Results 1 to 10 of 16

Thread: Need help

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. 2013-10-16, 11:59 #1
    Connorj67
    Connorj67 is offline
    Junior Member
    Join Date
    Oct 2013
    Posts
    10

    Default Need help

    Computer has been acting up, getting red flag's with scan's, don't know what to do. Any help would be greatly appreciated!




    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16514 BrowserJavaVersion: 10.25.2
    Run by Connor at 4:48:51 on 2013-10-16
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8147.4337 [GMT -5:00]
    .
    AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
    C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
    C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
    C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.25\AsusFanControlService.exe
    C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Windows\system32\IProsetMonitor.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
    C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Logitech\Gaming Software\LWEMon.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Virtual Audio Cable\audiorepeater.exe
    C:\Program Files\Virtual Audio Cable\audiorepeater.exe
    C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
    C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
    C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
    C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
    C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
    C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
    C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
    C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Logitech Gaming Software\LCore.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\Connor\Desktop\GPU-Z.0.7.3.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.conduit.com/?ctid=CT3310511&octid=CT3310511&SearchSource=61&CUI=UN38450952877632797&UM=2&UP=SP5FFD5F1F-BFAF-4DE7-8CE8-716E3F3F29F7
    uURLSearchHooks: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - <orphaned>
    uURLSearchHooks: {474dcbf4-0db1-4c6a-a014-1c2544e82698} - <orphaned>
    mWinlogon: Userinit = userinit.exe,
    BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll
    BHO: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - <orphaned>
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: Logitech Flow Scroll: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll
    BHO: {EBCFDD49-7031-4EB5-A27C-A10BB0B13EC4} - <orphaned>
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll
    mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VAC 1.bat
    StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VAC 2.bat
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: E&xport to Microsoft Excel - E:\MICROS~1\OFFICE11\EXCEL.EXE/3000
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} - hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v490.cab
    TCP: NameServer = 10.0.0.1
    TCP: Interfaces\{60B6925F-B27D-44F4-849B-0794688734FA} : DHCPNameServer = 8.8.8.8 8.8.4.4
    TCP: Interfaces\{60C7D73A-5576-4B89-A4F7-6E6CFFAE627F} : DHCPNameServer = 10.0.0.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Logitech Flow Scroll: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll
    x64-Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
    x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
    x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P
    x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-7-16 16152]
    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys [2013-6-22 493656]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys [2013-6-22 1139800]
    R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2012-7-16 210016]
    R0 vidsflt53;Acronis Disk Storage Filter (53);C:\Windows\System32\drivers\vsflt53.sys [2012-7-16 141920]
    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [2013-10-1 1525848]
    R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys [2013-6-22 169048]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20131014.001\IDSviA64.sys [2013-10-15 520280]
    R1 ndisrd;WinpkFilter LightWeight Filter;C:\Windows\System32\drivers\ndisrd.sys [2012-7-16 32360]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys [2013-6-22 224416]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-6-22 433752]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-28 241152]
    R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2011-10-28 918448]
    R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-2-2 951936]
    R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-7-16 149120]
    R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.25\AsusFanControlService.exe [2012-7-16 1493120]
    R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2013-10-13 233328]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-16 13592]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
    R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-2-23 183048]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-7-16 161560]
    R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccsvchst.exe [2013-6-22 144368]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-16 363800]
    R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-2-21 130536]
    R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-2-21 396776]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-8-26 140376]
    R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2012-8-9 66728]
    R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-7-16 160768]
    R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\System32\drivers\ICCWDT.sys [2010-8-17 26136]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-7-16 355096]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-7-16 786200]
    R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
    R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
    S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-1-20 49152]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-26 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
    S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-7-16 331264]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-5 19456]
    S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-5 57856]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-5-5 30208]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-16 1255736]
    S4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2012-7-17 135584]
    S4 SgtSch2Svc;Seagate Scheduler2 Service;C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2011-6-30 1191408]
    S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
    S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-9-10 5071712]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2013-10-16 09:41:53 -------- d-----w- C:\AdwCleaner
    2013-10-16 08:54:05 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-10-16 07:37:15 -------- d-----w- C:\Program Files\CCleaner
    2013-10-16 07:09:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-10-16 04:56:06 -------- d-----w- C:\Program Files (x86)\GPU-Z
    2013-10-14 00:38:17 -------- d-----w- C:\ProgramData\VideoCopilot
    2013-10-13 20:06:21 -------- d-----w- C:\Users\Connor\AppData\Roaming\PDAppFlex
    2013-10-13 20:06:11 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
    2013-10-13 08:18:22 219 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VAC 2.bat
    2013-10-13 08:16:49 219 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VAC 1.bat
    2013-10-13 05:59:52 -------- d-----w- C:\Program Files (x86)\Realtek
    2013-10-13 05:52:58 -------- d-----w- C:\Users\Connor\AppData\Local\SlimWare Utilities Inc
    2013-10-13 05:34:31 -------- d-----w- C:\Users\Connor\AppData\Roaming\Easeware
    2013-10-13 05:34:00 -------- d-----w- C:\Program Files\Easeware
    2013-10-13 05:20:11 -------- d-----w- C:\Program Files (x86)\Probit Software
    2013-10-13 03:09:14 -------- d-----w- C:\Program Files\Virtual Audio Cable
    2013-10-11 16:11:25 715038 ----a-w- C:\Windows\unins000.exe
    2013-10-11 16:10:18 216064 ----a-w- C:\Windows\SysWow64\lagarith.dll
    2013-10-11 16:10:18 148992 ----a-w- C:\Windows\System32\lagarith.dll
    2013-10-11 07:51:48 8043008 ----a-w- C:\Windows\System32\DxtoryCodec.dll
    2013-10-11 07:51:47 -------- d-----w- C:\Program Files (x86)\Dxtory Software
    2013-10-09 16:21:17 633856 ----a-w- C:\Windows\System32\comctl32.dll
    2013-10-09 16:20:59 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-10-05 00:00:35 -------- d-----w- C:\Program Files (x86)\Tiny Utilities
    2013-09-29 17:46:01 -------- d-----w- C:\ProgramData\Package Cache
    2013-09-28 21:41:35 -------- d-----w- C:\Users\Connor\AppData\Local\Aftermath_Launcher
    2013-09-26 18:00:39 208760 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
    2013-09-19 02:18:47 -------- d-----w- C:\Program Files (x86)\Dotjosh Studios
    2013-09-19 02:14:39 -------- d-----w- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
    2013-09-19 02:14:34 -------- d-----w- C:\Users\Connor\AppData\Roaming\IObit
    2013-09-19 02:14:34 -------- d-----w- C:\ProgramData\IObit
    2013-09-19 02:14:30 -------- d-----w- C:\Program Files (x86)\IObit
    2013-09-17 21:27:34 273408 ----a-w- C:\Users\Connor\AppData\Roaming\25583320dbc8662ff7fd5e0b53563ac7.dll
    2013-09-17 21:20:32 -------- d-----w- C:\Windows\SysWow64\jmdp
    .
    ==================== Find3M ====================
    .
    2013-10-16 08:09:55 1048576 ----a-w- C:\Windows\PE_Rom.dll
    2013-10-15 04:47:48 215416 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
    2013-10-13 03:19:18 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
    2013-10-09 19:55:19 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-10-09 19:55:19 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-09-22 14:42:33 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2013-09-22 14:33:53 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2013-09-22 14:33:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-09-22 14:23:30 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-09-22 14:21:21 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2013-09-22 14:15:47 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-09-22 10:22:59 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-09-22 10:14:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-09-22 10:13:22 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-09-22 10:08:41 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2013-09-22 10:06:58 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2013-09-22 10:03:18 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
    2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
    2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
    2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
    2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
    2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
    2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
    2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
    2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
    2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
    2013-09-04 01:11:01 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
    2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
    2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
    2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
    2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
    2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
    2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
    2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
    2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
    2013-08-27 09:01:59 1143296 ----a-w- C:\Windows\System32\FntCache.dll
    2013-08-27 09:01:47 1545728 ----a-w- C:\Windows\System32\DWrite.dll
    2013-08-27 08:21:36 1077760 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2013-08-27 01:36:35 31232 ----a-w- C:\Windows\System32\drivers\tap0901.sys
    2013-08-06 17:50:23 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-08-06 17:50:23 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2013-08-06 17:50:23 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
    2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
    2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
    2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
    2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
    2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
    2013-07-20 10:33:12 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
    2013-07-20 10:33:08 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
    2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
    2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    .
    ============= FINISH: 4:48:57.70 ===============








    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-10-16 04:51:15
    -----------------------------
    04:51:15.294 OS Version: Windows x64 6.1.7601 Service Pack 1
    04:51:15.294 Number of processors: 4 586 0x3A09
    04:51:15.294 ComputerName: CONNOR-PC UserName: Connor
    04:51:16.030 Initialize success
    04:52:17.959 AVAST engine defs: 13101600
    04:52:29.283 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
    04:52:29.284 Disk 0 Vendor: SAMSUNG_ CXM0 Size: 122104MB BusType: 3
    04:52:29.285 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
    04:52:29.286 Disk 1 Vendor: ST2000DM001-9YN164 CC4C Size: 1907729MB BusType: 11
    04:52:29.294 Disk 0 MBR read successfully
    04:52:29.295 Disk 0 MBR scan
    04:52:29.297 Disk 0 Windows 7 default MBR code
    04:52:29.299 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    04:52:29.301 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122002 MB offset 206848
    04:52:29.311 Disk 0 scanning C:\Windows\system32\drivers
    04:52:32.539 Service scanning
    04:52:33.453 Service BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20131002.001\BHDrvx64.sys **LOCKED** 5
    04:52:34.113 Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
    04:52:34.234 Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
    04:52:34.724 Service IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20131014.001\IDSvia64.sys **LOCKED** 5
    04:52:35.608 Service NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20131015.020\ENG64.SYS **LOCKED** 5
    04:52:35.658 Service NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20131015.020\EX64.SYS **LOCKED** 5
    04:52:38.431 Modules scanning
    04:52:38.434 Disk 0 trace - called modules:
    04:52:38.438 ntoskrnl.exe CLASSPNP.SYS disk.sys vsflt53.sys ACPI.sys iaStor.sys hal.dll
    04:52:38.440 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006af6790]
    04:52:38.443 3 CLASSPNP.SYS[fffff88001f8743f] -> nt!IofCallDriver -> [0xfffffa8006aa0b50]
    04:52:38.445 5 vsflt53.sys[fffff88000db4cfd] -> nt!IofCallDriver -> [0xfffffa8006a79950]
    04:52:38.447 7 ACPI.sys[fffff88000d577a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8006ee3050]
    04:52:39.083 AVAST engine scan C:\Windows
    04:52:39.432 AVAST engine scan C:\Windows\system32
    04:53:34.783 AVAST engine scan C:\Windows\system32\drivers
    04:53:39.611 AVAST engine scan C:\Users\Connor
    04:55:05.966 AVAST engine scan C:\ProgramData
    04:55:49.391 Scan finished successfully
    04:56:19.823 Disk 0 MBR has been saved successfully to "C:\Users\Connor\Desktop\MBR.dat"
    04:56:19.827 The log file has been saved successfully to "C:\Users\Connor\Desktop\aswMBR.txt"
    Attached Files Attached Files
  2. 2013-10-22, 17:56 #2
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default



    Sorry for the delay and that we missed your post, but I am with you now.

    Not looking at anything earthshattering on your logs. The alerts your getting, are they from Norton or Spybot ?

    Please download Malwarebytes from Here or Here

    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected .
    • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
    Post the report please
    Last edited by ken545; 2013-10-22 at 20:51.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  3. 2013-10-23, 02:37 #3
    Connorj67
    Connorj67 is offline
    Junior Member
    Join Date
    Oct 2013
    Posts
    10

    Default

    Thanks for your time Ken,

    The alerts I've gotten are from Malwarebytes actually, which I already have installed. Before posting here I did a full scan, selected all items, and removed them. After a reboot my internet no longer worked. I had to system restore which makes me cautious when you say "Be sure that everything is checked, and click Remove Selected.". Are you sure this is okay?

    I have attached the log though.

    Also, I wanted to mention the major issue's I'm experiencing are; Slower windows explorer, frequent windows explore crashes, not being able to copy/paste and not being able to drag or drop files (the only way I can move files is zipping them then extracting them).
    Attached Files Attached Files
  4. 2013-10-23, 02:40 #4
    Connorj67
    Connorj67 is offline
    Junior Member
    Join Date
    Oct 2013
    Posts
    10

    Default

    I forgot to mention I get an error - "C:\Users\Connor\AppData\Local\Temp\084746Log.iniis lost" after every boot up.

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.10.16.04

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Connor :: CONNOR-PC [administrator]

    10/22/2013 7:28:35 PM
    MBAM-log-2013-10-22 (19-30-42).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 209618
    Time elapsed: 1 minute(s), 30 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 15
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} (PUP.FunMoods) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} (PUP.FunMoods) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> No action taken.
    HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> No action taken.
    HKCU\SOFTWARE\Funmoods (PUP.FunMoods) -> No action taken.
    HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> No action taken.
    HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> No action taken.
    HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> No action taken.
    HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
    HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> No action taken.
    HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> No action taken.
    HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.

    Registry Values Detected: 4
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://search.conduit.com?SearchSour...ctid=CT3227980 -> No action taken.
    HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {2DC4DC92-102A-11E3-BFF8-C86000E35EF9} -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs|Tabs (PUP.FunMoods) -> Data: http://searchfunmoods.com/?f=2&a=dow...&cr=1126985290 -> No action taken.
    HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {2DC4DC92-102A-11E3-BFF8-C86000E35EF9} -> No action taken.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 5
    C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> No action taken.
    C:\Users\Connor\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\Connor\AppData\Roaming\OpenCandy\905FE3DDCC434847981ABD68D43E14EA (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\Connor\AppData\Roaming\OpenCandy\B3FEC08FE07D4B44B4470AE4ADED25F4 (PUP.Optional.OpenCandy) -> No action taken.

    Files Detected: 10
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> No action taken.
    C:\Users\Connor\AppData\Roaming\OpenCandy\905FE3DDCC434847981ABD68D43E14EA\3110.ico (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\Connor\AppData\Roaming\OpenCandy\905FE3DDCC434847981ABD68D43E14EA\avg.exe (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\Connor\AppData\Roaming\OpenCandy\905FE3DDCC434847981ABD68D43E14EA\AVG923_p1v3.exe (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\Connor\AppData\Roaming\OpenCandy\905FE3DDCC434847981ABD68D43E14EA\OCBrowserHelper_1.0.3.85.dll (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\Connor\AppData\Roaming\OpenCandy\B3FEC08FE07D4B44B4470AE4ADED25F4\5852.ico (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\Connor\AppData\Roaming\OpenCandy\B3FEC08FE07D4B44B4470AE4ADED25F4\DefaultPack.EXE (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\Connor\AppData\Roaming\OpenCandy\B3FEC08FE07D4B44B4470AE4ADED25F4\OCBrowserHelper_1.0.6.124.exe (PUP.Optional.OpenCandy) -> No action taken.

    (end)
    Last edited by ken545; 2013-10-23 at 02:43.
  5. 2013-10-23, 02:45 #5
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    You need to rerun Malwarebytes and make sure that all is selected and removed




    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
    • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  6. 2013-10-23, 22:06 #6
    Connorj67
    Connorj67 is offline
    Junior Member
    Join Date
    Oct 2013
    Posts
    10

    Default

    I have attached the Malwarebytes log after completing the removal of the things it found.

    Adwcleaner log -

    # AdwCleaner v3.010 - Report created 23/10/2013 at 15:01:11
    # Updated 20/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Connor - CONNOR-PC
    # Running from : C:\Users\Connor\Desktop\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\END
    File Found : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
    Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\infoatoms@infoatoms.com
    Folder Found : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
    Folder Found C:\Program Files (x86)\Iminent
    Folder Found C:\Program Files (x86)\InfoAtoms
    Folder Found C:\Program Files (x86)\Vid-Saver
    Folder Found C:\Program Files\PC Optimizer Pro
    Folder Found C:\ProgramData\apn
    Folder Found C:\ProgramData\boost_interprocess
    Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro
    Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro
    Folder Found C:\ProgramData\Sidekick Manager
    Folder Found C:\Users\Connor\AppData\Local\Conduit
    Folder Found C:\Users\Connor\AppData\Local\Coupon Companion Plugin
    Folder Found C:\Users\Connor\AppData\Local\PackageAware
    Folder Found C:\Users\Connor\AppData\LocalLow\boost_interprocess
    Folder Found C:\Users\Connor\AppData\LocalLow\Conduit
    Folder Found C:\Users\Connor\AppData\LocalLow\PriceGong
    Folder Found C:\Windows\SysWOW64\jmdp
    Folder Found C:\Windows\SysWOW64\WNLT

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\Crossrider
    Key Found : HKCU\Software\AppDataLow\Software\PriceGong
    Key Found : HKCU\Software\AppDataLow\Software\smartbar
    Key Found : HKCU\Software\AppDataLow\Software\Vid-Saver
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Cr_Installer
    Key Found : HKCU\Software\IGearSettings
    Key Found : HKCU\Software\IM
    Key Found : HKCU\Software\Iminent
    Key Found : HKCU\Software\ImInstaller
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKCU\Software\pc optimizer pro
    Key Found : HKCU\Software\Softonic
    Key Found : [x64] HKCU\Software\Conduit
    Key Found : [x64] HKCU\Software\Cr_Installer
    Key Found : [x64] HKCU\Software\IGearSettings
    Key Found : [x64] HKCU\Software\IM
    Key Found : [x64] HKCU\Software\Iminent
    Key Found : [x64] HKCU\Software\ImInstaller
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Key Found : [x64] HKCU\Software\pc optimizer pro
    Key Found : [x64] HKCU\Software\Softonic
    Key Found : HKLM\Software\bProtector
    Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\DataMngr
    Key Found : HKLM\Software\Funmoods
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc
    Key Found : HKLM\Software\Iminent
    Key Found : HKLM\Software\InfoAtoms
    Key Found : HKLM\Software\InstallIQ
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_cheat-engine_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_cheat-engine_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InfoAtoms
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
    Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
    Key Found : [x64] HKLM\SOFTWARE\pc optimizer pro
    Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [infoatoms@infoatoms.com]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v9.0.8112.16514

    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com/?ctid=CT3310511&octid=CT3310511&SearchSource=61&CUI=UN38450952877632797&UM=2&UP=SP5FFD5F1F-BFAF-4DE7-8CE8-716E3F3F29F7

    -\\ Google Chrome v30.0.1599.101

    [ File : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [14930 octets] - [16/10/2013 04:42:01]
    AdwCleaner[R1].txt - [13011 octets] - [23/10/2013 15:01:11]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [13072 octets] ##########
    Attached Files Attached Files
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules