Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Laptop Left Click Haywire and Shut Down Problem

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Laptop Left Click Haywire and Shut Down Problem

Unread postby dannia4 » December 29th, 2014, 7:22 pm

I have a Toshiba laptop with Windows 7. I am not at all tech-savvy, so please bear with me. About a week ago, my left-click mouse was going crazy all over the place. Then it stopped working altogether, completely unresponsive. I did a couple of reboots and everything was back to normal for a few days. Today, the left-click stopped working again and when I tried to reboot, my computer was unresponsive. After several attempts, including unplugging from wall, I held down the On/Off button and it seemed to come back to life. However, I got a blue screen with a full page of white lettering on it saying something to the effect that my computer did not shut down properly. At the bottom of this page were phrases about "creating crash dump" ?? Somehow, I was able to reboot the computer again and as of right now, it is acting normally. Also the left-click is acting normally. I have performed a couple of Malwarebytes scans in the past week and no viruses were detected. I called Toshiba even though my computer is no longer under warranty. The tech said either my hard drive has crashed or my OS needs repair, and I should take my computer to a repair shop. Below are my DDS logs. Hope I did it correctly. Thanks for your help!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496
Run by Owner at 18:08:52 on 2014-12-29
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2940.1646 [GMT -5:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
SP: Webroot SecureAnywhere *Enabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Webroot\WRSA.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\RunDll32.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\windows\System32\RunDll32.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{22DB2F9D-437F-4B1B-9D42-0DBD67E386DA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3DFFF366-1296-4DF0-B26B-429D10505D4A} : DHCPNameServer = 168.94.0.14 168.94.0.15
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [cAudioFilterAgent] "C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe"
x64-Run: [SmartAudio] "C:\Program Files\CONEXANT\SAII\SAIICpl.exe" /t
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TosVolRegulator] "C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe"
x64-Run: [TosSENotify] "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe"
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2f85i127.default-1395077546856\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Owner\New folder (2)\Picasa3\npPicasa3.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 WRkrn;WRkrn;C:\windows\System32\drivers\WRkrn.sys [2013-9-25 114176]
R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [2011-5-16 206120]
R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [2011-5-16 185640]
R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2012-2-4 770728]
R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2010-11-25 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-3-4 75816]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-25 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-11-25 232992]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-6-3 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-6-3 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-26 20:49:59 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1746FC2B-BFE8-4CC1-86DF-D5D174E6CB01}\mpengine.dll
2014-12-18 10:49:21 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2014-12-18 10:49:21 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-12-11 13:06:57 -------- d-----w- C:\windows\System32\appraiser
2014-12-11 12:24:39 55808 ----a-w- C:\windows\System32\rrinstaller.exe
2014-12-11 12:24:39 50176 ----a-w- C:\windows\SysWow64\rrinstaller.exe
2014-12-11 12:24:39 24576 ----a-w- C:\windows\System32\mfpmp.exe
2014-12-11 12:24:39 23040 ----a-w- C:\windows\SysWow64\mfpmp.exe
2014-12-11 12:24:39 206848 ----a-w- C:\windows\System32\mfps.dll
2014-12-11 12:24:39 2048 ----a-w- C:\windows\SysWow64\mferror.dll
2014-12-11 12:24:39 2048 ----a-w- C:\windows\System32\mferror.dll
2014-12-11 12:24:39 103424 ----a-w- C:\windows\SysWow64\mfps.dll
2014-12-11 12:24:38 4121600 ----a-w- C:\windows\System32\mf.dll
2014-12-11 12:24:38 3209728 ----a-w- C:\windows\SysWow64\mf.dll
2014-12-10 13:17:25 119296 ----a-w- C:\windows\System32\drivers\tdx.sys
2014-12-10 13:12:42 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-12-10 13:12:42 2048 ----a-w- C:\windows\System32\tzres.dll
2014-12-10 13:12:28 1232040 ----a-w- C:\windows\System32\aitstatic.exe
2014-12-10 13:12:27 830976 ----a-w- C:\windows\System32\appraiser.dll
2014-12-10 13:12:27 741376 ----a-w- C:\windows\System32\invagent.dll
2014-12-10 13:12:27 192000 ----a-w- C:\windows\System32\aepic.dll
2014-12-10 13:12:27 1083392 ----a-w- C:\windows\System32\aeinv.dll
2014-12-10 13:12:26 413184 ----a-w- C:\windows\System32\generaltel.dll
2014-12-10 13:12:26 396800 ----a-w- C:\windows\System32\devinv.dll
2014-12-10 13:12:25 227328 ----a-w- C:\windows\System32\aepdu.dll
2014-12-07 03:21:17 94320 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
.
==================== Find3M ====================
.
2014-12-28 19:50:40 129752 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-12-15 16:57:23 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-15 16:57:23 701616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-12-10 23:45:39 153256 ----a-w- C:\windows\SysWow64\WRusr.dll
2014-12-10 23:45:39 114176 ----a-w- C:\windows\System32\drivers\WRkrn.sys
2014-12-10 23:45:39 103816 ----a-w- C:\windows\System32\WRusr.dll
2014-11-24 19:04:56 275080 ------w- C:\windows\System32\MpSigStub.exe
2014-11-22 03:06:23 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\windows\SysWow64\wininet.dll
2014-11-21 11:14:22 63704 ----a-w- C:\windows\System32\drivers\mwac.sys
2014-11-21 11:14:12 93400 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2014-11-21 11:14:08 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2014-11-18 19:56:48 1202848 ----a-w- C:\windows\SysWow64\FM20.DLL
2014-11-11 03:09:06 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-10-30 02:03:43 165888 ----a-w- C:\windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\windows\System32\win32k.sys
2014-10-03 02:12:23 310272 ----a-w- C:\windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\windows\SysWow64\WSManHTTPConfig.exe
2014-02-14 04:58:51 49940480 ----a-w- C:\Program Files (x86)\GUTF467.tmp
.
============= FINISH: 18:09:21.98 ===============

DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/2/2011 8:34:13 PM
System Uptime: 12/29/2014 4:56:33 PM (2 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Celeron(R) CPU 925 @ 2.30GHz | CPU | 2294/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 221 GiB total, 166.487 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP436: 12/11/2014 7:22:11 AM - Windows Update
RP437: 12/13/2014 7:24:41 AM - Windows Update
RP438: 12/14/2014 7:10:06 PM - Windows Backup
RP439: 12/19/2014 6:22:48 AM - Windows Update
RP440: 12/21/2014 7:02:49 PM - Windows Backup
RP441: 12/23/2014 4:46:33 AM - Windows Update
RP442: 12/26/2014 3:48:20 PM - Windows Update
RP443: 12/28/2014 2:46:49 PM - Removed Google Earth.
RP444: 12/28/2014 7:42:26 PM - Windows Backup
RP445: 12/28/2014 8:05:19 PM - Windows Backup
.
==== Installed Programs ======================
.
Adobe Flash Player 16 NPAPI
Adobe Reader XI (11.0.10)
Adobe Refresh Manager
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Atheros Driver Installation Program
Best Buy pc app
Conexant HD Audio
D3DX10
ESET Online Scanner v3
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HP Deskjet 1050 J410 series Basic Device Software
HP Deskjet 1050 J410 series Help
HP Deskjet 1050 J410 series Product Improvement Study
HP Photo Creations
HP Update
HPDiagnosticAlert
Intel® Matrix Storage Manager
Internet TV for Windows Media Center
Junk Mail filter update
Label@Once 1.0
Malwarebytes Anti-Malware version 2.0.4.1028
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 34.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Picasa 3
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Realtek USB 2.0 Card Reader
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition
Synaptics Pointing Device Driver
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
ToshibaRegistration
Tweaking.com - Registry Backup
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon Download Manager
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Center Add-in for Flash
.
==== Event Viewer Messages From Past Week ========
.
12/29/2014 4:56:59 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa8002357660, 0xfffff80000b9c4d0). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 122914-19032-01.
12/29/2014 3:19:07 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
12/28/2014 7:41:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
12/27/2014 11:59:38 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
12/27/2014 10:31:18 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
12/25/2014 8:18:02 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {0C0A3666-30C9-11D0-8F20-00805F2CD064} and APPID {9209B1A6-964A-11D0-9372-00A0C9034910} to the user Owner-PC\Owner SID (S-1-5-21-220767598-3805166269-1260382394-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
dannia4
Active Member
 
Posts: 13
Joined: December 29th, 2014, 7:00 pm
Advertisement
Register to Remove

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby wannabeageek » December 31st, 2014, 1:09 am

Hello dannia4, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:

    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start



Step 1.
TSG - SysInfo utility
Please download and run SysInfo utility to your desktop.
XP users double click to run.
Vista/W7W8 users Right Mouse click SysInfo.exe, select "Run As Administrator" to run it... if UAC prompts, please allow it.
Right click, select copy and then paste in your next post.


Step 2.
Download and run MGA Diagnostic Tool
This tool will aid us in determining what additional steps will need to be performed.

  1. Click here to download the MGA Diagnostics Tool from Microsoft and save it to your Desktop. The MGADiag.exe icon will appear on your Desktop.
  2. Right-click the MGADiag.exe icon on your Desktop and then select Run As Administrator from the popup menu.. The tools' window will be displayed.
  3. Click the Continue button. The scan will be performed. Once the scan is complete the report information will be displayed and a Copy button will be provided.
  4. Click the Copy button.
  5. Open Notepad and paste the contents of the report into the Notepad window.
  6. Save the report and paste the contents into your reply.

NOTE: If you get an error when running the MGA Diagnostic utility only means it failed to create support files which are not needed for posting the report.
You should still be able to click the Copy button and paste the report into this thread so please do so.



Step 3.
Please download and run WVCheck and post back the report it creates:
  • Right-click the WVCheck.exe icon on your Desktop and then select Run As Administrator from the popup menu..
  • As indicated by the prompt, this program can take a while depending on your hard drive space.
  • Once the program is done, copy the contents of the Notepad file as a reply.


Step 4.
Run CKScanner
  • Please download CKScanner from Here
  • Important: - Save it to your desktop.
  • Right-click CKScanner.exe > select " Run as administrator " then click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please Run the program only once.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.


What I need back from you:
Post each separately.
  1. Contents of SysInfo results
  2. Contents of MGA results
  3. Contents of WVCheck results
  4. Contents of CKFiles.txt
  5. Any problem executing the instructions?
Thanks,
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby dannia4 » December 31st, 2014, 8:49 am

Hi wannabeageek and thank you for your support!
I'm already hung up on Step 1 as it is asking me to paste the text from the download into another site? (www.TechGuy.org) Along with my original question? I just don't want to be doing the wrong thing by posting this issue elsewhere.
dannia4
Active Member
 
Posts: 13
Joined: December 29th, 2014, 7:00 pm

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby dannia4 » December 31st, 2014, 9:16 am

Here is Step 2: MGA Diagnostic

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-4F8HK-M4P73-W8DQG
Windows Product Key Hash: Xs1iQgVeo0C+sObJxS7eu+FuBPQ=
Windows Product ID: 00359-OEM-8992687-00057
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {D584026B-7CC1-46A4-B3E3-8C0E335E923F}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.140303-2144
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-b01a_E2AD56EA-766-0_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{D584026B-7CC1-46A4-B3E3-8C0E335E923F}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-W8DQG</PKey><PID>00359-OEM-8992687-00057</PID><PIDType>2</PIDType><SID>S-1-5-21-220767598-3805166269-1260382394</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>Satellite C655</Model></SYSTEM><BIOS><Manufacturer>INSYDE</Manufacturer><Version>1.70</Version><SMBIOSVersion major="2" minor="4"/><Date>20110707000000.000000+000</Date></BIOS><HWID>40393E07018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSINV</OEMID><OEMTableID>TOSINV00</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>3A8852FFE964D86</Val><Hash>3QF1XKLRiGXBCMXvBloVckn8sLU=</Hash><Pid>89388-707-0268561-65798</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00178-926-800057-02-1033-7600.0000-2882010
Installation ID: 013341769642871932009863057784129733224805273421687643
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: W8DQG
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 12/31/2014 7:55:14 AM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 12:14:2014 23:12
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: LgAAAAEAAQABAAIAAAABAAAAAgABAAEAeqgO/RKJMAYm/thp2IFcC4q0ughWuA==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC TOSINV TOSINV00
FACP TOSINV TOSINV00
HPET TOSINV TOSINV00
BOOT TOSINV TOSINV00
MCFG TOSINV TOSINV00
ASF! TOSINV TOSINV00
SLIC TOSINV TOSINV00
SSDT PmRef Cpu0Cst
SSDT PmRef Cpu0Cst

Step 3: WV Check

Windows Validation Check
Version: 1.9.12.5
Log Created On: 0803_31-12-2014
-----------------------

Windows Information
-----------------------
Windows Version: Windows 7 Service Pack 1
Windows Mode: Normal
Systemroot Path: C:\windows

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
-----------------------
Last Success Time for Update Detection: 2014-12-30 21:10:01
Last Success Time for Update Download: 2014-12-26 20:48:17
Last Success Time for Update Installation: 2014-12-26 20:50:14


WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------


WVCheck's File Dump
-----------------------
C:\Windows\System32\slwga.dll
Size: 14336 bytes
Creation; 3/6/2011 9:6:8
Modification; 20/11/2010 7:21:24
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------
C:\Windows\SysWOW64\slwga.dll
Size: 14336 bytes
Creation; 3/6/2011 9:6:8
Modification; 20/11/2010 7:21:24
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_5b467ba9bd0679bb\slwga.dll
Size: 14848 bytes
Creation; 13/7/2009 19:52:11
Modification; 13/7/2009 21:41:54
MD5; cc03cf9f24946dcbd70acb3e1b2f05bf
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16723_none_5b856235bcd79403\slwga.dll
Size: 15360 bytes
Creation; 3/6/2011 7:33:48
Modification; 21/12/2010 1:15:31
MD5; b7213e92b270761b88b313b62ba0e13b
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.20862_none_5be2bf06d6168a3a\slwga.dll
Size: 15360 bytes
Creation; 3/6/2011 7:33:48
Modification; 21/12/2010 1:9:5
MD5; 86b7d4d7a87ecb9e6bded44c52c8d5d9
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_5d778f71b9f4fd55\slwga.dll
Size: 15360 bytes
Creation; 3/6/2011 9:6:17
Modification; 20/11/2010 8:27:26
MD5; b6d6886149573278cba6abd44c4317f5
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_ff27e02604a90885\slwga.dll
Size: 13824 bytes
Creation; 13/7/2009 19:36:22
Modification; 13/7/2009 21:16:15
MD5; 01fe4bdd0b47a7d8bf34d78d2bc23ddb
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16723_none_ff66c6b2047a22cd\slwga.dll
Size: 14336 bytes
Creation; 3/6/2011 7:33:48
Modification; 21/12/2010 0:38:16
MD5; 2008845b41d561fb77b77bbe0045099e
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.20862_none_ffc423831db91904\slwga.dll
Size: 14336 bytes
Creation; 3/6/2011 7:33:48
Modification; 21/12/2010 0:29:6
MD5; 2332de32759ebcc691850e092b2564a6
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_0158f3ee01978c1f\slwga.dll
Size: 14336 bytes
Creation; 3/6/2011 9:6:8
Modification; 20/11/2010 7:21:24
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------


WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.


WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.


WVCheck's MBAM Quarantine Check
-----------------------
There were no bad files quarantined by MBAM.


WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.


WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - 5e0db2d8b2750543cd2ebb9ea8e6cdd3


-------- End of File, program close at 0806_31-12-2014 --------
dannia4
Active Member
 
Posts: 13
Joined: December 29th, 2014, 7:00 pm

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby dannia4 » December 31st, 2014, 9:20 am

Hi wannabeageek,

As far as Step 4: CK Files, I clicked on "Save to File", then clicked "OK", but I don't know what to do after that. I don't see how to "Run" the program. ??

Pending: Step 1 and Step 4.

Thanks.
dannia4
Active Member
 
Posts: 13
Joined: December 29th, 2014, 7:00 pm

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby dannia4 » December 31st, 2014, 9:28 am

Is this all you need for Step 4: CK Files?

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11.XQAPKZ
----- EOF -----
dannia4
Active Member
 
Posts: 13
Joined: December 29th, 2014, 7:00 pm

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby wannabeageek » January 1st, 2015, 2:41 am

Hi dannia4,

Please tell me how you obtained your copy of Microsoft Office Enterprise 2007?


Here are revised instructions:
TSG - SysInfo utility
  • Right mouse click on this link:SysInfo utility
  • Select from the pop up box:
    "Save link as..."
  • From the left panel of the pop up box, scroll up and select desktop.
  • Click the "Save" button.
From your desktop:
  • Right Mouse click SysInfo.exe, select "Run As Administrator" to run it... if UAC prompts, please allow it.
  • Right click, select copy and then paste in your next post.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby dannia4 » January 1st, 2015, 8:33 am

Hi wannabeageek,

Here is the SysInfo utility:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Celeron(R) CPU 925 @ 2.30GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 1
RAM: 2939 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 7 Mb
Hard Drives: C: Total - 226545 MB, Free - 172303 MB;
Motherboard: TOSHIBA, Portable PC
Antivirus: Webroot SecureAnywhere, Updated and Enabled
dannia4
Active Member
 
Posts: 13
Joined: December 29th, 2014, 7:00 pm

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby wannabeageek » January 1st, 2015, 9:46 am

How did you obtained your copy of Microsoft Office Enterprise 2007?
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby dannia4 » January 1st, 2015, 11:19 am

Oh, I'm sorry! Embarrassed to say I don't even know what Microsoft Office Enterprise 2007 is. When I purchased this computer, I know it came with Microsoft Office Word 2007. Could I have inadvertently downloaded MO Enterprise 2007 at some point?
dannia4
Active Member
 
Posts: 13
Joined: December 29th, 2014, 7:00 pm

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby wannabeageek » January 1st, 2015, 12:46 pm

dannia4,

Please run the following:

Listparts
  • Right mouse click on this link: Listparts64... by farbar.
  • Select from the pop up box:
    "Save link as..."
  • From the left panel of the pop up box, scroll up and select desktop.
  • Click the "Save" button.
From your desktop:
  • Right Mouse click ListParts64.exe, select "Run As Administrator" to run it... if UAC prompts, please allow it.
    A file Result.txt will be created on your Desktop (or in the same directory where the tool was run).
  • Please copy and paste the contents of Result.txt and post in your next reply.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby dannia4 » January 1st, 2015, 12:54 pm

wannabeageek,

There are 2 options on which to click when I open ListParts64.exe. They are "Scan" or "Fix." Should I click on "Scan" and post those results? Thanks.
dannia4
Active Member
 
Posts: 13
Joined: December 29th, 2014, 7:00 pm

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby wannabeageek » January 1st, 2015, 12:56 pm

Should I click on "Scan" and post those results?
Yes, please.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby dannia4 » January 1st, 2015, 1:41 pm

Here is ListParts64.exe

ListParts by Farbar Version: 31-07-2014
Ran by Owner (administrator) on 01-01-2015 at 12:39:34
Windows 7 (X64)
Running From: C:\Users\Owner\Desktop
Language: English (United States)
************************************************************

========================= Memory info ======================

Percentage of memory in use: 49%
Total physical RAM: 2939.98 MB
Available physical RAM: 1473.38 MB
Total Pagefile: 5878.13 MB
Available Pagefile: 3593.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: (TI106034W0C) (Fixed) (Total:221.24 GB) (Free:168.21 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (Dec 28 2014) (CDROM) (Total:4.38 GB) (Free:2.99 GB) UDF

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B

Partitions of Disk 0:
===============

Disk ID: 5FBA0294

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 221 GB 1501 MB
Partition 3 Primary 10 GB 222 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 System NTFS Partition 1500 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C TI106034W0C NTFS Partition 221 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 17
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: 5FBA0294
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=221 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=17)


****** End Of Log ******
dannia4
Active Member
 
Posts: 13
Joined: December 29th, 2014, 7:00 pm

Re: Laptop Left Click Haywire and Shut Down Problem

Unread postby wannabeageek » January 1st, 2015, 3:52 pm

Hi dannia4,

I would like you to rerun the scan of listparts64, only this time click the "List BCD" box before clicking the scan button.
Then post the results

wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 118 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware