Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Windows 7 Slow and Utilities Not Running

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Windows 7 Slow and Utilities Not Running

Unread postby sultan62 » June 8th, 2014, 10:38 pm

I have a Windows 7 computer that, over the last few days, has begun to exhibit strange behavior. It is running slowly, programs frequently stop responding, and utilities have failed to run. I was finally able to run a System Restore to a point approximately two weeks ago after booting in Safe Mode. I am still unable to run a Disk Defrag, programs are still going to "Not Responding" (including this browser multiple times while preparing this post), and performance is very sluggish overall. As specified, below are the pasted logs from the DDS:

DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16866 BrowserJavaVersion: 10.55.2
Run by Davis at 22:16:17 on 2014-06-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.1927 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Sandboxie\SbieSvc.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
C:\windows\system32\taskhost.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\TECO\Teco.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\igfxext.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddmon.exe
C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddamon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\windows\system32\svchost.exe -k defragsvc
C:\windows\system32\dfrgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
C:\windows\System32\svchost.exe -k swprv
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://start.toshiba.com
uProxyOverride = <local>;*.local
mWinlogon: Userinit = userinit.exe,
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [lxddmon.exe] "C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddmon.exe"
mRun: [lxddamon] "C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddamon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{DBFC4894-8217-424C-A523-CA61B0A095E2} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{F8A2EAE6-9C09-4D3A-AF11-25B9BF5E7A16} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{F8A2EAE6-9C09-4D3A-AF11-25B9BF5E7A16}\14454543E64315432483 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F8A2EAE6-9C09-4D3A-AF11-25B9BF5E7A16}\163757D26796379647F627 : DHCPNameServer = 152.10.2.222 152.10.2.223
TCP: Interfaces\{F8A2EAE6-9C09-4D3A-AF11-25B9BF5E7A16}\2375942554531353 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F8A2EAE6-9C09-4D3A-AF11-25B9BF5E7A16}\A7F6F6A7 : DHCPNameServer = 10.0.0.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -
x64-BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} -
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Davis\AppData\Roaming\Mozilla\Firefox\Profiles\h3s0asw5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384]
R1 ctxusbm;Citrix USB Monitor Driver;C:\windows\System32\drivers\ctxusbm.sys [2012-12-5 98888]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 133928]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [2012-2-11 126392]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\TECO\TecoService.exe [2011-3-2 266680]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-2-11 2656280]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-11-8 76912]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-2-11 38096]
R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\windows\System32\drivers\rtwlane.sys [2013-5-2 1514568]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-6-17 166576]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-2-11 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632]
R3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2010-12-20 822704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-11-8 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-2-11 250984]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2012-2-11 307304]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2012-2-11 1109096]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-2-12 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-11-8 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-2-11 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-06-09 02:15:00 1031560 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A385B82-3D91-4FA2-8322-F4107CDC0505}\gapaengine.dll
2014-06-09 02:14:36 10702536 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{52081A07-9957-4AA1-BD89-11040EFDBCA2}\mpengine.dll
2014-06-09 01:56:37 1031560 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{254993BA-4B20-CDC4-3E41-CC01AAC94C4A}\GapaEngine.dll
2014-06-09 01:56:07 10702536 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-05 14:26:16 -------- d-----w- C:\Users\Davis\AppData\Roaming\Juniper Networks
2014-05-24 20:56:27 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B30E379-077D-4234-A8ED-F2C423C3360E}\gapaengine.dll
2014-05-17 02:13:17 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-05-17 02:13:17 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2014-05-17 01:40:09 477184 ----a-w- C:\windows\System32\aepdu.dll
2014-05-17 01:40:08 424448 ----a-w- C:\windows\System32\aeinv.dll
.
==================== Find3M ====================
.
2014-05-13 21:06:22 70832 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 21:06:22 692400 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-04-15 00:13:43 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22:05 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-03-13 06:33:30 2238976 ----a-w- C:\windows\System32\wininet.dll
2014-03-13 06:32:03 3959808 ----a-w- C:\windows\System32\jscript9.dll
2014-03-13 06:31:55 67072 ----a-w- C:\windows\System32\iesetup.dll
2014-03-13 06:31:55 136704 ----a-w- C:\windows\System32\iesysprep.dll
2014-03-13 05:10:47 1766400 ----a-w- C:\windows\SysWow64\wininet.dll
2014-03-13 05:09:43 2877952 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-03-13 05:09:39 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-03-13 05:09:39 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2014-03-13 03:59:47 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe
2014-03-13 03:51:45 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
2014-03-11 13:52:30 133928 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys
.
============= FINISH: 22:16:56.87 ===============


Attach:


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/11/2012 6:32:05 PM
System Uptime: 6/8/2014 9:54:48 PM (1 hours ago)
.
Motherboard: Intel Corp. | | Base Board Product Name
Processor: Intel(R) Pentium(R) CPU B940 @ 2.00GHz | CPU1 | 2000/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 581 GiB total, 488.643 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP333: 4/27/2014 7:52:07 PM - Windows Update
RP334: 5/3/2014 7:34:02 PM - Windows Update
RP335: 5/3/2014 8:47:02 PM - Windows Update
RP336: 5/9/2014 3:53:43 PM - Windows Update
RP337: 5/13/2014 4:56:01 PM - Windows Update
RP338: 5/16/2014 9:39:41 PM - Windows Update
RP339: 5/16/2014 10:09:16 PM - Windows Update
RP340: 5/23/2014 11:47:37 AM - Windows Update
RP341: 5/28/2014 4:08:39 PM - Windows Update
RP342: 6/2/2014 10:13:18 AM - Windows Update
RP343: 6/6/2014 10:25:47 AM - Windows Update
RP345: 6/8/2014 8:24:52 PM - Restore Operation
RP346: 6/8/2014 10:09:43 PM - Windows Update
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader X (10.1.10) MUI
Adobe Shockwave Player 12.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
BabySmash!
Bonjour
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Citrix Authentication Manager
Citrix Receiver
Citrix Receiver (HDX Flash Redirection)
Citrix Receiver Inside
Citrix Receiver Updater
Citrix Receiver(Aero)
Citrix Receiver(DV)
Citrix Receiver(USB)
Conexant HD Audio
D3DX10
Google Chrome
Google Update Helper
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
iTunes
Java 7 Update 55
Java Auto Updater
Java(TM) 6 Update 20
JavaFX 2.1.1
Junk Mail filter update
Label@Once 1.0
Lexmark 2500 Series
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft PowerPoint Viewer
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 28.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Online Plug-in
OpenOffice.org 3.4.1
Pantech USB Driver for Android phones ver1
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Project64 1.6
Realtek USB 2.0 Reader Driver
Realtek WLAN Driver
Rome - Total War Gold Edition
Sandboxie 3.72 (64-bit)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Self-service Plug-in
Skype™ 6.14
swMSM
Synaptics Pointing Device Driver
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Laptop Checkup
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
Toshiba Online Backup
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Resolution+ Plug-in for Windows Media Player
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TOSHIBA Wireless LAN Indicator
ToshibaRegistration
Visual Studio 2008 x64 Redistributables
Vizzed Retro Game Room
Winamp
Winamp Detector Plug-in
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinZip 17.5
.
==== Event Viewer Messages From Past Week ========
.
6/8/2014 9:56:33 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSHA
6/8/2014 9:56:06 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 0.0.0.0;0.0.0.0 Engine version: 0.0.0.0
6/8/2014 9:39:16 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
6/8/2014 9:39:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
6/8/2014 9:39:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
6/8/2014 9:39:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
6/8/2014 9:39:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
6/8/2014 9:39:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
6/8/2014 9:39:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/8/2014 9:39:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
6/8/2014 9:37:59 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSHA ctxusbm DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
6/8/2014 9:37:56 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/8/2014 9:37:56 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
6/8/2014 9:37:56 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
6/8/2014 9:37:56 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
6/8/2014 9:37:56 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/8/2014 9:37:56 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/8/2014 9:37:56 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/8/2014 9:37:56 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
6/8/2014 9:37:55 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
6/8/2014 9:37:55 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
6/8/2014 9:37:55 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/8/2014 9:37:55 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
6/8/2014 7:41:14 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
6/8/2014 6:59:37 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
6/8/2014 6:31:06 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
6/8/2014 6:29:40 PM, Error: Service Control Manager [7022] - The Software Protection service hung on starting.
6/8/2014 5:54:37 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.
6/8/2014 10:13:02 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\system32\Rtlihvs.dll Error Code: 126
6/8/2014 10:11:03 PM, Error: Microsoft-Windows-CorruptedFileRecovery-Server [10] - The system file C:\Windows\System32\sysmain.dll may be corrupted, but Windows could not determine if the file was actually damaged (error code 2147753986). No repair action was taken. Run the command "sfc /scannow" at an administrative command prompt to check for errors and to repair the file if necessary.
6/8/2014 10:11:02 PM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
6/8/2014 10:11:02 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
6/8/2014 10:11:02 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/8/2014 10:11:02 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/8/2014 10:11:02 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/8/2014 10:11:02 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
6/8/2014 10:11:02 PM, Error: Service Control Manager [7031] - The HomeGroup Listener service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/8/2014 10:11:02 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
6/8/2014 10:11:02 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
6/8/2014 10:07:02 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
6/1/2014 10:19:42 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.175.718.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10600.0 Error code: 0x80072ee2 Error description: The operation timed out
6/1/2014 10:08:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
6/1/2014 10:08:51 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/1/2014 10:08:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
6/1/2014 10:08:38 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
6/1/2014 10:08:38 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
.
==== End Of File ===========================

Unfortunately, I will be out of town for most of the next two days. If, somehow, you guys are miraculously able to provide some insight tonight or prior to my departure in the morning, I would be amazed and grateful, though I of course do not expect that. I will be returning Tuesday evening sometime, and will post back then. Thank you in advance!
sultan62
Regular Member
 
Posts: 23
Joined: June 8th, 2014, 10:15 pm
Advertisement
Register to Remove

Re: Windows 7 Slow and Utilities Not Running

Unread postby Gary R » June 12th, 2014, 9:09 am

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Windows 7 Slow and Utilities Not Running

Unread postby Gary R » June 12th, 2014, 9:32 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Infected? Virus, malware, adware, ransomware, oh my!" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi sultan62

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

As an added safety precaution, before we start removing anything, I'd like you to make a backup of your Registry, which we can restore to if necessary.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Please observe these rules while we work:
  • Do not edit your logs in any way whatsoever.
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Windows 7, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


There's no obvious signs of Malware on your computer, but that may just because DDS does not see the type of infection you have, so we'll have to run some more scans to make sure your machine is actually clean.

In the meantime, there are a few things that need attention.

First ...

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

Java 7 Update 55
Java(TM) 6 Update 20


Old out of date versions of Java can be exploited.

Reboot your computer once they're uninstalled.

Next ...

Your logs show you have remnants of an AVG program on your computer. Did you use this program as your Anti-Virus before you installed Microsoft Security Essentials ?

To remove the AVG remnants ... Download and run ... http://download.avg.com/filedir/util/av ... 3_2706.exe

Next ...

You also have what look to be remnants of Norton PC Checkup on your machine (I don't see an uninstaller for it in your logs, so I'm presuming you've tried to remove it at some time).

To remove the Norton remnant ... Download and run ... ftp://ftp.symantec.com/public/english_u ... l_Tool.exe

Reboot your computer once you've run those tools

Next ...

  • Download FRST64 to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Windows 7 Slow and Utilities Not Running

Unread postby sultan62 » June 12th, 2014, 12:43 pm

Thank you for helping.

I have followed all instructions thus far, including removal of AVG and Norton. As requested, here are the logs for FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 01
Ran by Davis (administrator) on DAVIS-PC on 12-06-2014 12:10:29
Running from C:\Users\Davis\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
() C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddmon.exe
() C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddamon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1520552 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-20] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218792 2010-08-17] (Toshiba)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [lxddmon.exe] => C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddmon.exe [291496 2009-04-27] ()
HKLM-x32\...\Run: [lxddamon] => C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddamon.exe [25256 2009-04-27] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: F - F:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {19aaba4f-f973-11e1-8741-806e6f6e6963} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {1ae25c25-4f1b-11e3-acd9-e89a8f44c276} - E:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {618f3f4a-bcac-11e1-b384-e89a8f44c276} - E:\LaunchU3.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {6ee182a0-e84b-11e2-9c50-e89a8f44c276} - E:\iStudio.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {99ef09d6-cf48-11e1-9290-e89a8f44c276} - F:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {ad236d66-558c-11e1-8687-e89a8f44c276} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {b88f7a92-a128-11e1-ae25-e89a8f44c276} - E:\LaunchU3.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {c1cd917d-591b-11e2-a0d0-e89a8f44c276} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {c7bf556f-565a-11e1-b6e6-e89a8f44c276} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {e2c5da09-1ac6-11e2-85dd-e89a8f44c276} - E:\LaunchU3.exe -a
AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [256568 2012-12-14] (Citrix Systems, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com
SearchScopes: HKLM - DefaultScope {87ABAE9D-6C8A-4AE6-9495-C65920E3A053} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {87ABAE9D-6C8A-4AE6-9495-C65920E3A053} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 - DefaultScope {2446D8BE-59AB-477C-86C9-854D5D2F5811} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {2446D8BE-59AB-477C-86C9-854D5D2F5811} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKCU - DefaultScope {144482B7-5694-40AB-AC81-11AB8662414E} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF_enUS470
SearchScopes: HKCU - {144482B7-5694-40AB-AC81-11AB8662414E} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF_enUS470
SearchScopes: HKCU - {2446D8BE-59AB-477C-86C9-854D5D2F5811} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKCU - {87ABAE9D-6C8A-4AE6-9495-C65920E3A053} URL =
BHO: No Name - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - No File
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO-x32: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\Davis\AppData\Roaming\Mozilla\Firefox\Profiles\h3s0asw5.default
FF Homepage: hxxp://www.google.com/
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @vizzed.com/VizzedRGR - C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed.com)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Extension: WOT - C:\Users\Davis\AppData\Roaming\Mozilla\Firefox\Profiles\h3s0asw5.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-31]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://ecpi.coursesmart.com/mycoursesmart", "hxxp://lms.ecpionline.com/", "https://login.microsoftonline.com/", "https://www.google.com/", "hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN23159387511054323&UM=2"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Davis\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Davis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Vizzed Retro Game Room Plugin) - C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed.com)
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Davis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (WOT) - C:\Users\Davis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-12]
CHR Extension: (Google Wallet) - C:\Users\Davis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx [2013-08-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

