r1kub0y

Thanks

Results of screen317's Security Check version 0.99.75 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender Avira Desktop Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 45 Adobe Flash Player 11.9.900.118 Mozilla Firefox (25.0) Google Chrome 30.0.1599.101 Google Chrome 30.0.1599.69 ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````

ESET.txt C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe a variant of Win32/Bundled.Toolbar.Ask.D application

Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.10.28.05 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16721 Student-ID :: DAC-NB1301885 [administrator] 28/10/2013 10:37:14 PM mbam-log-2013-10-28 (22-37-14).txt Scan type: Full scan (C:\|D:\|E:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 570890 Time elapsed: 1 hour(s), 17 minute(s), 40 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

# AdwCleaner v3.010 - Report created 28/10/2013 at 22:10:13 # Updated 20/10/2013 by Xplode # Operating System : Windows 8 (64 bits) # Username : Student-ID - DAC-NB1301885 # Running from : C:\Users\Student-ID\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Deleted : C:\END File Deleted : C:\Users\Student-ID\AppData\Roaming\Mozilla\Firefox\Profiles\yo93533s.default\foxydeal.sqlite File Deleted : C:\Users\Student-ID\AppData\Roaming\Mozilla\Firefox\Profiles\yo93533s.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\Conduit ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16537 -\\ Mozilla Firefox v25.0 (en-US) [ File : C:\Users\Student-ID\AppData\Roaming\Mozilla\Firefox\Profiles\yo93533s.default\prefs.js ] -\\ Google Chrome v30.0.1599.101 [ File : C:\Users\Student-ID\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1369 octets] - [28/10/2013 22:09:43] AdwCleaner[s0].txt - [1216 octets] - [28/10/2013 22:10:13] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1276 octets] ##########

TDSS log TDSSKiller.2.8.16.0_28.10.2013_21.50.26_log.txt

TDSSkiller log post_too_long? What now?

Nvm got it to work it again Aswmbr aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-10-28 21:49:01 ----------------------------- 21:49:01.926 OS Version: Windows x64 6.2.9200 21:49:01.926 Number of processors: 8 586 0x3A09 21:49:01.926 ComputerName: DAC-NB1301885 UserName: Student-ID 21:49:01.942 Initialze error 1 21:49:20.880 AVAST engine defs: 13102800 21:49:23.773 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003e 21:49:23.773 Disk 0 Vendor: Hitachi_HTS727575A9E364 JF4OA110 Size: 715404MB BusType: 11 21:49:23.788 Disk 0 MBR read successfully 21:49:23.788 Disk 0 MBR scan 21:49:23.804 Disk 0 unknown MBR code 21:49:23.804 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1 21:49:23.820 Disk 0 scanning C:\Windows\system32\drivers 21:49:23.820 Service scanning 21:49:24.507 Modules scanning 21:49:24.507 Disk 0 trace - called modules: 21:49:24.507 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys 21:49:24.523 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009b42060] 21:49:24.523 3 CLASSPNP.SYS[fffff88001736e0a] -> nt!IofCallDriver -> [0xfffffa80079e9e40] 21:49:24.570 5 ACPI.sys[fffff8800115da91] -> nt!IofCallDriver -> \Device\0000003e[0xfffffa80079eb7f0] 21:49:24.570 AVAST engine scan C:\Windows 21:49:24.585 AVAST engine scan C:\Windows\system32 21:49:24.585 AVAST engine scan C:\Windows\system32\drivers 21:49:24.601 AVAST engine scan C:\Users\Student-ID 21:49:24.601 AVAST engine scan C:\ProgramData 21:49:24.616 Scan finished successfully 21:49:34.853 Disk 0 MBR has been saved successfully to "C:\Users\Student-ID\Desktop\MBR.dat" 21:49:34.868 The log file has been saved successfully to "C:\Users\Student-ID\Desktop\aswMBR.txt" TDSSKiller

sorry aswmbr failed to run

Malwarebytes Anti-Rootkit BETA 1.07.0.1007 www.malwarebytes.org Database version: v2013.10.02.12 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16721 Student-ID :: DAC-NB1301885 [administrator] 28/10/2013 8:48:38 PM mbar-log-2013-10-28 (20-48-38).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 62293 Time elapsed: 4 minute(s), 13 second(s) [aborted] Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end)

Sorry, the gmer program kept saying it couldn't access C:\Windows\system32\config\system: and C:\Users\Student-ID\ntuser.dat But here is ark.txt GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-10-28 20:30:59 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003e Hitachi_HTS727575A9E364 rev.JF4OA110 698.64GB Running: g4gpx1nf.exe; Driver: C:\Users\STUDEN~1\AppData\Local\Temp\pwdcypoc.sys ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\csrss.exe [696:720] fffff9600089a5e8 ---- Processes - GMER 2.1 ---- Library C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\8b41dd65769af26f66874ce6a684155b\mscorlib.ni.dll (*** suspicious ***) @ C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2144] 0000000072410000 ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- EOF - GMER 2.1 ----

I was tricked into installing this toolbar called ask.com which had an underlying trojan in it. Now my laptop which I use for school is now infected with a trojan. I can't seem to remove it.Please help! Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Boot Device: \Device\HarddiskVolume3 Install Date: 4/3/2013 4:16:24 PM System Uptime: 28/10/2013 1:51:09 PM (5 hours ago) . Motherboard: FUJITSU | | FJNBB2D Processor: Intel® Core i7-3632QM CPU @ 2.20GHz | CPU Socket - U3E1 | 2200/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 200 GiB total, 98.506 GiB free. D: is FIXED (NTFS) - 497 GiB total, 496.405 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Device ID: ROOT\NET\0000 Manufacturer: Cisco Systems Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 PNP Device ID: ROOT\NET\0000 Service: vpnva . ==== System Restore Points =================== . RP24: 14/10/2013 12:56:58 PM - Windows Update RP25: 18/10/2013 3:30:06 PM - Installed IBM SPSS Statistics 19. RP26: 28/10/2013 12:19:09 PM - Windows Update . ==== Installed Programs ====================== . 64 Bit HP CIO Components Installer Adobe Acrobat X Pro - English, Français, Deutsch Adobe AIR Adobe Creative Suite 6 Master Collection Adobe Digital Editions 2.0 Adobe Flash Player 11 Plugin Adobe Help Manager Adobe Widget Browser Adobe® Content Viewer ALPS Touch Pad Driver Anytime USB Charge Utility Artweaver Free 3.1 AutoCAD 2012 - English AutoCAD 2012 - English SP2 AutoCAD 2012 Language Pack - English Autodesk Content Service Autodesk Inventor Fusion 2012 Autodesk Inventor Fusion 2012 Language Pack Autodesk Inventor Fusion plug-in for AutoCAD 2012 Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 Autodesk Material Library 2012 Autodesk Material Library Base Resolution Image Library 2012 Avira Free Antivirus Battery Utility bl CCleaner Cisco AnyConnect Secure Mobility Client Cisco AnyConnect Secure Mobility Client Crystal Reports for Visual Studio CyberLink PowerDirector CyberLink PowerDVD 10 CyberLink YouCam Data Exchange Utility Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Disc Burning Utility Dotfuscator Software Services - Community Edition Face Sense Utility Settings FARO LS 1.1.406.58 FileHippo.com Update Checker FJ Camera Fujistu Screen Saver Fujitsu BIOS Driver Fujitsu MobilityCenter Extension Utility Fujitsu System Extension Utility Google Chrome Google Update Helper Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2565057) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2736182) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233) IBM SPSS Statistics 19 Intel PROSet Wireless Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Intel® PROSet/Wireless WiFi Software Intel® Trusted Connect Service Client Java 7 Update 45 Java Auto Updater LIFEBOOK Application Panel Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Help Viewer 1.1 Microsoft Office 2010 Language Pack Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Project MUI (English) 2010 Microsoft Office Project Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Visio 2010 Microsoft Office Visio MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Project 2010 Service Pack 1 (SP1) Microsoft Project Professional 2010 Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft Silverlight 4 SDK Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 CHS Microsoft SQL Server Compact 3.5 SP2 CHT Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 CHS Microsoft SQL Server Compact 3.5 SP2 x64 CHT Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime v1.0 SP1 (x64) Microsoft Sync Framework SDK v1.0 SP1 Microsoft Sync Framework Services v1.0 SP1 (x64) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Visio 2010 Service Pack 1 (SP1) Microsoft Visio Premium 2010 Microsoft Visual C++ Compilers 2010 Standard - enu - x64 Microsoft Visual C++ Compilers 2010 Standard - enu - x86 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Office Developer Tools (x64) Microsoft Visual Studio 2010 Professional - ENU Microsoft Visual Studio 2010 Service Pack 1 Microsoft Visual Studio 2010 SharePoint Developer Tools Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio Macro Tools Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 Mozilla Firefox 25.0 (x86 en-US) Mozilla Maintenance Service NVIDIA 3D Vision Driver 314.22 NVIDIA Control Panel 314.22 NVIDIA Graphics Driver 314.22 NVIDIA Install Application NVIDIA Optimus 1.12.12 NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.12.12 NVIDIA Update Components PDF Settings CS6 ph Pointing Device Utility Power Button Setting Power Saving Utility Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Respondus LockDown Browser Roxio Creator LJ Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition Security Update for Microsoft Visio 2010 (KB2687508) 64-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410) Security Update for Microsoft Visual Studio Macro Tools (KB2669970) Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) Sql Server Customer Experience Improvement Program SUPERAntiSpyware System Requirements Lab CYRI Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition Update Navi Visual Studio 2010 Prerequisites - English Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU WCF RIA Services V1.0 SP1 Web Deployment Tool WIDCOMM Bluetooth Software Windows Driver Package - FUJITSU LIMITED (FUJ02B1) System (06/09/2012 1.23) Windows Driver Package - FUJITSU LIMITED (FUJ02E3) System (06/22/2012 1.30.0.0) WinRAR 4.20 (64-bit) Wireless Radio Switch Driver World of Tanks WPF Toolkit June 2009 (Version 3.5.40619.1) . ==== Event Viewer Messages From Past Week ======== . 28/10/2013 2:19:44 PM, Error: Service Control Manager [7034] - The Advanced SystemCare Service 6 service terminated unexpectedly. It has done this 1 time(s). 28/10/2013 1:53:58 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: The password for this account has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 28/10/2013 1:53:58 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. . ==== End Of File =========================== DDS.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.45.2 Run by Student-ID at 18:51:42 on 2013-10-28 Microsoft Windows 8 6.2.9200.0.1252.65.1033.18.8052.5643 [GMT 8:00] . AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\dwm.exe C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhostex.exe C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe C:\Windows\system32\BtwRSupportService.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\Fujitsu\DataExchangeUtility\DEUService.exe C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe c:\Program Files\Fujitsu\PSUtility\PSUService.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\Program Files\Fujitsu\PSUtility\TrayManager.exe c:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe C:\Program Files\Fujitsu\updnavi\updnvsrv.exe C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Apoint2K\HidFind.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Fujitsu\updnavi\updatenv.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\explorer.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\msiexec.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe c:\program files (x86)\avira\antivir desktop\avgnt.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll uRun: [AdobeBridge] <no file> mRun: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: Append Link Target to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.254 TCP: Interfaces\{A76C35C3-242A-48A4-B0ED-EC92CAEF9D9E} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{A76C35C3-242A-48A4-B0ED-EC92CAEF9D9E}\35053547574656E647 : DHCPNameServer = 164.78.237.13 164.78.239.13 TCP: Interfaces\{F3D8D649-4418-4B86-A83D-CD06976E6DF2} : DHCPNameServer = 164.78.237.13 164.78.239.13 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\updnavi\updatenv.exe x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Student-ID\AppData\Roaming\Mozilla\Firefox\Profiles\yo93533s.default\ FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_118.dll FF - ExtSQL: 2013-10-24 02:44; toolbar_AVIRA-V7@apn.ask.com; C:\Users\Student-ID\AppData\Roaming\Mozilla\Firefox\Profiles\yo93533s.default\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi . ---- FIREFOX POLICIES ---- FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: browser.turbo.enabled - true FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.chrome.favicons - false FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: content.notify.ontimer - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.switch.threshold - 750000 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 . ============= SERVICES / DRIVERS =============== . R0 FBIOSDRV;Fujitsu BIOS Driver;C:\Windows\System32\Drivers\FBIOSDRV.sys [2012-9-11 20848] R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-9-11 645952] R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2013-3-26 30496] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2012-9-14 56336] R1 avkmgr;avkmgr;C:\Windows\System32\Drivers\avkmgr.sys [2013-10-28 28600] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-23 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-13 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-8 143088] R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-10-28 440392] R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-10-28 440392] R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-2-2 18656] R2 avgntflt;avgntflt;C:\Windows\System32\Drivers\avgntflt.sys [2013-10-28 105856] R2 BcmBtRSupport;Bluetooth Radio Control Service;C:\Windows\System32\BtwRSupportService.exe [2013-2-19 2252088] R2 DataExchangeUtilityService;DataExchangeUtilityService;C:\Program Files (x86)\Fujitsu\DataExchangeUtility\DEUService.exe [2012-8-11 253232] R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-9-14 233328] R2 FUJ02E3Service;FUJ02E3Service;C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [2012-7-19 80752] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-9-14 2451456] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-9-14 165760] R2 PowerSavingUtilityService;PowerSavingUtilityService;C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2012-8-7 51608] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-9-14 364416] R2 UpdateNaviInstallService;UpdateNaviInstallService;C:\Program Files\Fujitsu\updnavi\updnvsrv.exe [2011-6-28 14336] R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-1-24 544688] R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-7-19 2699568] R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\Drivers\bcbtums.sys [2013-2-19 165688] R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752] R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\Drivers\btwampfl.sys [2013-2-19 157560] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\Drivers\btwl2cap.sys [2013-2-19 40248] R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\Windows\System32\Drivers\fuj02e3.sys [2012-9-11 17264] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-9-11 342528] R3 NETwNe64;@oem15.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2012-9-3 4291624] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUStor.sys [2012-9-14 252048] R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-9-14 683664] S3 acsock;acsock;C:\Windows\System32\Drivers\acsock64.sys [2013-3-20 112080] S3 FJQuickPowerOn;FJQuickPowerOn;C:\Program Files\Fujitsu\QuickPowerOn\QuickPowerOn.exe [2012-8-15 165784] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-2-20 1431888] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-7-19 272176] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\Drivers\netr28x.sys [2012-6-2 1737760] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-10 174440] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-20 517096] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\Drivers\RsFx0105.sys [2011-9-22 311144] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464] . =============== File Associations =============== . FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1" FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1" ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2013-10-28 09:57:10 -------- d-----w- C:\Windows\System32\MRT 2013-10-28 06:28:27 -------- d-----w- C:\Users\Student-ID\AppData\Roaming\Avira 2013-10-28 06:21:47 -------- d-----w- C:\ProgramData\APN 2013-10-28 06:18:44 83160 ----a-w- C:\Windows\System32\drivers\avnetflt.sys 2013-10-28 06:18:44 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys 2013-10-28 06:18:43 105856 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2013-10-28 06:18:24 -------- d-----w- C:\ProgramData\Avira 2013-10-28 06:18:24 -------- d-----w- C:\Program Files (x86)\Avira 2013-10-28 04:48:50 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4011F07E-4098-42F8-8786-C25FF756729F}\mpengine.dll 2013-10-28 04:46:59 -------- d-----w- C:\ProgramData\Oracle 2013-10-28 04:46:51 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-10-28 04:40:05 230912 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMADAN4C.DLL 2013-10-28 04:38:59 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-28 04:38:58 694232 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-10-25 05:35:22 566784 ----a-w- C:\Windows\System32\wvc.dll 2013-10-25 05:34:53 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2013-10-25 05:31:56 652288 ----a-w- C:\Windows\System32\comctl32.dll 2013-10-18 07:58:31 290992 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10221.bin 2013-10-18 07:52:09 -------- d-----w- C:\Users\Student-ID\.spss 2013-10-18 07:52:09 -------- d-----w- C:\ProgramData\SafeNet Sentinel 2013-10-18 07:52:07 -------- d-----w- C:\Users\Student-ID\AppData\Roaming\Eclipse 2013-10-18 07:52:04 -------- d-----w- C:\Users\Student-ID\AppData\Local\javasharedresources 2013-10-18 07:33:32 -------- d--h--w- C:\Users\Student-ID\InstallAnywhere 2013-10-18 07:33:32 -------- d--h--w- C:\Program Files (x86)\Zero G Registry 2013-10-18 07:33:32 -------- d-----w- C:\Program Files (x86)\Common Files\IBM 2013-10-18 07:32:50 -------- d-----w- C:\ProgramData\SPSS 2013-10-18 07:31:30 -------- d-----w- C:\Program Files\Common Files\IBM 2013-10-18 07:30:28 -------- d-----w- C:\Program Files\IBM 2013-10-18 07:30:23 205 ----a-w- C:\Windows\SysWow64\lsprst7.dll 2013-10-18 07:30:23 1025 ----a-w- C:\Windows\SysWow64\sysprs7.dll 2013-10-18 07:24:19 -------- d-----w- C:\Users\Student-ID\AppData\Local\Adobe_Systems_Incorporate . ==================== Find3M ==================== . 2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll 2013-08-23 05:11:57 4040192 ----a-w- C:\Windows\System32\win32k.sys 2013-08-16 05:41:13 58200 ----a-w- C:\Windows\System32\drivers\dam.sys 2013-08-16 05:39:26 2371728 ----a-w- C:\Windows\System32\WSService.dll 2013-08-16 05:32:48 209200 ----a-w- C:\Windows\System32\NotificationUI.exe 2013-08-16 05:22:22 40448 ----a-w- C:\Windows\System32\wuapp.exe 2013-08-16 05:22:11 4917760 ----a-w- C:\Windows\System32\sppsvc.exe 2013-08-16 05:20:30 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll 2013-08-15 22:43:21 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe 2013-08-15 22:43:07 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll 2013-08-15 22:43:07 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2013-08-15 22:43:03 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll 2013-08-15 22:43:03 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll 2013-08-15 22:43:02 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll 2013-08-15 22:43:02 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll 2013-08-15 22:43:02 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll 2013-08-15 22:43:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-08-15 22:42:52 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll 2013-08-15 22:42:47 91648 ----a-w- C:\Windows\SysWow64\sppc.dll 2013-08-10 05:21:51 448512 ----a-w- C:\Windows\System32\SettingSync.dll 2013-08-10 05:21:51 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll 2013-08-10 03:58:51 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll 2013-08-07 05:15:02 144896 ----a-w- C:\Windows\System32\tssdisai.dll 2013-08-03 06:40:49 462336 ----a-w- C:\Windows\System32\sysmon.ocx 2013-08-03 06:40:01 1374208 ----a-w- C:\Windows\System32\wdc.dll 2013-08-03 05:14:15 399360 ----a-w- C:\Windows\SysWow64\sysmon.ocx 2013-08-03 05:13:57 437248 ----a-w- C:\Windows\SysWow64\wvc.dll 2013-08-03 05:13:43 1245696 ----a-w- C:\Windows\SysWow64\wdc.dll 2013-08-02 06:28:29 10116608 ----a-w- C:\Windows\System32\twinui.dll 2013-08-02 06:26:53 2304512 ----a-w- C:\Windows\System32\authui.dll 2013-08-02 05:08:18 8858112 ----a-w- C:\Windows\SysWow64\twinui.dll 2013-08-02 05:06:50 2035712 ----a-w- C:\Windows\SysWow64\authui.dll 2013-08-01 10:41:31 2233688 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ============= FINISH: 18:51:59.96 ===============

Okay, I will keep avira antivirus then. I don't think Java was very important for me except for playing a few different gaming sites.

Thanks for the help again. Should I reinstall Java then disable it on web browsers? Also, should I continue to use the Avira AntiVirus instead of Microsoft Security Essentials?

Not anymore, my computer used to significantly slow down on opening internet browsers, its running fine now