Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ugh, second laptop not booting up properly


  • This topic is locked This topic is locked
6 replies to this topic

#1 TheMadOne

TheMadOne

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 06 October 2013 - 05:22 PM

So, my second laptop wont boot up properly now.  I was working on one from a friend at work which had the same problem, went to format the USB stick and i'm assuming that it transfered over.  Here are the results from FRST64 in recovery if anyone can help:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by SYSTEM on MININT-FAH5PP0 on 06-10-2013 18:03:17
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [x]
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [acevents] - C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2011-09-28] (ActivIdentity)
HKLM\...\Run: [accrdsub] - C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [489512 2011-09-28] (ActivIdentity)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-29] (AVAST Software)
HKU\Jonny G\...\Run: [ComcastAntispyClient] - C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe [1589208 2009-08-19] ()
HKU\Jonny G\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
AppInit_DLLs-x32:   [ ] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Services (Whitelisted) =================

S2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity)
S2 AntiSpywareService; C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [616408 2009-06-17] ()
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-29] (AVAST Software)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-29] (AVAST Software)
S2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-08-29] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-29] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-29] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-29] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-29] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-29] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-29] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-06 12:16 - 2013-10-06 12:21 - 00046163 _____ C:\Users\Jonny G\Downloads\FRST.txt
2013-10-05 14:40 - 2013-10-05 14:41 - 00019542 _____ C:\Users\Jonny G\Downloads\Addition.txt
2013-10-05 14:40 - 2013-10-05 14:40 - 00000000 ____D C:\FRST
2013-10-05 14:39 - 2013-10-05 14:39 - 01954124 _____ (Farbar) C:\Users\Jonny G\Downloads\FRST64.exe
2013-10-03 18:13 - 2013-10-03 18:13 - 00000138 _____ C:\Windows\wininit.ini
2013-10-03 17:14 - 2013-10-03 17:16 - 00004716 _____ C:\Users\Jonny G\Desktop\Rkill.txt
2013-10-03 17:14 - 2013-10-03 17:14 - 00000000 ____D C:\Users\Jonny G\Desktop\rkill
2013-10-03 17:00 - 2013-10-03 17:00 - 00003164 _____ C:\Windows\System32\Tasks\{EA658DDB-D0E0-45B0-B735-65CC9F42C883}
2013-10-03 17:00 - 2013-10-03 17:00 - 00003164 _____ C:\Windows\System32\Tasks\{CC5C1ABF-C384-4C1F-B4B7-B33E5D7375A5}
2013-10-03 17:00 - 2013-10-03 17:00 - 00003164 _____ C:\Windows\System32\Tasks\{79EBBE6E-2C1A-4FB4-9927-281FABD5494E}
2013-10-03 16:28 - 2013-10-03 16:27 - 18070536 _____ (Adobe Systems Inc.) C:\Users\Jonny G\Downloads\AdobeAIRInstaller.exe
2013-10-03 16:17 - 2013-10-03 16:17 - 01087213 _____ (Farbar) C:\Users\Jonny G\Downloads\FRST.exe
2013-10-03 16:02 - 2013-10-03 16:02 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\Jonny G\Downloads\rkill.exe
2013-10-03 15:58 - 2013-10-03 15:58 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-03 15:58 - 2013-10-03 15:58 - 00001933 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-03 15:58 - 2013-10-03 15:58 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-03 15:58 - 2013-10-03 15:58 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-03 15:58 - 2013-08-29 23:48 - 01030952 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-10-03 15:58 - 2013-08-29 23:48 - 00378944 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-10-03 15:58 - 2013-08-29 23:48 - 00204880 _____ C:\Windows\System32\Drivers\aswVmm.sys
2013-10-03 15:58 - 2013-08-29 23:48 - 00080816 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-10-03 15:58 - 2013-08-29 23:48 - 00072016 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-10-03 15:58 - 2013-08-29 23:48 - 00065336 _____ C:\Windows\System32\Drivers\aswRvrt.sys
2013-10-03 15:58 - 2013-08-29 23:48 - 00064288 _____ (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-10-03 15:58 - 2013-08-29 23:48 - 00033400 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-10-03 15:58 - 2013-08-29 23:47 - 00287840 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-10-03 15:58 - 2013-08-29 23:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-03 15:57 - 2013-10-03 15:58 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-03 15:50 - 2013-10-03 15:53 - 131918888 _____ C:\Users\Jonny G\Downloads\avast_free_antivirus_setup.exe
2013-10-03 15:47 - 2013-10-03 15:49 - 00003642 _____ C:\Windows\System32\Tasks\Spybot
2013-10-03 02:21 - 2013-10-03 02:21 - 00000000 ____D C:\ProgramData\Oracle
2013-10-03 02:19 - 2013-10-03 02:18 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-03 02:18 - 2013-10-03 02:18 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-02 17:13 - 2013-10-02 17:13 - 04104448 _____ (Piriform Ltd) C:\Users\Jonny G\Downloads\dfsetup215.exe
2013-10-02 17:13 - 2013-10-02 17:13 - 00001735 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-10-02 17:13 - 2013-10-02 17:13 - 00000000 ____D C:\Program Files\Defraggler
2013-10-02 17:10 - 2013-10-02 17:10 - 00000000 ____D C:\Users\Jonny G\Desktop\Old Firefox Data
2013-10-02 17:01 - 2013-10-03 18:55 - 00088138 _____ C:\Windows\PFRO.log
2013-10-02 16:58 - 2013-10-02 16:58 - 00869456 _____ C:\Users\Jonny G\Downloads\Norton_Removal_Tool.exe
2013-10-01 16:23 - 2013-10-01 16:23 - 00001053 _____ C:\Users\Jonny G\Desktop\Folder Size.lnk
2013-10-01 16:23 - 2013-10-01 16:23 - 00000000 ____D C:\ProgramData\MindGems
2013-10-01 16:23 - 2013-10-01 16:23 - 00000000 ____D C:\Program Files (x86)\Folder Size
2013-10-01 16:22 - 2013-10-01 16:22 - 01795603 _____ (MindGems, Inc.                                              ) C:\Users\Jonny G\Downloads\FolderSize.exe
2013-10-01 15:32 - 2013-10-01 15:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 14:27 - 2013-10-05 14:35 - 00001300 _____ C:\Windows\setupact.log
2013-10-01 14:27 - 2013-10-01 14:27 - 00000000 _____ C:\Windows\setuperr.log
2013-10-01 12:32 - 2009-06-10 13:00 - 00000824 _____ C:\Windows\System32\Drivers\etc\hosts.20131001-163226.backup
2013-10-01 12:24 - 2013-10-01 12:24 - 00000000 ____D C:\Users\Jonny G\Documents\ProcAlyzer Dumps
2013-10-01 12:23 - 2013-10-03 15:42 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-01 12:23 - 2013-10-01 12:42 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-01 12:23 - 2013-10-01 12:23 - 00001394 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-01 12:23 - 2013-10-01 12:23 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-10-01 12:23 - 2009-01-25 09:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\System32\sdnclean64.exe
2013-10-01 12:22 - 2013-10-01 12:23 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Jonny G\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-01 12:12 - 2013-10-01 16:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-01 12:12 - 2013-10-01 16:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-01 12:12 - 2012-08-23 06:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-10-01 12:12 - 2012-08-23 06:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-10-01 12:12 - 2012-08-23 06:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2013-10-01 12:12 - 2012-08-23 06:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2013-10-01 12:12 - 2012-08-23 05:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-10-01 12:12 - 2012-08-23 05:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-10-01 12:12 - 2012-08-23 05:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2013-10-01 12:12 - 2012-08-23 05:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2013-10-01 12:12 - 2012-08-23 05:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2013-10-01 12:12 - 2012-08-23 05:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2013-10-01 12:12 - 2012-08-23 05:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-10-01 12:12 - 2012-08-23 05:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2013-10-01 12:12 - 2012-08-23 05:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2013-10-01 12:12 - 2012-08-23 04:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-10-01 12:12 - 2012-08-23 03:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2013-10-01 12:12 - 2012-08-23 03:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-10-01 12:12 - 2012-08-23 03:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2013-10-01 12:12 - 2012-08-23 03:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-10-01 12:12 - 2012-08-23 02:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-10-01 12:12 - 2012-08-23 02:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2013-10-01 12:12 - 2012-08-23 02:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-10-01 12:12 - 2012-08-23 02:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-10-01 12:12 - 2012-08-23 01:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-10-01 12:12 - 2012-08-23 00:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-10-01 12:12 - 2012-08-23 00:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-10-01 12:11 - 2012-08-24 10:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-10-01 12:11 - 2012-08-24 10:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-10-01 12:11 - 2012-08-24 10:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-10-01 12:11 - 2012-08-24 10:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-10-01 12:11 - 2012-08-24 08:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-10-01 12:11 - 2012-08-24 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-10-01 12:11 - 2012-08-24 08:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-10-01 12:11 - 2012-05-04 03:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-10-01 12:11 - 2012-05-04 01:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-10-01 12:09 - 2013-10-01 12:09 - 04369632 _____ (Piriform Ltd) C:\Users\Jonny G\Downloads\ccsetup406.exe
2013-10-01 12:09 - 2013-10-01 12:09 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-01 12:09 - 2013-10-01 12:09 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-01 12:09 - 2013-10-01 12:09 - 00000000 ____D C:\Program Files\CCleaner
2013-10-01 12:01 - 2013-10-01 12:02 - 00000000 ____D C:\Windows\System32\MRT
2013-10-01 12:01 - 2013-09-01 13:08 - 79143768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-09-18 14:18 - 2013-08-09 21:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-09-18 14:18 - 2013-08-09 21:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-09-18 14:18 - 2013-08-09 21:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-09-18 14:18 - 2013-08-09 21:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-09-18 14:18 - 2013-08-09 21:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-09-18 14:18 - 2013-08-09 21:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-09-18 14:18 - 2013-08-09 21:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-09-18 14:18 - 2013-08-09 21:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-09-18 14:18 - 2013-08-09 21:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-09-18 14:18 - 2013-08-09 21:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-09-18 14:18 - 2013-08-09 21:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-09-18 14:18 - 2013-08-09 21:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-09-18 14:18 - 2013-08-09 21:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-09-18 14:18 - 2013-08-09 21:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-09-18 14:18 - 2013-08-09 19:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-18 14:18 - 2013-08-09 19:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-18 14:18 - 2013-08-09 19:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-18 14:18 - 2013-08-09 19:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-18 14:18 - 2013-08-09 19:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-18 14:18 - 2013-08-09 19:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-18 14:18 - 2013-08-09 19:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-18 14:18 - 2013-08-09 19:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-18 14:18 - 2013-08-09 19:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-18 14:18 - 2013-08-09 19:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-18 14:18 - 2013-08-09 19:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-18 14:18 - 2013-08-09 19:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-18 14:18 - 2013-08-09 19:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-18 14:18 - 2013-08-09 19:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-09-18 14:18 - 2013-08-09 19:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-18 14:18 - 2013-08-09 18:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-18 14:18 - 2013-08-09 18:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 16:53 - 2013-09-13 16:53 - 01067552 _____ (Solid State Networks) C:\Users\Jonny G\Downloads\install_flashplayer11x32_mssa_aaa_aih.exe
2013-09-13 14:51 - 2013-08-07 17:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-09-13 14:51 - 2013-08-04 18:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2013-09-13 14:51 - 2013-08-01 18:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-09-13 14:51 - 2013-08-01 18:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-09-13 14:51 - 2013-08-01 18:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-09-13 14:51 - 2013-08-01 18:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-09-13 14:51 - 2013-08-01 18:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-09-13 14:51 - 2013-08-01 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-09-13 14:51 - 2013-08-01 18:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-09-13 14:51 - 2013-08-01 18:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-09-13 14:51 - 2013-08-01 18:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-13 14:51 - 2013-08-01 17:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-13 14:51 - 2013-08-01 17:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-13 14:51 - 2013-08-01 17:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-13 14:51 - 2013-08-01 17:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-13 14:51 - 2013-08-01 17:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 17:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-09-13 14:51 - 2013-08-01 16:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-09-13 14:51 - 2013-08-01 16:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-13 14:51 - 2013-08-01 16:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-13 14:51 - 2013-08-01 16:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-13 14:51 - 2013-08-01 16:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-13 14:51 - 2013-08-01 16:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 16:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 16:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 14:51 - 2013-08-01 16:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 14:51 - 2013-07-25 18:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-09-13 14:51 - 2013-07-25 18:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-09-13 14:51 - 2013-07-25 17:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-13 14:51 - 2013-07-25 17:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

==================== One Month Modified Files and Folders =======

2013-10-06 12:21 - 2013-10-06 12:16 - 00046163 _____ C:\Users\Jonny G\Downloads\FRST.txt
2013-10-05 14:41 - 2013-10-05 14:40 - 00019542 _____ C:\Users\Jonny G\Downloads\Addition.txt
2013-10-05 14:40 - 2013-10-05 14:40 - 00000000 ____D C:\FRST
2013-10-05 14:39 - 2013-10-05 14:39 - 01954124 _____ (Farbar) C:\Users\Jonny G\Downloads\FRST64.exe
2013-10-05 14:35 - 2013-10-01 14:27 - 00001300 _____ C:\Windows\setupact.log
2013-10-05 14:35 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-03 18:55 - 2013-10-02 17:01 - 00088138 _____ C:\Windows\PFRO.log
2013-10-03 18:13 - 2013-10-03 18:13 - 00000138 _____ C:\Windows\wininit.ini
2013-10-03 17:16 - 2013-10-03 17:14 - 00004716 _____ C:\Users\Jonny G\Desktop\Rkill.txt
2013-10-03 17:14 - 2013-10-03 17:14 - 00000000 ____D C:\Users\Jonny G\Desktop\rkill
2013-10-03 17:02 - 2013-08-25 05:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-03 17:00 - 2013-10-03 17:00 - 00003164 _____ C:\Windows\System32\Tasks\{EA658DDB-D0E0-45B0-B735-65CC9F42C883}
2013-10-03 17:00 - 2013-10-03 17:00 - 00003164 _____ C:\Windows\System32\Tasks\{CC5C1ABF-C384-4C1F-B4B7-B33E5D7375A5}
2013-10-03 17:00 - 2013-10-03 17:00 - 00003164 _____ C:\Windows\System32\Tasks\{79EBBE6E-2C1A-4FB4-9927-281FABD5494E}
2013-10-03 16:54 - 2011-10-18 07:28 - 00000000 ____D C:\Users\Jonny G\AppData\Roaming\Adobe
2013-10-03 16:50 - 2011-06-18 12:04 - 01688272 _____ C:\Windows\WindowsUpdate.log
2013-10-03 16:27 - 2013-10-03 16:28 - 18070536 _____ (Adobe Systems Inc.) C:\Users\Jonny G\Downloads\AdobeAIRInstaller.exe
2013-10-03 16:21 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-03 16:21 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-03 16:17 - 2013-10-03 16:17 - 01087213 _____ (Farbar) C:\Users\Jonny G\Downloads\FRST.exe
2013-10-03 16:02 - 2013-10-03 16:02 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\Jonny G\Downloads\rkill.exe
2013-10-03 15:59 - 2009-07-13 21:13 - 00727334 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-03 15:58 - 2013-10-03 15:58 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-03 15:58 - 2013-10-03 15:58 - 00001933 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-03 15:58 - 2013-10-03 15:58 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-03 15:58 - 2013-10-03 15:58 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-03 15:58 - 2013-10-03 15:57 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-03 15:53 - 2013-10-03 15:50 - 131918888 _____ C:\Users\Jonny G\Downloads\avast_free_antivirus_setup.exe
2013-10-03 15:49 - 2013-10-03 15:47 - 00003642 _____ C:\Windows\System32\Tasks\Spybot
2013-10-03 15:42 - 2013-10-01 12:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-03 15:30 - 2011-10-18 07:11 - 00000000 ____D C:\users\Jonny G
2013-10-03 02:21 - 2013-10-03 02:21 - 00000000 ____D C:\ProgramData\Oracle
2013-10-03 02:18 - 2013-10-03 02:19 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-03 02:18 - 2013-10-03 02:18 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-03 02:18 - 2012-09-06 16:00 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-03 02:18 - 2012-09-06 16:00 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-03 02:18 - 2011-03-23 17:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-03 02:18 - 2011-03-23 17:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-03 02:18 - 2011-03-23 17:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-02 17:13 - 2013-10-02 17:13 - 04104448 _____ (Piriform Ltd) C:\Users\Jonny G\Downloads\dfsetup215.exe
2013-10-02 17:13 - 2013-10-02 17:13 - 00001735 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-10-02 17:13 - 2013-10-02 17:13 - 00000000 ____D C:\Program Files\Defraggler
2013-10-02 17:10 - 2013-10-02 17:10 - 00000000 ____D C:\Users\Jonny G\Desktop\Old Firefox Data
2013-10-02 17:00 - 2011-10-28 16:47 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-10-02 17:00 - 2011-06-18 12:29 - 00000000 ____D C:\ProgramData\Norton
2013-10-02 16:58 - 2013-10-02 16:58 - 00869456 _____ C:\Users\Jonny G\Downloads\Norton_Removal_Tool.exe
2013-10-01 16:23 - 2013-10-01 16:23 - 00001053 _____ C:\Users\Jonny G\Desktop\Folder Size.lnk
2013-10-01 16:23 - 2013-10-01 16:23 - 00000000 ____D C:\ProgramData\MindGems
2013-10-01 16:23 - 2013-10-01 16:23 - 00000000 ____D C:\Program Files (x86)\Folder Size
2013-10-01 16:22 - 2013-10-01 16:22 - 01795603 _____ (MindGems, Inc.                                              ) C:\Users\Jonny G\Downloads\FolderSize.exe
2013-10-01 16:13 - 2013-10-01 12:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-01 16:13 - 2013-10-01 12:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-01 16:13 - 2012-06-30 05:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-01 16:06 - 2011-10-25 15:49 - 00000000 ____D C:\Users\Jonny G\AppData\Roaming\SoftGrid Client
2013-10-01 16:04 - 2011-10-28 17:13 - 00000000 ____D C:\Users\Jonny G\AppData\Local\Mozilla
2013-10-01 15:32 - 2013-10-01 15:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 14:27 - 2013-10-01 14:27 - 00000000 _____ C:\Windows\setuperr.log
2013-10-01 14:26 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-10-01 13:02 - 2013-08-25 05:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-01 13:02 - 2013-08-25 05:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 13:02 - 2013-08-25 05:25 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-01 12:44 - 2009-07-13 18:34 - 00449438 ____R C:\Windows\System32\Drivers\etc\hosts.20131003-220340.backup
2013-10-01 12:42 - 2013-10-01 12:23 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-01 12:32 - 2009-07-13 18:34 - 00447822 ____R C:\Windows\System32\Drivers\etc\hosts.20131001-164435.backup
2013-10-01 12:24 - 2013-10-01 12:24 - 00000000 ____D C:\Users\Jonny G\Documents\ProcAlyzer Dumps
2013-10-01 12:23 - 2013-10-01 12:23 - 00001394 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-01 12:23 - 2013-10-01 12:23 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-10-01 12:23 - 2013-10-01 12:22 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Jonny G\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-01 12:19 - 2011-12-07 15:56 - 00003178 _____ C:\Windows\System32\Tasks\{779E52B1-7978-42B7-95B9-E734176D084D}
2013-10-01 12:19 - 2011-12-07 15:42 - 00003184 _____ C:\Windows\System32\Tasks\{B67B3AE5-E3DD-4C8E-B696-0B61636F63AE}
2013-10-01 12:19 - 2011-12-07 15:34 - 00003304 _____ C:\Windows\System32\Tasks\{CD88A5A4-1AF7-4E9B-87B2-F55B47F4E8F6}
2013-10-01 12:18 - 2011-10-28 17:01 - 00003214 _____ C:\Windows\System32\Tasks\{681C5B10-D58B-458E-9325-D2C85D4E32CB}
2013-10-01 12:10 - 2012-09-16 17:31 - 00000000 ____D C:\Windows\Minidump
2013-10-01 12:10 - 2011-10-28 15:22 - 00000000 ____D C:\Users\Jonny G\AppData\Local\CrashDumps
2013-10-01 12:10 - 2011-03-24 09:35 - 00000000 ____D C:\Windows\Panther
2013-10-01 12:09 - 2013-10-01 12:09 - 04369632 _____ (Piriform Ltd) C:\Users\Jonny G\Downloads\ccsetup406.exe
2013-10-01 12:09 - 2013-10-01 12:09 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-01 12:09 - 2013-10-01 12:09 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-01 12:09 - 2013-10-01 12:09 - 00000000 ____D C:\Program Files\CCleaner
2013-10-01 12:02 - 2013-10-01 12:01 - 00000000 ____D C:\Windows\System32\MRT
2013-10-01 11:54 - 2011-06-18 12:32 - 00000000 ____D C:\Program Files\Google
2013-10-01 11:54 - 2011-06-18 12:32 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-18 16:02 - 2011-10-18 07:28 - 00000000 ____D C:\Users\Jonny G\AppData\Local\Google
2013-09-18 15:57 - 2011-03-23 17:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-18 14:53 - 2009-07-13 20:45 - 00275712 _____ C:\Windows\System32\FNTCACHE.DAT
2013-09-18 14:18 - 2011-10-25 15:48 - 00744030 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-18 14:18 - 2011-10-25 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-13 16:55 - 2011-10-25 14:20 - 00000000 ____D C:\Users\Jonny G\AppData\Local\Adobe
2013-09-13 16:53 - 2013-09-13 16:53 - 01067552 _____ (Solid State Networks) C:\Users\Jonny G\Downloads\install_flashplayer11x32_mssa_aaa_aih.exe

Some content of TEMP:
====================
C:\Users\Jonny G\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

2
Restore point made on: 2013-10-03 02:18:32
Restore point made on: 2013-10-03 15:58:18

==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 3963.97 MB
Available physical RAM: 3396.9 MB
Total Pagefile: 3962.17 MB
Available Pagefile: 3386.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (TI106140W0C) (Fixed) (Total:285.45 GB) (Free:185.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:7.53 GB) (Free:7.53 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 5A9912A7)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=17)

========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 7136870C)
Partition 1: (Not Active) - (Size=8 GB) - (Type=0C)


LastRegBack: 2013-09-18 15:23

==================== End Of Log ============================



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:49 AM

Posted 11 October 2013 - 05:25 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/510056 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 TheMadOne

TheMadOne
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 13 October 2013 - 10:26 AM

Still in need of help:  I have been successful in booting the laptop into safemode to run MalwareBytes, Avast, and Spybot Search and Destroy scans with no avail.  Computer will still boot up into a blackscreen with pointer visable.

 

Thanks in advance for any help!



#4 TheMadOne

TheMadOne
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 14 October 2013 - 01:25 PM

Through System Restore, I now have the ability to boot up, but any subsequent reboot does something to the login and yet again I am presented with a black screen after login showing only mouse cursor.  DDS.txt and attach.txt are included below:

 

DDS.txt:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686  BrowserJavaVersion: 10.40.2
Run by Jonny G at 14:22:34 on 2013-10-14
#Option Extended Search is enabled.
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3964.2156 [GMT -4:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k swprv
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\taskeng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\igfxext.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\windows\system32\sppsvc.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
uRun: [ComcastAntispyClient] "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACTIVC~1.LNK - C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{51AC6D26-06D9-4801-8FC0-8EF4A70484E3} : DHCPNameServer = 192.168.0.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
x64-Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jonny G\AppData\Roaming\Mozilla\Firefox\Profiles\x41np1r8.default-1380762603153\
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-10-02 21:11; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Jonny G\AppData\Roaming\Mozilla\Firefox\Profiles\x41np1r8.default-1380762603153\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
============= SERVICES / DRIVERS ===============
.
R2 ac.sharedstore;ActivIdentity Shared Store Service;C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-6-3 277032]
R2 AntiSpywareService;Comcast AntiSpyware;C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-6-17 616408]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-1 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-10-1 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-10-1 171928]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-6-18 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-4-20 169584]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-6-18 38096]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-6-18 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-10-1 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-6-18 243712]
S3 S3XXx64;SCR3xx USB SmartCardReader64;C:\windows\System32\drivers\S3XXx64.sys [2011-9-7 70016]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-10-1 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-10-1 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-10-21 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 60 ================
.
2013-10-14 14:37:09    --------    d-----w-    C:\Program Files (x86)\ESET
2013-10-14 13:40:01    25928    ----a-w-    C:\windows\System32\drivers\mbam.sys
2013-10-09 10:16:15    --------    d-----w-    C:\AdwCleaner
2013-10-09 01:27:53    --------    d-----w-    C:\Users\Jonny G\AppData\Roaming\Malwarebytes
2013-10-09 01:27:45    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-10-09 01:27:45    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-05 22:40:06    --------    d-----w-    C:\FRST
2013-10-03 23:58:21    --------    d-----w-    C:\Program Files\AVAST Software
2013-10-03 23:57:49    --------    d-----w-    C:\ProgramData\AVAST Software
2013-10-03 10:21:21    --------    d-----w-    C:\ProgramData\Oracle
2013-10-03 10:18:55    96168    ----a-w-    C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-03 01:13:30    --------    d-----w-    C:\Program Files\Defraggler
2013-10-02 00:23:12    --------    d-----w-    C:\ProgramData\MindGems
2013-10-02 00:23:12    --------    d-----w-    C:\Program Files (x86)\Folder Size
2013-10-01 20:23:48    --------    d-----w-    C:\ProgramData\Spybot - Search & Destroy
2013-10-01 20:23:36    17272    ----a-w-    C:\windows\System32\sdnclean64.exe
2013-10-01 20:23:31    --------    d-----w-    C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-01 20:11:03    458712    ----a-w-    C:\windows\System32\drivers\cng.sys
2013-10-01 20:11:03    340992    ----a-w-    C:\windows\System32\schannel.dll
2013-10-01 20:11:03    247808    ----a-w-    C:\windows\SysWow64\schannel.dll
2013-10-01 20:11:02    96768    ----a-w-    C:\windows\SysWow64\sspicli.dll
2013-10-01 20:11:02    22016    ----a-w-    C:\windows\SysWow64\secur32.dll
2013-10-01 20:11:02    154480    ----a-w-    C:\windows\System32\drivers\ksecpkg.sys
2013-10-01 20:11:02    1448448    ----a-w-    C:\windows\System32\lsasrv.dll
2013-10-01 20:11:00    514560    ----a-w-    C:\windows\SysWow64\qdvd.dll
2013-10-01 20:11:00    366592    ----a-w-    C:\windows\System32\qdvd.dll
2013-10-01 20:09:40    --------    d-----w-    C:\Program Files\CCleaner
2013-10-01 20:01:12    --------    d-----w-    C:\windows\System32\MRT
2013-09-13 22:51:53    155584    ----a-w-    C:\windows\System32\drivers\ataport.sys
2013-09-02 15:22:55    --------    d-----w-    C:\Users\Jonny G\AppData\Local\{11E22F20-4907-4E01-8A80-8226AE6669BD}
2013-08-25 13:25:13    71048    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-25 13:25:13    692616    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2013-08-24 23:00:36    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-24 23:00:36    --------    d-----w-    C:\Program Files\iTunes
2013-08-24 23:00:36    --------    d-----w-    C:\Program Files\iPod
2013-08-24 23:00:36    --------    d-----w-    C:\Program Files (x86)\iTunes
2013-08-18 13:02:26    --------    d-----w-    C:\Users\Jonny G\AppData\Local\CRE
2013-08-18 13:01:08    --------    d-----w-    C:\Users\Jonny G\AppData\Local\Programs
.
==================== Find6M  ====================
.
2013-10-03 10:18:51    868264    ----a-w-    C:\windows\SysWow64\npDeployJava1.dll
2013-10-03 10:18:51    790440    ----a-w-    C:\windows\SysWow64\deployJava1.dll
2013-08-10 05:22:18    2241024    ----a-w-    C:\windows\System32\wininet.dll
2013-08-10 05:20:59    3959296    ----a-w-    C:\windows\System32\jscript9.dll
2013-08-10 05:20:55    67072    ----a-w-    C:\windows\System32\iesetup.dll
2013-08-10 05:20:55    136704    ----a-w-    C:\windows\System32\iesysprep.dll
2013-08-10 03:59:10    1767936    ----a-w-    C:\windows\SysWow64\wininet.dll
2013-08-10 03:58:09    2876928    ----a-w-    C:\windows\SysWow64\jscript9.dll
2013-08-10 03:58:06    61440    ----a-w-    C:\windows\SysWow64\iesetup.dll
2013-08-10 03:58:06    109056    ----a-w-    C:\windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38    2706432    ----a-w-    C:\windows\System32\mshtml.tlb
2013-08-10 03:07:50    2706432    ----a-w-    C:\windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59    89600    ----a-w-    C:\windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19    71680    ----a-w-    C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-08-08 01:20:43    3155456    ----a-w-    C:\windows\System32\win32k.sys
2013-08-02 02:23:53    5550528    ----a-w-    C:\windows\System32\ntoskrnl.exe
2013-08-02 02:15:44    1732032    ----a-w-    C:\windows\System32\ntdll.dll
2013-08-02 02:15:03    362496    ----a-w-    C:\windows\System32\wow64win.dll
2013-08-02 02:15:03    243712    ----a-w-    C:\windows\System32\wow64.dll
2013-08-02 02:15:03    13312    ----a-w-    C:\windows\System32\wow64cpu.dll
2013-08-02 02:14:57    215040    ----a-w-    C:\windows\System32\winsrv.dll
2013-08-02 02:14:11    16384    ----a-w-    C:\windows\System32\ntvdm64.dll
2013-08-02 02:13:34    424448    ----a-w-    C:\windows\System32\KernelBase.dll
2013-08-02 01:59:30    3968960    ----a-w-    C:\windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30    3913664    ----a-w-    C:\windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23    1292192    ----a-w-    C:\windows\SysWow64\ntdll.dll
2013-08-02 01:50:42    5120    ----a-w-    C:\windows\SysWow64\wow32.dll
2013-08-02 01:50:42    274944    ----a-w-    C:\windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17    338432    ----a-w-    C:\windows\System32\conhost.exe
2013-08-02 00:59:09    112640    ----a-w-    C:\windows\System32\smss.exe
2013-08-02 00:45:37    25600    ----a-w-    C:\windows\SysWow64\setup16.exe
2013-08-02 00:45:36    14336    ----a-w-    C:\windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35    7680    ----a-w-    C:\windows\SysWow64\instnm.exe
2013-08-02 00:45:34    2048    ----a-w-    C:\windows\SysWow64\user.exe
2013-08-02 00:43:05    6144    ---ha-w-    C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05    4608    ---ha-w-    C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05    3584    ---ha-w-    C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05    3072    ---ha-w-    C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-25 09:25:54    1888768    ----a-w-    C:\windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27    1620992    ----a-w-    C:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42    2048    ----a-w-    C:\windows\System32\tzres.dll
2013-07-19 01:41:01    2048    ----a-w-    C:\windows\SysWow64\tzres.dll
2013-07-09 05:52:52    224256    ----a-w-    C:\windows\System32\wintrust.dll
2013-07-09 05:51:16    1217024    ----a-w-    C:\windows\System32\rpcrt4.dll
2013-07-09 05:46:20    184320    ----a-w-    C:\windows\System32\cryptsvc.dll
2013-07-09 05:46:20    1472512    ----a-w-    C:\windows\System32\crypt32.dll
2013-07-09 05:46:20    139776    ----a-w-    C:\windows\System32\cryptnet.dll
2013-07-09 04:52:33    663552    ----a-w-    C:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10    175104    ----a-w-    C:\windows\SysWow64\wintrust.dll
2013-07-09 04:46:31    140288    ----a-w-    C:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31    1166848    ----a-w-    C:\windows\SysWow64\crypt32.dll
2013-07-09 04:46:31    103936    ----a-w-    C:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53    1910208    ----a-w-    C:\windows\System32\drivers\tcpip.sys
2013-06-26 23:21:50    23208    ----a-w-    C:\windows\System32\drivers\Sftvollh.sys
2013-06-26 23:21:48    28840    ----a-w-    C:\windows\System32\drivers\Sftredirlh.sys
2013-06-26 23:21:46    273576    ----a-w-    C:\windows\System32\drivers\Sftplaylh.sys
2013-06-26 23:21:46    1777320    ----a-w-    C:\windows\System32\sftldr.dll
2013-06-26 23:21:46    1130664    ----a-w-    C:\windows\SysWow64\sftldr_wow64.dll
2013-06-26 23:21:44    767144    ----a-w-    C:\windows\System32\drivers\Sftfslh.sys
2013-06-15 04:32:16    39936    ----a-w-    C:\windows\System32\drivers\tssecsrv.sys
2013-06-04 06:00:13    624128    ----a-w-    C:\windows\System32\qedit.dll
2013-06-04 04:53:07    509440    ----a-w-    C:\windows\SysWow64\qedit.dll
2013-05-13 05:50:40    52224    ----a-w-    C:\windows\System32\certenc.dll
2013-05-13 03:43:55    1192448    ----a-w-    C:\windows\System32\certutil.exe
2013-05-13 03:08:10    903168    ----a-w-    C:\windows\SysWow64\certutil.exe
2013-05-13 03:08:06    43008    ----a-w-    C:\windows\SysWow64\certenc.dll
2013-05-10 05:49:27    30720    ----a-w-    C:\windows\System32\cryptdlg.dll
2013-05-10 03:20:54    24576    ----a-w-    C:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:10:12    770384    ----a-w-    C:\windows\SysWow64\msvcr100.dll
2013-05-08 06:10:12    421200    ----a-w-    C:\windows\SysWow64\msvcp100.dll
2013-04-26 05:51:36    751104    ----a-w-    C:\windows\System32\win32spl.dll
2013-04-26 04:55:21    492544    ----a-w-    C:\windows\SysWow64\win32spl.dll
2013-04-25 23:30:32    1505280    ----a-w-    C:\windows\SysWow64\d3d11.dll
.
============= FINISH: 14:23:17.19 ===============
 

 

 

attatch.txt:

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/18/2011 11:10:54 AM
System Uptime: 10/14/2013 2:16:48 PM (0 hours ago)
.
Motherboard: TOSHIBA |  | Portable PC
Processor: Pentium® Dual-Core CPU       T4500  @ 2.30GHz | CPU | 2300/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 285 GiB total, 184.045 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP105: 10/3/2013 6:18:23 AM - Installed Java 7 Update 40
RP106: 10/3/2013 7:58:09 PM - avast! Free Antivirus Setup
RP107: 10/14/2013 12:32:32 PM - avast! Free Antivirus Setup
.
==== Installed Programs ======================
.
ActivClient CAC x64
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Best Buy pc app
Bonjour
CCleaner
Conexant HD Audio
D3DX10
Defraggler
Device Installer x64
ESET Online Scanner v3
Folder Size 2.9.0.0
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
Java 7 Update 40
Java Auto Updater
Java™ 6 Update 17
Junk Mail filter update
Label@Once 1.0
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Mozilla Firefox 24.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
PlayReady PC Runtime x86
Realtek USB 2.0 Card Reader
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Spybot - Search & Destroy
Superchips Easy Update
Synaptics Pointing Device Driver
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
10/14/2013 9:37:05 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
10/14/2013 9:37:05 AM, Error: Service Control Manager [7000]  - The Spybot-S&D 2 Scanner Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
10/14/2013 9:25:44 AM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
10/14/2013 9:25:44 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
10/14/2013 9:25:43 AM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
10/14/2013 9:25:43 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
10/14/2013 9:25:39 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/14/2013 9:25:32 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
10/14/2013 9:25:12 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswRvrt aswSnx aswSP aswTdi aswVmm discache spldr Wanarpv6
10/14/2013 9:25:10 AM, Error: Service Control Manager [7001]  - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:  The dependency service or group failed to start.
10/14/2013 9:23:22 AM, Error: Service Control Manager [7000]  - The Comcast AntiSpyware service failed to start due to the following error:  The system cannot find the file specified.
10/14/2013 2:17:59 PM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
10/14/2013 2:17:59 PM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
10/14/2013 12:50:21 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the sftlist service.
10/14/2013 12:49:45 PM, Error: Service Control Manager [7043]  - The Windows Update service did not shut down properly after receiving a preshutdown control.
10/14/2013 12:48:17 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service.
10/14/2013 12:47:47 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Apple Mobile Device service.
10/14/2013 12:47:17 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
.
==== End Of File ===========================
 



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:49 PM

Posted 18 October 2013 - 11:30 AM

Greetings TheMadOne and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Since several changes have occured since you first posted, please download a fresh copy of Farbar Recovery Scan Tool and scan your computer. Post the results for review.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:49 PM

Posted 22 October 2013 - 10:05 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:49 PM

Posted 24 October 2013 - 08:42 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users