==================== Services (Whitelisted) =================

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [126392 2011-02-03] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [98576 2012-06-17] (SANDBOXIE L.T.D)
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [166576 2012-06-17] (SANDBOXIE L.T.D)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-12 12:10 - 2014-06-12 12:13 - 00025453 _____ () C:\Users\Davis\Downloads\FRST.txt
2014-06-12 12:10 - 2014-06-12 12:10 - 00000000 ____D () C:\FRST
2014-06-12 12:09 - 2014-06-12 12:09 - 02081792 _____ (Farbar) C:\Users\Davis\Downloads\FRST64.exe
2014-06-12 11:48 - 2014-06-12 11:48 - 00869456 _____ () C:\Users\Davis\Downloads\Norton_Removal_Tool.exe
2014-06-12 11:48 - 2014-06-12 11:48 - 00193697 _____ () C:\Users\Davis\Downloads\avgremover.log
2014-06-12 11:47 - 2014-06-12 11:48 - 03222280 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Davis\Downloads\avg_remover_stf_x64_2013_2706.exe
2014-06-12 11:10 - 2014-06-12 11:10 - 00000207 _____ () C:\windows\tweaking.com-regbackup-DAVIS-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-06-12 11:09 - 2014-06-12 11:09 - 00000000 ____D () C:\RegBackup
2014-06-12 11:08 - 2014-06-12 11:08 - 00002210 _____ () C:\Users\Davis\Desktop\Tweaking.com - Registry Backup.lnk
2014-06-12 11:08 - 2014-06-12 11:08 - 00000000 ____D () C:\Users\Davis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-06-12 11:08 - 2014-06-12 11:08 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-06-12 11:07 - 2014-06-12 11:08 - 04057608 _____ () C:\Users\Davis\Downloads\tweaking.com_registry_backup_setup.exe
2014-06-08 22:17 - 2014-06-08 22:17 - 00016156 _____ () C:\Users\Davis\Desktop\attach.txt
2014-06-08 22:17 - 2014-06-08 22:16 - 00023702 _____ () C:\Users\Davis\Desktop\dds.txt
2014-06-08 22:14 - 2014-06-08 22:14 - 00688992 ____R (Swearware) C:\Users\Davis\Downloads\dds.scr
2014-06-05 10:26 - 2014-06-08 21:54 - 00000000 ____D () C:\Users\Davis\AppData\Roaming\Juniper Networks
2014-05-16 22:13 - 2014-05-06 01:14 - 19274752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-16 22:13 - 2014-05-06 01:14 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-16 22:13 - 2014-05-05 23:48 - 14367232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-16 22:13 - 2014-05-05 23:48 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-16 22:13 - 2014-05-05 23:37 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-16 22:13 - 2014-05-05 23:26 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-16 21:40 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-16 21:40 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-16 21:40 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-16 21:40 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-16 21:38 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-16 21:38 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-16 21:38 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-16 21:38 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-16 21:38 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-16 21:38 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-16 21:38 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-16 21:38 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-05-16 21:38 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-16 21:38 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-16 21:38 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-16 21:38 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-16 21:38 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-05-16 21:38 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-05-16 21:38 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-16 21:38 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-16 21:24 - 2014-06-12 12:05 - 00003416 _____ () C:\windows\PFRO.log
2014-05-16 21:24 - 2014-06-12 12:05 - 00000784 _____ () C:\windows\setupact.log
2014-05-16 21:24 - 2014-05-16 21:24 - 00000000 _____ () C:\windows\setuperr.log
2014-05-13 17:18 - 2014-05-13 17:19 - 04745984 _____ (Piriform Ltd) C:\Users\Davis\Downloads\ccsetup413 (3).exe

==================== One Month Modified Files and Folders =======

2014-06-12 12:13 - 2014-06-12 12:10 - 00025453 _____ () C:\Users\Davis\Downloads\FRST.txt
2014-06-12 12:13 - 2012-02-11 19:32 - 00000000 ____D () C:\Users\Davis\AppData\Local\Temp
2014-06-12 12:13 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-12 12:13 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-12 12:12 - 2014-02-15 19:35 - 01782817 _____ () C:\windows\WindowsUpdate.log
2014-06-12 12:12 - 2012-02-11 22:20 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-12 12:10 - 2014-06-12 12:10 - 00000000 ____D () C:\FRST
2014-06-12 12:09 - 2014-06-12 12:09 - 02081792 _____ (Farbar) C:\Users\Davis\Downloads\FRST64.exe
2014-06-12 12:06 - 2012-02-11 22:20 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-12 12:05 - 2014-05-16 21:24 - 00003416 _____ () C:\windows\PFRO.log
2014-06-12 12:05 - 2014-05-16 21:24 - 00000784 _____ () C:\windows\setupact.log
2014-06-12 12:05 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-12 11:51 - 2009-07-14 01:13 - 00006450 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-12 11:48 - 2014-06-12 11:48 - 00869456 _____ () C:\Users\Davis\Downloads\Norton_Removal_Tool.exe
2014-06-12 11:48 - 2014-06-12 11:48 - 00193697 _____ () C:\Users\Davis\Downloads\avgremover.log
2014-06-12 11:48 - 2014-06-12 11:47 - 03222280 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Davis\Downloads\avg_remover_stf_x64_2013_2706.exe
2014-06-12 11:10 - 2014-06-12 11:10 - 00000207 _____ () C:\windows\tweaking.com-regbackup-DAVIS-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-06-12 11:09 - 2014-06-12 11:09 - 00000000 ____D () C:\RegBackup
2014-06-12 11:08 - 2014-06-12 11:08 - 00002210 _____ () C:\Users\Davis\Desktop\Tweaking.com - Registry Backup.lnk
2014-06-12 11:08 - 2014-06-12 11:08 - 00000000 ____D () C:\Users\Davis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-06-12 11:08 - 2014-06-12 11:08 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-06-12 11:08 - 2014-06-12 11:07 - 04057608 _____ () C:\Users\Davis\Downloads\tweaking.com_registry_backup_setup.exe
2014-06-12 11:03 - 2012-06-02 10:50 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-08 22:17 - 2014-06-08 22:17 - 00016156 _____ () C:\Users\Davis\Desktop\attach.txt
2014-06-08 22:16 - 2014-06-08 22:17 - 00023702 _____ () C:\Users\Davis\Desktop\dds.txt
2014-06-08 22:14 - 2014-06-08 22:14 - 00688992 ____R (Swearware) C:\Users\Davis\Downloads\dds.scr
2014-06-08 21:56 - 2012-02-11 19:32 - 00000000 ____D () C:\Users\Davis
2014-06-08 21:54 - 2014-06-05 10:26 - 00000000 ____D () C:\Users\Davis\AppData\Roaming\Juniper Networks
2014-06-08 21:54 - 2014-03-31 21:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-08 21:54 - 2012-05-04 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-08 21:54 - 2012-02-11 22:15 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-08 21:54 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-06-08 21:54 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\registration
2014-06-08 18:59 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\LiveKernelReports
2014-06-08 18:34 - 2013-08-25 19:12 - 02588672 ___SH () C:\Users\Davis\Downloads\Thumbs.db
2014-06-05 10:38 - 2012-04-02 21:52 - 00000000 ____D () C:\Users\Davis\AppData\Local\CrashDumps
2014-05-23 11:47 - 2013-01-28 12:07 - 00000000 ____D () C:\Users\Davis\Documents\Pauls College Stuff
2014-05-18 21:28 - 2009-07-14 01:08 - 00032612 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-05-16 22:16 - 2012-02-11 19:34 - 00000000 ___RD () C:\Users\Davis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 22:16 - 2012-02-11 19:34 - 00000000 ___RD () C:\Users\Davis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 22:14 - 2014-04-27 19:52 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-16 22:12 - 2013-07-11 09:21 - 00000000 ____D () C:\windows\system32\MRT
2014-05-16 22:10 - 2012-02-11 21:18 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-16 21:30 - 2012-03-16 18:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-16 21:30 - 2012-03-16 18:56 - 00001990 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-16 21:24 - 2014-05-16 21:24 - 00000000 _____ () C:\windows\setuperr.log
2014-05-16 21:24 - 2012-02-11 19:34 - 00000000 ____D () C:\Users\Davis\AppData\Local\VirtualStore
2014-05-13 18:11 - 2012-02-11 21:07 - 00000000 ____D () C:\Users\Davis\AppData\Roaming\SoftGrid Client
2014-05-13 17:29 - 2012-02-11 20:49 - 00000000 ____D () C:\Users\Davis\AppData\Roaming\Winamp
2014-05-13 17:28 - 2012-02-11 21:39 - 00000000 ____D () C:\Users\Davis\AppData\Roaming\Skype
2014-05-13 17:19 - 2014-05-13 17:18 - 04745984 _____ (Piriform Ltd) C:\Users\Davis\Downloads\ccsetup413 (3).exe
2014-05-13 17:07 - 2012-06-02 10:50 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 17:06 - 2012-06-02 10:50 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 17:06 - 2012-02-14 22:07 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Davis\AppData\Local\Temp\qjpr-em-.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-02 13:19

==================== End Of Log ============================
sultan62
Regular Member
 
Posts: 23
Joined: June 8th, 2014, 10:15 pm

Re: Windows 7 Slow and Utilities Not Running

Unread postby sultan62 » June 12th, 2014, 12:51 pm

I just realized I forgot to post the second log--here it is:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 01
Ran by Davis at 2014-06-12 12:14:30
Running from C:\Users\Davis\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
BabySmash! (HKCU\...\f9598aeafb0efd18) (Version: 1.1.0.96 - BabySmash)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Authentication Manager (x32 Version: 4.0.0.53726 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash Redirection) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.4.0.25 - Citrix Systems, Inc.)
Citrix Receiver Inside (x32 Version: 3.4.0.29585 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (x32 Version: 3.4.0.29577 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.1.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Lexmark 2500 Series (HKLM-x32\...\Lexmark 2500 Series) (Version: - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Online Plug-in (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Pantech USB Driver for Android phones ver1 (HKLM-x32\...\{32730A40-F110-4CF4-9A2B-5C1628C74366}) (Version: 1.1.6.0630 - Pantech)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.12 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Rome - Total War Gold Edition (HKLM-x32\...\Rome - Total War Gold Edition) (Version: 1.5 - SEGA)
Sandboxie 3.72 (64-bit) (HKLM\...\Sandboxie) (Version: 3.72 - SANDBOXIE L.T.D)
Self-service Plug-in (x32 Version: 3.4.0.33684 - Citrix Systems, Inc.) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.6 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.25.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.8.64 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.08.06.00 - )
TOSHIBA Hardware Setup (Version: 4.08.06.00 - TOSHIBA) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.7 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.7 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.7 - TOSHIBA Corporation) Hidden
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.10.26 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.25 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.4.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.17.64 - TOSHIBA Corporation) Hidden
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.0 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.7 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.08.06.00 - )
TOSHIBA Supervisor Password (Version: 4.08.06.00 - TOSHIBA) Hidden
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.4.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.5.4.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.5.4.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.0.19 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.0.19 - TOSHIBA Corporation) Hidden
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}) (Version: 1.0.3 - TOSHIBA CORPORATION)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Vizzed Retro Game Room (HKLM-x32\...\{6D9F35D2-1D6F-4E17-A79F-991A7BD24AAD}) (Version: 2.0.0 - Vizzed)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )

==================== Restore Points =========================

03-05-2014 23:34:02 Windows Update
04-05-2014 00:47:02 Windows Update
09-05-2014 19:53:43 Windows Update
13-05-2014 20:56:01 Windows Update
17-05-2014 01:39:41 Windows Update
17-05-2014 02:09:16 Windows Update
23-05-2014 15:47:37 Windows Update
28-05-2014 20:08:39 Windows Update
02-06-2014 14:13:18 Windows Update
06-06-2014 14:25:47 Windows Update
09-06-2014 00:24:52 Restore Operation
09-06-2014 02:09:43 Windows Update
12-06-2014 15:11:46 Removed Java 7 Update 55
12-06-2014 15:13:46 Removed Java(TM) 6 Update 20

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {042AB9DB-F087-4A42-9A52-EDFBA2703601} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {173609DF-8D19-47D0-835B-B5FD546BEFB2} - System32\Tasks\{8C885E0F-A034-4A04-9D3C-C295E55E0BF5} => Firefox.exe http://ui.skype.com/ui/0/6.5.0.158/en/a ... rogressBar
Task: {1C675D39-8A66-48D1-9B9A-CE6A566DC442} - System32\Tasks\{3219783B-1719-44C6-A03F-8EDD3AF6E35E} => Firefox.exe http://ui.skype.com/ui/0/6.5.0.158/en/a ... rogressBar
Task: {24E8E98C-0315-48DA-B179-B0534FF88CAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-11] (Google Inc.)
Task: {33E8ACB7-CA56-413F-BAAB-EB8C85BD6182} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-11] (Google Inc.)
Task: {4B4B228A-C978-4252-A35B-FC689E11C2D9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9C75A335-8A3F-452E-A211-11F452B7873F} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3294041267-2661638263-1799097935-1000
Task: {AE96F7B2-C9CE-4277-A47F-50E46781F88A} - System32\Tasks\{1D300ABC-6653-4B24-9BCC-E92D04918339} => Firefox.exe http://ui.skype.com/ui/0/6.5.0.158/en/a ... rogressBar
Task: {E88C9DDF-79B8-4A3C-A6EA-69FC425F8507} - System32\Tasks\{6FAB258C-B141-4750-B605-587E400868D3} => Firefox.exe http://ui.skype.com/ui/0/6.5.0.158/en/a ... rogressBar
Task: {F65EF1AF-6746-4F08-BBA1-E6CB4B5FE8E0} - System32\Tasks\{5EA35AD4-6EE3-4417-9E57-A918049D2D4D} => Firefox.exe http://ui.skype.com/ui/0/6.5.0.158/en/a ... rogressBar
Task: {FCE3AE49-0CD9-4972-A44E-C8A2D18430DA} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-04-04 23:18 - 2011-04-04 23:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-18 21:18 - 2010-11-18 21:18 - 11190784 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2010-12-15 19:19 - 2010-12-15 19:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll
2013-08-28 18:33 - 2009-04-27 13:37 - 00291496 _____ () C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddmon.exe
2013-08-28 18:33 - 2009-04-27 13:37 - 00025256 _____ () C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddamon.exe
2010-12-08 18:42 - 2010-12-08 18:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-28 18:33 - 2007-01-09 17:10 - 00278528 _____ () C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddscw.dll
2013-08-28 18:33 - 2007-03-06 08:16 - 00589824 _____ () C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxdddatr.dll
2013-08-28 18:33 - 2008-05-16 12:35 - 00040960 _____ () C:\Program Files (x86) (x86)\Lexmark 2500 Series\App4R.Monitor.Core.dll
2013-08-28 18:33 - 2008-05-16 12:35 - 00028672 _____ () C:\Program Files (x86) (x86)\Lexmark 2500 Series\App4R.Monitor.Common.dll
2013-08-28 18:33 - 2008-05-16 12:34 - 00057344 _____ () C:\Program Files (x86) (x86)\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.dll
2013-08-28 18:33 - 2007-04-30 08:19 - 00020480 _____ () C:\Program Files (x86) (x86)\Lexmark 2500 Series\App4R.DevMons.NetworkCardDevMon.dll
2013-08-28 18:33 - 2007-04-30 08:19 - 00020480 _____ () C:\Program Files (x86) (x86)\Lexmark 2500 Series\App4R.DevMons.ScanDevMon.dll
2013-08-28 18:33 - 2007-04-30 08:20 - 00011776 _____ () C:\Program Files (x86) (x86)\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll
2014-06-03 10:48 - 2014-03-31 21:39 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/12/2014 00:07:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2014 00:06:23 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (06/12/2014 11:51:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (06/12/2014 11:51:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (06/12/2014 11:46:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2014 11:46:10 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (06/11/2014 07:13:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 374808

Error: (06/11/2014 07:13:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 374808

Error: (06/11/2014 07:13:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/11/2014 07:13:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 359207


System errors:
=============
Error: (06/12/2014 00:05:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126

Error: (06/12/2014 11:57:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Common Client Job Manager Service service failed to start due to the following error:
%%1053

Error: (06/12/2014 11:57:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Common Client Job Manager Service service to connect.

Error: (06/12/2014 11:51:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Common Client Job Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (06/12/2014 11:45:49 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSHA

Error: (06/12/2014 11:45:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126

Error: (06/12/2014 11:44:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the sftlist service.

Error: (06/12/2014 11:43:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ProfSvc service.

Error: (06/12/2014 11:42:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PolicyAgent service.

Error: (06/12/2014 11:42:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PNRPsvc service.


Microsoft Office Sessions:
=========================
Error: (06/12/2014 00:07:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2014 00:06:23 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (06/12/2014 11:51:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (06/12/2014 11:51:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (06/12/2014 11:46:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2014 11:46:10 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (06/11/2014 07:13:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 374808

Error: (06/11/2014 07:13:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 374808

Error: (06/11/2014 07:13:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/11/2014 07:13:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 359207


==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 4043.86 MB
Available physical RAM: 1934.21 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 6049.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (TI106139W0E) (Fixed) (Total:580.98 GB) (Free:490.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: F72B4F0A)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=581 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=17)

==================== End Of Log ============================
sultan62
Regular Member
 
Posts: 23
Joined: June 8th, 2014, 10:15 pm

Re: Windows 7 Slow and Utilities Not Running

Unread postby Gary R » June 12th, 2014, 1:06 pm

I don't see the addition.txt log that I asked for, please post it.

You should find it in ... C:\Users\Davis\Downloads

If not, run another FRST scan, and this time before you hit the Scan button please ensure you check (tick) on the addition.txt button.

If you have to run another scan, please don't post me FRST.txt again, it's just the addition.txt I need to see.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Windows 7 Slow and Utilities Not Running

Unread postby sultan62 » June 12th, 2014, 1:12 pm

If I'm not mistaken, that's the log I forgot to post at first, but posted immediately above your most recent post. If it's not, I'll run it again and repost.
sultan62
Regular Member
 
Posts: 23
Joined: June 8th, 2014, 10:15 pm

Re: Windows 7 Slow and Utilities Not Running

Unread postby Gary R » June 12th, 2014, 3:17 pm

Looks like we cross posted. ;) :D

OK, stage 2 ....

First ...

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

Sandboxie 3.72


Reboot your computer once it's uninstalled

Sandboxie is of course a perfectly legitimate program, but because of the way it works it can confuse things when we're trying to troubleshoot problems, so it's easier to just remove it, and re-install it again when we've finished.

Next ...

  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the code box below into Notepad (don't include Code: Select all).
Code: Select all
C:\Program Files (x86)\Norton PC Checkup
C:\Program Files (x86)\AVG
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218792 2010-08-17] (Toshiba)
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: F - F:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {19aaba4f-f973-11e1-8741-806e6f6e6963} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {1ae25c25-4f1b-11e3-acd9-e89a8f44c276} - E:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {618f3f4a-bcac-11e1-b384-e89a8f44c276} - E:\LaunchU3.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {6ee182a0-e84b-11e2-9c50-e89a8f44c276} - E:\iStudio.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {99ef09d6-cf48-11e1-9290-e89a8f44c276} - F:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {ad236d66-558c-11e1-8687-e89a8f44c276} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {b88f7a92-a128-11e1-ae25-e89a8f44c276} - E:\LaunchU3.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {c1cd917d-591b-11e2-a0d0-e89a8f44c276} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {c7bf556f-565a-11e1-b6e6-e89a8f44c276} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {e2c5da09-1ac6-11e2-85dd-e89a8f44c276} - E:\LaunchU3.exe -a
SearchScopes: HKCU - {87ABAE9D-6C8A-4AE6-9495-C65920E3A053} URL =
BHO: No Name - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - No File
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO-x32: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx [2013-08-30]
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [126392 2011-02-03] (Symantec Corporation)
C:\Users\Davis\AppData\Local\Temp\qjpr-em-.dll

    • Save it to the same folder/directory that FRST.exe is in, naming it as fixlist.txt

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post me the log

Next ...

  • Click Start and type cleanmgr.exe in the Search programs and files box, then hit Enter.
  • This will bring up the Disk Cleanup window.
  • Once it's finished scanning your computer, check the following entries.
    • Temporary Internet Files.
    • Recycle Bin.
    • Temporary Files.
  • Click OK.
  • When a prompt pops up click Delete files.

Next ...

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on Run ESET Online Scanner
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed click on Start to start the scan.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed you will be presented with a list of found threats ....
    • Click on the List of found threats link
    • Click on Export to text file
    • Save as ESET.txt to your Desktop
  • Exit out of ESET Online Scanner.
  • Post me the contents of ESET.txt please.

Summary of the logs I need from you in your next post:
  • fixlog.txt
  • ESET.txt
  • Let me know how your computer is running now please.


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Windows 7 Slow and Utilities Not Running

Unread postby sultan62 » June 12th, 2014, 8:54 pm

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-06-2014 01
Ran by Davis at 2014-06-12 20:50:04 Run:1
Running from C:\Users\Davis\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Program Files (x86)\Norton PC Checkup
C:\Program Files (x86)\AVG
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218792 2010-08-17] (Toshiba)
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: F - F:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {19aaba4f-f973-11e1-8741-806e6f6e6963} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {1ae25c25-4f1b-11e3-acd9-e89a8f44c276} - E:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {618f3f4a-bcac-11e1-b384-e89a8f44c276} - E:\LaunchU3.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {6ee182a0-e84b-11e2-9c50-e89a8f44c276} - E:\iStudio.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {99ef09d6-cf48-11e1-9290-e89a8f44c276} - F:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {ad236d66-558c-11e1-8687-e89a8f44c276} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {b88f7a92-a128-11e1-ae25-e89a8f44c276} - E:\LaunchU3.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {c1cd917d-591b-11e2-a0d0-e89a8f44c276} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {c7bf556f-565a-11e1-b6e6-e89a8f44c276} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: {e2c5da09-1ac6-11e2-85dd-e89a8f44c276} - E:\LaunchU3.exe -a
SearchScopes: HKCU - {87ABAE9D-6C8A-4AE6-9495-C65920E3A053} URL =
BHO: No Name - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - No File
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO-x32: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx [2013-08-30]
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [126392 2011-02-03] (Symantec Corporation)
C:\Users\Davis\AppData\Local\Temp\qjpr-em-.dll
*****************


"C:\Program Files (x86)\Norton PC Checkup" directory move:

C:\Program Files (x86)\Norton PC Checkup\isolate.ini => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine64\2.0.10.26\ccIPC.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine64\2.0.10.26\ccSet.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine64\2.0.10.26\ccSvc.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine64\2.0.10.26\ccVrTrst.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccIPC.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccJobMgr.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccL90U.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSet.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvc.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccVrTrst.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\diLueCbk.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\diMaster.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\Downloader.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\hsplayer.dat => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\hsplayer.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\hsplayer.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\InstallHelper.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\NLAppLauncher.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\Norton PC Checkup.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\OemStop.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\preferences.dat => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\Resource.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ScheduleWinExe.exe => Moved successfully.
Could not move "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\service.dat" => Scheduled to move on reboot.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCUMigration.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\TestWorker.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\Updater.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\version.txt => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\{2A85E335-7417-424d-AD89-31DED1689794}.dat => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\{F8D07955-00ED-4093-88AA-0A0F69AFD83C}.dat => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\styles\102\en\Main.css => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\styles\102\en\Main.swf => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\styles\102\en\img\exitBackground.png => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\styles\102\en\img\logo.png => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\styles\102\en\img\offerBtnGreen.png => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\styles\102\en\img\offerBtnGreenOn.png => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\styles\102\en\img\offerBtnOff.png => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\styles\102\en\img\offerBtnOn.png => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\styles\102\en\img\protectionBackground.png => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\styles\102\en\img\virusBackground.png => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\pcscan\pcscanner.cfg => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\pcscan\pcscanner.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\ccL70U.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\ccScanw.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\ccVrTrst.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\dec_abi.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\DefUtDCD.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\ecmldr32.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\Microsoft.VC80.CRT.manifest => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\msl.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\msvcp80.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\msvcr80.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\OEMScanner.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\patch25d.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\SAUpdt.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\nss\ScanCore.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\.CLT2010.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\.CLT2011.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\ccL100U.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\ccL110U.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\ccL90U.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\CLT2012.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\isolate.ini => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\libeay32.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\NLConsumerLicensing.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\SymNSPDetector.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\symNSPDetector3PP.xml.enc => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\symNSPDetectorNSP.xml.enc => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\symNSPDetectorNUP.xml.enc => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\SymNSPScanner.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\Microsoft.VC90.CRT\msvcm90.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\Microsoft.VC90.CRT\msvcp90.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\Microsoft.VC90.CRT\msvcr90.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\legacy\ccL80U.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\legacy\isolate.ini => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\legacy\Microsoft.VC80.CRT.manifest => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\legacy\msvcm80.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\legacy\msvcp80.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\legacy\msvcr80.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\legacy\SymClgX.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\legacy\symNPD.exe => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\legacy\symNPDScan.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\scanners\npd\legacy\SymXPep2.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\Microsoft.VC90.CRT\msvcm90.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\Microsoft.VC90.CRT\msvcp90.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\Microsoft.VC90.CRT\msvcr90.dll => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\factBase.xml => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\InstallHelper.log => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\message_inbox.xml => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\NPDResults.xml => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\nss_log.txt => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\omniture_log.txt => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\Output_NSP_Detector.log => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\Output_NSP_Scanner.log => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\pcScanner_initial.xml => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\placeholder.txt => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\scanProfileResults.xml => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\scanResults.xml => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\session_log.txt => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\logs\uploadDataPoints.xml => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\Icon\icon.ico => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\content\102\Resources_en_US.swf => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\content\102\html\en\2\help.htm => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\content\102\html\en\1\help.htm => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\config\ProfileConfig.swf => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\config\102\Config.swf => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\Common Client\JobMgr\Jobs\ccJobSch.dat => Moved successfully.
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\Common Client\ccJobMgr\Jobs\ccJobMgr.dat => Moved successfully.
Could not move "C:\Program Files (x86)\Norton PC Checkup" directory. => Scheduled to move on reboot.

C:\Program Files (x86)\AVG => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NortonOnlineBackupReminder => value deleted successfully.
'HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3294041267-2661638263-1799097935-1000'=> Key not found.
'HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19aaba4f-f973-11e1-8741-806e6f6e6963}' => Key deleted successfully.
'HKCR\CLSID\{19aaba4f-f973-11e1-8741-806e6f6e6963}'=> Key not found.
'HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ae25c25-4f1b-11e3-acd9-e89a8f44c276}' => Key deleted successfully.
'HKCR\CLSID\{1ae25c25-4f1b-11e3-acd9-e89a8f44c276}'=> Key not found.
'HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{618f3f4a-bcac-11e1-b384-e89a8f44c276}' => Key deleted successfully.
'HKCR\CLSID\{618f3f4a-bcac-11e1-b384-e89a8f44c276}'=> Key not found.
'HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6ee182a0-e84b-11e2-9c50-e89a8f44c276}' => Key deleted successfully.
'HKCR\CLSID\{6ee182a0-e84b-11e2-9c50-e89a8f44c276}'=> Key not found.
'HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99ef09d6-cf48-11e1-9290-e89a8f44c276}' => Key deleted successfully.
'HKCR\CLSID\{99ef09d6-cf48-11e1-9290-e89a8f44c276}'=> Key not found.
'HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad236d66-558c-11e1-8687-e89a8f44c276}' => Key deleted successfully.
'HKCR\CLSID\{ad236d66-558c-11e1-8687-e89a8f44c276}'=> Key not found.
'HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b88f7a92-a128-11e1-ae25-e89a8f44c276}' => Key deleted successfully.
'HKCR\CLSID\{b88f7a92-a128-11e1-ae25-e89a8f44c276}'=> Key not found.
'HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c1cd917d-591b-11e2-a0d0-e89a8f44c276}' => Key deleted successfully.
'HKCR\CLSID\{c1cd917d-591b-11e2-a0d0-e89a8f44c276}'=> Key not found.
'HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7bf556f-565a-11e1-b6e6-e89a8f44c276}' => Key deleted successfully.
'HKCR\CLSID\{c7bf556f-565a-11e1-b6e6-e89a8f44c276}'=> Key not found.
'HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2c5da09-1ac6-11e2-85dd-e89a8f44c276}' => Key deleted successfully.
'HKCR\CLSID\{e2c5da09-1ac6-11e2-85dd-e89a8f44c276}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{87ABAE9D-6C8A-4AE6-9495-C65920E3A053}' => Key deleted successfully.
'HKCR\CLSID\{87ABAE9D-6C8A-4AE6-9495-C65920E3A053}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}' => Key deleted successfully.
'HKCR\CLSID\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}' => Key deleted successfully.
'HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
'HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
'HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla' => Key deleted successfully.
"C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx" => File/Directory not found.
PCCUJobMgr => Unable to stop service
PCCUJobMgr => Service deleted successfully.
C:\Users\Davis\AppData\Local\Temp\qjpr-em-.dll => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-06-12 20:52:39)<=

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\service.dat => Is moved successfully.
C:\Program Files (x86)\Norton PC Checkup => Is moved successfully.

==== End of Fixlog ====

Continuing with Instructions...
sultan62
Regular Member
 
Posts: 23
Joined: June 8th, 2014, 10:15 pm

Re: Windows 7 Slow and Utilities Not Running

Unread postby sultan62 » June 12th, 2014, 11:05 pm

I am currently trying to run the ESET scanner, and it appears to have stalled. The first time I ran it, a screensaver interrupted it and caused it to stall. I altered my settings to disable the screensaver and restarted the program. It is stalling 23% of the way through the scan.
sultan62
Regular Member
 
Posts: 23
Joined: June 8th, 2014, 10:15 pm

Re: Windows 7 Slow and Utilities Not Running

Unread postby Gary R » June 13th, 2014, 1:40 am

OK, if e-set won't run, then lets try something different instead.

Please run Microsoft Safety Scanner
  • Click Download Now (this is a large download, approx. 70Mb)
  • If you are asked about 32-bit or 64-bit, click on the type matching your Windows system (which is 64 bit).
  • If asked to Run or Save, choose Run.
  • OK the User Account Permission or the query "Do you want to run this software".
  • If you get a message saying "running this type of program could harm your computer" or similar, just ignore it and tell it to Run anyway.
  • Click the box to Accept the license agreement.
  • Click Next.
  • Click Next to run the Scan.
  • Click the Quick Scan button. (... also Full Scan option)
  • Click Next
    • (If it finds nothing, it will just Exit. It still creates a report.)
    • If it has found anything, check the box titled "Help Remove potentially unwanted software"
      • Click Next (the Dialog label will become "Cleaning your computer").
      • After this operation completes, click Finish.
      • When removals are complete, it will report through a link, "View detailed results of the scan"
      • Clicking the link will popup a report in Notepad.
      • Please post the contents of the file in your reply.
      • The file is also saved in C:\Windows\debug\msert.log
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Windows 7 Slow and Utilities Not Running

Unread postby sultan62 » June 15th, 2014, 9:05 am

I've tried to run the Microsoft Safety Scanner a few times, and it has repeatedly frozen up. I'm trying it again. Just wanted to update to let you know I'm still trying to get this thing.
sultan62
Regular Member
 
Posts: 23
Joined: June 8th, 2014, 10:15 pm

Re: Windows 7 Slow and Utilities Not Running

Unread postby Gary R » June 15th, 2014, 9:17 am

OK, skip the online scan for now, and run a new scan with FRST, then post me the new FRST.txt (it won't create Addition.txt this time)

Also can you do this for me ...

Download GMER to your Desktop. (It will have a randomly generated name, for example .... wjkl3ecz.exe)

  • Disconnect from the Internet, and close all running programmes.
  • There is a small chance this programme may crash your computer, so save any work you have open.
  • Double click on the randomly named GMER file (eg .... wjkl3ecz.exe) to launch GMER.
  • Let the gmer.sys driver load if asked.
  • If it gives you a warning at programme start about rootkit activity and asks if you want to run a scan ..... click OK.
  • If no warning:
    • Click Rootkit tab.
    • Ensure that All the boxes to the right of the program are checked except Show All.
    • Click Scan.
  • Do not use your computer while the scan is running.
  • Once scan is finished click Copy.
    • Click Start > Run then type Notepad.exe then click OK.
    • This will open a Notepad file.
    • Hit Ctrl+V to paste log into it.
    • Save the log to your Desktop.
  • Reconnect to internet and post the log please.

Summary of the logs I need from you in your next post:
  • New FRST.txt
  • GMER log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Windows 7 Slow and Utilities Not Running

Unread postby sultan62 » June 15th, 2014, 12:13 pm

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 01
Ran by Davis (administrator) on DAVIS-PC on 15-06-2014 12:05:19
Running from C:\Users\Davis\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
() C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddmon.exe
() C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddamon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1520552 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-20] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [lxddmon.exe] => C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddmon.exe [291496 2009-04-27] ()
HKLM-x32\...\Run: [lxddamon] => C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddamon.exe [25256 2009-04-27] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3294041267-2661638263-1799097935-1000\...\MountPoints2: F - F:\TL_Bootstrap.exe
AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [256568 2012-12-14] (Citrix Systems, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com
SearchScopes: HKLM - DefaultScope {87ABAE9D-6C8A-4AE6-9495-C65920E3A053} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {87ABAE9D-6C8A-4AE6-9495-C65920E3A053} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 - DefaultScope {2446D8BE-59AB-477C-86C9-854D5D2F5811} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {2446D8BE-59AB-477C-86C9-854D5D2F5811} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKCU - DefaultScope {144482B7-5694-40AB-AC81-11AB8662414E} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF_enUS470
SearchScopes: HKCU - {144482B7-5694-40AB-AC81-11AB8662414E} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF_enUS470
SearchScopes: HKCU - {2446D8BE-59AB-477C-86C9-854D5D2F5811} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\Davis\AppData\Roaming\Mozilla\Firefox\Profiles\h3s0asw5.default
FF Homepage: hxxp://www.google.com/
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @vizzed.com/VizzedRGR - C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed.com)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Extension: WOT - C:\Users\Davis\AppData\Roaming\Mozilla\Firefox\Profiles\h3s0asw5.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-31]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://ecpi.coursesmart.com/mycoursesmart", "hxxp://lms.ecpionline.com/", "https://login.microsoftonline.com/", "https://www.google.com/", "hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN23159387511054323&UM=2"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Davis\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Davis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Vizzed Retro Game Room Plugin) - C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed.com)
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Davis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (WOT) - C:\Users\Davis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-12]
CHR Extension: (Google Wallet) - C:\Users\Davis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

==================== Services (Whitelisted) =================

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation )
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-15 12:04 - 2014-06-15 12:05 - 00380416 _____ () C:\Users\Davis\Downloads\uhugzfpn.exe
2014-06-14 23:00 - 2014-06-14 23:00 - 00000000 __SHD () C:\found.000
2014-06-13 17:21 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-13 17:21 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-13 17:21 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-13 17:21 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 17:21 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-13 17:21 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-13 17:21 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-13 17:21 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-13 17:21 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-13 17:21 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-13 17:21 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-13 17:21 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-13 09:33 - 2014-06-13 09:34 - 109501208 _____ (Microsoft Corporation) C:\Users\Davis\Downloads\msert.exe
2014-06-13 05:23 - 2014-06-13 05:23 - 00000000 ____D () C:\feda1ebd492c6b9a43d09b85454b77
2014-06-12 21:55 - 2014-06-12 21:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-12 21:53 - 2014-06-12 21:54 - 02347384 _____ (ESET) C:\Users\Davis\Downloads\esetsmartinstaller_enu.exe
2014-06-12 19:48 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-12 19:48 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 12:14 - 2014-06-12 12:15 - 00030386 _____ () C:\Users\Davis\Downloads\Addition.txt
2014-06-12 12:10 - 2014-06-15 12:05 - 00022845 _____ () C:\Users\Davis\Downloads\FRST.txt
2014-06-12 12:10 - 2014-06-15 12:05 - 00000000 ____D () C:\FRST
2014-06-12 12:09 - 2014-06-12 12:09 - 02081792 _____ (Farbar) C:\Users\Davis\Downloads\FRST64.exe
2014-06-12 12:09 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-12 12:09 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-12 11:48 - 2014-06-12 11:48 - 00869456 _____ () C:\Users\Davis\Downloads\Norton_Removal_Tool.exe
2014-06-12 11:48 - 2014-06-12 11:48 - 00193697 _____ () C:\Users\Davis\Downloads\avgremover.log
2014-06-12 11:47 - 2014-06-12 11:48 - 03222280 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Davis\Downloads\avg_remover_stf_x64_2013_2706.exe
2014-06-12 11:10 - 2014-06-12 11:10 - 00000207 _____ () C:\windows\tweaking.com-regbackup-DAVIS-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-06-12 11:09 - 2014-06-12 11:09 - 00000000 ____D () C:\RegBackup
2014-06-12 11:08 - 2014-06-12 11:08 - 00002210 _____ () C:\Users\Davis\Desktop\Tweaking.com - Registry Backup.lnk
2014-06-12 11:08 - 2014-06-12 11:08 - 00000000 ____D () C:\Users\Davis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-06-12 11:08 - 2014-06-12 11:08 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-06-12 11:07 - 2014-06-12 11:08 - 04057608 _____ () C:\Users\Davis\Downloads\tweaking.com_registry_backup_setup.exe
2014-06-08 22:17 - 2014-06-08 22:17 - 00016156 _____ () C:\Users\Davis\Desktop\attach.txt
2014-06-08 22:17 - 2014-06-08 22:16 - 00023702 _____ () C:\Users\Davis\Desktop\dds.txt
2014-06-08 22:14 - 2014-06-08 22:14 - 00688992 ____R (Swearware) C:\Users\Davis\Downloads\dds.scr
2014-06-05 10:26 - 2014-06-08 21:54 - 00000000 ____D () C:\Users\Davis\AppData\Roaming\Juniper Networks
2014-05-16 22:13 - 2014-05-06 01:14 - 19274752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-16 22:13 - 2014-05-06 01:14 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-16 22:13 - 2014-05-05 23:48 - 14367232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-16 22:13 - 2014-05-05 23:48 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-16 22:13 - 2014-05-05 23:37 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-16 22:13 - 2014-05-05 23:26 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-16 21:40 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-16 21:40 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-16 21:38 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-16 21:38 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-16 21:38 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-16 21:38 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-16 21:38 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-16 21:38 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-16 21:38 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-16 21:38 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-05-16 21:38 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-16 21:38 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-16 21:38 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-16 21:38 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-16 21:38 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-16 21:38 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-16 21:38 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-05-16 21:38 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-05-16 21:38 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-05-16 21:38 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-16 21:38 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-16 21:24 - 2014-06-15 12:01 - 00001848 _____ () C:\windows\setupact.log
2014-05-16 21:24 - 2014-06-12 12:05 - 00003416 _____ () C:\windows\PFRO.log
2014-05-16 21:24 - 2014-05-16 21:24 - 00000000 _____ () C:\windows\setuperr.log

