Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Pop ups all the time on computer [Solved]


  • This topic is locked This topic is locked

#61
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
:)
  • 0

Advertisements


#62
Sharon Lee

Sharon Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 512 posts

Hi,  Could you maybe keep this open for a while?  I still have no system restore and the Firefox still comes up each time I go to Yahoo.com.   I would like to get system restore working for I have used that on more than one occassion.  If you can't, I understand and thank you for all your time.


  • 0

#63
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

I will keep it open. I will even try to help you do the System Restore if necessary :)


  • 0

#64
Sharon Lee

Sharon Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 512 posts

Hello,  I am so glad that you are still willing to help me with this.  My daughters friend told me I did not need system restore and shouldn't use it anyway.  Well, I do use it when I need to not all the time but it is nice to have it.  He was nice by taking care of that one problem.  It took him longer than I think he thought it would.  So you let me know what you want me to do and I will try to do it.  Thank you.


  • 0

#65
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

OK, but please describe me your current situation. I need to know:

 

- what was done?

 

- what is the current computer state?

 

- what strange symptoms do you observe?


  • 0

#66
Sharon Lee

Sharon Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 512 posts

Hello,  as for what he did, I do know he got rid of the iexplore.exe-Bad Imagine.  It no longer comes up.  He also put a program on here called Glary Utilities.   He must of thought I needed it.  I still get the FireFox pop up even when I come on here.  My machine is very slow after I turn it on and it used to be so fast.  That is a big difference also.  Not sure why.  Other than that, I don't know anything that matters much going on.  Yes, he but Java on my computer.  I am not sure I like that for I have heard so many bad things about that program.  This shows you what it is doing.  I so want system restore to work.  That is a biggie for me.  Thank you.


  • 0

#67
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

OK, can you please re-run that DDS program I told you to download, check the "Attach" option and post two logfiles generated?


  • 0

#68
Sharon Lee

Sharon Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 512 posts

I think I have it.  I saved some of what you wanted me to run.  Is this it?

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239
Run by Sharon at 9:45:36 on 2014-08-23
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.9207.6621 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\Planner\PLNRnote.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_14_0_0_176_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://rr.com/
mWinlogon: Userinit = userinit.exe,
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BR435NP05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
uRun: [WeatherBug] C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe /fromrunkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft..../?LinkID=122915" /build:7601
StartupFolder: C:\Users\Sharon\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\EVENTP~1.LNK - C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\Planner\PLNRnote.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{41C63DE6-900B-4DC6-ADEB-4CEA7576E539} : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uh4rokfq.default-1408223660292\
FF - prefs.js: browser.startup.homepage - hxxps://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 133928]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-8-12 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-8-12 18956064]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-8-12 411936]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-8-12 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-8-12 40392]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfswin7.sys [2013-6-26 768680]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaywin7.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirwin7.sys [2013-6-26 29352]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvolwin7.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-8-16 2151744]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-15 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-5-15 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-5-15 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-5-16 1255736]
.
=============== Created Last 30 ================
.
2014-08-23 13:37:06 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{502F0FEF-8F02-43C2-B613-70F04496E4B4}\offreg.dll
2014-08-23 13:36:11 11319192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{502F0FEF-8F02-43C2-B613-70F04496E4B4}\mpengine.dll
2014-08-22 17:09:58 11319192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-08-20 17:36:34 1169712 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0B60F421-1E13-4135-B8B6-8D634FC5C964}\gapaengine.dll
2014-08-19 14:20:46 -------- d-----w- C:\Program Files (x86)\Optimizer Pro
2014-08-18 19:22:07 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2014-08-18 17:24:48 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-18 17:24:37 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-08-18 17:24:37 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-08-18 17:24:37 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-08-17 22:20:14 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-08-17 22:20:14 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2014-08-17 15:36:01 -------- d-----w- C:\Users\Sharon\AppData\Roaming\SparkTrust
2014-08-17 15:35:01 -------- d-----w- C:\ProgramData\SparkTrust
2014-08-16 21:02:07 -------- d-----w- C:\Users\Sharon\AppData\Roaming\ProductData
2014-08-16 21:01:04 -------- d-----w- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-08-16 20:29:59 -------- d-----w- C:\FRST
2014-08-16 15:35:24 -------- d-----w- C:\ProgramData\ProductData
2014-08-16 15:34:14 -------- d-----w- C:\ProgramData\IObit
2014-08-16 15:34:00 -------- d-----w- C:\Users\Sharon\AppData\Roaming\Browser Extensions
2014-08-16 15:33:39 -------- d-----w- C:\Users\Sharon\AppData\Roaming\IObit
2014-08-16 15:33:35 -------- d-----w- C:\Program Files (x86)\IObit
2014-08-16 15:02:31 -------- d-----w- C:\Program Files (x86)\TotalSystemCare
2014-08-16 02:17:31 -------- d-----w- C:\Users\Sharon\AppData\Roaming\MyTurboPC.com
2014-08-16 02:17:31 -------- d-----w- C:\Users\Sharon\AppData\Roaming\DriverCure
2014-08-16 02:17:21 -------- d-----w- C:\ProgramData\MyTurboPC.com
2014-08-15 16:22:32 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-08-15 16:22:32 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-08-15 16:22:32 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-08-15 16:22:32 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-08-15 16:22:31 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-08-15 16:22:30 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-08-15 16:22:18 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-15 16:22:18 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-15 11:58:59 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-15 11:57:37 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-08-15 11:57:37 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-08-15 11:57:36 529920 ----a-w- C:\Windows\System32\aepdu.dll
2014-08-15 11:57:35 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-08-13 15:13:26 -------- d-----w- C:\Users\Sharon\AppData\Roaming\DiskDefrag
2014-08-12 20:27:38 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll
2014-08-12 20:27:38 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
2014-08-12 20:27:38 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2014-08-12 20:27:38 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2014-08-12 20:27:37 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
2014-08-12 20:27:37 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2014-08-12 20:27:18 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-08-12 20:27:18 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-08-12 20:27:18 1283136 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-08-12 20:27:18 1126480 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-08-12 20:27:18 -------- d-----w- C:\Users\Sharon\AppData\Local\NVIDIA Corporation
2014-08-12 20:26:40 609240 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-08-12 20:22:45 -------- d-----w- C:\NVIDIA
2014-08-10 22:18:47 20312 ----a-w- C:\Windows\System32\roboot64.exe
2014-08-10 22:18:47 -------- d-----w- C:\Users\Sharon\AppData\Roaming\Systweak
2014-08-10 19:12:01 -------- d-----w- C:\Users\Sharon\AppData\Roaming\UpdaterEX
2014-08-08 14:51:58 -------- d-----w- C:\ProgramData\d84b8fff6566939a
2014-08-08 14:51:57 -------- d-----w- C:\Users\Sharon\AppData\Local\Packages
2014-08-08 14:51:55 -------- d-----w- C:\Users\Sharon\AppData\Local\Torch
2014-08-08 14:51:55 -------- d-----w- C:\Users\Sharon\AppData\Local\Comodo
2014-08-08 14:51:55 -------- d-----w- C:\Users\Sharon\AppData\Local\Chromatic Browser
2014-08-02 14:48:32 -------- d-----w- C:\Users\Sharon\AppData\Local\Spoon
2014-08-02 14:48:32 -------- d-----w- C:\GEARView Basic Dev
2014-08-02 11:47:08 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-08-02 11:47:00 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-08-02 11:47:00 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-08-02 11:46:47 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2014-08-02 11:46:46 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-08-02 11:46:46 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-08-02 11:46:46 198600 ----a-w- C:\Windows\System32\wuwebv.dll
2014-07-26 19:02:20 -------- d-----w- C:\ProgramData\Malwarebytes Anti-Exploit
.
==================== Find3M  ====================
.
2014-08-15 00:53:33 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-15 00:53:33 699568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-25 14:02:12 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-07-25 14:01:41 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-07-25 13:28:35 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-07-25 13:25:45 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-07-25 13:04:40 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-07-25 13:00:25 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-07-25 12:59:28 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-07-25 12:47:25 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-07-25 12:34:03 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-07-25 12:33:08 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15 5824512 ----a-w- C:\Windows\System32\jscript9.dll
2014-07-25 12:28:05 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47 4204032 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-07-25 11:43:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29 2087936 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-07-25 11:39:25 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49 2001920 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06 2266624 ----a-w- C:\Windows\System32\wininet.dll
2014-07-25 10:05:23 1792512 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:24 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-16 02:12:11 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2014-07-02 18:55:43 6783776 ----a-w- C:\Windows\System32\nvcpl.dll
2014-07-02 18:55:43 3522392 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-07-02 18:55:41 935368 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-07-02 18:55:41 62808 ----a-w- C:\Windows\System32\nvshext.dll
2014-07-02 18:55:41 386520 ----a-w- C:\Windows\System32\nvmctray.dll
2014-07-02 10:14:12 3826628 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-06-03 10:02:37 112064 ----a-w- C:\Windows\System32\consent.exe
2014-06-03 10:02:21 504320 ----a-w- C:\Windows\System32\msihnd.dll
2014-06-03 10:02:21 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-06-03 10:02:12 1941504 ----a-w- C:\Windows\System32\authui.dll
2014-06-03 09:29:50 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2014-06-03 09:29:50 2363392 ----a-w- C:\Windows\SysWow64\msi.dll
2014-06-03 09:29:40 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
.
============= FINISH:  9:45:57.32 ===============

 


  • 0

#69
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Yes, but it's not the one I want. You have posted the log dated

Run by Sharon at 9:45:36 on 2014-08-23

While I need a fresh one, made today :)
  • 0

#70
Sharon Lee

Sharon Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 512 posts

All right, I shall do another one.  This is the one where all kinds of downloads try to get on my machine.  :)   I will do it now.


  • 0

Advertisements


#71
Sharon Lee

Sharon Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 512 posts

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 5/15/2014 7:57:11 PM
System Uptime: 8/29/2014 12:32:02 PM (3 hours ago)
.
Motherboard: PEGATRON CORPORATION |  | TRUCKEE
Processor: Intel® Core™ i7 CPU         920  @ 2.67GHz | CPU 1 | 2668/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 415.158 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP162: 8/29/2014 9:10:16 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader XI (11.0.08)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Glary Utilities 5.6
Hallmark Card Studio 2011 Deluxe
HP Deskjet 3050A J611 series Basic Device Software
HP Deskjet 3050A J611 series Help
HP Photo Creations
Java 7 Update 67
Java Auto Updater
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Starter 2010 - English
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Mozilla Firefox 31.0 (x86 en-US)
NVIDIA 3D Vision Controller Driver 340.50
NVIDIA 3D Vision Driver 340.52
NVIDIA Control Panel 340.52
NVIDIA GeForce Experience 2.1.1
NVIDIA Graphics Driver 340.52
NVIDIA HD Audio Driver 1.3.30.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.1220
NVIDIA ShadowPlay 15.3.33
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 15.3.33
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.23
PowerProducer
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SHIELD Streaming
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
8/29/2014 9:07:51 AM, Error: volsnap [14]  - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
8/29/2014 9:07:24 AM, Error: atapi [11]  - The driver detected a controller error on \Device\Ide\IdePort5.
8/28/2014 7:00:10 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845).
8/26/2014 8:28:18 AM, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
8/26/2014 12:21:52 PM, Error: Service Control Manager [7030]  - The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
8/24/2014 5:26:15 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
.
==== End Of File ===========================
 


  • 0

#72
Sharon Lee

Sharon Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 512 posts

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17054  BrowserJavaVersion: 10.67.2
Run by Sharon at 15:01:30 on 2014-08-29
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.9207.7875 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_14_0_0_176_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\MsSpellCheckingFacility.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://rr.com/
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
uRun: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BR435NP05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
uRun: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{41C63DE6-900B-4DC6-ADEB-4CEA7576E539} : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uh4rokfq.default-1408223660292\
FF - prefs.js: browser.startup.homepage - hxxps://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
.
============= SERVICES / DRIVERS ===============
.
R0 BootDefragDriver;BootDefragDriver;C:\Windows\System32\drivers\BootDefragDriver.sys [2014-8-26 17600]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R1 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2014-8-26 20672]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 133928]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-8-12 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-8-12 18956064]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-8-12 411936]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-8-12 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-8-12 40392]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfswin7.sys [2013-6-26 768680]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaywin7.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirwin7.sys [2013-6-26 29352]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvolwin7.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-5-15 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-5-15 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-5-16 1255736]
S4 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-8-16 2151744]
.
=============== Created Last 30 ================
.
2014-08-29 14:34:15 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F2BFF42C-6408-4FEE-8E9F-E7EDF0B27BEA}\offreg.dll
2014-08-29 14:33:26 1169712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D48645E-742C-42C3-B031-0601980B1F73}\gapaengine.dll
2014-08-29 14:31:00 11319192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F2BFF42C-6408-4FEE-8E9F-E7EDF0B27BEA}\mpengine.dll
2014-08-29 00:59:52 600064 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-29 00:59:52 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-28 23:34:07 -------- d-----w- C:\Program Files (x86)\Yahoo!
2014-08-28 13:35:00 11319192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-08-28 00:43:14 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-28 00:43:14 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-28 00:43:14 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-26 16:34:13 20672 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys
2014-08-26 16:34:11 17600 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys
2014-08-26 16:34:11 118048 ----a-w- C:\Windows\System32\BootDefrag.exe
2014-08-26 16:34:11 -------- d-----w- C:\Users\Sharon\AppData\Roaming\GlarySoft
2014-08-26 16:33:58 -------- d-----w- C:\Program Files (x86)\Glary Utilities 5
2014-08-26 16:24:00 -------- d-sh--w- C:\$RECYCLE.BIN
2014-08-26 16:17:30 98816 ----a-w- C:\Windows\sed.exe
2014-08-26 16:17:30 256000 ----a-w- C:\Windows\PEV.exe
2014-08-26 16:17:30 208896 ----a-w- C:\Windows\MBR.exe
2014-08-26 16:13:48 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-26 16:02:04 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-08-26 16:00:55 -------- d-----w- C:\AdwCleaner
2014-08-20 17:36:34 1169712 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0B60F421-1E13-4135-B8B6-8D634FC5C964}\gapaengine.dll
2014-08-18 19:22:07 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2014-08-18 17:24:48 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-18 17:24:37 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-08-18 17:24:37 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-08-18 17:24:37 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-08-17 22:20:14 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-08-17 22:20:14 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2014-08-17 15:36:01 -------- d-----w- C:\Users\Sharon\AppData\Roaming\SparkTrust
2014-08-17 15:35:01 -------- d-----w- C:\ProgramData\SparkTrust
2014-08-16 21:02:07 -------- d-----w- C:\Users\Sharon\AppData\Roaming\ProductData
2014-08-16 21:01:04 -------- d-----w- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-08-16 20:29:59 -------- d-----w- C:\FRST
2014-08-16 15:35:24 -------- d-----w- C:\ProgramData\ProductData
2014-08-16 15:34:14 -------- d-----w- C:\ProgramData\IObit
2014-08-16 15:33:39 -------- d-----w- C:\Users\Sharon\AppData\Roaming\IObit
2014-08-16 15:33:35 -------- d-----w- C:\Program Files (x86)\IObit
2014-08-16 15:02:31 -------- d-----w- C:\Program Files (x86)\TotalSystemCare
2014-08-16 02:17:31 -------- d-----w- C:\Users\Sharon\AppData\Roaming\MyTurboPC.com
2014-08-16 02:17:21 -------- d-----w- C:\ProgramData\MyTurboPC.com
2014-08-15 16:22:32 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-08-15 16:22:32 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-08-15 16:22:32 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-08-15 16:22:32 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-08-15 16:22:31 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-08-15 16:22:30 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-08-15 16:22:18 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-15 16:22:18 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-15 11:57:37 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-08-15 11:57:37 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-08-15 11:57:36 529920 ----a-w- C:\Windows\System32\aepdu.dll
2014-08-15 11:57:35 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-08-13 15:13:26 -------- d-----w- C:\Users\Sharon\AppData\Roaming\DiskDefrag
2014-08-12 20:27:38 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll
2014-08-12 20:27:38 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
2014-08-12 20:27:38 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2014-08-12 20:27:38 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2014-08-12 20:27:37 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
2014-08-12 20:27:37 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2014-08-12 20:27:18 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-08-12 20:27:18 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-08-12 20:27:18 1283136 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-08-12 20:27:18 1126480 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-08-12 20:27:18 -------- d-----w- C:\Users\Sharon\AppData\Local\NVIDIA Corporation
2014-08-12 20:26:40 609240 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-08-12 20:22:45 -------- d-----w- C:\NVIDIA
2014-08-08 14:51:58 -------- d-----w- C:\ProgramData\d84b8fff6566939a
2014-08-08 14:51:57 -------- d-----w- C:\Users\Sharon\AppData\Local\Packages
2014-08-08 14:51:55 -------- d-----w- C:\Users\Sharon\AppData\Local\Comodo
2014-08-02 14:48:32 -------- d-----w- C:\Users\Sharon\AppData\Local\Spoon
2014-08-02 14:48:32 -------- d-----w- C:\GEARView Basic Dev
2014-08-02 11:47:08 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-08-02 11:47:00 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-08-02 11:47:00 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-08-02 11:46:47 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2014-08-02 11:46:46 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-08-02 11:46:46 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-08-02 11:46:46 198600 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M  ====================
.
2014-08-15 00:53:33 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-15 00:53:33 699568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-24 12:10:54 2240000 ----a-w- C:\Windows\System32\wininet.dll
2014-07-24 12:09:37 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2014-07-24 12:09:33 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-07-24 12:09:33 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-07-24 12:09:00 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-07-24 10:52:27 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-24 10:51:27 2861568 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-07-24 10:51:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-07-24 10:51:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-07-24 10:51:02 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-07-24 10:33:52 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-07-24 10:29:20 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-07-24 09:37:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-07-24 09:32:28 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2014-07-02 18:55:43 6783776 ----a-w- C:\Windows\System32\nvcpl.dll
2014-07-02 18:55:43 3522392 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-07-02 18:55:41 935368 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-07-02 18:55:41 62808 ----a-w- C:\Windows\System32\nvshext.dll
2014-07-02 18:55:41 386520 ----a-w- C:\Windows\System32\nvmctray.dll
2014-07-02 10:14:12 3826628 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-06-03 10:02:37 112064 ----a-w- C:\Windows\System32\consent.exe
2014-06-03 10:02:21 504320 ----a-w- C:\Windows\System32\msihnd.dll
2014-06-03 10:02:21 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-06-03 10:02:12 1941504 ----a-w- C:\Windows\System32\authui.dll
2014-06-03 09:29:50 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2014-06-03 09:29:50 2363392 ----a-w- C:\Windows\SysWow64\msi.dll
2014-06-03 09:29:40 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
.
============= FINISH: 15:01:57.89 ===============
 


  • 0

#73
LiquidTension

LiquidTension

    Expert

  • Expert
  • 1,151 posts
Hello Sharon Lee,

Naathim will unfortunately be unavailable until tomorrow. After burning his HDD to his Home PC, he is need of a new Hard Drive and will not be able to purchase one until tomorrow.

Thank you for your patience.
  • 0

#74
Sharon Lee

Sharon Lee

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 512 posts

Thank you for letting me know.  I wasn't worried for I thought he was busy. 


  • 0

#75
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi and I'm very sorry for the delay. I had a short-circuit accident which deeply fried my home PC's hard drive. As you may know, it's quite hard to run a PC without it ;)


OK, so we have fresh reports.


remove%20outdated.jpg Uninstall some programs

We need to uninstall some programs.

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time

The list of programs to uninstall:

  • Glary Utilities

After completing uninstalls, please manually reboot your machine!


After that please generate fresh logfiles from DDS (with Attach option checked).


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP