Jump to content

Slow PC, numerous application hang ups and problems with programs loading


Recommended Posts

As it is stated, i am having a lot of problems recently with my computer. applications are failing and hanging all the time now. i havent been home to really install anything and the last big changes i recall were setting up a guest account for my GF. i disabled it. also i installed borderlands 2 which is when i noticed a majority of the problems. the bigger issues is when i click "my computer" it takes FOREVER to seek my drives... that cant be good. i have a pretty good machine still.

help!!

i also ran avast and mbam and nothing was infected.

help!!!

DDS.txt

Attach.txt

Link to post
Share on other sites

Hi and Welcome!! :) My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

IMPORTANT NOTE : Please do not delete anything unless instructed to.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.

Vista and Windows 7 users:

These tools MUST be run from the executable (.exe) every time you run them

with Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

---------

Please download aswMBR to your desktop.

  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and attach its contents in your next reply.

aswmbrscan.jpg

Click the image to enlarge it

----------

Link to post
Share on other sites

Hi,

here is the log. just an FYI, the problem seems to be getting worse. i had a bunch of windows updates last night and now i no longer have sound at all on my headset but my speakers work. also, whenever i lets say, create a new folder on my desktop, nothing happens till i hit F5. the system seems to be getting hung up on everything and programs are becoming more and more unresponsive.

post-6898-0-62379400-1350005488.jpg

aswMBR.txt

Link to post
Share on other sites

Hi,

Download Combofix from the link below, and save it to your desktop.

Link

**Note: It is important that it is saved directly to your desktop**

If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.

--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

--------------------------------------------------------------------

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.


  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.

----------

Link to post
Share on other sites

Once again sorry about the delay. Really bad weekend... 3 day overtime that im not paid for and slammed with a bill insurance aint covering....FML

Log:

ComboFix 12-10-14.03 - Robert P Baron Jr 10/14/2012 14:18:25.1.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16364.14439 [GMT -4:00]

Running from: c:\users\Robert P Baron Jr\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

Y:\install.exe

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_nvsvc

.

.

((((((((((((((((((((((((( Files Created from 2012-09-14 to 2012-10-14 )))))))))))))))))))))))))))))))

.

.

2012-10-14 18:22 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C3CF5C71-8777-4857-81BA-FDD2BB964AAD}\mpengine.dll

2012-10-11 03:18 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73D85A9A-086B-48EA-88CC-468670294B4C}\mpengine.dll

2012-10-10 03:53 . 2012-10-10 03:53 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information

2012-10-10 03:53 . 2006-06-29 18:30 17408 ----a-w- c:\windows\system32\cnqo4802.dll

2012-10-10 03:52 . 2012-10-10 03:52 -------- d--h--w- c:\program files\CanonBJ

2012-10-10 03:52 . 2007-05-18 19:30 172032 ----a-w- c:\windows\system32\CNQL4802.DLL

2012-10-10 03:52 . 2006-07-20 20:14 1336320 ----a-w- c:\windows\system32\CNQC4802.DLL

2012-10-10 03:52 . 2006-07-20 20:14 49664 ----a-w- c:\windows\system32\CNQI4802.DLL

2012-10-10 00:59 . 2012-10-10 00:59 -------- d-----w- c:\users\Guest\AppData\Roaming\vlc

2012-10-10 00:57 . 2012-10-10 00:57 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-10-10 00:57 . 2012-10-10 00:57 -------- d-----w- c:\users\Guest\AppData\Local\Apple Computer

2012-10-10 00:56 . 2012-10-10 01:00 -------- d-----w- c:\users\Guest\AppData\Roaming\Apple Computer

2012-10-04 21:52 . 2012-08-21 17:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-10-04 21:51 . 2012-10-04 21:52 -------- d-----w- c:\program files\iTunes

2012-10-04 21:51 . 2012-10-04 21:52 -------- d-----w- c:\program files (x86)\iTunes

2012-10-04 21:51 . 2012-10-04 21:51 -------- d-----w- c:\program files\iPod

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2012-10-04 21:51 . 2012-10-04 21:51 -------- d-----w- c:\program files (x86)\QuickTime

2012-09-30 20:36 . 2012-09-30 20:36 -------- d-----w- c:\users\UpdatusUser

2012-09-25 22:34 . 2012-10-04 21:55 -------- d-----w- c:\users\Robert P Baron Jr\AppData\Roaming\Mumble

2012-09-25 22:34 . 2012-09-25 22:34 -------- d-----w- c:\program files (x86)\Mumble

2012-09-23 16:19 . 2012-09-23 16:19 -------- d-----w- c:\programdata\Logitech

2012-09-23 16:19 . 2012-09-23 16:19 -------- d-----w- c:\program files\Logitech

2012-09-23 16:19 . 2012-09-23 16:19 -------- d-----w- c:\program files (x86)\Logitech

2012-09-23 16:18 . 2012-09-23 16:18 -------- d-----w- c:\programdata\LogiShrd

2012-09-21 19:35 . 2012-09-21 19:35 -------- d-----w- c:\users\Guest\AppData\Local\Adobe

2012-09-21 04:05 . 2012-09-21 04:05 -------- d-----w- c:\users\Guest\AppData\Roaming\Malwarebytes

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-11 03:18 . 2011-11-03 22:14 65309168 ----a-w- c:\windows\system32\MRT.exe

2012-10-08 21:14 . 2012-04-10 00:56 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-08 21:14 . 2011-11-03 22:40 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-07 21:04 . 2011-11-04 01:26 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-01 13:02 . 2012-09-01 13:02 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-01 13:02 . 2012-08-12 21:06 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-09-01 13:02 . 2011-11-24 16:21 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-09-01 13:01 . 2012-09-01 13:01 0 ----a-w- c:\windows\SysWow64\REN626B.tmp

2012-09-01 13:01 . 2012-09-01 13:01 0 ----a-w- c:\windows\SysWow64\REN626A.tmp

2012-08-30 19:14 . 2012-06-02 21:20 9066344 ----a-w- c:\windows\system32\nvcuda.dll

2012-08-30 19:14 . 2012-06-02 21:20 830312 ----a-w- c:\windows\SysWow64\nvumdshim.dll

2012-08-30 19:14 . 2012-06-02 21:20 7626088 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-08-30 19:14 . 2012-06-02 21:20 2745192 ----a-w- c:\windows\system32\nvcuvid.dll

2012-08-30 19:14 . 2012-06-02 21:20 26228072 ----a-w- c:\windows\system32\nvoglv64.dll

2012-08-30 19:14 . 2012-06-02 21:20 2573672 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-08-30 19:14 . 2012-06-02 21:20 25256296 ----a-w- c:\windows\system32\nvcompiler.dll

2012-08-30 19:14 . 2012-06-02 21:20 247144 ----a-w- c:\windows\system32\nvinitx.dll

2012-08-30 19:14 . 2012-06-02 21:20 2422120 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-08-30 19:14 . 2012-06-02 21:20 2216808 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-08-30 19:14 . 2012-06-02 21:20 202600 ----a-w- c:\windows\SysWow64\nvinit.dll

2012-08-30 19:14 . 2012-06-02 21:20 19828584 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2012-08-30 19:14 . 2012-06-02 21:20 1866088 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2012-08-30 19:14 . 2012-06-02 21:20 18229096 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-08-30 19:14 . 2012-06-02 21:20 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-08-30 19:14 . 2012-06-02 21:20 13391720 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-08-30 19:14 . 2012-06-02 21:20 12465512 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2012-08-30 19:14 . 2012-03-25 19:16 971624 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-08-30 19:14 . 2012-03-25 19:16 15291752 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-08-30 19:14 . 2011-11-03 23:38 1760104 ----a-w- c:\windows\system32\nvdispco64.dll

2012-08-30 19:14 . 2011-05-21 10:01 2725224 ----a-w- c:\windows\system32\nvapi64.dll

2012-08-30 19:14 . 2011-05-21 10:01 14879080 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-08-30 14:40 . 2012-08-30 14:40 429416 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2012-08-22 18:12 . 2012-09-14 00:31 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-22 18:12 . 2012-09-14 00:31 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-08-22 18:12 . 2012-09-14 00:31 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-21 17:01 . 2011-11-04 00:36 125872 ----a-w- c:\windows\system32\GEARAspi64.dll

2012-08-21 17:01 . 2011-11-04 00:36 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2012-08-21 09:13 . 2011-11-03 22:09 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-08-21 09:13 . 2011-11-03 22:09 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-08-21 09:13 . 2011-11-03 22:09 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-08-21 09:13 . 2012-03-11 20:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2012-08-21 09:13 . 2011-11-03 22:09 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-08-21 09:13 . 2011-11-03 22:09 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-08-21 09:12 . 2011-11-03 22:09 41224 ----a-w- c:\windows\avastSS.scr

2012-08-21 09:12 . 2011-11-03 22:09 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe

2012-08-21 09:12 . 2011-11-03 22:09 285328 ----a-w- c:\windows\system32\aswBoot.exe

2012-07-18 18:15 . 2012-08-17 03:13 3148800 ----a-w- c:\windows\system32\win32k.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-07-07 24576]

"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2009-07-07 241789]

"Lachesis"="c:\program files (x86)\Razer\Lachesis\razerhid.exe" [2009-11-10 248320]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=0 (0x0)

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-11-04 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-11-03 79360]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-07-07 230488]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-07-07 95320]

R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_5.6.31854.0.sys [2012-05-18 17408]

R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys [2012-03-29 13688]

R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-09 114144]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys [2012-03-29 65912]

R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys [2012-03-29 15736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-03 1255736]

R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

R4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 83240]

R4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-10-12 75048]

R4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-10-12 292136]

R4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]

R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]

R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]

R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-08-30 382312]

R4 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R4 TouchServiceWacom;Wacom Professional Touch Service;c:\program files\Tablet\Wacom\Wacom_TouchService.exe [2012-04-18 567672]

S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [2011-04-10 13936]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/11/03 21:56];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-10-18 14:28 148976]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2011-04-10 9663848]

S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-08-24 75248]

S2 TabletServiceWacom;TabletServiceWacom;c:\program files\Tablet\Wacom\Wacom_Tablet.exe [2012-04-18 8518008]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-07-07 230488]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-07-07 95320]

S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [2011-04-10 206960]

S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys [2010-07-07 1612888]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 22408]

S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys [2009-07-01 30728]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 16008]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys [2010-08-12 1310720]

S3 VaneFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2009-10-17 29952]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-10-14 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 21:14]

.

2012-10-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-747255843-2212139681-4065398812-1000Core.job

- c:\users\Robert P Baron Jr\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-24 02:34]

.

2012-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-747255843-2212139681-4065398812-1000UA.job

- c:\users\Robert P Baron Jr\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-24 02:34]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Cm108Sound"="c:\windows\Syswow64\cm108.dll" [2010-10-13 8757248]

"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]

"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]

"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 167.206.254.1 167.206.254.2

FF - ProfilePath - c:\users\Robert P Baron Jr\AppData\Roaming\Mozilla\Firefox\Profiles\n8cnnrx7.default\

FF - prefs.js: browser.search.selectedEngine - FilesTube.com

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-AsioReg - CTASIO.DLL

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]

"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\windows\SysWOW64\rundll32.exe

c:\windows\SysWOW64\Ctxfihlp.exe

c:\windows\SysWOW64\CTXFISPI.EXE

c:\program files (x86)\Razer\Lachesis\OSD.exe

c:\program files (x86)\Razer\Lachesis\razertra.exe

c:\program files (x86)\Razer\Lachesis\razerofa.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Completion time: 2012-10-14 14:24:32 - machine was rebooted

ComboFix-quarantined-files.txt 2012-10-14 18:24

.

Pre-Run: 329,163,661,312 bytes free

Post-Run: 328,620,613,632 bytes free

.

- - End Of File - - 763D24C0BAB466544486BF2EAEC599CD

ComboFix.txt

Link to post
Share on other sites

Once again sorry about the delay.
No problem at all. :)

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the box below:

    ClearJavaCache::
    File::
    c:\windows\SysWow64\REN626B.tmp
    c:\windows\SysWow64\REN626A.tmp
  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.
    CFScriptB-4.gif
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix may request an update; please allow it.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Post the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

----------

Post the new ComboFix log and let me know how your system is running now. :)

Link to post
Share on other sites

ComboFix 12-10-14.03 - Robert P Baron Jr 10/14/2012 17:40:04.2.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16364.14522 [GMT -4:00]

Running from: c:\users\Robert P Baron Jr\Desktop\ComboFix.exe

Command switches used :: c:\users\Robert P Baron Jr\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\SysWow64\REN626A.tmp"

"c:\windows\SysWow64\REN626B.tmp"

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\SysWow64\REN626A.tmp

c:\windows\SysWow64\REN626B.tmp

.

.

((((((((((((((((((((((((( Files Created from 2012-09-14 to 2012-10-14 )))))))))))))))))))))))))))))))

.

.

2012-10-14 21:43 . 2012-10-14 21:43 -------- d-----w- c:\users\Guest\AppData\Local\temp

2012-10-14 21:43 . 2012-10-14 21:43 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-11 03:18 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73D85A9A-086B-48EA-88CC-468670294B4C}\mpengine.dll

2012-10-10 03:53 . 2012-10-10 03:53 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information

2012-10-10 03:53 . 2006-06-29 18:30 17408 ----a-w- c:\windows\system32\cnqo4802.dll

2012-10-10 03:52 . 2012-10-10 03:52 -------- d--h--w- c:\program files\CanonBJ

2012-10-10 03:52 . 2007-05-18 19:30 172032 ----a-w- c:\windows\system32\CNQL4802.DLL

2012-10-10 03:52 . 2006-07-20 20:14 1336320 ----a-w- c:\windows\system32\CNQC4802.DLL

2012-10-10 03:52 . 2006-07-20 20:14 49664 ----a-w- c:\windows\system32\CNQI4802.DLL

2012-10-10 00:59 . 2012-10-10 00:59 -------- d-----w- c:\users\Guest\AppData\Roaming\vlc

2012-10-10 00:57 . 2012-10-10 00:57 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-10-10 00:57 . 2012-10-10 00:57 -------- d-----w- c:\users\Guest\AppData\Local\Apple Computer

2012-10-10 00:56 . 2012-10-10 01:00 -------- d-----w- c:\users\Guest\AppData\Roaming\Apple Computer

2012-10-04 21:52 . 2012-08-21 17:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-10-04 21:51 . 2012-10-04 21:52 -------- d-----w- c:\program files\iTunes

2012-10-04 21:51 . 2012-10-04 21:52 -------- d-----w- c:\program files (x86)\iTunes

2012-10-04 21:51 . 2012-10-04 21:51 -------- d-----w- c:\program files\iPod

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-10-04 21:51 . 2012-10-04 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2012-10-04 21:51 . 2012-10-04 21:51 -------- d-----w- c:\program files (x86)\QuickTime

2012-09-30 20:36 . 2012-09-30 20:36 -------- d-----w- c:\users\UpdatusUser

2012-09-25 22:34 . 2012-10-04 21:55 -------- d-----w- c:\users\Robert P Baron Jr\AppData\Roaming\Mumble

2012-09-25 22:34 . 2012-09-25 22:34 -------- d-----w- c:\program files (x86)\Mumble

2012-09-23 16:19 . 2012-09-23 16:19 -------- d-----w- c:\programdata\Logitech

2012-09-23 16:19 . 2012-09-23 16:19 -------- d-----w- c:\program files\Logitech

2012-09-23 16:19 . 2012-09-23 16:19 -------- d-----w- c:\program files (x86)\Logitech

2012-09-23 16:18 . 2012-09-23 16:18 -------- d-----w- c:\programdata\LogiShrd

2012-09-21 19:35 . 2012-09-21 19:35 -------- d-----w- c:\users\Guest\AppData\Local\Adobe

2012-09-21 04:05 . 2012-09-21 04:05 -------- d-----w- c:\users\Guest\AppData\Roaming\Malwarebytes

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-11 03:18 . 2011-11-03 22:14 65309168 ----a-w- c:\windows\system32\MRT.exe

2012-10-08 21:14 . 2012-04-10 00:56 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-08 21:14 . 2011-11-03 22:40 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-07 21:04 . 2011-11-04 01:26 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-01 13:02 . 2012-09-01 13:02 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-01 13:02 . 2012-08-12 21:06 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-09-01 13:02 . 2011-11-24 16:21 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-08-30 19:14 . 2012-06-02 21:20 9066344 ----a-w- c:\windows\system32\nvcuda.dll

2012-08-30 19:14 . 2012-06-02 21:20 830312 ----a-w- c:\windows\SysWow64\nvumdshim.dll

2012-08-30 19:14 . 2012-06-02 21:20 7626088 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-08-30 19:14 . 2012-06-02 21:20 2745192 ----a-w- c:\windows\system32\nvcuvid.dll

2012-08-30 19:14 . 2012-06-02 21:20 26228072 ----a-w- c:\windows\system32\nvoglv64.dll

2012-08-30 19:14 . 2012-06-02 21:20 2573672 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-08-30 19:14 . 2012-06-02 21:20 25256296 ----a-w- c:\windows\system32\nvcompiler.dll

2012-08-30 19:14 . 2012-06-02 21:20 247144 ----a-w- c:\windows\system32\nvinitx.dll

2012-08-30 19:14 . 2012-06-02 21:20 2422120 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-08-30 19:14 . 2012-06-02 21:20 2216808 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-08-30 19:14 . 2012-06-02 21:20 202600 ----a-w- c:\windows\SysWow64\nvinit.dll

2012-08-30 19:14 . 2012-06-02 21:20 19828584 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2012-08-30 19:14 . 2012-06-02 21:20 1866088 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2012-08-30 19:14 . 2012-06-02 21:20 18229096 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-08-30 19:14 . 2012-06-02 21:20 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-08-30 19:14 . 2012-06-02 21:20 13391720 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-08-30 19:14 . 2012-06-02 21:20 12465512 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2012-08-30 19:14 . 2012-03-25 19:16 971624 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-08-30 19:14 . 2012-03-25 19:16 15291752 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-08-30 19:14 . 2011-11-03 23:38 1760104 ----a-w- c:\windows\system32\nvdispco64.dll

2012-08-30 19:14 . 2011-05-21 10:01 2725224 ----a-w- c:\windows\system32\nvapi64.dll

2012-08-30 19:14 . 2011-05-21 10:01 14879080 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-08-30 14:40 . 2012-08-30 14:40 429416 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2012-08-22 18:12 . 2012-09-14 00:31 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-22 18:12 . 2012-09-14 00:31 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-08-22 18:12 . 2012-09-14 00:31 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-21 17:01 . 2011-11-04 00:36 125872 ----a-w- c:\windows\system32\GEARAspi64.dll

2012-08-21 17:01 . 2011-11-04 00:36 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2012-08-21 09:13 . 2011-11-03 22:09 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-08-21 09:13 . 2011-11-03 22:09 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-08-21 09:13 . 2011-11-03 22:09 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-08-21 09:13 . 2012-03-11 20:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2012-08-21 09:13 . 2011-11-03 22:09 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-08-21 09:13 . 2011-11-03 22:09 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-08-21 09:12 . 2011-11-03 22:09 41224 ----a-w- c:\windows\avastSS.scr

2012-08-21 09:12 . 2011-11-03 22:09 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe

2012-08-21 09:12 . 2011-11-03 22:09 285328 ----a-w- c:\windows\system32\aswBoot.exe

2012-07-18 18:15 . 2012-08-17 03:13 3148800 ----a-w- c:\windows\system32\win32k.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-07-07 24576]

"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2009-07-07 241789]

"Lachesis"="c:\program files (x86)\Razer\Lachesis\razerhid.exe" [2009-11-10 248320]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=0 (0x0)

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-11-04 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-11-03 79360]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-07-07 230488]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-07-07 95320]

R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_5.6.31854.0.sys [2012-05-18 17408]

R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys [2012-03-29 13688]

R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-09 114144]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 VaneFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2009-10-17 29952]

R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys [2012-03-29 65912]

R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys [2012-03-29 15736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-03 1255736]

R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

R4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 83240]

R4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-10-12 75048]

R4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-10-12 292136]

R4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]

R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]

R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]

R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-08-30 382312]

R4 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R4 TouchServiceWacom;Wacom Professional Touch Service;c:\program files\Tablet\Wacom\Wacom_TouchService.exe [2012-04-18 567672]

S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [2011-04-10 13936]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/11/03 21:56];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-10-18 14:28 148976]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2011-04-10 9663848]

S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-08-24 75248]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]

S2 TabletServiceWacom;TabletServiceWacom;c:\program files\Tablet\Wacom\Wacom_Tablet.exe [2012-04-18 8518008]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-07-07 230488]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-07-07 95320]

S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [2011-04-10 206960]

S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys [2010-07-07 1612888]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 22408]

S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys [2009-07-01 30728]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 16008]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys [2010-08-12 1310720]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-10-14 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 21:14]

.

2012-10-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-747255843-2212139681-4065398812-1000Core.job

- c:\users\Robert P Baron Jr\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-24 02:34]

.

2012-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-747255843-2212139681-4065398812-1000UA.job

- c:\users\Robert P Baron Jr\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-24 02:34]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AsioReg"="CTASIO.DLL" [bU]

"Cm108Sound"="c:\windows\Syswow64\cm108.dll" [2010-10-13 8757248]

"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]

"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]

"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 167.206.254.1 167.206.254.2

FF - ProfilePath - c:\users\Robert P Baron Jr\AppData\Roaming\Mozilla\Firefox\Profiles\n8cnnrx7.default\

FF - prefs.js: browser.search.selectedEngine - FilesTube.com

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]

"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-10-14 17:44:23

ComboFix-quarantined-files.txt 2012-10-14 21:44

ComboFix2.txt 2012-10-14 18:24

.

Pre-Run: 328,545,394,688 bytes free

Post-Run: 328,265,666,560 bytes free

.

- - End Of File - - CD73907B537F4629D1441638B736D1A2

log.txt

Link to post
Share on other sites

Are you good to go? :)

Hi Jeffce!!!

Sorry, work once again called me away for a few days :|. Boo...

I seem to be running smoothly again. Thank you so much for your help. Would you be able to explain what files were removed (the .tmp files) and how they affected my system?

Once again thanks!

Link to post
Share on other sites

Hi,

No problem at all! Glad to hear your system is running better. :)

Those entries that we were removing were part of a trojan that needed to be removed.

--------------

Please go to Start >> Control Panel >> Programs and Features >> uninstall all versions of Java except the most recent on your system.

-------------

Clear Java Cache

See this page for instructions on how to clear java's cache.

Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)

  • Under Temporary Internet Files, click the Delete Files button.
  • There are three options in the window to clear the cache - Leave ALL 3 Checked

    • Downloaded Applets
      Downloaded Applications
      Other Files

    [*]Click OK on Delete Temporary Files Window

    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

    [*]Click OK to leave the Java Control Panel.

----------

Malwarebytes

Please open Malwarebytes, update it and then run a Quick Scan. Save the log that is created for your next reply.

----------

ESET Online Scanner

Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.

----------

Link to post
Share on other sites

  • 3 weeks later...

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.