Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware Removal???


  • This topic is locked This topic is locked
81 replies to this topic

#1 Someperson

Someperson

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 14 April 2014 - 02:13 PM

Ok. So it starts like this. I have a windows 7 computer and sometimes when i scan with superantispyware, i can't help but stare at the screen. I sometimes catch a glimpse of some "Windows Antivirus 2007" or some "Titan Shield" thing. When i google it, it pops up to be a rogue antivirus. Superantispyware just runs through it and doesn't detect it. Is this a problem, or is it a false positive? Thanks for the help Bleeping Computer Team!  :hello:   :hello:   :)   :)

 

Also, here is the DDS log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.51.2
Run by Henry Liang at 15:09:03 on 2014-04-14
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2663.737 [GMT -4:00]
.
AV: AVG Internet Security 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\System32\StikyNot.exe
C:\Users\Henry Liang\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\Henry Liang\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:Tabs
uDefault_Page_URL = hxxp://start.toshiba.com
mStart Page = hxxp://www.google.com
uProxyOverride = <local>;*.local
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - <orphaned>
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [RESTART_STICKY_NOTES] C:\windows\System32\StikyNot.exe
uRun: [Akamai NetSession Interface] "C:\Users\Henry Liang\AppData\Local\Akamai\netsession_win.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{15332B4A-6A15-4378-96DB-8040ECBA6348} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{90929815-1517-4D49-9E43-AECE26383807} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Henry Liang\AppData\Roaming\Mozilla\Firefox\Profiles\jkuz6tnp.default\
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Henry Liang\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: C:\Users\Henry Liang\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Henry Liang\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Henry Liang\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\windows\System32\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\windows\System32\Adobe\Director\np32dsw_1210150.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2014-2-19 75904]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2014-2-19 38016]
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2013-11-25 196376]
R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R1 Avgdiska;AVG Disk Driver;C:\windows\System32\drivers\avgdiska.sys [2013-11-25 150808]
R1 Avgfwfd;AVG network filter service;C:\windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2013-11-25 243480]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 mbamchameleon;mbamchameleon;C:\windows\System32\drivers\mbamchameleon.sys [2014-4-13 88280]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-10 144152]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2014-2-19 204288]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2013-9-24 1358944]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-2-23 3782672]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-3-3 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-3-3 1748608]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-4-13 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-4-13 857912]
R2 mitsijm2014;Autodesk Simulation Moldflow MITSI 2014 Job Manager;C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-1-25 952608]
R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [2014-2-19 123320]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2014-2-19 126392]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2010-11-11 137512]
R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2014-2-19 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-4-20 169584]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2014-4-13 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2014-4-13 119512]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2014-4-13 63192]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2014-2-19 38096]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\windows\System32\drivers\rtwlane.sys [2013-5-2 1514568]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2014-2-19 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-10 138152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-2-23 1471792]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-4-8 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2014-2-19 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2014-2-19 243712]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2014-2-19 1109096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-2-19 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2014-2-19 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .scr: DWGTrueViewScriptFile=C:\windows\System32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2014-04-14 18:43:16 -------- d-----w- C:\ProgramData\HitmanPro
2014-04-14 15:48:29 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-14 15:35:43 108968 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2014-04-14 13:57:06 -------- d-----w- C:\Users\Henry Liang\AppData\Local\Macromedia
2014-04-14 00:15:21 119512 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-04-14 00:13:55 88280 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2014-04-14 00:13:55 63192 ----a-w- C:\windows\System32\drivers\mwac.sys
2014-04-14 00:13:55 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2014-04-14 00:13:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-13 22:36:17 68616 ----a-w- C:\windows\SysWow64\XAPOFX1_1.dll
2014-04-13 22:36:17 509448 ----a-w- C:\windows\SysWow64\XAudio2_2.dll
2014-04-13 22:36:15 467984 ----a-w- C:\windows\SysWow64\d3dx10_39.dll
2014-04-13 22:36:15 1493528 ----a-w- C:\windows\SysWow64\D3DCompiler_39.dll
2014-04-13 22:36:12 3851784 ----a-w- C:\windows\SysWow64\D3DX9_39.dll
2014-04-13 22:34:51 -------- d-sh--w- C:\windows\SysWow64\AI_RecycleBin
2014-04-13 22:34:42 -------- d-----w- C:\Riot Games
2014-04-13 22:32:35 -------- d-----w- C:\Program Files (x86)\Pando Networks
2014-04-13 22:27:45 -------- d-----w- C:\Users\Henry Liang\AppData\Roaming\Riot Games
2014-04-13 00:46:03 -------- d-----w- C:\Users\Henry Liang\AppData\Local\Microsoft Games
2014-04-12 19:47:54 -------- d-----w- C:\SUPERDelete
2014-04-09 22:28:45 -------- d-----w- C:\Program Files (x86)\ESET
2014-04-09 02:08:57 48128 ----a-w- C:\Program Files\Internet Explorer\DiagnosticsHub_is.dll
2014-04-09 01:35:59 274880 ----a-w- C:\windows\System32\drivers\msiscsi.sys
2014-04-07 23:31:10 -------- d-----w- C:\ProgramData\Oracle
2014-03-27 20:26:18 -------- d-----w- C:\ProgramData\boost_interprocess
2014-03-25 23:15:05 29496 ----a-w- C:\windows\System32\authuitu.dll
2014-03-25 23:15:05 25400 ----a-w- C:\windows\SysWow64\authuitu.dll
2014-03-25 23:14:48 43320 ----a-w- C:\windows\System32\uxtuneup.dll
2014-03-25 23:14:48 36152 ----a-w- C:\windows\SysWow64\uxtuneup.dll
2014-03-25 23:13:29 -------- d-----w- C:\Users\Henry Liang\AppData\Local\TuneUp Software
2014-03-23 23:15:56 -------- d-----w- C:\Users\Henry Liang\AppData\Local\Autodesk,_Inc
2014-03-23 23:08:59 -------- d-----w- C:\Users\Henry Liang\AppData\Local\Granta Design
2014-03-22 16:05:56 -------- d-----w- C:\Users\Henry Liang\AppData\Roaming\AVG2014
2014-03-22 16:01:29 -------- d--h--w- C:\$AVG
2014-03-22 16:01:29 -------- d-----w- C:\ProgramData\AVG2014
2014-03-22 16:00:08 -------- d-----w- C:\Program Files (x86)\AVG
2014-03-22 15:35:29 -------- d-----w- C:\Users\Henry Liang\AppData\Local\MFAData
2014-03-22 15:35:29 -------- d-----w- C:\Users\Henry Liang\AppData\Local\Avg2014
2014-03-22 15:35:29 -------- d-----w- C:\ProgramData\MFAData
2014-03-22 15:30:12 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-03-22 15:29:59 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{17D2482C-1718-49FF-8F04-68BC2E58CD5B}\mpengine.dll
2014-03-22 15:13:03 -------- d-----w- C:\Program Files\AVAST Software
2014-03-22 15:10:57 -------- d-----w- C:\ProgramData\AVAST Software
.
==================== Find3M  ====================
.
2014-04-14 14:11:58 692400 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-04-14 14:11:57 70832 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-20 13:44:28 40760 ----a-w- C:\windows\System32\TURegOpt.exe
2014-03-07 14:14:29 0 ----a-w- C:\windows\SysWow64\StikyNot.exe
2014-03-07 14:14:29 0 ----a-w- C:\windows\SysWow64\dwm.exe
2014-03-07 14:14:13 0 ----a-w- C:\windows\SysWow64\TODDSrv.exe
2014-03-07 14:14:13 0 ----a-w- C:\windows\SysWow64\taskhost.exe
2014-03-07 14:14:13 0 ----a-w- C:\windows\SysWow64\spoolsv.exe
2014-03-07 14:14:13 0 ----a-w- C:\windows\SysWow64\atieclxx.exe
2014-03-07 14:13:12 0 ----a-w- C:\windows\SysWow64\winlogon.exe
2014-03-07 14:13:12 0 ----a-w- C:\windows\SysWow64\smss.exe
2014-03-07 14:13:12 0 ----a-w- C:\windows\SysWow64\services.exe
2014-03-07 14:13:12 0 ----a-w- C:\windows\SysWow64\lsm.exe
2014-03-07 14:13:12 0 ----a-w- C:\windows\SysWow64\lsass.exe
2014-03-07 14:13:12 0 ----a-w- C:\windows\SysWow64\atiesrxx.exe
2014-03-07 03:06:45 2202 ----a-w- C:\windows\SysWow64\tmp.reg
2014-03-06 09:32:16 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-03-06 09:31:33 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-03-06 08:57:34 548352 ----a-w- C:\windows\System32\vbscript.dll
2014-03-06 08:57:20 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-03-06 08:32:07 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-03-06 08:29:40 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-03-06 08:29:14 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-03-06 08:28:15 752640 ----a-w- C:\windows\System32\jscript9diag.dll
2014-03-06 08:15:54 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41 5784064 ----a-w- C:\windows\System32\jscript9.dll
2014-03-06 08:02:34 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-03-06 08:02:33 455168 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-03-06 08:01:01 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43 38400 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36 4254720 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-03-06 07:38:13 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40 592896 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43 32256 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15 2043904 ----a-w- C:\windows\System32\inetcpl.cpl
2014-03-06 06:40:39 1967104 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40 2260480 ----a-w- C:\windows\System32\wininet.dll
2014-03-06 05:41:49 1789440 ----a-w- C:\windows\SysWow64\wininet.dll
2014-03-04 09:44:21 362496 ----a-w- C:\windows\System32\wow64win.dll
2014-03-04 09:44:21 243712 ----a-w- C:\windows\System32\wow64.dll
2014-03-04 09:44:21 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2014-03-04 09:44:03 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2014-03-04 09:17:19 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2014-03-04 09:16:54 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2014-03-04 08:09:30 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048 ----a-w- C:\windows\SysWow64\user.exe
2014-02-27 22:14:09 2560 ----a-w- C:\windows\_MSRSTRT.EXE
2014-02-23 19:07:52 91264 ----a-w- C:\windows\SysWow64\EasyHook32.dll
2014-02-23 19:07:52 109696 ----a-w- C:\windows\SysWow64\EasyHook64.dll
2014-02-23 19:07:50 172032 ----a-w- C:\windows\SysWow64\AniGIF.ocx
2014-02-19 21:42:56 878080 ----a-w- C:\windows\System32\advapi32.dll
2014-02-19 21:42:56 859648 ----a-w- C:\windows\System32\tdh.dll
2014-02-19 21:42:56 5549504 ----a-w- C:\windows\System32\ntoskrnl.exe
2014-02-19 21:42:56 3969472 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2014-02-19 21:42:56 1732032 ----a-w- C:\windows\System32\ntdll.dll
2014-02-19 21:42:55 640512 ----a-w- C:\windows\SysWow64\advapi32.dll
2014-02-19 21:42:55 619520 ----a-w- C:\windows\SysWow64\tdh.dll
2014-02-19 21:42:55 3914176 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2014-02-19 21:42:55 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll
2014-02-19 21:40:01 327168 ----a-w- C:\windows\System32\mswsock.dll
2014-02-19 21:40:01 288088 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2014-02-19 21:40:01 231424 ----a-w- C:\windows\SysWow64\mswsock.dll
2014-02-19 21:40:01 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys
2014-02-19 20:10:56 68608 ----a-w- C:\windows\System32\taskhost.exe
2014-02-19 19:35:39 1795952 ----a-w- C:\windows\System32\WdfCoInstaller01011.dll
2014-02-19 19:35:39 1002728 ----a-w- C:\windows\System32\WinUSBCoInstaller2.dll
2014-02-19 17:37:08 0 ----a-w- C:\windows\ativpsrm.bin
2014-02-07 01:23:30 3156480 ----a-w- C:\windows\System32\win32k.sys
2014-02-04 02:35:56 190912 ----a-w- C:\windows\System32\drivers\storport.sys
2014-02-04 02:35:35 27584 ----a-w- C:\windows\System32\drivers\Diskdump.sys
2014-02-04 02:32:22 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2014-02-04 02:32:12 624128 ----a-w- C:\windows\System32\qedit.dll
2014-02-04 02:28:36 2048 ----a-w- C:\windows\System32\iologmsg.dll
2014-02-04 02:04:22 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04:11 509440 ----a-w- C:\windows\SysWow64\qedit.dll
2014-02-04 02:00:39 2048 ----a-w- C:\windows\SysWow64\iologmsg.dll
2014-01-29 02:32:18 484864 ----a-w- C:\windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\windows\System32\wwansvc.dll
2014-01-24 02:37:55 1684928 ----a-w- C:\windows\System32\drivers\ntfs.sys
2014-01-17 21:24:12 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx
2014-01-17 21:24:12 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts
.
============= FINISH: 15:10:59.21 ===============
 
 
and the attach log:
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 2/19/2014 11:53:47 AM
System Uptime: 4/14/2014 2:35:10 PM (1 hours ago)
.
Motherboard: TOSHIBA |  | Portable PC
Processor: AMD E-300 APU with Radeon™ HD Graphics | Socket FT1 | 1300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 452 GiB total, 378.636 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP34: 4/7/2014 7:25:37 PM - Installed Java 7 Update 51
RP35: 4/8/2014 7:08:03 PM - AA11
RP36: 4/8/2014 7:38:21 PM - Removed Java™ 6 Update 25
RP37: 4/8/2014 9:38:34 PM - Revo Uninstaller's restore point - TuneUp Utilities 2014
RP38: 4/8/2014 9:51:36 PM - Removed TuneUp Utilities 2014
RP39: 4/8/2014 10:05:18 PM - Windows Update
RP40: 4/8/2014 10:25:38 PM - Windows Update
RP41: 4/13/2014 6:28:53 PM - Installed League of Legends
RP42: 4/13/2014 6:33:22 PM - Installed League of Legends
RP43: 4/13/2014 6:35:24 PM - Installed DirectX
RP44: 4/14/2014 11:32:19 AM - Installed Java 7 Update 51 (64-bit)
RP45: 4/14/2014 11:43:46 AM - Removed Java 7 Update 51
RP46: 4/14/2014 11:46:40 AM - Installed Java 7 Update 51
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Digital Editions 3.0
Adobe Flash Player 12 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.06)
Adobe Shockwave Player 12.0
Akamai NetSession Interface
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
ATI Catalyst Install Manager
Autodesk 360
Autodesk Design Review 2013
Autodesk Download Manager
Autodesk DWG TrueView 2014
Autodesk Inventor Content Center Libraries 2014 (Desktop Content)
Autodesk Inventor Professional 2014
Autodesk Inventor Professional 2014 - English
Autodesk Inventor Professional 2014 English Language Pack
Autodesk Material Library 2014
Autodesk Material Library Base Resolution Image Library 2014
Autodesk Material Library Low Resolution Image Library 2014
Autodesk Material Library Medium Resolution Image Library 2014
Autodesk ReCap
Autodesk ReCap Language Pack-English
Autodesk Revit 2014
Autodesk Revit Interoperability for Inventor 2014
Autodesk Vault Basic 2014 (Client)
Autodesk Vault Basic 2014 (Client) English Language Pack
Autodesk Workflows 2014
AVG 2014
Bejeweled 3
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Cheat Engine 6.2
Chuzzle Deluxe
Conexant HD Audio
D3DX10
DWG TrueView 2014
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit)
ESET Online Scanner v3
ETDWare PS/2-X64 8.0.8.0_R01
FARO LS 1.1.501.0 (64bit)
FATE - The Traitor Soul
Fishdom ™ 2
FreeFixer
Google Chrome
Google Drive
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
herdProtect Anti-Malware Scanner
HP Deskjet 3050 J610 series Basic Device Software
HP Deskjet 3050 J610 series Help
HP Deskjet 3050 J610 series Product Improvement Study
HP Photo Creations
HP Update
iCloud
iTunes
Java 7 Update 51
Java 7 Update 51 (64-bit)
Java Auto Updater
Junk Mail filter update
Label@Once 1.0
League of Legends
Malwarebytes Anti-Malware version 2.0.1.1004
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft PowerPoint Viewer
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual Basic for Applications 7.1 (x64)
Microsoft Visual Basic for Applications 7.1 (x64) English
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Mozilla Firefox 28.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Polar Bowler
QuickTime 7
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Revit 2014
Revit 2014 Language Pack - English
Revo Uninstaller 1.95
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
SketchUp 8
Skype Click to Call
Skype Launcher
Skype™ 6.14
SUPERAntiSpyware
swMSM
Tom Clancy's Splinter Cell
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Laptop Checkup
TOSHIBA Media Controller
Toshiba Online Backup
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TOSHIBARegistration
TuneUp Utilities 2014 (en-US)
Unity Web Player
Update Installer for WildTangent Games App
Virtual Villagers 5 - New Believers
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.1.3
WildTangent Games
WildTangent Games App (Toshiba Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 5.01 (64-bit)
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
4/14/2014 2:39:18 PM, Error: Service Control Manager [7023]  - The HP Network Devices Support service terminated with the following error:  The specified module could not be found.
.
==== End Of File ===========================
 

 



BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:38 PM

Posted 14 April 2014 - 02:41 PM

Good evening. :)

Please do not post multiple threads for the same problem as they will only be locked to avoid tying up more than one helper for the same problem - this both wastes people's time and also throws up the possibility of conflicting instructions.

 

 

 

I sometimes catch a glimpse of some "Windows Antivirus 2007" or some "Titan Shield" thing.

Can you be a little more specific about what you see?


Edited by Noviciate, 14 April 2014 - 02:41 PM.

So long, and thanks for all the fish.

 

 


#3 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 14 April 2014 - 03:15 PM

Sorry about the confusion, i'll make sure it will never happen again. Anyways, this is an example of what i see: 

aa_zpsf52abb93.png

 

aaa_zps594871ee.png

 

aaaa_zps70c5ac97.png

 

a_zpsbb0959f1.png

 

I'm not sure if the pictures will open up correctly, so let me describe what is going on. It shows Superantispyware, with me pausing it. During this pause, i have captured some shots of some spyware/malware names. The names of some of these are AntiVirusCOM.AVOfficeProtect.1 , WinAntiVirus Pro 2007 , SpamBlocker Utility , and MalwareWiped 5.7

 

Previously, one of your other admins helped me, and if you need it, i could post the link here for you to see what logs and detections other cleaners found.



#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:38 PM

Posted 14 April 2014 - 04:13 PM

Do these other posts relate to the same issue?


So long, and thanks for all the fish.

 

 


#5 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 14 April 2014 - 05:49 PM

Yes, the other posts relate to the same issue. I was directed here and instructed to create a new topic for the experts to handle my situation.



#6 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:38 PM

Posted 15 April 2014 - 12:23 PM

Good evening. :)

Got the link: http://www.bleepingcomputer.com/forums/t/530193/spyware-removal/

 

The second and forth items look like shortcuts that you should be able to see on your Desktop - is this correct?


So long, and thanks for all the fish.

 

 


#7 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 15 April 2014 - 02:21 PM

yes



#8 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:38 PM

Posted 15 April 2014 - 03:02 PM

Right click each one and select Properties - what does it say in the Target boxes?


So long, and thanks for all the fish.

 

 


#9 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 15 April 2014 - 08:41 PM

Do I click on only adw cleaner and minitoolbox or the whole list of items? Also, i can't really find the target box. I see the Type of File, Description, Location, Size, Size on Disc, Created, Modified, Accessed, Attributes, and Security.



#10 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:38 PM

Posted 16 April 2014 - 01:59 PM

Good evening. :)

It's the two shortcuts on your Desktop - they should have the Target box with the information I want.


So long, and thanks for all the fish.

 

 


#11 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 16 April 2014 - 04:16 PM

I'm sorry, but i can't see the target box. Can you first locate the target box on your computer and then describe the steps you used to get to the target box? Thanks.



#12 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:38 PM

Posted 16 April 2014 - 05:28 PM

Right click each one and select Properties - what does it say in the Target boxes?

Do this for each of the shortcuts on the Desktop that you confirmed that you could see.


So long, and thanks for all the fish.

 

 


#13 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 16 April 2014 - 07:30 PM

I see :

 

Under General: Type of file, Description, Location, Size, Size on disc, Created, Modified, Accessed, Attributes, Security

 

Under Compatibility: Run this program in compatibility mode for, run in 256 colors...(i stopped here because i'm sure none of these relate to the target box)

 

Under Security: Object name, Group or user names, Permissions for SYSTEM

 

Under Details: File description, Type, File version, Product name, Product version, Copyright, Size, Date modified, Language

 

Under Previous versions:(none)

 

By the way, i use a windows 7 computer, and you might be using one with a different operating system, so we might see different stuff.

 

Also, the list is for both of the programs.

 

 

 

********************************************************************

Never mind, i made a silly mistake all along. :whistle:  :whistle:

I didn't put the shortcut onto the desktop, i put the program itself onto the desktop, and that was why i couldn't open target. How silly of me.

 

Anyways, the target is as follows:

"C:\Users\Henry Liang\Desktop\AdwCleaner (1).exe"

 

and

 

"C:\Users\Henry Liang\Desktop\MiniToolBox.exe"


Edited by Someperson, 16 April 2014 - 07:40 PM.


#14 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:38 PM

Posted 17 April 2014 - 12:04 PM

Good evening. :)
 

I didn't put the shortcut onto the desktop, i put the program itself onto the desktop, and that was why i couldn't open target. How silly of me.

 

I don't understand. The relevant two links that show are:

 

C:\Users\PublicDesktop\Look for answers in WinAntiVirusPro 2007 Knowledge Base.lnk
C:\Users\Henry Liang\Desktop\MalwareWiped 5.7.lnk

 

Will you just confirm which information relates to which shortcut.


So long, and thanks for all the fish.

 

 


#15 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 17 April 2014 - 01:19 PM

These, C:\Users\PublicDesktop\Look for answers in WinAntiVirusPro 2007 Knowledge Base.lnk

C:\Users\Henry Liang\Desktop\MalwareWiped 5.7.lnk

 

are the files that i suspect to be linked to spyware. I don't see anything on my desktop that looks suspicious, and i think that the files above are hidden files.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users