personal data. I have removed all questionable programs previously downloaded from the web. Hit and miss, as I looked at the Properties of some (not all) files, I changed them to be compatible with Windows 7. I don’t know where to go from here.

Below are the results and/ATTACHMENTS for TSG Sysinfo, HJT, GMER, and Belarc Advisor. I hope they help.
=========================================================================== ======
TSG Sysinfo
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 4056 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1804 Mb
Hard Drives: C: Total - 461899 MB, Free - 356351 MB; F: Total - 476821 MB, Free - 311077 MB;
Motherboard: Dell Inc., 0G848F
Antivirus: Microsoft Security Essentials, Disabled
HijackThis
Received this msg: For some reason your system denied Write access to the Hosts file. If any Hijacked domains are in this file, HijackThis may NOT be able to fix this.
I then ran HijackThis as Administrator and got these results:
=======================
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 1:12:44 PM, on 9/23/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\Touchpad Blocker\TouchpadBlocker.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\02 Technical\Techguys\2014 downloads icw problems\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Snaptop.exe] c:\program files (x86)\tools\snaptop\snaptop.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [TouchpadBlocker.exe] "C:\Program Files (x86)\Touchpad Blocker\TouchpadBlocker.exe" -startup
O4 - HKCU\..\Run: [ISUSPM] c:\programdata\flexnet\connect\11\isuspm.exe -scheduler
O4 - HKCU\..\Run: [HP Officejet Pro 8500 A910 (NET)] "C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "cn15gbr0nm:nw" -scfn "hp officejet pro 8500 a910 (net)" -AutoStart 1
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities v5.6.0.13\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\dudley\AppData\Local\Apps\2.0\MLRHZN8G.A30\07DJMBQW.24G\dell..tion _0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [HP Officejet Pro 8500 A910 (NET)] "C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN15GBR0NM:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1 (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [Driver Support] C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [TouchpadBlocker.exe] "C:\Program Files (x86)\Touchpad Blocker\TouchpadBlocker.exe" -startup (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [DriverMax] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [Driver Manager] C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [DellSystemDetect] C:\Users\Edward Kirsch\AppData\Local\Apps\2.0\X9Q893WR.DJR\TXECCXNL.QRB\dell..tion_0f612f64 9c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\RunOnce: [Uninstall C:\Users\Edward Kirsch\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Edward Kirsch\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" (User 'Edward Kirsch')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1000 Startup: Monitor Ink Alerts - HP Officejet Pro 8500 A910 (Network).lnk = ? (User 'Edward Kirsch')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1000 User Startup: Monitor Ink Alerts - HP Officejet Pro 8500 A910 (Network).lnk = ? (User 'Edward Kirsch')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1006 Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Marsha F Slucker')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1006 Startup: Uninstall LastPass RunOnce.lnk = Marsha F Slucker\AppData\Roaming\lpuninstall.exe (User 'Marsha F Slucker')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1006 User Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Marsha F Slucker')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1006 User Startup: Uninstall LastPass RunOnce.lnk = Marsha F Slucker\AppData\Roaming\lpuninstall.exe (User 'Marsha F Slucker')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.6\LaunchEspresso.exe
O9 - Extra 'Tools' menuitem: HP Smart Print 2.6 - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.6\LaunchEspresso.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20614.www2.hp.com/ediags/gmd...pIdfPlugin.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://allianzlife.webex.com/client...t/ieatgpc1.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Unknown owner - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - F:\07 My Downloads\AVG AntiVirus Free 2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - F:\07 My Downloads\AVG AntiVirus Free 2014\avgwdsvc.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KSafe service (KSafeSvc) - Kingsoft Corporation - C:\Program files (x86)\Kingsoft\PCDoctor\KSafeSvc.exe
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Unknown owner - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15178 bytes

=========================================================================== ===============

GMER – see attached

=========================================================================== ===============


Belarc Advisor – see attached
=========================================================================== ==========

Attached Files

	20140923-GMER log.log (16.7 KB)
	20140923-Belarc Advisor Computer Profile.pdf (125.7 KB)

here is my computer info

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i5-3340 CPU @ 3.10GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 12159 Mb
Graphics Card: Intel(R) HD Graphics, -1984 Mb
Hard Drives: C: Total - 940357 MB, Free - 818813 MB; D: Total - 1907695 MB, Free - 1437303 MB;
Motherboard: Dell Inc., 084J0R
Antivirus: Ad-Aware Antivirus, Disabled

and a HijackThis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:59:26 PM, on 9/19/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17278)
Boot mode: Normal

Running processes:
C:\Users\Dustin\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Users\Dustin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istart123.com/web/?type=ds&ts=1409008703&from=irs&uid=ST1000DM003-1CH162_Z1D6MMDLXXXXZ1D6MMDL&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istart123.com/web/?type=ds&ts=1409008703&from=irs&uid=ST1000DM003-1CH162_Z1D6MMDLXXXXZ1D6MMDL&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
O4 - HKCU\..\Run: [Amazon Cloud Player] "C:\Users\Dustin\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Dustin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_519B716C98D43A154C4D117C56AD7788] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Global Startup: CineForm Status.lnk = C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie9 - C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NETGEARGenieDaemon - NETGEAR - C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

--
End of file - 13390 bytes

Please do the following:

Check that the download location is set to the Desktop in whichever browser you will be using to download the tools we use:
How to change the download location in IE, Firefox, Chrome and Opera





Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Next

Please download aswMBR.exe and save it to your desktop.

• Double click aswMBR.exe to start the tool.
• When asked if you want to download Avast's virus definitions please select Yes.
• Click Scan
• Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
• You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

In your next reply, please provide the following:

• FRST logs.
• aswMBR log.

Regards,

Richard

Here is my sys.info report:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 32 bit
Processor: AMD C-50 Processor, x64 Family 20 Model 1 Stepping 0
Processor Count: 2
RAM: 2662 Mb
Graphics Card: AMD Radeon HD 6200 series Graphics, 384 Mb
Hard Drives: C: Total - 223222 MB, Free - 88992 MB;
Motherboard: TOSHIBA, Portable PC
Antivirus: Microsoft Security Essentials, Updated and Enabled

I am not sure it is a virus but i am pretty sure that there is something up to no good, because i was having no problems then all of a sudden one thing would start acting up then another and another. I have run an AV scan and found no threats I have defragged and I now have MBAM installed and it finds 1 PUP- Babylon... that i delete every day yet it returns it has made my browsers crash usually but not always when using flashplayer. it is causing ghosting owhen i move a window or scroll in a window. It is also causing static when i am listening to music(I use grooveshark) no static with wmp but wmp has given me error message a few times when i try to play music which i have never had that happen before just the last two weeks. my cpu usage is maxed w/ just a couple windows going and i am afraid this laptop is gonna crash soon if something doesn't get fixed really soon., I was on here a month ago and i thought i had gotten it running a little better the cpu was a little lower but other than that everything else has kept on happening more and more frequently. It almost seems like someone else is in my computer but IDK how computers work and that is just how i feel, PARANOID and PANICKED! PLEASE HELP!

Hello,

Can you show me the full file paths please?

Hi wbg,

Before I do house keeping should I accept the fix that the ESET scan proposed, even if I could not find a log by the end of the scan, it said it found some malware but I had ticked the box not to fixed as instructed? so what ever it found is still there.

cheers

How can I get rid of this on my friends pc. Superantispyware & Malwarebytes do not get rid of it.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 4
RAM: 3890 Mb
Graphics Card: Intel(R) HD Graphics, 1721 Mb
Hard Drives: C: Total - 464557 MB, Free - 298471 MB;
Motherboard: TOSHIBA, NWQAA
Antivirus: COMODO Antivirus, Updated and Enabled


Please find the other thread attached.

Attached Files

1134047-laptop-wont-run-chkdsk..pdf (77.5 KB)

I recently downloaded a "notepad trick" designed to continually open and close the cd-rom.
I ran it on a computer, and turned the computer off. Usually, this works. But on this computer, when it was turned back on, the computer kept on opening its cd-rom! Right now, the cdrom is stuck open. I have tried unistalled the driver for the cdrom and I have restarted the computer in every imaginable way. Still, none of this works!
Please Help!!!
Here is the code I used (got off internet):


Set oWMP = CreateObject("WMPlayer.OCX.7")
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 5000
loop

is it possible to have a usb flash drive (that may have had a remote access trojan on it previously) that currently has zero files on it, but hasn't been formatted or erased - just files deleted from the flash drive, to currently have a remote access trojan on it still?

Or would there have to be at least one file/ doc on the flash drive for the remote access trojan to write to?

Not concerned about viruses, just remote access stuff.........

thx - p

Hi, yes they are the free. Versions

Hi,

Whenever I start up my desktop, sometimes I'll get a brief 'hang' where my computer freezes and then normal operation resumes. About 10-30 seconds later, these hangs become more frequent until I am completely stuck. Sometimes my mouse cursor changes its icon. I am not able to use my keyboard either. Nowdays whenever I see the first hang I just restart and after the restart things are usually fine.

I can't think of what changed recently, but whenever I boot-up I'm just browsing the web on Chrome - Reddit/Facebook etc...

Here's the TSG SysInfo:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 8103 Mb
Graphics Card: NVIDIA GeForce GTX 560 Ti, 1024 Mb
Hard Drives: C: Total - 152524 MB, Free - 48686 MB;
Motherboard: ASRock, Z68 Extreme3 Gen3
Antivirus: Microsoft Security Essentials, Updated and Enabled

Thanks!

Hello,

If you still require assistance, please read the following topic and run the programme requested.

Hello cubbycuddly, welcome to Tech Support Guy's Malware Removal forum!

My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. :)

======================================================

Please read through the points below to ensure this process moves as quickly and efficiently as possible.

• Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
• Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
• Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
• Please backup important documents before proceeding with my instructions.
• If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.

======================================================

Please run the following diagnostic scans so I can ascertain the state of your computer.

STEP 1
Farbar Recovery Scan Tool (FRST) Scan

• Please download Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
• Right-Click FRST64.exe and select Run as administrator to run the programme.
• Click Yes to the disclaimer.
• Ensure the Addition.txt box is checked.
• Click the Scan button and let the programme run.
• Upon completion, click OK, then OK on the Addition.txt pop up screen.
• Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

STEP 2
TDSSKiller Scan

• Please download TDSSKiller and save the file to your Desktop.
• Right-Click TDSSKiller.exe and select Run as administrator to run the programme.
• Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
• Click Start Scan. Do not use the computer during the scan.
• If objects are found, change the action to skip.
• Click Continue and close the window.
• A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.

======================================================

STEP 3
Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

• FRST.txt
• Addition.txt
• TDSSKiller log

Hello Frank, welcome to Tech Support Guy's Malware Removal forum!

My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.

======================================================

Please read through the points below to ensure this process moves as quickly and efficiently as possible.

• Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
• Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
• Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
• Please backup important documents before proceeding with my instructions.
• If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.

======================================================

Please run the following diagnostic scans so I can ascertain the state of your computer.

STEP 1
Farbar Recovery Scan Tool (FRST) Scan

• Please download Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
• Right-Click FRST64.exe and select Run as administrator to run the programme.
• Click Yes to the disclaimer.
• Ensure the Addition.txt box is checked.
• Click the Scan button and let the programme run.
• Upon completion, click OK, then OK on the Addition.txt pop up screen.
• Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

STEP 2
TDSSKiller Scan

• Please download TDSSKiller and save the file to your Desktop.
• Right-Click TDSSKiller.exe and select Run as administrator to run the programme.
• Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
• Click Start Scan. Do not use the computer during the scan.
• If objects are found, change the action to skip.
• Click Continue and close the window.
• A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.

======================================================

STEP 3
Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

• FRST.txt
• Addition.txt
• TDSSKiller log

Hello,

If you still require assistance, please read the following topic and run the programme requested.