Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

zoomify infecting my laptop

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

zoomify infecting my laptop

Unread postby phenom09 » October 15th, 2014, 2:24 pm

hello recently i have been infected by zoomify and numerus other malware infecting my computer.
DDS.txt
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.67.2
Run by zachs laptop at 13:02:25 on 2014-10-15
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.6092.3838 [GMT -5:00]
.
AV: Panda GOLD Protection *Enabled/Updated* {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Panda GOLD Protection *Enabled/Updated* {E4B728D2-A2A1-536C-2E0A-4BEC66E89B67}
FW: Panda Firewall *Enabled* {67ED4813-CEF4-5DBA-3FE5-D9ABE3BC96A1}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\system32\taskhost.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe
C:\PROGRA~3\zoomify2\110~1.25\wzoomifyd.exe
C:\WINDOWS\system32\taskeng.exe
C:\PROGRA~3\zoomify2\110~1.25\zoomify.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Samsung\PC Auto Backup\AutoBackup.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\system32\taskhost.exe
C:\WINDOWS\system32\taskhost.exe
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wwahost.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://websearch.wonderfulsearches.info ... S&unqvl=60
uWindow Title = Windows Internet Explorer provided by Yahoo!
uSearch Bar = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
uSearch Page = hxxps://search.yahoo.com/yhs/search?typ ... yhs-001&p={searchTerms}
mStart Page = hxxp://websearch.wonderfulsearches.info ... S&unqvl=60
uSearchAssistant = www.google.com
mWinlogon: Userinit = C:\WINDOWS\SysWOW64\userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
uRun: [BYRUA_AGENT] C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe
uRun: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Speech Recognition] "C:\windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
uRun: [HLBackupScheduler] "C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe"
uRun: [Spotify] "C:\Users\zachs laptop\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Google Update] "C:\Users\zachs laptop\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mRun: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
mRun: [BYRUA_AGENT] C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ospd_us_226] <no file>
StartupFolder: C:\Users\ZACHSL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\zachs laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\ZACHSL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\PCAUTO~1.LNK - C:\Program Files (x86)\Samsung\PC Auto Backup\AutoBackup.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{41C7394E-BEF2-428F-8AF9-4E5C0DD2C8DE} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{9DCC4D54-2B77-4A65-BC84-DC4C8D367AF3} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{9DCC4D54-2B77-4A65-BC84-DC4C8D367AF3}\2375942554339333 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{9DCC4D54-2B77-4A65-BC84-DC4C8D367AF3}\2375942554831363 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{9DCC4D54-2B77-4A65-BC84-DC4C8D367AF3}\841636B6D456E456675627 : DHCPNameServer = 192.168.1.10
TCP: Interfaces\{9DCC4D54-2B77-4A65-BC84-DC4C8D367AF3}\841636B6F46666A41636B6 : DHCPNameServer = 192.168.1.10
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-mWinlogon: Userinit = C:\WINDOWS\SysWOW64\userinit.exe,
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\zachs laptop\AppData\Roaming\Mozilla\Firefox\Profiles\8caxt84y.default-1413293716683\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\Users\zachs laptop\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\zachs laptop\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\zachs laptop\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 BootDefragDriver;BootDefragDriver;C:\WINDOWS\System32\Drivers\BootDefragDriver.sys [2014-7-17 17600]
R0 GUBootStartup;GUBootStartup;C:\WINDOWS\System32\Drivers\GUBootStartup.sys [2014-6-30 20160]
R1 NNSALPC;NNSALPC;C:\WINDOWS\System32\Drivers\NNSAlpc.sys [2014-6-4 96800]
R1 NNSHTTP;NNSHTTP;C:\WINDOWS\System32\Drivers\NNSHttp.sys [2014-6-18 162336]
R1 NNSHTTPS;NNSHTTPS;C:\WINDOWS\System32\Drivers\NNSHttps.sys [2014-6-4 112160]
R1 NNSIDS;NNSIDS;C:\WINDOWS\System32\Drivers\NNSIds.sys [2014-6-4 115232]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;C:\WINDOWS\System32\Drivers\NNSNAHSL.sys [2014-1-16 47360]
R1 NNSPICC;NNSPICC;C:\WINDOWS\System32\Drivers\NNSpicc.sys [2014-6-4 95776]
R1 NNSPIHSW;NNSPIHSW;C:\WINDOWS\System32\Drivers\NNSPihsw.sys [2014-6-4 70176]
R1 NNSPOP3;NNSPOP3;C:\WINDOWS\System32\Drivers\NNSPop3.sys [2014-6-4 125984]
R1 NNSPROT;NNSPROT;C:\WINDOWS\System32\Drivers\NNSProt.sys [2014-6-4 306720]
R1 NNSPRV;NNSPRV;C:\WINDOWS\System32\Drivers\NNSPrv.sys [2014-6-4 169504]
R1 NNSSMTP;NNSSMTP;C:\WINDOWS\System32\Drivers\NNSSmtp.sys [2014-6-4 115744]
R1 NNSSTRM;NNSSTRM;C:\WINDOWS\System32\Drivers\NNSStrm.sys [2014-6-4 261152]
R1 NNSTLSC;NNSTLSC;C:\WINDOWS\System32\Drivers\NNStlsc.sys [2014-6-4 109088]
R1 PSINKNC;PSINKNC;C:\WINDOWS\System32\Drivers\PSINKNC.sys [2014-7-24 195616]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-4-16 2428088]
R2 NanoServiceMain;Panda GOLD Protection Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2014-7-24 141560]
R2 PandaAgent;Panda Devices Agent;C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-7-23 61688]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2012-7-28 126392]
R2 PSINAflt;PSINAflt;C:\WINDOWS\System32\Drivers\PSINAflt.sys [2014-7-24 160800]
R2 PSINFile;PSINFile;C:\WINDOWS\System32\Drivers\PSINFile.sys [2014-7-24 120352]
R2 PSINProc;PSINProc;C:\WINDOWS\System32\Drivers\PSINProc.sys [2014-7-24 122400]
R2 PSINProt;PSINProt;C:\WINDOWS\System32\Drivers\PSINProt.sys [2014-7-24 132128]
R2 PSINReg;PSINReg;C:\WINDOWS\System32\Drivers\PSINReg.sys [2014-7-24 106016]
R2 PSUAService;Panda Product Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2014-7-24 38136]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-7-30 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-8-7 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-7-30 23552]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-10-13 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-10-13 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-10-13 171928]
R2 Seagate Dashboard Services;Seagate Dashboard Services;C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2013-10-18 16000]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2014-1-9 1025408]
R2 WiselinkPro;SAMSUNG WiselinkPro Service;C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe [2013-2-18 7274561]
R2 wzoomifyd;wzoomifyd;C:\PROGRA~3\zoomify2\110~1.25\wzoomifyd.exe [2014-10-2 194560]
R2 zoomify;zoomify;C:\PROGRA~3\zoomify2\110~1.25\zoomify.exe [2014-10-2 370688]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\Drivers\IntcDAud.sys [2010-10-15 317440]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\WINDOWS\System32\Drivers\L1C63x64.sys [2012-6-2 100864]
R3 PGEffect;Pangu effect driver;C:\WINDOWS\System32\Drivers\PGEffect.sys [2012-7-28 38096]
R3 PSKMAD;PSKMAD;C:\WINDOWS\System32\Drivers\PSKMAD.sys [2014-10-9 60400]
R3 QIOMem;Generic IO & Memory Access;C:\WINDOWS\System32\Drivers\QIOMem.sys [2009-6-15 12800]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\WINDOWS\System32\Drivers\rtwlane.sys [2012-6-29 1119232]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\Drivers\WSDScan.sys [2012-12-7 23552]
S?2 EsgScanner;EsgScanner;C:\WINDOWS\System32\Drivers\EsgScanner.sys [2014-10-15 22704]
S2 JREPythonSnapshot.exe;JREPythonSnapshot.exe;C:\Users\zachs laptop\AppData\Local\JREPythonSnapshot\JREPythonSnapshot.exe --> C:\Users\zachs laptop\AppData\Local\JREPythonSnapshot\JREPythonSnapshot.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\Drivers\ssudbus.sys [2014-1-22 108800]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2014-10-9 20872]
S3 ManyCam;ManyCam Virtual Webcam;C:\WINDOWS\System32\Drivers\mcvidrv.sys [2013-11-26 52128]
S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\WINDOWS\System32\Drivers\mcaudrv_x64.sys [2013-12-6 35232]
S3 Revoflt;Revoflt;C:\WINDOWS\System32\Drivers\revoflt.sys [2014-10-13 31800]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-7-28 250984]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\WINDOWS\System32\Drivers\rtsuvstor.sys [2012-7-28 307304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\Drivers\ssudmdm.sys [2014-1-22 206080]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\WINDOWS\System32\Drivers\taphss6.sys [2013-2-12 42184]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\Drivers\usbaapl64.sys [2012-9-28 53760]
S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248]
S3 vzandnetadb;ADB Interface DriverNet for VZW;C:\WINDOWS\System32\Drivers\lgvzandnetadb.sys [2013-5-8 31744]
S3 vzandnetdiag;LGE AndroidNet for VZW USB Serial Port;C:\WINDOWS\System32\Drivers\lgvzandnetdiag64.sys [2013-5-6 29696]
S3 vzandnetmodem;LGE AndroidNet for VZW USB Modem;C:\WINDOWS\System32\Drivers\lgvzandnetmdm64.sys [2013-5-6 36864]
S3 vzandnetndis;LGE AndroidNet for VZW NDIS Ethernet Adapter;C:\WINDOWS\System32\Drivers\lgvzandnetndis64.sys [2013-10-14 94208]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S4 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-7-28 57216]
S4 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-5-24 294848]
S4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-9 138152]
S4 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-28 2656280]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\Winword.exe="C:\Program Files\Microsoft Office 15\root\Office15\Winword.exe" /n "%1" [UserChoice] [default=edit - 'Open' doesn't exist]
.
=============== Created Last 30 ================
.
2014-10-15 16:24:44 22704 ----a-w- C:\WINDOWS\System32\drivers\EsgScanner.sys
2014-10-15 16:24:38 110080 ----a-r- C:\Users\zachs laptop\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconD7F16134.exe
2014-10-15 16:24:38 110080 ----a-r- C:\Users\zachs laptop\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\Icon1226A4C5.exe
2014-10-15 16:24:37 110080 ----a-r- C:\Users\zachs laptop\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconF7A21AF7.exe
2014-10-15 16:24:23 -------- d-----w- C:\sh4ldr
2014-10-15 16:24:23 -------- d-----w- C:\Program Files\Enigma Software Group
2014-10-15 16:22:12 -------- d-----w- C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-10-15 16:22:06 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-10-13 16:14:52 21040 ----a-w- C:\WINDOWS\System32\sdnclean64.exe
2014-10-13 16:14:39 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-10-13 16:14:22 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-13 15:23:59 -------- d-----w- C:\Users\zachs laptop\AppData\Local\VS Revo Group
2014-10-13 15:23:28 -------- d-----w- C:\ProgramData\VS Revo Group
2014-10-13 15:23:27 31800 ----a-w- C:\WINDOWS\System32\drivers\revoflt.sys
2014-10-13 15:23:22 -------- d-----w- C:\Program Files\VS Revo Group
2014-10-09 23:18:51 60400 ----a-w- C:\WINDOWS\System32\drivers\PSKMAD.sys
2014-10-09 22:46:53 -------- d-----w- C:\Program Files (x86)\predm
2014-10-09 20:27:21 -------- d-----w- C:\Users\zachs laptop\AppData\Roaming\OAS
2014-10-09 20:27:10 -------- d-----w- C:\ProgramData\SearchModule
2014-10-09 20:27:09 -------- d-----w- C:\Program Files\Common Files\Goobzo
2014-10-09 20:25:36 -------- d-----w- C:\Users\zachs laptop\AppData\Local\globalUpdate
2014-10-09 20:25:36 -------- d-----w- C:\Program Files (x86)\globalUpdate
2014-10-09 20:25:33 -------- d-----w- C:\Program Files (x86)\Cinema-Plus-1.7cV09.10
2014-10-09 20:24:36 -------- d-----w- C:\ProgramData\pastaleads
2014-10-09 20:23:02 -------- d-----w- C:\Users\zachs laptop\AppData\Local\tmp26327
2014-10-09 20:22:41 -------- d-----w- C:\ProgramData\zoomify2
2014-10-09 18:27:43 705480 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2014-10-09 18:27:43 104904 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2014-10-09 18:20:08 453680 ----a-w- C:\WINDOWS\System32\guard64.dll
2014-10-09 18:20:08 43216 ----a-w- C:\WINDOWS\System32\cmdcsr.dll
2014-10-09 18:20:08 363504 ----a-w- C:\WINDOWS\SysWow64\guard32.dll
2014-10-09 18:17:06 -------- d-----w- C:\ProgramData\panda_url_filtering
2014-10-09 18:16:06 -------- d-----w- C:\Users\zachs laptop\AppData\Roaming\Panda Security
2014-10-09 18:14:54 -------- d-----w- C:\Program Files (x86)\Panda Security
2014-10-09 18:12:40 -------- d-----w- C:\ProgramData\Panda Security
2014-10-09 16:59:17 20872 ----a-w- C:\WINDOWS\SysWow64\drivers\DrvAgent64.SYS
2014-09-26 13:28:06 10115584 ----a-w- C:\WINDOWS\System32\twinui.dll
2014-09-26 13:27:54 8858624 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2014-09-26 13:27:53 2307072 ----a-w- C:\WINDOWS\System32\authui.dll
2014-09-26 13:27:52 732880 ----a-w- C:\WINDOWS\System32\NotificationUI.exe
2014-09-26 13:27:52 694784 ----a-w- C:\WINDOWS\System32\WSShared.dll
2014-09-26 13:27:52 2037760 ----a-w- C:\WINDOWS\SysWow64\authui.dll
2014-09-26 13:27:52 125952 ----a-w- C:\WINDOWS\System32\WinSetupUI.dll
2014-09-26 13:27:51 567808 ----a-w- C:\WINDOWS\SysWow64\WSShared.dll
2014-09-26 13:27:51 198656 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.dll
2014-09-26 13:27:50 124928 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 13:27:49 163840 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 13:27:41 2146304 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2014-09-26 13:27:40 754176 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
2014-09-24 16:33:07 148480 ----a-w- C:\WINDOWS\System32\poqexec.exe
2014-09-24 16:33:07 144896 ----a-w- C:\WINDOWS\System32\tssdisai.dll
2014-09-17 21:42:22 -------- d-----w- C:\WINDOWS\SysWow64\ContextualMinimalTask
2014-09-17 21:42:13 -------- d-----w- C:\Users\zachs laptop\AppData\Local\JREPythonSnapshot
2014-09-17 16:50:20 3231696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dcompiler_46.dll
2014-09-15 20:42:08 536776 ----a-w- C:\WINDOWS\SysWow64\msvcp120_clr0400.dll
2014-09-15 20:42:07 678600 ----a-w- C:\WINDOWS\System32\msvcp120_clr0400.dll
2014-09-15 20:42:03 1287680 ----a-w- C:\WINDOWS\System32\schedsvc.dll
2014-09-15 20:40:46 875688 ----a-w- C:\WINDOWS\SysWow64\msvcr120_clr0400.dll
2014-09-15 20:40:45 869544 ----a-w- C:\WINDOWS\System32\msvcr120_clr0400.dll
.
==================== Find3M ====================
.
2014-09-04 22:36:35 755712 ----a-w- C:\WINDOWS\System32\aepdu.dll
2014-09-03 01:49:12 556544 ----a-w- C:\WINDOWS\System32\aeinv.dll
2014-08-28 06:05:35 35328 ----a-w- C:\WINDOWS\SysWow64\wuapp.exe
2014-08-28 06:05:17 86528 ----a-w- C:\WINDOWS\SysWow64\wudriver.dll
2014-08-28 06:05:17 128000 ----a-w- C:\WINDOWS\SysWow64\wuwebv.dll
2014-08-28 06:02:15 40448 ----a-w- C:\WINDOWS\System32\wuapp.exe
2014-08-28 06:01:45 253440 ----a-w- C:\WINDOWS\System32\WUSettingsProvider.dll
2014-08-28 06:01:45 144384 ----a-w- C:\WINDOWS\System32\wuwebv.dll
2014-08-28 06:01:45 100352 ----a-w- C:\WINDOWS\System32\wudriver.dll
2014-08-28 06:01:44 17920 ----a-w- C:\WINDOWS\System32\wuaext.dll
2014-08-28 06:01:44 1623552 ----a-w- C:\WINDOWS\System32\wucltux.dll
2014-08-28 06:01:15 176640 ----a-w- C:\WINDOWS\System32\storewuauth.dll
2014-08-23 06:47:23 4036096 ----a-w- C:\WINDOWS\System32\win32k.sys
2014-08-16 09:34:19 2239488 ----a-w- C:\WINDOWS\System32\wininet.dll
2014-08-16 09:34:10 915968 ----a-w- C:\WINDOWS\System32\uxtheme.dll
2014-08-16 09:32:57 3959296 ----a-w- C:\WINDOWS\System32\jscript9.dll
2014-08-16 09:32:05 1508864 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2014-08-16 07:37:20 1766400 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2014-08-16 07:36:19 2861568 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2014-08-16 07:35:44 1440768 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2014-08-07 21:02:24 505416 ----a-w- C:\WINDOWS\SysWow64\msvcp71.dll
2014-07-28 17:02:45 348160 ----a-w- C:\WINDOWS\SysWow64\msvcr71.dll
2014-07-25 17:55:09 98216 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2014-07-24 18:24:04 132128 ----a-w- C:\WINDOWS\System32\drivers\PSINProt.sys
2014-07-24 18:24:04 106016 ----a-w- C:\WINDOWS\System32\drivers\PSINReg.sys
2014-07-24 18:24:03 195616 ----a-w- C:\WINDOWS\System32\drivers\PSINKNC.sys
2014-07-24 18:24:03 122400 ----a-w- C:\WINDOWS\System32\drivers\PSINProc.sys
2014-07-24 18:24:03 120352 ----a-w- C:\WINDOWS\System32\drivers\PSINFile.sys
2014-07-24 18:24:02 160800 ----a-w- C:\WINDOWS\System32\drivers\PSINAflt.sys
2013-12-21 18:25:55 4216840 ----a-w- C:\Program Files (x86)\Common Files\vcredist.exe
2013-05-30 03:39:29 4167680 ----a-w- C:\Program Files (x86)\GUT742.tmp
.
============= FINISH: 13:09:13.84 ===============

attach.txt log
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 11/7/2012 3:34:48 AM
System Uptime: 10/15/2014 11:02:21 AM (2 hours ago)
.
Motherboard: Intel Corp. | | Base Board Product Name
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz | CPU1 | 800/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 450 GiB total, 363.089 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0000
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter
PNP Device ID: ROOT\*ISATAP\0000
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0001
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #2
PNP Device ID: ROOT\*ISATAP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0002
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #3
PNP Device ID: ROOT\*ISATAP\0002
Service: tunnel
.
==== System Restore Points ===================
.
RP111: 9/26/2014 8:42:23 AM - Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
RP112: 10/9/2014 11:44:04 AM - Windows Update
RP114: 10/13/2014 10:24:49 AM - Revo Uninstaller Pro's restore point - COMODO Internet Security Premium
RP116: 10/13/2014 10:27:51 AM - Revo Uninstaller Pro's restore point - GoPCPro
RP118: 10/13/2014 10:31:04 AM - Revo Uninstaller Pro's restore point - 7-Zip 9.22 (x64 edition)
RP119: 10/14/2014 8:26:56 AM - Removed Uninstall Helper
RP120: 10/14/2014 8:37:51 AM - Removed Garmin Communicator Plugin x64
RP121: 10/14/2014 8:38:26 AM - Removed Garmin Communicator Plugin
RP122: 10/14/2014 8:40:17 AM - Removed Garmin USB Drivers
RP123: 10/14/2014 8:42:05 AM - Removed Windows Media Player Firefox Plugin
RP124: 10/14/2014 8:43:09 AM - Removed Windows Live Mesh ActiveX Control for Remote Connections
RP125: 10/15/2014 11:22:31 AM - Installed SpyHunter
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.09)
Adobe Shockwave Player 12.0
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Canon Easy-PhotoPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MG5300 series MP Drivers
Canon MG5300 series On-screen Manual
Canon MG5300 series User Registration
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
CCleaner
ChromecastApp
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
D3DX10
Dropbox
Glary Utilities 5.3
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Itibiti RTC
Java 7 Update 60
Java Auto Updater
Junk Mail filter update
LG VZW United Drivers
LogicCoach
Media Player Classic - Home Cinema v1.5.2.3456
Mesh Runtime
Microsoft Application Error Reporting
Microsoft Office 365 - en-us
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Mozilla Firefox 32.0.3 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Netwaiting
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Panda Devices Agent
Panda GOLD Protection
PC Auto Backup
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek USB 2.0 Reader Driver
Realtek WLAN Driver
RealUpgrade 1.1
Respondus LockDown Browser
Revo Uninstaller Pro 3.1.1
Samsung i-Launcher 1.0.1.54
Savings Bond Wizard
Seagate Dashboard 2.0
Skype Launcher
Skype™ 6.18
Spotify
Spybot - Search & Destroy
SpyHunter
swMSM
Synaptics Pointing Device Driver
Toshiba App Place
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA eco Utility
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Laptop Checkup
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
Toshiba Online Backup
TOSHIBA Quality Application
TOSHIBA ReelTime
TOSHIBA Resolution+ Plug-in for Windows Media Player
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Supervisor Password
TOSHIBA Upgrade Assistant
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TOSHIBARegistration
Unity Web Player
UpdateService
VC80CRTRedist - 8.0.50727.6195
Verizon Cloud
VLC media player 1.0.1
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
10/9/2014 6:43:16 PM, Error: Service Control Manager [7031] - The JREPythonSnapshot.exe service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/9/2014 5:28:28 PM, Error: Service Control Manager [7022] - The JREPythonSnapshot.exe service hung on starting.
10/9/2014 3:37:19 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
10/9/2014 2:45:50 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.
10/9/2014 2:42:47 PM, Error: Service Control Manager [7000] - The iPodDrv service failed to start due to the following error: The system cannot find the file specified.
10/9/2014 11:37:53 AM, Error: Service Control Manager [7022] - The RealPlayer Cloud Service service hung on starting.
10/9/2014 11:36:57 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Seagate Dashboard Services service to connect.
10/9/2014 11:36:26 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
10/9/2014 11:36:26 AM, Error: Service Control Manager [7000] - The Garmin Core Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/9/2014 1:18:49 PM, Error: Service Control Manager [7000] - The ContextualMinimalTask service failed to start due to the following error: The system cannot find the file specified.
10/9/2014 1:18:48 PM, Error: Service Control Manager [7031] - The ContextualMinimalTask service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
10/15/2014 11:03:54 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user zachslaptop-PC\zachs laptop SID (S-1-5-21-3720598101-3997406239-976912547-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
10/15/2014 11:03:17 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
10/15/2014 11:02:59 AM, Error: Service Control Manager [7000] - The JREPythonSnapshot.exe service failed to start due to the following error: The system cannot find the file specified.
10/14/2014 8:39:50 AM, Error: Service Control Manager [7031] - The Garmin Core Update Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/10/2014 10:36:08 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer TOSHIBA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{9DCC4D54-2B77-4A65-BC84-DC4C8D367AF3}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
phenom09
Active Member
 
Posts: 1
Joined: October 15th, 2014, 1:57 pm
Advertisement
Register to Remove

Re: zoomify infecting my laptop

Unread postby nunped » October 15th, 2014, 4:20 pm

Hello phenom09, and welcome to the forum.

My name is nunped and I'll be helping you with any malware problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Here are some guidelines for the cleaning process to run as easy as possible.

  1. Please read this topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only! Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. You must have Administrator rights permissions for this computer.
  4. DO NOT run any other fix or removal tools unless instructed to do so!
  5. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  6. Only post your problem at one help site. Applying fixes from multiple help sites can cause problems.
  7. Only reply to this thread. Do not start another thread.
  8. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  9. No Reply Within 3 Days will result in your topic being closed!


Read through these instructions with your full attention.
Please ask first if you have any doubts.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: zoomify infecting my laptop

Unread postby nunped » October 15th, 2014, 4:35 pm

Hi phenom09,

Please proceed with the following steps:
Step 1 - Create a System Restore Point
  • Click the Start button Image, then right-click on Computer, then click Properties.
  • In the left pane, click System protection. If UAC prompts, allow it.
  • Click the System Protection tab... then click Create.
  • In the System Protection dialog box, type a description... then click Create.
    A Restore Point will be created and you should receive a message: "The restore point was created successfully."
  • Click Close and exit.

Step 2 - AdwCleaner - Scan Only
Please download AdwCleaner by Xplode, save it to your desktop.
  • Close ALL open programs, including your Internet browsers.
  • Right click on adwcleaner.exe and select "Run as administrator" to run it.
  • Click on Scan.
    When the scan finishes, you'll see a message on the product window: "Pending. Please uncheck elements you don't want to remove."
  • Press the Report button to produce the scan report.
  • A logfile C:\AdwCleaner[Rn].txt will automatically open. ([Rn] n = number of run)
  • Please post the content of the C:\AdwCleaner[Rn].txt logfile in your next reply.

Step 3 - Scan with FRST
Please download FRST ... by Farbar, from the link below and save it to your Desktop.
For 64 bit Systems

  • Right-click FRST.exe and select " Run as administrator " to run it.
  • When the tool opens click Yes to the disclaimer.
  • Press Scan button. ... When finished a log will be created, FRST.txt.
  • Please post the content of the FRST.txt in your next reply.
  • The first time the tool is run, it will create another log... Addition.txt.
  • Please post the content of the Addition.txt in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: zoomify infecting my laptop

Unread postby Cypher » October 19th, 2014, 11:05 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 290 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware