Download/Streaming/Pop-up Problems

**grandadis64** · 2014-06-30, 08:03

Hi
Please can anyone help. I am using Windows 8 and Internet Explorer 10

I find that when I am streaming or downloading with Internet Explorer, the task always stops half way through.
I tried to down load Firefox - but only let me get half way.
Affects Youtube as well. I think it may also be stopping Windows updates from running (I have set for them to run automatically).

Also (maybe connected maybe not) I am getting lots of pop-ups even though pop-up blocker is on.

I tried to revert to a previous restore point, but there is only one there (last week), is this correct?

Any advice gratefully received. I yesterday posted on the wrong forum and Tashi advised posting here.

I hope replies can be in simple language as I am generally quite smart - except with IT!!

Malcolm

Hi

Have attached DDS & attach. DDS wouldn't copy & paste so attached same way as "attach".
Windows wouldn't run aswMBR. " The aswMBR.exe download was interrupted"

Thanks
Malcolm

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Owner at 6:41:35 on 2014-06-30
Microsoft Windows 8 6.2.9200.0.1252.44.2057.18.5317.3334 [GMT 1:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\dwm.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\windows\system32\dashost.exe
C:\Program Files (x86)\Knowhow Cloud\VSSService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\LinkSwift\updateLinkSwift.exe
C:\Program Files (x86)\LinkSwift\bin\utilLinkSwift.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LinkSwift\bin\LinkSwift.PurBrowse64.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\msiexec.exe
C:\windows\system32\vssvc.exe
C:\windows\System32\svchost.exe -k swprv
C:\windows\system32\taskhostex.exe
C:\windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files\IDT\WDM\Beats64.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Users\Owner\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
C:\Users\Owner\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
C:\Program Files (x86)\Knowhow Cloud\KnowhowCloud.exe
C:\Program Files (x86)\LinkSwift\bin\LinkSwift.BrowserAdapter.exe
C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\taskeng.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://dub113.mail.live.com/default.aspx?n=1527885565&fid=5#fid=flinbox
uSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
mWinlogon: Userinit = userinit.exe
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [AmazonMP3DownloaderHelper] C:\Users\Owner\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
uRun: [SanDiskSecureAccess_Manager.exe] C:\Users\Owner\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRun: [Livedrive] "C:\Program Files (x86)\Knowhow Cloud\KnowhowCloud.exe"
uRun: [Amazon Cloud Player] "C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
uRun: [MyDriveConnect.exe] "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
uRun: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{6CC60F6A-BA2E-4D5F-87CC-9ADD2452CC5B} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6CC60F6A-BA2E-4D5F-87CC-9ADD2452CC5B}\B4E4F47584F475 : DHCPNameServer = 208.67.222.222 8.8.8.8
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dll
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWOW64\CbFsMntNtf3.dll
x64-mStart Page = hxxp://start.mysearchdial.com/?f=1&a=tightmsd&cd=2XzuyEtN2Y1L1Qzu0E0CtC0AyDzyyCtAyD0DyC0Ezy0B0B0EtN0D0Tzu0CyCyDyEtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu2Z1L1N1M2Z1H1B1Q&cr=1167309586&ir=
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;C:\windows\System32\Drivers\aswndisflt.sys [2014-4-20 447888]
R0 aswRvrt;avast! Revert;C:\windows\System32\Drivers\aswRvrt.sys [2013-10-15 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\Drivers\aswVmm.sys [2013-10-15 208416]
R1 {25d71abf-7776-46f5-a269-9951331f9030}w64;{25d71abf-7776-46f5-a269-9951331f9030}w64;C:\windows\System32\Drivers\{25d71abf-7776-46f5-a269-9951331f9030}w64.sys [2014-6-22 61112]
R1 aswKbd;aswKbd;C:\windows\System32\Drivers\aswKbd.sys [2013-11-1 28184]
R1 aswSnx;aswSnx;C:\windows\System32\Drivers\aswsnx.sys [2013-10-15 1039096]
R1 aswSP;aswSP;C:\windows\System32\Drivers\aswsp.sys [2013-10-15 423240]
R1 cbfs3;cbfs3;C:\windows\System32\Drivers\cbfs3.sys [2013-11-27 352008]
R1 CLVirtualDrive;CLVirtualDrive;C:\windows\System32\Drivers\CLVirtualDrive.sys [2013-9-28 91712]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2013-9-28 239616]
R2 aswHwid;avast! HardwareID;C:\windows\System32\Drivers\aswHwid.sys [2014-4-20 29208]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\Drivers\aswMonFlt.sys [2013-10-15 79184]
R2 aswStm;aswStm;C:\windows\System32\Drivers\aswstm.sys [2013-12-27 85328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-4-20 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-4-20 109048]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-9-28 89864]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-21 2266296]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-9-28 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-9-28 294664]
R2 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-10-7 227904]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-6-7 92160]
R2 LivedriveVSSService;Livedrive VSS Service;C:\Program Files (x86)\Knowhow Cloud\VSSService.exe [2013-11-21 210592]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-9-28 84168]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-16 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-10-16 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-10-16 171928]
R2 Update LinkSwift;Update LinkSwift;C:\Program Files (x86)\LinkSwift\updateLinkSwift.exe [2013-10-4 318752]
R2 Util LinkSwift;Util LinkSwift;C:\Program Files (x86)\LinkSwift\bin\utilLinkSwift.exe [2013-10-17 318752]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\Drivers\AtihdW86.sys [2013-7-6 129536]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-7-30 110744]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUStor.sys [2013-3-1 259144]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;C:\windows\System32\Drivers\RTWlanU.sys [2012-9-17 1576080]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\Drivers\usbfilter.sys [2012-7-17 57000]
R3 WSDScan;WSD Scan Support;C:\windows\System32\Drivers\WSDScan.sys [2013-4-9 23552]
S2 70e6ca8c;Optimizer Pro Crash Monitor;"c:\progra~2\optimi~1\OptProCrash.exe" --> c:\progra~2\optimi~1\OptProCrash.exe [?]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\windows\System32\Drivers\amdkmafd.sys [2012-9-23 21160]
S3 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\windows\System32\Drivers\amdkmpfd.sys [2013-5-22 36096]
S3 AmUStor;AM USB Stroage Driver;C:\windows\System32\Drivers\AmUStor.sys [2013-3-25 108312]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\windows\System32\Drivers\RTWlanU.sys [2012-9-17 1576080]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-06-28 06:23:03 71168 ----a-w- C:\windows\System32\drivers\hdaudbus.sys
2014-06-28 06:23:03 6974808 ----a-w- C:\windows\System32\ntoskrnl.exe
2014-06-28 06:23:03 693760 ----a-w- C:\windows\System32\WSShared.dll
2014-06-28 06:23:03 566784 ----a-w- C:\windows\SysWow64\WSShared.dll
2014-06-28 06:23:03 1824808 ----a-w- C:\windows\System32\ntdll.dll
2014-06-28 06:23:03 163840 ----a-w- C:\windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-28 06:23:03 1408976 ----a-w- C:\windows\SysWow64\ntdll.dll
2014-06-28 06:23:03 126464 ----a-w- C:\windows\System32\Robocopy.exe
2014-06-28 06:23:03 124928 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-28 06:23:03 106496 ----a-w- C:\windows\SysWow64\Robocopy.exe
2014-06-28 06:23:03 1023488 ----a-w- C:\windows\System32\localspl.dll
2014-06-27 21:12:19 -------- d-----w- C:\Users\Owner\AppData\Local\ElevatedDiagnostics
2014-06-25 20:28:51 -------- d-----w- C:\Users\Owner\AppData\Roaming\Speedial
2014-06-25 20:28:28 -------- d-----w- C:\Program Files (x86)\Speedial
2014-06-22 06:10:23 61112 ----a-w- C:\windows\System32\drivers\{25d71abf-7776-46f5-a269-9951331f9030}w64.sys
2014-06-15 08:33:20 305152 ----a-w- C:\windows\SysWow64\wusa.exe
2014-06-15 08:33:13 619008 ----a-w- C:\windows\System32\drivers\srv2.sys
2014-06-15 08:33:13 309760 ----a-w- C:\windows\System32\wusa.exe
2014-06-15 08:33:12 328024 ----a-w- C:\windows\System32\drivers\Classpnp.sys
2014-06-14 08:51:56 1301504 ----a-w- C:\windows\System32\gdi32.dll
2014-06-14 08:51:56 1023488 ----a-w- C:\windows\SysWow64\gdi32.dll
2014-06-14 08:51:55 3246592 ----a-w- C:\windows\System32\rdpcorets.dll
2014-06-14 08:51:55 235520 ----a-w- C:\windows\System32\rdpudd.dll
2014-06-14 08:33:25 1845760 ----a-w- C:\windows\System32\msxml3.dll
2014-06-14 08:33:25 1419264 ----a-w- C:\windows\SysWow64\msxml3.dll
2014-06-14 08:33:24 2233176 ----a-w- C:\windows\System32\drivers\tcpip.sys
2014-06-11 18:11:35 283312 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10242.bin
2014-06-10 19:28:01 -------- d-----w- C:\Users\Owner\AppData\Local\Microsoft Help
.
==================== Find3M ====================
.
2014-05-31 05:16:07 703992 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-05-31 05:16:07 105464 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-15 17:58:09 447888 ----a-w- C:\windows\System32\drivers\aswndisflt.sys
2014-05-15 17:57:58 1039096 ----a-w- C:\windows\System32\drivers\aswsnx.sys
2014-05-15 17:57:36 85328 ----a-w- C:\windows\System32\drivers\aswstm.sys
2014-05-06 03:37:50 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2014-05-06 03:26:53 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-04-20 11:23:52 79184 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2014-04-20 11:23:52 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2014-04-20 11:23:52 208416 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2014-04-20 11:23:51 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2014-04-20 11:23:51 43152 ----a-w- C:\windows\avastSS.scr
2014-04-20 11:23:51 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2014-04-19 09:39:36 628024 ----a-w- C:\windows\System32\NotificationUI.exe
2014-04-12 09:27:03 172888 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-04-12 09:10:31 578048 ----a-w- C:\windows\System32\winlogon.exe
2014-04-12 09:09:43 208896 ----a-w- C:\windows\System32\wdigest.dll
2014-04-12 09:09:39 1043968 ----a-w- C:\windows\System32\usercpl.dll
2014-04-12 09:09:34 94720 ----a-w- C:\windows\System32\TSpkg.dll
2014-04-12 09:09:19 588288 ----a-w- C:\windows\System32\SHCore.dll
2014-04-12 09:08:37 318464 ----a-w- C:\windows\System32\msv1_0.dll
2014-04-12 09:08:17 439808 ----a-w- C:\windows\System32\lsm.dll
2014-04-12 09:08:17 1281536 ----a-w- C:\windows\System32\lsasrv.dll
2014-04-12 09:08:10 827904 ----a-w- C:\windows\System32\kerberos.dll
2014-04-12 09:07:36 20480 ----a-w- C:\windows\System32\credssp.dll
2014-04-12 07:23:59 178688 ----a-w- C:\windows\SysWow64\wdigest.dll
2014-04-12 07:23:52 961536 ----a-w- C:\windows\SysWow64\usercpl.dll
2014-04-12 07:23:49 76800 ----a-w- C:\windows\SysWow64\TSpkg.dll
2014-04-12 07:23:40 452608 ----a-w- C:\windows\SysWow64\SHCore.dll
2014-04-12 07:23:14 273920 ----a-w- C:\windows\SysWow64\msv1_0.dll
2014-04-12 07:22:58 666624 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-04-12 07:22:33 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2014-04-12 06:58:06 14848 ----a-w- C:\windows\System32\workerdd.dll
.
============= FINISH: 6:42:12.39 ===============

**shelf life** · 2014-07-01, 02:07

hi grandadis64,

Ah, my first Windows 8 machine. Lets see what Malwarebytes (MBAM) can dig up. There is a free version that you can download and keep as a antimalware app.
These directions are a little old as there interface has changed. Basically you want to download it, install it. Update and do a scan with it and post the log. If you run into problems just post back:

Please download the free version of Malwarebytes to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.

Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.

Be sure that everything is checked, and click *Remove Selected.*

*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.

**grandadis64** · 2014-07-01, 08:31

Hi

Thanks for post. I tried to download malwarebytes, but got the message:-

Windows protected your PC .
Windows Smartscreen prevented an unrecognized application from starting. Running this application might put your
PC at risk.
I pushed the OK button, but it wouldn't still do anything !!!

Malcolm

**shelf life** · 2014-07-01, 23:53

Try turning that function off, then try the download again. See this Link.

**grandadis64** · 2014-07-02, 08:08

Hi

It gets to 99% downloaded then says download was interrupted. If I press "retry" it says the signature is corrupt or invalid. This is a nightmare!!!

Thanks for your continued help

Malcolm

**shelf life** · 2014-07-02, 23:34

ok. thanks for the info. Lets try two things in Internet Explorer:
Disable all addons and reset IE back to its defaults.
With IE open go to tools, or the gear looking icon then internet options> Advanced tab, then look for a Reset button under the advanced tab, This may actually disable the addons also, not sure but just to be sure you can disable them manually also somewhere in there. Not really that familiar with IE or windows 8. I will check these directions on a W8 machine and post back.
----------------------------------------------
With IE open: click on the gear looking icon or Tools>internet options>Advanced tab and click on the Reset button and check the Delete personal settings box then click the reset button. Close IE and restart it, then try the Malwarebytes download again. Using the reset button will disable the add ons also and put IE back to its default settings.

**grandadis64** · 2014-07-03, 08:26

Hi

It downloads 99% says "try again" so I push try again button it but it says "The signature of mbam-setup-2.0.2.1012.exe is corrupt or invalid"

Malcolm

**shelf life** · 2014-07-03, 23:07

hi,

Ok and you tried resetting IE back to its defaults?

Lets forget MBAM and try another download unless that fails also. Another alternative if its a easy one for you- would be to download MBAM to a USB flash drive on antoher machine then install it on yours. In any case see if you can get this to download:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

http://www.bleepingcomputer.com/down...ery-scan-tool/

Note: You need to get the 64bit version.

Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
When the tool opens click Yes to disclaimer.
Press the Scan button.
When finished, it will produce a log called FRST.txt in the same directory the tool was run from. (your desktop)
Please copy and paste the log in your next reply.

The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

**grandadis64** · 2014-07-03, 23:24

Hi

Yes I reset IE to defaults and add-ons were disabled.

I got the same problem with this one, Windows seems to be blocking it from downloading.
went to site via your link and clicked on 64-bit download.
Says "FRST64.exe couldn't be downloaded"
Pushed retry button says"FRST64.exe is not commonly downloaded and could harm your computer"
Clicked Actions then Run Anyway.
Big Blue band across the screen says "This APP can't run on your PC. To find a version for your PC check with the software publisher"

Malcolm

**shelf life** · 2014-07-04, 01:34

I bet when you reset IE back to the defaults it activated Windows smart screen settings. Go back here disable smart screen again and then try the downloads.

Thread: Download/Streaming/Pop-up Problems

Thread Tools

Display

Malwarebytes

Tags for this Thread

Posting Permissions