Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop Running Low. Files from flash drive turn into shortcuts


  • Please log in to reply
No replies to this topic

#1 laxoole

laxoole

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 22 November 2014 - 12:55 PM

The problem I am currently facing is my laptop is very slow. I know it's an old model but it wasn't this slow. There are occasional lags. Also my files from the flash drive turn into shortcuts
 
2. DDS log
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 11.0.9600.17420
Run by RCD REALTY at 1:49:08 on 2014-11-23
Microsoft Windows 7 Starter   6.1.7601.1.1252.63.1033.18.1822.452 [GMT 8:00]
.
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Norton AntiVirus *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Norton AntiVirus *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bluetooth Suite\adminservice.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\Program Files\Samsung\Easy Software Manager\SWMAgent.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\RCD REALTY\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\System32\wscript.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\windows\system32\RunDll32.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Samsung\Easy Settings\dmhkcore.exe
C:\windows\system32\taskeng.exe
C:\Program Files\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\igfxpers.exe
C:\Program Files\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\windows\system32\UI0Detect.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Google\Update\Install\{2CD69F9A-B993-484C-8C40-D1EDFCEA16BD}\39.0.2171.65_38.0.2125.111_chrome_updater.exe
C:\windows\TEMP\CR_927F1.tmp\setup.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uDefault_Page_URL = www.google.com
mStart Page = www.google.com
mSearch Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1388706479&from=wpm0102&uid=HitachiXHTS547550A9E384_J112005MFPR3YAFPR3YAX&q={searchTerms}
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.8.150\McAfeeMSS_IE.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton antivirus\engine\20.4.0.40\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - c:\program files\norton identity safe\engine\2013.1.0.32\CoIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - c:\program files\norton identity safe\engine\2013.1.0.32\CoIEPlg.dll
uRun: [Facebook Update] "c:\users\rcd realty\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
uRun: [uTorrent] "c:\users\rcd realty\appdata\roaming\utorrent\uTorrent.exe"  /MINIMIZED
uRun: [CAHeadless] c:\program files\adobe\elements 12 organizer\caheadless\ElementsAutoAnalyzer.exe
uRun: [sipkrzpmyl] wscript.exe //B "c:\users\rcd realty\appdata\roaming\sipkrzpmyl..vbs"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [AtherosBtStack] "c:\program files\bluetooth suite\BtvStack.exe"
mRun: [AthBtTray] "c:\program files\bluetooth suite\AthBtTray.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] "c:\programdata\malwarebytes\malwarebytes anti-malware\mbamdor.exe" "c:\programdata\malwarebytes\Malwarebytes Anti-Malware"
StartupFolder: c:\users\rcdrea~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe
StartupFolder: c:\users\rcdrea~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.8.150\SSScheduler.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - c:\program files\hewlett-packard\smart print 2.0\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{EE849805-C981-4B0C-A0B9-BF9ED4030547} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EE849805-C981-4B0C-A0B9-BF9ED4030547}\05C44445D4974435C4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EE849805-C981-4B0C-A0B9-BF9ED4030547}\05C44445D4974435C474F66416D696C697 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EE849805-C981-4B0C-A0B9-BF9ED4030547}\4656661657C647 : DHCPNameServer = 124.106.6.2 192.168.0.1
TCP: Interfaces\{EE849805-C981-4B0C-A0B9-BF9ED4030547}\5487072756373796F6E6 : DHCPNameServer = 192.168.8.1 192.168.8.1
TCP: Interfaces\{EE849805-C981-4B0C-A0B9-BF9ED4030547}\A425550275966496 : DHCPNameServer = 168.212.19.1
TCP: Interfaces\{EE849805-C981-4B0C-A0B9-BF9ED4030547}\C456472716E602142727962616 : DHCPNameServer = 10.0.0.5 10.0.0.1
TCP: Interfaces\{EE849805-C981-4B0C-A0B9-BF9ED4030547}\E42574 : DHCPNameServer = 192.168.0.1 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\38.0.2125.111\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\rcd realty\appdata\roaming\mozilla\firefox\profiles\rcovauc5.default-1380867232507\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\program files\intel\intel® management engine components\ipt\npIntelWebAPIIPT.dll
FF - plugin: c:\program files\intel\intel® management engine components\ipt\npIntelWebAPIUpdater.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: c:\users\rcd realty\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_15_0_0_189.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-6-18 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-7-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-10-5 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-18 27416]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1404000.028\symds.sys [2013-10-20 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1404000.028\symefa.sys [2013-10-20 934488]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-18 121624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-10-29 213784]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-18 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-8-28 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-10-10 200984]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_20.1.0.24\definitions\bashdefs\20120815.002\BHDrvx86.sys [2013-10-16 995488]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\nav\1404000.028\ccsetx86.sys [2013-10-20 134744]
R1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\nst\7dd01000.020\ccSetx86.sys [2013-10-16 134304]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_20.1.0.24\definitions\ipsdefs\20120811.001\IDSVix86.sys [2013-10-16 386208]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2012-5-5 10752]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1404000.028\ironx86.sys [2013-10-20 175264]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\nav\1404000.028\symnets.sys [2013-10-20 339544]
R2 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2012-2-13 85664]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2013-4-22 822504]
R2 Freemake Improver;Freemake Improver;c:\programdata\freemake\freemakeutilsservice\FreemakeUtilsService.exe [2014-8-26 108032]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2012-2-13 35488]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-2-13 298144]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-2-13 97952]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2012-2-13 25248]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2012-2-13 147616]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2012-2-13 60064]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2012-2-13 263968]
R3 BtFilter;BtFilter;c:\windows\system32\drivers\btfilter.sys [2012-2-13 468640]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\drivers\clwvd.sys [2012-4-16 27760]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2012-3-7 280576]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-22 114904]
R3 MEI;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-5-6 46080]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-5-5 491112]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2013-6-26 583848]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2013-6-26 197800]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2013-6-26 24232]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2013-6-26 20136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-3-1 183560]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-21 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264]
.
=============== Created Last 30 ================
.
2014-11-22 17:48:45 52440 ----a-w- c:\windows\system32\drivers\nyuvsg.sys
2014-11-22 14:44:56 -------- d-----w- c:\users\rcd realty\appdata\roaming\AVG2015
2014-11-22 14:42:16 -------- d--h--w- C:\$AVG
2014-11-22 14:42:16 -------- d-----w- c:\programdata\AVG2015
2014-11-22 14:32:30 -------- d-----w- c:\users\rcd realty\appdata\local\Avg2015
2014-11-22 13:38:00 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-22 13:37:15 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-22 13:37:14 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-22 13:37:14 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-22 13:37:14 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-11-22 13:17:36 8941456 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{9e30bd41-f045-47bb-a875-d88cfb01af2e}\mpengine.dll
2014-11-19 11:01:41 -------- d-----w- c:\users\rcd realty\appdata\local\{0985B775-DD83-4D28-B8DA-755E5292AD53}
2014-11-19 10:58:40 -------- d-----w- c:\users\rcd realty\appdata\local\{39A60D63-5CC9-4B0E-B47E-58A437248635}
2014-11-17 14:17:58 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-17 14:17:57 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-17 14:17:55 817664 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2014-11-17 14:17:51 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-17 14:17:51 4298240 ----a-w- c:\windows\system32\jscript9.dll
2014-11-17 14:07:59 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-17 14:01:34 701440 ----a-w- c:\windows\system32\IMJP10K.DLL
2014-11-17 14:00:07 2363904 ----a-w- c:\windows\system32\msi.dll
2014-11-17 13:23:02 -------- d-----w- c:\users\rcd realty\appdata\local\{DB201A6D-66A6-4621-BFB4-4D6B1A0B5DF0}
2014-11-12 15:37:20 -------- d-----w- c:\users\rcd realty\appdata\roaming\No Company Name
2014-11-04 23:46:14 220784 ----a-w- c:\program files\mozilla firefox\sandboxbroker.dll
2014-10-29 13:34:52 213784 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-10-27 13:12:12 -------- d-----w- C:\FRST
2014-10-27 11:07:02 -------- d-----w- c:\programdata\Malwarebytes
.
==================== Find3M  ====================
.
2014-11-22 13:24:46 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-22 13:24:46 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-06 03:28:20 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-06 03:28:06 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-06 03:13:36 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-06 02:59:36 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-11-06 02:59:34 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-06 02:58:38 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-06 02:51:33 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-06 02:42:36 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-06 02:21:25 2051072 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-06 01:52:35 1892864 ----a-w- c:\windows\system32\wininet.dll
2014-11-05 17:50:47 254464 ----a-w- c:\windows\system32\generaltel.dll
2014-11-05 17:50:28 203776 ----a-w- c:\windows\system32\aepdu.dll
2014-11-05 17:47:40 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-11-04 06:30:58 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-10-25 01:32:37 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-14 01:56:19 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 01:50:50 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 01:50:39 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 01:47:30 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-10 06:13:58 200984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-10-10 00:45:54 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 01:44:42 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 01:44:31 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 01:44:26 475136 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 01:44:26 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- c:\windows\system32\AudioSes.dll
2014-09-25 01:40:50 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-19 09:23:55 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- c:\windows\system32\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- c:\windows\system32\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-09-19 09:23:42 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-19 09:23:36 17408 ----a-w- c:\windows\system32\credssp.dll
2014-09-09 21:47:10 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 05:04:15 372736 ----a-w- c:\windows\system32\rastls.dll
2014-08-28 12:43:36 192792 ----a-w- c:\windows\system32\drivers\avgldx86.sys
.
=================== ROOTKIT  ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: Hitachi_ rev.JE3O -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: >>UNKNOWN [0x83213000]<< >>UNKNOWN [0x891D5000]<< >>UNKNOWN [0x897EE000]<< >>UNKNOWN [0x88E0A000]<< >>UNKNOWN [0x83626000]<< 
_asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL;  }
1 ntkrnlpa!IofCallDriver[0x83249BBA] -> \Device\Harddisk0\DR0[0x87F96030]
\Driver\Disk[0x87F823F0] -> IRP_MJ_CREATE -> 0x891D939F
3 [0x891D959E] -> ntkrnlpa!IofCallDriver[0x83249BBA] -> \Device\Ide\IAAStorageDevice-1[0x853F6028]
\Driver\iaStor[0x85D0CDB8] -> IRP_MJ_CREATE -> 0x88E318FA
kernel: MBR read successfully
_asm { XOR AX, AX; MOV DS, AX; MOV ES, AX; MOV SS, AX; MOV SP, 0x7c00; MOV SI, SP; MOV DI, 0x600; MOV CX, 0x100; CLD ; REP MOVSW ; JMP FAR 0x60:0x1b;  }
user & kernel MBR OK 
error: Read  The request could not be performed because of an I/O device error.
Warning: possible TDL3 rootkit infection !
.
============= FINISH:  1:51:36.13 ===============
 
 
3. I do not have my original WIndows Installer



BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users