==================== One Month Modified Files and Folders =======

2014-06-15 12:07 - 2012-02-11 19:32 - 00000000 ____D () C:\Users\Davis\AppData\Local\Temp
2014-06-15 12:06 - 2014-06-12 12:10 - 00022845 _____ () C:\Users\Davis\Downloads\FRST.txt
2014-06-15 12:05 - 2014-06-15 12:04 - 00380416 _____ () C:\Users\Davis\Downloads\uhugzfpn.exe
2014-06-15 12:05 - 2014-06-12 12:10 - 00000000 ____D () C:\FRST
2014-06-15 12:03 - 2012-06-02 10:50 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-15 12:02 - 2012-02-11 22:20 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-15 12:01 - 2014-05-16 21:24 - 00001848 _____ () C:\windows\setupact.log
2014-06-15 12:01 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-14 23:18 - 2014-02-15 19:35 - 02071642 _____ () C:\windows\WindowsUpdate.log
2014-06-14 23:13 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-14 23:13 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-14 23:12 - 2012-02-11 22:20 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-14 23:00 - 2014-06-14 23:00 - 00000000 __SHD () C:\found.000
2014-06-13 18:50 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-06-13 09:34 - 2014-06-13 09:33 - 109501208 _____ (Microsoft Corporation) C:\Users\Davis\Downloads\msert.exe
2014-06-13 05:23 - 2014-06-13 05:23 - 00000000 ____D () C:\feda1ebd492c6b9a43d09b85454b77
2014-06-13 05:23 - 2013-07-11 09:21 - 00000000 ____D () C:\windows\system32\MRT
2014-06-13 05:23 - 2012-02-11 21:18 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-13 03:52 - 2014-04-27 19:52 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-12 21:55 - 2014-06-12 21:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-12 21:54 - 2014-06-12 21:53 - 02347384 _____ (ESET) C:\Users\Davis\Downloads\esetsmartinstaller_enu.exe
2014-06-12 21:54 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF
2014-06-12 13:17 - 2009-07-14 01:13 - 00006450 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-12 12:15 - 2014-06-12 12:14 - 00030386 _____ () C:\Users\Davis\Downloads\Addition.txt
2014-06-12 12:09 - 2014-06-12 12:09 - 02081792 _____ (Farbar) C:\Users\Davis\Downloads\FRST64.exe
2014-06-12 12:05 - 2014-05-16 21:24 - 00003416 _____ () C:\windows\PFRO.log
2014-06-12 11:48 - 2014-06-12 11:48 - 00869456 _____ () C:\Users\Davis\Downloads\Norton_Removal_Tool.exe
2014-06-12 11:48 - 2014-06-12 11:48 - 00193697 _____ () C:\Users\Davis\Downloads\avgremover.log
2014-06-12 11:48 - 2014-06-12 11:47 - 03222280 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Davis\Downloads\avg_remover_stf_x64_2013_2706.exe
2014-06-12 11:10 - 2014-06-12 11:10 - 00000207 _____ () C:\windows\tweaking.com-regbackup-DAVIS-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-06-12 11:09 - 2014-06-12 11:09 - 00000000 ____D () C:\RegBackup
2014-06-12 11:08 - 2014-06-12 11:08 - 00002210 _____ () C:\Users\Davis\Desktop\Tweaking.com - Registry Backup.lnk
2014-06-12 11:08 - 2014-06-12 11:08 - 00000000 ____D () C:\Users\Davis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-06-12 11:08 - 2014-06-12 11:08 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-06-12 11:08 - 2014-06-12 11:07 - 04057608 _____ () C:\Users\Davis\Downloads\tweaking.com_registry_backup_setup.exe
2014-06-08 22:17 - 2014-06-08 22:17 - 00016156 _____ () C:\Users\Davis\Desktop\attach.txt
2014-06-08 22:16 - 2014-06-08 22:17 - 00023702 _____ () C:\Users\Davis\Desktop\dds.txt
2014-06-08 22:14 - 2014-06-08 22:14 - 00688992 ____R (Swearware) C:\Users\Davis\Downloads\dds.scr
2014-06-08 21:56 - 2012-02-11 19:32 - 00000000 ____D () C:\Users\Davis
2014-06-08 21:54 - 2014-06-05 10:26 - 00000000 ____D () C:\Users\Davis\AppData\Roaming\Juniper Networks
2014-06-08 21:54 - 2014-03-31 21:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-08 21:54 - 2012-05-04 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-08 21:54 - 2012-02-11 22:15 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-08 21:54 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\registration
2014-06-08 18:59 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\LiveKernelReports
2014-06-08 18:34 - 2013-08-25 19:12 - 02588672 ___SH () C:\Users\Davis\Downloads\Thumbs.db
2014-06-08 05:13 - 2014-06-12 12:09 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-12 12:09 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-05 10:38 - 2012-04-02 21:52 - 00000000 ____D () C:\Users\Davis\AppData\Local\CrashDumps
2014-05-23 11:47 - 2013-01-28 12:07 - 00000000 ____D () C:\Users\Davis\Documents\Pauls College Stuff
2014-05-18 21:28 - 2009-07-14 01:08 - 00032612 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-05-16 22:16 - 2012-02-11 19:34 - 00000000 ___RD () C:\Users\Davis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 22:16 - 2012-02-11 19:34 - 00000000 ___RD () C:\Users\Davis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 21:30 - 2012-03-16 18:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-16 21:30 - 2012-03-16 18:56 - 00001990 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-16 21:24 - 2014-05-16 21:24 - 00000000 _____ () C:\windows\setuperr.log
2014-05-16 21:24 - 2012-02-11 19:34 - 00000000 ____D () C:\Users\Davis\AppData\Local\VirtualStore

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-13 17:38

==================== End Of Log ============================
sultan62
Regular Member
 
Posts: 23
Joined: June 8th, 2014, 10:15 pm

Re: Windows 7 Slow and Utilities Not Running

Unread postby sultan62 » June 15th, 2014, 12:31 pm

Regarding GMER, should "Quick Scan," "C:\", or " Q:\" be selected? Also, if I check "3rd party" it autochecks "Show all" and unchecks several others, so I'm guessing I shouldn't check that.
sultan62
Regular Member
 
Posts: 23
Joined: June 8th, 2014, 10:15 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 292 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware