I have downloaded (from the official website) and just installed CutePDF Writer on my computer. It is a PDF printer driver that I am familiar with because I already installed a few years ago on my older laptop. As I now have a new one (with Win7), I installed it on this. I had never had problems from this software before.
(Note: first I had to install Ghostscript, a post-converter necessary to run CutePDF: it's on their website, and I did the same years ago with my old laptop).
During the installation CutePDF asked me if I wanted to install Ask Toolbar for IE, then Ask Toolbar for Firefox, then Comodo Dragon: I always un-ticked all the boxes. So I don't know how, but after the installation, a window with Comodo Dragon came up (I don't even know what this program is). I closed it and then found the program listed in the installed programs in Control Panel. I uninstalled it, but then a message from Avast popped up saying that there might be a rootkit and asking me to run the boot-time scan. I did this and the scan found no viruses.
Then I run ESET Online Scanner, which found the following two threats:
C:\Users\Administrator1\AppData\Local\Temp\is-7I629.tmp\Offercast2801_ARS_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Users\Administrator1\Desktop\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
(The second is the CutePDF installation file which I still have on my desktop)
Can you please help me removing the two threats and more importantly check whether there is really a rootkit or any other malware on my computer.
Thanks in advance.
DDS & Attach logs follow...
============================
DDS log
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239
Run by Administrator1 at 0:46:36 on 2014-08-29
Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.4008.2461 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\GFNEXSrv.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\TOSHIBA\TECO\TecoHook.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeBtMng.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvProvider.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DTS Sound] "C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe" /HIDEME
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{4D779444-73DC-46D2-BB79-D871AC6C29CF} : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [IgfxTray] "C:\windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\windows\System32\igfxpers.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [BatteryManager] "C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.exe"
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Administrator1\AppData\Roaming\Mozilla\Firefox\Profiles\afvj626a.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2014-4-29 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2014-4-29 224896]
R0 iaStorA;iaStorA;C:\windows\System32\drivers\iaStorA.sys [2013-3-11 652784]
R0 iaStorF;iaStorF;C:\windows\System32\drivers\iaStorF.sys [2013-3-11 28656]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2013-8-15 20464]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswsnx.sys [2014-4-29 1041168]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2014-4-29 427360]
R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-4-29 29208]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2014-4-29 79184]
R2 aswStm;aswStm;C:\windows\System32\drivers\aswstm.sys [2014-4-29 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-16 50344]
R2 GFNEXSrv;GFNEX Service;C:\windows\System32\GFNEXSrv.exe [2013-12-6 162824]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-2-13 731648]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-6 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-12-6 169432]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2012-2-29 342464]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-20 14472]
R3 AmUStor;AM USB Stroage Driver;C:\windows\System32\drivers\AmUStor.sys [2012-11-10 104280]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\windows\System32\drivers\btfilter.sys [2013-4-17 47816]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2013-8-15 368624]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2013-8-15 790000]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2012-12-19 118504]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\drivers\Smb_driver_Intel.sys [2013-5-3 33008]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2013-12-6 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2012-4-12 138152]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2012-3-17 846208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 dts_apo_service;DTS APO Service;C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-6-1 16720]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-8-12 111616]
S3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2013-9-3 452088]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-2-13 820184]
S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-10-11 27648]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-4-29 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2014-4-29 1255736]
.
=============== Created Last 30 ================
.
2014-08-28 22:55:18 -------- d-----w- C:\Program Files (x86)\ESET
2014-08-28 21:49:34 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll
2014-08-28 21:49:34 1700352 ----a-w- C:\windows\SysWow64\gdiplus.dll
2014-08-28 21:49:34 1060864 ----a-w- C:\windows\SysWow64\mfc71.dll
2014-08-28 21:47:57 87600 ----a-w- C:\windows\System32\cpwmon64.dll
2014-08-28 21:47:56 -------- d-----w- C:\Program Files (x86)\Acro Software
2014-08-28 21:46:11 -------- d-----w- C:\Program Files (x86)\GPLGS
2014-08-28 21:39:52 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6585AF13-5D6A-4697-B52C-47C8590A2613}\mpengine.dll
2014-08-28 21:39:13 3163648 ----a-w- C:\windows\System32\win32k.sys
2014-08-28 21:39:12 404480 ----a-w- C:\windows\System32\gdi32.dll
2014-08-28 21:39:12 311808 ----a-w- C:\windows\SysWow64\gdi32.dll
2014-08-24 13:17:44 -------- d-----w- C:\windows\System32\appmgmt
2014-08-24 12:54:29 -------- d-----w- C:\ProgramData\Oracle
2014-08-12 20:02:06 99480 ----a-w- C:\windows\SysWow64\infocardapi.dll
2014-08-12 20:02:06 619672 ----a-w- C:\windows\SysWow64\icardagt.exe
2014-08-12 20:02:06 171160 ----a-w- C:\windows\System32\infocardapi.dll
2014-08-12 20:02:06 1389208 ----a-w- C:\windows\System32\icardagt.exe
2014-08-12 20:02:04 8856 ----a-w- C:\windows\SysWow64\icardres.dll
2014-08-12 20:02:04 8856 ----a-w- C:\windows\System32\icardres.dll
2014-08-12 20:01:25 35480 ----a-w- C:\windows\SysWow64\TsWpfWrp.exe
2014-08-12 20:01:25 35480 ----a-w- C:\windows\System32\TsWpfWrp.exe
2014-08-12 20:00:00 7168 ----a-w- C:\windows\SysWow64\KBDYAK.DLL
2014-08-12 20:00:00 7168 ----a-w- C:\windows\System32\KBDYAK.DLL
2014-08-12 20:00:00 7168 ----a-w- C:\windows\System32\KBDBASH.DLL
2014-08-12 20:00:00 6656 ----a-w- C:\windows\SysWow64\KBDBASH.DLL
2014-08-12 19:58:15 985536 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2014-08-12 19:58:11 664064 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2014-08-12 19:58:11 1216000 ----a-w- C:\windows\System32\rpcrt4.dll
.
==================== Find3M ====================
.
2014-08-14 00:42:30 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-14 00:42:30 699568 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-08-05 08:20:00 270496 ------w- C:\windows\System32\MpSigStub.exe
2014-07-25 14:02:12 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-07-25 14:01:41 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-07-25 13:28:35 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27 548352 ----a-w- C:\windows\System32\vbscript.dll
2014-07-25 13:25:45 83968 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-07-25 13:04:40 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-07-25 13:00:25 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-07-25 12:59:28 758272 ----a-w- C:\windows\System32\jscript9diag.dll
2014-07-25 12:47:25 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-07-25 12:34:03 455168 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-07-25 12:33:08 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32 61952 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15 5824512 ----a-w- C:\windows\System32\jscript9.dll
2014-07-25 12:28:05 72704 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47 597504 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47 4204032 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-07-25 11:43:16 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29 2087936 ----a-w- C:\windows\System32\inetcpl.cpl
2014-07-25 11:39:25 1249280 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49 2001920 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10 1068032 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06 2266624 ----a-w- C:\windows\System32\wininet.dll
2014-07-25 10:05:23 1792512 ----a-w- C:\windows\SysWow64\wininet.dll
2014-07-16 03:23:41 2048 ----a-w- C:\windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-07-16 00:24:14 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2014-07-16 00:24:14 92008 ----a-w- C:\windows\System32\drivers\aswstm.sys
2014-07-16 00:24:14 79184 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2014-07-16 00:24:14 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2014-07-16 00:24:14 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2014-07-16 00:24:14 224896 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2014-07-16 00:24:14 1041168 ----a-w- C:\windows\System32\drivers\aswsnx.sys
2014-07-16 00:24:13 43152 ----a-w- C:\windows\avastSS.scr
2014-06-18 02:18:30 692736 ----a-w- C:\windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\windows\SysWow64\osk.exe
2014-06-15 00:37:41 4198400 ---h--r- C:\PT10S.BIN
2014-06-06 10:10:34 624128 ----a-w- C:\windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-06-03 10:02:37 112064 ----a-w- C:\windows\System32\consent.exe
2014-06-03 10:02:21 504320 ----a-w- C:\windows\System32\msihnd.dll
2014-06-03 10:02:21 3241984 ----a-w- C:\windows\System32\msi.dll
2014-06-03 10:02:12 1941504 ----a-w- C:\windows\System32\authui.dll
2014-06-03 09:29:50 337408 ----a-w- C:\windows\SysWow64\msihnd.dll
2014-06-03 09:29:50 2363392 ----a-w- C:\windows\SysWow64\msi.dll
2014-06-03 09:29:40 1805824 ----a-w- C:\windows\SysWow64\authui.dll
.
============= FINISH: 0:47:06.40 ===============
Attach log
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 21/04/2014 19:53:52
System Uptime: 28/08/2014 22:51:24 (2 hours ago)
.
Motherboard: TOSHIBA | | PT10S
Processor: Intel(R) Core(TM) i3-4000M CPU @ 2.40GHz | SOCKET 0 | 2400/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 454 GiB total, 414.969 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP29: 05/07/2014 00:06:48 - Windows Update
RP30: 08/07/2014 22:05:16 - Windows Update
RP31: 16/07/2014 01:20:54 - Windows Update
RP32: 16/07/2014 01:23:24 - avast! antivirus system restore point
RP33: 21/07/2014 23:00:46 - Windows Update
RP34: 28/07/2014 20:59:00 - Windows Update
RP35: 05/08/2014 00:57:15 - Windows Update
RP36: 08/08/2014 22:01:37 - Windows Update
RP37: 12/08/2014 21:00:23 - Windows Update
RP38: 18/08/2014 23:44:31 - Windows Update
RP39: 24/08/2014 13:48:38 - Windows Update
RP40: 24/08/2014 13:52:57 - Windows Update
RP41: 24/08/2014 14:17:02 - Removed Java 8 Update 20 (64-bit)
RP42: 28/08/2014 22:39:17 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader XI (11.0.08) MUI
Alcor Micro USB Card Reader
Atheros Bluetooth Filter Driver Package
Atheros Driver Installation Program
avast! Free Antivirus
Bluetooth Stack for Windows by Toshiba
CutePDF Writer 3.0
DTS Sound
Filzip 3.06
IDT Audio Driver
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Microsoft .NET Framework 4.5.1
Microsoft Office
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Mozilla Firefox 31.0 (x86 en-GB)
Mozilla Maintenance Service
PlayReady PC Runtime amd64
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Skype™ 6.18
Synaptics Pointing Device Driver
TOSHIBA Battery Manager
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Flash Cards
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Manuals
TOSHIBA PC Diagnostic Tool
TOSHIBA PC Health Monitor
TOSHIBA Power Saver
TOSHIBA Recovery Media Creator
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA System Driver
TOSHIBA TEMPRO
.
==== Event Viewer Messages From Past Week ========
.
28/08/2014 23:29:49, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the DTS APO Service service to connect.
28/08/2014 23:29:49, Error: Service Control Manager [7000] - The DTS APO Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 21/04/2014 19:53:52
System Uptime: 28/08/2014 22:51:24 (2 hours ago)
.
Motherboard: TOSHIBA | | PT10S
Processor: Intel(R) Core(TM) i3-4000M CPU @ 2.40GHz | SOCKET 0 | 2400/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 454 GiB total, 414.969 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP29: 05/07/2014 00:06:48 - Windows Update
RP30: 08/07/2014 22:05:16 - Windows Update
RP31: 16/07/2014 01:20:54 - Windows Update
RP32: 16/07/2014 01:23:24 - avast! antivirus system restore point
RP33: 21/07/2014 23:00:46 - Windows Update
RP34: 28/07/2014 20:59:00 - Windows Update
RP35: 05/08/2014 00:57:15 - Windows Update
RP36: 08/08/2014 22:01:37 - Windows Update
RP37: 12/08/2014 21:00:23 - Windows Update
RP38: 18/08/2014 23:44:31 - Windows Update
RP39: 24/08/2014 13:48:38 - Windows Update
RP40: 24/08/2014 13:52:57 - Windows Update
RP41: 24/08/2014 14:17:02 - Removed Java 8 Update 20 (64-bit)
RP42: 28/08/2014 22:39:17 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader XI (11.0.08) MUI
Alcor Micro USB Card Reader
Atheros Bluetooth Filter Driver Package
Atheros Driver Installation Program
avast! Free Antivirus
Bluetooth Stack for Windows by Toshiba
CutePDF Writer 3.0
DTS Sound
Filzip 3.06
IDT Audio Driver
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Microsoft .NET Framework 4.5.1
Microsoft Office
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Mozilla Firefox 31.0 (x86 en-GB)
Mozilla Maintenance Service
PlayReady PC Runtime amd64
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Skype™ 6.18
Synaptics Pointing Device Driver
TOSHIBA Battery Manager
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Flash Cards
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Manuals
TOSHIBA PC Diagnostic Tool
TOSHIBA PC Health Monitor
TOSHIBA Power Saver
TOSHIBA Recovery Media Creator
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA System Driver
TOSHIBA TEMPRO
.
==== Event Viewer Messages From Past Week ========
.
28/08/2014 23:29:49, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the DTS APO Service service to connect.
28/08/2014 23:29:49, Error: Service Control Manager [7000] - The DTS APO Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================