Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

have used combofix before, I have a log file for my newest issues


  • Please log in to reply
9 replies to this topic

#1 solidgear9

solidgear9

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 02 October 2013 - 11:22 PM

my computer has been having a lot of random issues involving corrupted downloaded files and pages not loading correctly and never completely loading no matter how many times i refresh. Also youtube will not display any videos. I have run combofix and i have a log file ready



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,787 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:07 AM

Posted 04 October 2013 - 09:19 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please run these tools and submit the logs for my review.
Wait for further instructions.

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

Download DDS by sUBs from one of the following links, if you no longer have it available. Save it to your desktop.

1: DDS.scr (Not recommended if you use Chrome to download this .scr file. Use the other options.)
2: DDS.pif
3: DDS.COM

Double click on the DDS icon, allow it to run.
A small box will open, with an explanation about the tool. No input is needed, the scan is running.
Notepad will open with the results.
Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

dds_scr.gif

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.
===

Third party programs if not up to date can be the cause of infiltration an infection.

Please restart the computer before running this security check.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Please paste the logs in your next reply, DO NOT ATTACH THEM
Let me know what problem persists.

#3 solidgear9

solidgear9
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 04 October 2013 - 02:12 PM

Thank you very much for the quick response, here are the log files from the programs you had me run. The security check software said "UNSUPPORTED OPERATING SYSTEM! ABORTED!" when i tried to run it even as admin.

 

# AdwCleaner v3.006 - Report created 04/10/2013 at 11:44:11
# Updated 01/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brad - SITRUSSTATION7
# Running from : C:\Users\Brad\Downloads\AdwCleaner(1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16686
 
 
-\\ Mozilla Firefox v20.0.1 (en-US)
 
[ File : C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\z1q45qzw.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1261 octets] - [04/10/2013 11:42:28]
AdwCleaner[S0].txt - [1098 octets] - [04/10/2013 11:44:11]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1158 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by Brad on Fri 10/04/2013 at 11:56:27.89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{016C9521-BB54-4D00-BC73-4251716347B2}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{0935F89F-C16C-4BBF-8C0A-E9F118712B29}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{094917D7-95F8-4EFB-8EC0-9796131BC8B0}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{09AA91DD-B481-4BDB-98E9-0E9F27017828}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{0BB69139-3E83-4F80-90F0-5EF64CBEC314}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{0D94F506-C34C-4762-93D1-3D72D70F52A9}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{0E30AC41-40A3-4115-A312-F4C01B18DA4F}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{0EE811E5-F3CC-4D57-9181-538ACA3AF0D1}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{0F4DE596-CEAD-4DAB-A893-A450E155C069}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{10B537B0-C924-4552-8E0A-C323CB7358F8}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{11E4FD3D-413D-4849-B37F-381B99230B46}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{11F1E371-0602-4E2C-B4A2-0BBC22190C37}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{14FCDD12-9042-49EF-BB27-0D275A5063AE}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{186325EA-DF7F-4758-B706-D2E09AE76580}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{1B6B3678-44D6-4688-B642-91E147D4B813}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{1D08D3AE-B063-453C-9084-7DB4A9AD25F3}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{23E92546-F971-4F5F-9624-D96456299969}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{25C767D1-75F3-4379-92CF-3051ECA7CC61}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{279651F4-230D-421A-A480-6DC0F7C8DFE9}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{2BE596F5-A27A-4938-B911-43105B81EAAE}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{3252B7E4-D513-4A7D-8C37-2EFCD0C7F16F}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{32761187-0D40-492D-B0CB-9ABAF9AB2A6F}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{338455C2-5D8C-4C8C-B2A8-22B0E50EDC8D}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{36F2A466-E02C-4896-8EA0-86F0AEB0E96E}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{370AD14F-84D7-47FE-87F8-26F05A2A669D}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{38B2ED53-E3C6-4ECD-A115-0CE8DD30AC0C}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{3928AC44-57EB-4420-8A99-6B89B1B4FFE4}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{3AD2D471-A60A-475E-A14A-4FFC5521114A}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{3CD147C7-B314-4150-8A2B-29EFEDE980AC}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{40EF992E-9999-4F8F-A502-ADC1D2C001DB}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{4103AF45-21B3-43D7-863B-0EFCA85525DD}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{4303490C-DEFE-4F73-AA04-2741F289CC53}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{431FA15E-CD2F-4C65-BEC4-DEC3B5099D8E}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{44148FAA-6E87-47FF-9EE7-A2D15BE133FE}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{4541CB54-B63C-4BD5-8392-ACC3A192987B}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{46C1E039-2C50-48EE-8D01-658D305CF0F2}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{49662EA6-5824-4F55-90D6-481F50CC579F}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{49F56D79-5832-4431-A94F-E7B6971176F2}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{4ECD9780-083F-4D95-83DF-EC14FE834473}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{50583273-F0CD-49B7-8855-F988B778CCDA}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{50B04DD3-EC81-4524-B8A3-136E0B001D16}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{52A7A316-1D28-435E-9EED-19ED78652B51}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{540304B4-7A98-4F35-B04C-C2D4982778C1}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{547019F7-5C02-4815-A379-C23E4E669444}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{578A1221-9ECA-4E0C-A0AB-A31EBF78D07F}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{57F80BC1-C860-4DC3-B4B9-44248D495BB4}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{5833A6F7-DB1E-4269-B45B-603B937B4294}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{58CBFA37-90F5-4A2C-B08A-2DC48D250F6D}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{5A064179-E61E-4DB9-B78E-BAB51D37F7D3}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{5EF17720-A167-4702-B445-832028908F2C}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{62BC4032-6276-4A2A-98C1-5D8C582CAF02}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{67459D30-BCB2-4D16-A362-69A7964EB7F2}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{6A493E35-798D-4F9D-9A71-FD79894B9206}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{6A81DA98-B2F3-4667-A3BE-86632C657DD5}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{71524D9A-5626-41DD-B88C-5BE5C9B5F272}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{73FBE722-BC5F-43F9-B7B5-1226529523AB}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{7DD0B502-40FA-486D-B46F-CECC98FC3819}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{7F5AEBBF-2E61-41AC-ADE2-57A02E2A3B31}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{844126C9-6BB3-483E-9275-DA529FFAD328}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{86E51AC4-E068-484E-A6E4-8EAD61AB17C3}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{8DE646BD-59EF-4413-971E-4B057BB1894B}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{92D59A44-2864-4F30-A060-FBFB13E7A6A4}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{93916F84-32E3-4EEA-9707-519C47A51A7F}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{9574C8BD-E02A-4D72-AB75-048555DDB96C}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{9C0D2C3D-D432-4DE1-9096-0A9925816415}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{9D773B0F-6CC4-4EB3-AB3A-87369BD2B01F}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{9EBC48CC-1708-4D60-9470-47EAFBE9A386}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{9FBC9EA3-16A2-416B-BD11-D9554C1B5116}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{A1690E7A-BA25-4CA3-81A2-763C6750867C}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{A37C013F-B3A6-4610-BD86-64217C1F9AAF}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{A76087D4-2D94-41BF-8AC4-7BCE71B87513}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{A9C52589-67A0-4FCC-8A34-4852B3010073}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{A9D59427-E295-4792-ACBD-45F6BA2DBCE6}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{AB5FD727-78AD-4335-8700-55A059E10833}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{AD7F4728-2B25-4E81-99E0-B177236729FE}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{AEC689E1-612D-4C1E-9D70-10418041BA30}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{AF41B216-C54F-4D9B-8C7B-EDC7A3320928}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{B067969F-0C03-48BC-AAF4-F997CF739E7C}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{B201FC26-69DE-4A62-9284-44CACDDC6675}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{B2501EFD-0702-4546-92F0-6FEB4803D85F}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{B2635FC5-E6BE-4941-AAB4-C219FFB3919E}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{B49ED0CE-B2F4-49E7-A252-3DB6F3F65539}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{B7AC5663-054F-4DFD-8B7D-B0F3F80DDE16}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{B9233794-BF35-48A0-9444-FBE92618FAF2}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{BBCDF070-A5A6-4C5D-9323-06D90DF5C585}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{BEB388A6-E64B-4576-B37D-6451D36A00DB}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{BFA41D8A-264D-4222-9BA7-83CD85802753}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{BFCF6300-369C-4296-868B-7030DFF38DA2}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{BFDA6A1B-A23E-4702-9A73-744E65DE1221}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{C03F10DB-229E-4114-AF8D-0A43C69676EC}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{C517F9D1-5796-45D4-8D7F-9AE244FD700E}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{C729798E-72A3-4257-9C91-F58DC63E123D}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{C785A3CA-9E0D-4FE3-91D5-E06E6AF7F33C}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{CEBC90E1-0023-481D-9D45-85676C1F0DBC}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{D0698820-B2FA-4303-A03D-CA9DCF57A239}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{D1D94B3E-A628-4F05-A945-F5E1C7181AEE}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{D45046D6-A93F-4F4E-ACE3-B8F3BADCCD0F}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{D4542994-65D4-4AB7-A7AD-49BE3A2C3C23}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{DA541FBE-1518-473F-AC6C-A4115731B174}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{E0362A0A-447A-49EC-9500-2EAF560FDA41}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{E05F3FA0-B7C3-4029-9257-2813F7F969A7}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{E0A4EC18-9D52-405C-AF99-2DDD0FAD80A3}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{E61539CB-4EBA-4050-AD5E-264437A6C3F0}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{EDAD9C2A-257C-4B72-B867-3EA8B2F3A0F6}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{F037E178-06D8-4FE6-A906-C56433315FB3}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{F2B1347B-0598-47EB-A431-4AC64DE6CD8F}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{F588272A-F245-471E-A896-BCA7F66B5392}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{FBA5971C-B0A6-45CF-A7D9-FC4D2ECEE773}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{FC46CE20-1B51-4DF9-B204-8CC50399134F}
Successfully deleted: [Empty Folder] C:\Users\Brad\appdata\local\{FF61C6F6-9D88-43EC-8E1B-A220D3BC3FC8}
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Brad\AppData\Roaming\mozilla\firefox\profiles\z1q45qzw.default\minidumps [5 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 10/04/2013 at 12:03:27.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16686  BrowserJavaVersion: 10.40.2
Run by Brad at 12:04:26 on 2013-10-04
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2047.999 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\explorer.exe
C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [HP Officejet 4620 series (NET)] "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2CK2126105RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CINEFO~1.LNK - C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
uPolicies-Explorer: NoDriveAutorun = dword:0
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{1A341630-DB29-446F-A3AE-0C63EEC7C053} : DHCPNameServer = 69.145.248.4 69.146.17.2 69.144.49.29 192.168.1.1
TCP: Interfaces\{3F3C9DE4-BF19-4FAC-8A4E-084349E7F116} : DHCPNameServer = 69.145.248.50 69.145.232.4 69.145.248.4 192.168.1.1
TCP: Interfaces\{7D6D6A2F-F461-42D4-AA96-30D82595AC67} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{B15869D1-4E6B-4D59-8B20-9C9662306D20} : DHCPNameServer = 69.145.248.4 69.146.17.2 69.144.49.29 192.168.1.1
TCP: Interfaces\{E9C80C11-DF28-4955-80F2-4A4FB8979F75} : DHCPNameServer = 10.20.20.1 8.8.8.8
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\z1q45qzw.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Brad\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Users\Brad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-10-7 55280]
R0 Si3531;SiI-3531 SATA Controller;C:\Windows\System32\drivers\Si3531.sys [2009-2-9 333864]
R2 iPodDrv;iPodDrv;C:\Windows\System32\drivers\iPodDrv.sys [2011-7-27 14952]
R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-10-23 120728]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 139616]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-9-26 1901752]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2012-12-20 65657]
R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2012-6-11 22016]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2012-1-25 9728]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2012-6-8 27136]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-11-8 11776]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-26 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-26 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-18 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2009-2-13 14464]
.
=============== Created Last 30 ================
.
2013-10-04 18:56:18 -------- d-----w- C:\Windows\ERUNT
2013-10-04 18:41:52 -------- d-----w- C:\AdwCleaner
2013-10-03 04:12:12 -------- d-sh--w- C:\$RECYCLE.BIN
2013-10-03 03:53:56 98816 ----a-w- C:\Windows\sed.exe
2013-10-03 03:53:56 256000 ----a-w- C:\Windows\PEV.exe
2013-10-03 03:53:56 208896 ----a-w- C:\Windows\MBR.exe
2013-10-03 03:34:15 9694160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7304F36B-6A93-462B-8511-12EF80C5B533}\mpengine.dll
2013-10-03 02:32:55 -------- d-----w- C:\ProgramData\Oracle
2013-10-03 02:32:28 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-28 03:48:28 9694160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-27 00:09:42 -------- d-----w- C:\Program Files\Microsoft Office 15
2013-09-25 23:41:39 741480 ------w- C:\Windows\System32\HPDiscoPM6412.dll
2013-09-25 23:39:45 -------- d-----w- C:\Program Files (x86)\HP
2013-09-25 23:37:58 -------- d-----w- C:\Program Files\HP
2013-09-25 23:36:18 -------- d-----w- C:\Users\Brad\AppData\Local\HP
2013-09-12 18:54:29 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-09-06 21:33:19 -------- d-----w- C:\Windows\System32\MRT
2013-09-06 20:23:26 965008 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43906492-E5A0-42C5-A8F6-F547A0ECEBF2}\gapaengine.dll
2013-09-06 20:22:36 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-09-06 20:22:36 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-09-06 20:22:36 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-09-06 20:22:36 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-09-06 20:22:35 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-09-06 20:22:35 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-09-06 20:22:35 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-09-06 20:22:35 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-09-06 20:22:09 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-09-06 20:22:08 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-09-06 20:19:45 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-09-06 20:19:45 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-09-06 20:15:42 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-09-06 20:15:41 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-09-06 20:15:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2013-09-06 20:15:14 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-05 20:06:12 1443328 ----a-w- C:\Windows\System32\CFHD.dll
2013-09-05 20:03:20 1474560 ----a-w- C:\Windows\SysWow64\CFHD.dll
.
==================== Find3M  ====================
.
2013-10-03 02:32:20 868264 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-10-03 02:32:20 790440 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-09-15 04:35:21 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-15 04:35:21 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 12:06:51.06 ===============
 
 


#4 solidgear9

solidgear9
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 04 October 2013 - 02:17 PM

webpages are still only partially loading pictures, they show up pixelated and half loaded



#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,787 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:07 AM

Posted 05 October 2013 - 07:14 AM


Your logs are clean. Nothing suspicious was found.

The security check software said "UNSUPPORTED OPERATING SYSTEM! ABORTED!" when i tried to run it even as admin.

After a restart of the computer you should be able to run this tool.
===

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
===

webpages are still only partially loading pictures, they show up pixelated and half loaded


Is this problem with all Browsers or just one in particular?
===

#6 solidgear9

solidgear9
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 07 October 2013 - 12:50 AM

Seems like Chrome has the errors mostly.

 

 

 

Farbar Service Scanner Version: 13-09-2013
Ran by Brad (administrator) on 06-10-2013 at 22:47:24
Running from "C:\Users\Brad\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,787 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:07 AM

Posted 07 October 2013 - 08:25 AM

Delete Chrome using the Add/Remove Program.

Restart the computer normally.

Close all running programs and browsers.

Re-install Chrome.

How is it now?

#8 solidgear9

solidgear9
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 07 October 2013 - 01:46 PM

wow thank you so much, chrome is working perfectly now! You have relieved me of so much technology stress hahaha! here is the log from security check also.

 

 Results of screen317's Security Check version 0.99.74  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 TuneUp Companion 2.2.3   
 Java 7 Update 40  
 Adobe Flash Player 11.7.700.224  
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Mozilla Firefox 20.0.1 Firefox out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 19% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 



#9 solidgear9

solidgear9
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 07 October 2013 - 02:30 PM

i spoke too soon. Chrome is having difficulty again with pages loading improperly and youtube wouldnt play videos. Also my Itunes and quicktime wont update saying the downloads have an "invalid signature". Could a damaged usb wireless adapter be causing any of these issues?



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,787 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:07 AM

Posted 08 October 2013 - 07:33 AM

Could a damaged usb wireless adapter be causing any of these issues?

Could be if it's a router it may be corrupted.
Let me know

Go to the Itunes Download site
http://www.apple.com/ca/itunes/download/

Click the Download button, save the file do not install from the site.

Close Itunes, browsers and running programs.

Install the application.

How is it now.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users