incognita

I think I'm still infected

5 posts in this topic

My computer is doing crazy stuff and I don't know how to fix it. This is the log from HijackThis.

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 11:18:39 PM, on 5/25/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16576)

CHROME: 27.0.1453.94

FIREFOX: 21.0 (en-US)

Boot mode: Normal

Running processes:

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\Desktop\Computer Safety\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: (no name) - MRI_DISABLED - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: EMP_UDSA - SEIKO EPSON CORPORATION - C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 6838 bytes

Share this post


Link to post
Share on other sites

Hello incognita! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and post your log files:

http://forums.malwarebytes.org/index.php?showtopic=9573

Could you please give me more information about your problems?

Share this post


Link to post
Share on other sites

Here are my logs per Maniac's request

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 4/1/2011 8:32:48 AM

System Uptime: 5/25/2013 11:00:41 PM (16 hours ago)

.

Motherboard: TOSHIBA | | Portable PC

Processor: Intel® Celeron® CPU 900 @ 2.20GHz | CPU | 2194/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 222 GiB total, 180.296 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: avast! SecureLine TAP Adapter

Device ID: ROOT\NET\0000

Manufacturer: TAP-Windows Provider V9

Name: avast! SecureLine TAP Adapter

PNP Device ID: ROOT\NET\0000

Service: tap0901

.

==== System Restore Points ===================

.

RP332: 5/26/2013 3:19:47 PM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

Ad-Aware Antivirus

Ad-Aware Security Add-on

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.0

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Atheros Driver Installation Program

avast! Free Antivirus

Bandisoft MPEG-1 Decoder

Best Buy pc app

Blingee Toolbar

CCleaner

Conexant HD Audio

CORE Client

DragonNest

EPSON USB Display

Google Chrome

Google Update Helper

Happy Cloud Client

Intel® Graphics Media Accelerator Driver

Intel® Matrix Storage Manager

Itibiti RTC

iTunes

Java 7 Update 21 (64-bit)

Java Auto Updater

Kaspersky Security Scan

KeePass Password Safe 1.25

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 21.0 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Pando Media Booster

PlayReady PC Runtime amd64

PreReq

QuickTime

Realtek USB 2.0 Card Reader

Revo Uninstaller 1.94

Samsung New PC Studio

SAMSUNG USB Driver for Mobile Phones

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Skype Click to Call

Skype™ 6.3

Spybot - Search & Destroy

Synaptics Pointing Device Driver

System Requirements Lab for Intel

TOSHIBA Application Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA Disc Creator

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA ReelTime

TOSHIBA Service Station

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

ToshibaRegistration

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live OneCare safety scanner

Windows Media Encoder 9 Series

WinRAR 4.00 (32-bit)

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

5/25/2013 9:56:36 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 40 time(s).

5/25/2013 9:56:35 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 39 time(s).

5/25/2013 9:55:18 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 38 time(s).

5/25/2013 9:54:32 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 37 time(s).

5/25/2013 9:52:33 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 36 time(s).

5/25/2013 9:51:08 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 35 time(s).

5/25/2013 9:50:45 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 34 time(s).

5/25/2013 9:50:28 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 33 time(s).

5/25/2013 9:49:49 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 32 time(s).

5/25/2013 9:41:40 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 31 time(s).

5/25/2013 9:40:18 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 30 time(s).

5/25/2013 9:40:03 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 29 time(s).

5/25/2013 9:40:02 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 28 time(s).

5/25/2013 9:39:54 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 27 time(s).

5/25/2013 9:39:41 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 26 time(s).

5/25/2013 9:39:25 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 25 time(s).

5/25/2013 9:39:07 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 24 time(s).

5/25/2013 9:39:03 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 23 time(s).

5/25/2013 9:39:02 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 22 time(s).

5/25/2013 9:38:59 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 21 time(s).

5/25/2013 9:38:57 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 20 time(s).

5/25/2013 9:38:49 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 19 time(s).

5/25/2013 9:38:47 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 18 time(s).

5/25/2013 9:38:46 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 17 time(s).

5/25/2013 9:38:45 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 16 time(s).

5/25/2013 9:38:41 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 15 time(s).

5/25/2013 9:33:05 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 14 time(s).

5/25/2013 9:26:09 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 13 time(s).

5/25/2013 9:19:38 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 12 time(s).

5/25/2013 9:19:37 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 11 time(s).

5/25/2013 9:19:36 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 10 time(s).

5/25/2013 9:15:59 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 9 time(s).

5/25/2013 9:11:55 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 8 time(s).

5/25/2013 9:10:10 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 7 time(s).

5/25/2013 9:09:55 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 6 time(s).

5/25/2013 9:09:55 PM, Error: Service Control Manager [7023] - The Windows Search service terminated with the following error: The file or directory is corrupted and unreadable.

5/25/2013 9:09:51 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 5 time(s).

5/25/2013 9:08:53 PM, Error: Service Control Manager [7034] - The EMP_UDSA service terminated unexpectedly. It has done this 1 time(s).

5/25/2013 9:07:52 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 4 time(s).

5/25/2013 9:07:28 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 3 time(s).

5/25/2013 9:07:21 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

5/25/2013 9:07:21 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147217025.

5/25/2013 9:06:56 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

5/25/2013 9:06:41 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

5/25/2013 9:06:36 PM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The file or directory is corrupted and unreadable.

5/25/2013 8:17:24 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

5/25/2013 8:14:36 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

5/25/2013 8:14:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

5/25/2013 8:14:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

5/25/2013 8:14:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

5/25/2013 8:14:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

5/25/2013 8:14:04 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm discache ElRawDisk MpFilter spldr SRTSP SRTSPX Wanarpv6 WSREGMON

5/25/2013 8:14:00 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

5/25/2013 5:38:24 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

5/25/2013 5:06:17 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

5/25/2013 4:34:34 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.

5/25/2013 4:27:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service defragsvc with arguments "" in order to run the server: {D20A3293-3341-4AE8-9AAF-8E397CB63C34}

5/25/2013 3:46:39 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

5/25/2013 3:41:34 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm discache ElRawDisk spldr SRTSP SRTSPX Wanarpv6 WSREGMON

5/25/2013 3:40:14 AM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.

5/25/2013 11:01:57 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SRTSP WSREGMON

5/25/2013 11:00:46 PM, Error: SRTSP [5] - Error loading Symantec real time Anti-Virus driver.

5/25/2013 11:00:46 PM, Error: SRTSP [4] - Error loading virus definitions.

5/25/2013 10:45:38 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.

5/25/2013 10:45:29 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: The file or directory is corrupted and unreadable.

5/25/2013 10:45:29 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The file or directory is corrupted and unreadable.

5/25/2013 10:45:29 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80070570.

5/25/2013 10:44:33 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 92 time(s).

5/25/2013 10:44:33 PM, Error: Service Control Manager [7023] - The Windows Search service terminated with the following error: The system cannot find the path specified.

5/25/2013 10:44:21 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 91 time(s).

5/25/2013 10:43:16 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 90 time(s).

5/25/2013 10:42:24 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 89 time(s).

5/25/2013 10:35:23 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 88 time(s).

5/25/2013 10:34:59 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 87 time(s).

5/25/2013 10:34:55 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 86 time(s).

5/25/2013 10:34:53 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 85 time(s).

5/25/2013 10:34:52 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 84 time(s).

5/25/2013 10:34:49 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 83 time(s).

5/25/2013 10:29:45 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 82 time(s).

5/25/2013 10:29:39 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 81 time(s).

5/25/2013 10:29:27 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 80 time(s).

5/25/2013 10:29:25 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 79 time(s).

5/25/2013 10:29:20 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 78 time(s).

5/25/2013 10:29:08 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 77 time(s).

5/25/2013 10:29:05 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 76 time(s).

5/25/2013 10:29:04 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 75 time(s).

5/25/2013 10:29:03 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 74 time(s).

5/25/2013 10:28:54 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 73 time(s).

5/25/2013 10:28:53 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 72 time(s).

5/25/2013 10:28:49 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 71 time(s).

5/25/2013 10:27:25 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 70 time(s).

5/25/2013 10:16:41 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 69 time(s).

5/25/2013 10:16:37 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 68 time(s).

5/25/2013 10:15:54 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 67 time(s).

5/25/2013 10:15:52 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 66 time(s).

5/25/2013 10:14:47 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 65 time(s).

5/25/2013 10:13:03 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 64 time(s).

5/25/2013 10:12:48 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 63 time(s).

5/25/2013 10:12:31 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 62 time(s).

5/25/2013 10:12:29 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 61 time(s).

5/25/2013 10:11:31 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 60 time(s).

5/25/2013 10:11:28 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 59 time(s).

5/25/2013 10:11:02 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 58 time(s).

5/25/2013 10:10:41 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 57 time(s).

5/25/2013 10:10:31 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 56 time(s).

5/25/2013 10:10:27 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 55 time(s).

5/25/2013 10:10:00 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 54 time(s).

5/25/2013 10:09:59 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume TI105952W0C.

5/25/2013 10:09:53 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 53 time(s).

5/25/2013 10:09:52 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 52 time(s).

5/25/2013 10:09:36 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 51 time(s).

5/25/2013 10:09:34 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 50 time(s).

5/25/2013 10:09:07 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 49 time(s).

5/25/2013 10:08:35 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 48 time(s).

5/25/2013 10:08:26 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 47 time(s).

5/25/2013 10:08:15 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 46 time(s).

5/25/2013 10:07:54 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 45 time(s).

5/25/2013 10:06:24 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 44 time(s).

5/25/2013 10:06:19 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 43 time(s).

5/25/2013 10:06:16 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 42 time(s).

5/25/2013 10:00:54 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 41 time(s).

5/25/2013 1:49:57 PM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).

5/24/2013 7:49:40 AM, Error: Service Control Manager [7034] - The COMODO Virtual Service Manager service terminated unexpectedly. It has done this 1 time(s).

5/24/2013 4:41:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cmdGuard discache ElRawDisk spldr SRTSP SRTSPX Wanarpv6 WSREGMON

5/24/2013 3:36:27 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.

5/23/2013 10:26:49 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CFRMD SRTSP WSREGMON

5/20/2013 8:01:19 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Skype 5.10 for Windows (KB2727727).

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16576

Run by Owner at 15:31:11 on 2013-05-26

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1916.659 [GMT -4:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}

AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}

SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

.

============== Running Processes ===============

.

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k GPSvcGroup

C:\windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe

C:\windows\system32\taskhost.exe

C:\windows\Explorer.EXE

C:\windows\system32\Dwm.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\svchost.exe -k SDRSVC

C:\windows\SysWOW64\ctfmon.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

C:\Program Files (x86)\adawaretb\ffHelper.exe

C:\ProgramData\Search Protection\SearchProtection.exe

C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe

C:\windows\system32\taskhost.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\servicing\TrustedInstaller.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=A3983B94A04808C9EE08C151A193B977

uProxyServer = localhost:21320

uProxyOverride = <local>

uURLSearchHooks: <No Name>: - LocalServer32 - <no file>

BHO: MRI_DISABLED - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - <orphaned>

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

uRun: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun

uRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f

uRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

mRun: [searchProtection] C:\ProgramData\Search Protection\_run.bat

mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{9E067249-1773-4CA2-8099-C3527CF63A92} : DHCPNameServer = 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Notify: SDWinLogon - SDWinLogon.dll

SSODL: WebCheck - <orphaned>

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\7qvr9l9y.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=

FF - prefs.js: browser.search.selectedEngine - SecureSearch

FF - prefs.js: browser.startup.homepage - hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=A3983B94A04808C9EE08C151A193B977

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll

FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Users\Owner\AppData\Roaming\raidcall\plugins\nprcplugin.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-03-29 21:32; artur.dubovoy@gmail.com; C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\7qvr9l9y.default\extensions\artur.dubovoy@gmail.com.xpi

FF - ExtSQL: 2013-05-24 19:06; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-3-18 65336]

R0 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-3-18 189936]

R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-1-20 230320]

R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2013-5-24 1025808]

R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2013-5-24 378432]

R1 ElRawDisk;ElRawDisk;C:\windows\System32\drivers\rsdrvx64.sys [2012-8-24 26024]

R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2013-3-18 1236336]

R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2013-5-24 33400]

R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-5-24 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-24 46808]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 EMP_UDSA;EMP_UDSA;C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [2012-6-16 104424]

R2 KSS;Kaspersky Security Scan Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-4-25 202296]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-27 418376]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [2011-4-1 126904]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-5-26 1817560]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-5-26 1033688]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-5-26 171928]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-4-15 3289208]

R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-4-1 9216]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-4-20 169584]

R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2011-8-24 25928]

R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

S0 gfibto;gfibto;C:\windows\System32\drivers\gfibto.sys [2013-5-26 14456]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-8-24 701512]

S2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-9-20 3677000]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384]

S3 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-2-16 19456]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-4-1 232992]

S3 ssecbus;Samsung Mobile Modem Device driver (WDM);C:\windows\System32\drivers\ssecbus.sys [2013-5-23 113664]

S3 ssecmdfl;Samsung Mobile Modem Device 2 Filter;C:\windows\System32\drivers\ssecmdfl.sys [2013-5-23 18944]

S3 ssecmdm;Samsung Mobile Modem Device 2 Driver;C:\windows\System32\drivers\ssecmdm.sys [2013-5-23 152064]

S3 TFsExDisk;TFsExDisk;C:\windows\System32\drivers\TFsExDisk.sys [2012-7-12 16448]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-2-16 57856]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-4-1 1255736]

S4 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-4-1 51512]

S4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

.

=============== Created Last 30 ================

.

2013-05-26 05:04:32 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-05-26 05:03:57 17272 ----a-w- C:\windows\System32\sdnclean64.exe

2013-05-26 05:03:37 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-05-26 04:57:31 -------- d-----w- C:\Users\Owner\AppData\Roaming\LavasoftStatistics

2013-05-26 04:57:09 -------- d-----w- C:\ProgramData\Ad-Aware Antivirus

2013-05-26 04:47:47 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus

2013-05-26 04:47:20 -------- d-----w- C:\ProgramData\Downloaded Installations

2013-05-26 04:47:16 -------- d-----w- C:\ProgramData\Search Protection

2013-05-26 04:47:13 -------- d-----w- C:\ProgramData\blekko toolbars

2013-05-26 04:47:13 -------- d-----w- C:\ProgramData\adawaretb

2013-05-26 04:47:12 -------- d-----w- C:\Users\Owner\AppData\Local\adawarebp

2013-05-26 04:47:11 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection

2013-05-26 04:47:02 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner

2013-05-26 04:46:50 -------- d-----w- C:\Program Files (x86)\adawaretb

2013-05-26 04:44:58 47496 ----a-w- C:\windows\System32\sbbd.exe

2013-05-26 04:44:58 14456 ----a-w- C:\windows\System32\drivers\gfibto.sys

2013-05-26 04:44:46 -------- d-----w- C:\Users\Owner\AppData\Roaming\Ad-Aware Antivirus

2013-05-26 04:29:21 -------- d-----w- C:\ProgramData\Kaspersky Lab

2013-05-26 04:29:21 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab

2013-05-26 04:11:44 -------- d-----w- C:\Program Files (x86)\ESET

2013-05-25 22:42:24 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-05-25 22:39:31 -------- d-----w- C:\Program Files (x86)\Maleware Bytes Anti-Rootkit

2013-05-25 19:13:50 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{221D8DE0-9D32-40B9-BC17-FD6CB4859C3B}\mpengine.dll

2013-05-25 18:36:22 -------- d-----w- C:\Program Files (x86)\VS Revo Group

2013-05-25 18:08:05 -------- d-----w- C:\Users\Owner\AppData\Roaming\KeePass

2013-05-25 18:07:22 -------- d-----w- C:\Program Files (x86)\KeePass Password Safe

2013-05-25 18:00:24 -------- d-sh--w- C:\$RECYCLE.BIN

2013-05-25 11:48:29 964552 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{189974DF-62F9-4828-8814-F162BF0A6F2D}\gapaengine.dll

2013-05-25 11:41:31 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2013-05-25 11:41:20 -------- d-----w- C:\Program Files\Microsoft Security Client

2013-05-25 05:49:23 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F26B790-C55B-43DE-8977-A8F3A5D2EA0D}\mpengine.dll

2013-05-25 01:02:43 -------- d-----w- C:\ProgramData\BlueStacks

2013-05-25 00:35:26 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll

2013-05-25 00:35:26 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll

2013-05-25 00:35:26 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll

2013-05-25 00:35:26 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll

2013-05-25 00:35:26 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll

2013-05-25 00:12:20 971680 ----a-w- C:\windows\System32\deployJava1.dll

2013-05-25 00:12:20 1092512 ----a-w- C:\windows\System32\npDeployJava1.dll

2013-05-25 00:12:12 108448 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll

2013-05-24 23:07:24 72016 ----a-w- C:\windows\System32\drivers\aswRdr2.sys

2013-05-24 23:07:20 1025808 ----a-w- C:\windows\System32\drivers\aswSnx.sys

2013-05-24 23:07:18 80816 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys

2013-05-24 23:06:26 41664 ----a-w- C:\windows\avastSS.scr

2013-05-24 23:06:14 40616 ----a-w- C:\windows\System32\drivers\tap0901.sys

2013-05-24 17:27:29 -------- d-----w- C:\Users\Owner\AppData\Roaming\Comodo

2013-05-24 04:20:47 -------- d-----w- C:\Users\Owner\AppData\Roaming\DriverCure

2013-05-24 00:23:35 -------- d-----w- C:\Users\Owner\AppData\Local\Neptune

2013-05-23 13:28:13 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll

2013-05-23 13:28:13 1060864 ----a-w- C:\windows\SysWow64\mfc71.dll

2013-05-23 04:19:26 18944 ----a-w- C:\windows\System32\drivers\ssecmdfl.sys

2013-05-23 04:19:26 15872 ----a-w- C:\windows\System32\drivers\ssecwhnt.sys

2013-05-23 04:19:26 15872 ----a-w- C:\windows\System32\drivers\ssecwh.sys

2013-05-23 04:19:26 152064 ----a-w- C:\windows\System32\drivers\ssecmdm.sys

2013-05-23 04:19:26 14848 ----a-w- C:\windows\System32\drivers\sseccmnt.sys

2013-05-23 04:19:26 14848 ----a-w- C:\windows\System32\drivers\sseccm.sys

2013-05-23 04:19:26 113664 ----a-w- C:\windows\System32\drivers\ssecbus.sys

2013-05-23 04:15:48 -------- d-----w- C:\Program Files (x86)\Samsung

2013-05-23 04:13:22 -------- d-----w- C:\Users\Owner\AppData\Local\Downloaded Installations

2013-05-22 14:45:04 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll

2013-05-16 19:10:57 -------- d-----w- C:\Program Files (x86)\Common Files\Steam

2013-05-16 01:22:32 0 ----a-w- C:\windows\SysWow64\sho527.tmp

2013-05-16 00:15:22 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys

2013-05-16 00:15:21 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys

2013-05-16 00:15:21 144384 ----a-w- C:\windows\System32\cdd.dll

2013-05-16 00:15:18 3153920 ----a-w- C:\windows\System32\win32k.sys

2013-05-16 00:14:38 1930752 ----a-w- C:\windows\System32\authui.dll

2013-05-16 00:14:35 111448 ----a-w- C:\windows\System32\consent.exe

2013-05-16 00:14:34 1796096 ----a-w- C:\windows\SysWow64\authui.dll

2013-05-16 00:14:33 70144 ----a-w- C:\windows\System32\appinfo.dll

2013-05-16 00:13:19 230400 ----a-w- C:\windows\System32\wwansvc.dll

2013-05-16 00:13:18 48640 ----a-w- C:\windows\System32\wwanprotdim.dll

2013-05-12 18:40:39 -------- d-----w- C:\Users\Owner\AppData\Roaming\QFX Software

2013-05-11 13:21:45 231376 ----a-w- C:\windows\System32\drivers\truecrypt.sys

2013-05-10 17:46:34 -------- d-----w- C:\Users\Owner\AppData\Roaming\TeamViewer

2013-05-10 17:14:31 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys

2013-05-10 13:50:37 -------- d-----w- C:\Users\Owner\AppData\Roaming\Vtools

2013-05-10 13:22:59 -------- d-----w- C:\Users\Owner\AppData\Local\SlimWare Utilities Inc

2013-05-08 02:25:11 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys

2013-05-01 07:59:12 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx

2013-05-01 07:59:12 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts

.

==================== Find3M ====================

.

2013-05-15 23:54:10 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-15 23:54:10 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2013-05-09 08:59:07 65336 ----a-w- C:\windows\System32\drivers\aswRvrt.sys

2013-05-09 08:59:07 189936 ----a-w- C:\windows\System32\drivers\aswVmm.sys

2013-05-02 15:29:56 278800 ------w- C:\windows\System32\MpSigStub.exe

2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll

2013-04-05 06:52:14 2242048 ----a-w- C:\windows\System32\wininet.dll

2013-04-05 06:50:36 3958784 ----a-w- C:\windows\System32\jscript9.dll

2013-04-05 06:50:31 67072 ----a-w- C:\windows\System32\iesetup.dll

2013-04-05 06:50:31 136704 ----a-w- C:\windows\System32\iesysprep.dll

2013-04-05 05:28:24 1767424 ----a-w- C:\windows\SysWow64\wininet.dll

2013-04-05 05:26:26 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll

2013-04-05 05:26:21 61440 ----a-w- C:\windows\SysWow64\iesetup.dll

2013-04-05 05:26:21 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll

2013-04-05 04:43:00 2706432 ----a-w- C:\windows\System32\mshtml.tlb

2013-04-05 04:29:45 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb

2013-04-05 03:51:11 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe

2013-04-05 03:38:25 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe

2013-04-04 18:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe

2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe

.

============= FINISH: 15:31:59.75 ===============

I DID initially find a trojan with MalwareBytes, I do not remember the exact name of it as I deleted it immediately. My computer is very slow, I cannot make certain changes to my programs, and everytime I try to either go to Facebook, or my email account my whole system freezes up for a good 3 minutes before it loads.

Share this post


Link to post
Share on other sites

Step 1

I notice that you are using more than one antivirus program.

  • Ad-Aware Antivirus
  • avast! Free Antivirus
  • Microsoft Security Essentials

This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through.

It is important that only one antivirus program is running realtime protection.

I strongly suggest you to keep avast! Free Antivirus .

Step 2

Also, you have some remnants from Norton Internet Security . Use this tool to clean them:

https://support.norton.com/sp/en/us/home/current/solutions/kb20080828154508EN_EndUserProfile_en_us

Finally, restart your computer.

Step 3

Please uninstall the following applications:

Ad-Aware Security Add-on

Blingee Toolbar

Step 4

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 5

Please download AdwCleaner from here and save it on your Desktop.

  1. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • a new fresh DDS log

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.