Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

Firefox/Internet Explorer has stopped working.

This is a discussion on Firefox/Internet Explorer has stopped working. within the Resolved HJT Threads forums, part of the Tech Support Forum category. --ORIGINAL POST-- >> https://www.techsupportforum.com/foru...g-1208537.html Hey guys, So this morning I turned on my PC and found that I couldn't open


 
 
Thread Tools Search this Thread
Old 09-02-2017, 12:33 PM   #1
Registered Member
 
Join Date: Sep 2017
Posts: 14
OS: Windows 7 Pro



--ORIGINAL POST-- >> https://www.techsupportforum.com/foru...g-1208537.html
Hey guys,

So this morning I turned on my PC and found that I couldn't open Firefox. I got an error saying that Firefox has stopped working. So I closed it out, and tried again... Same thing. I tried restarting my computer, still not working. So I thought I'd uninstall it, and reinstall through Internet Explorer. So I uninstalled it, opened up Internet Explorer, and got the same message. I read that I could opened the command prompt and enter in something along the lines of netsh winlock reset.... I don't remember what it was exactly, but there were 2 or 3 commands that various forums suggested. That didn't work. So I contacted Microsoft, and they suggest a system restore. I tried it about 5 times, and it just wouldn't restore. I kept getting another error saying that it was unsuccessful due to an anti-virus program or something. I use Avast, so I opened it up and turned off everything that I could. Tried the system restore again, still didn't work. Found a video on Youtube that suggested I turn off graphic rendering or something like that under the internet options. That didn't work either.

So I'm super pissed about all of this because it was working perfectly fine last night. I'm hoping someone else may have some better suggestions for me.

Thank you

--UPDATED POST--

I have gone through the checklist for the malware removal process, however I did not back up my data since I don't have anywhere to back it up to.

dds.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18500
Run by Anthony at 12:21:32 on 2017-09-02
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8076.4889 [GMT -7:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\ASGT.exe
C:\Program Files\ASRock\XFast LAN\spd.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Belkin\F9L1101\V1\wlansrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.exe
C:\Windows\SysWOW64\HsMgr.exe
C:\Windows\system\HsMgr64.exe
C:\Program Files\File Association Helper\FAHWindow.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Belkin\F9L1101\V1\PBN.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\Lucidlogix Technologies\VIRTU MVP\EKAG20NT.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser_crashreporter.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files\AVAST Software\Avast\AvastNM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [ASRockXTU] <no file>
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BELKIN~1.LNK - C:\Program Files (x86)\Belkin\F9L1101\V1\PBN.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{1906FD99-FD17-4D90-AAA2-4856F3F2B2D4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2023922C-EB20-4094-A279-49AE083C27B9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2023922C-EB20-4094-A279-49AE083C27B9}\2656C6B696E6E2362643 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{2023922C-EB20-4094-A279-49AE083C27B9}\351637175716473686024456E6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{2023922C-EB20-4094-A279-49AE083C27B9}\E45445745414250363 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2023922C-EB20-4094-A279-49AE083C27B9}\E45445745414258323D25374 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6A43B67C-5472-4CA4-A288-F21C57389202} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{A1E11ED5-53EE-4955-A895-F886EE11497F} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
AppInit_DLLs= C:\Windows\SysWOW64\appinit_dll.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [VIRTU MVP] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe /hide
x64-Run: [Cmaudio8788] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
x64-Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe Envoke
x64-Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe Envoke
x64-Run: [FAHConsole] C:\Program Files\File Association Helper\FAHConsole.exe
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [ShadowPlay] "C:\Windows\System32\rundll32.exe" C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\0hp6lv80.default\
FF - prefs.js: browser.search.defaulturl - hxxps://search.yahoo.com/yhs/search
FF - prefs.js: browser.search.selectedEngine - Yahoo! (Avast)
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/yhs/search
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AsrRamDisk;AsrRamDisk;C:\Windows\System32\drivers\AsrRamDisk.sys [2014-8-28 34640]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-8-28 647736]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-8-28 28216]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-8-28 16152]
R1 AsrAppCharger;AsrAppCharger;C:\Windows\System32\drivers\AsrAppCharger.sys [2014-8-28 17192]
R1 aswbidsdriver;aswbidsdriver;C:\Windows\System32\drivers\aswbidsdrivera.sys [2017-8-15 320528]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2016-7-11 41832]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-8-30 1016384]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-8-30 590880]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Windows\System32\drivers\mbae64.sys [2017-6-19 77376]
R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2014-8-28 16648]
R2 ASGT;ASGT;C:\Windows\SysWOW64\ASGT.exe [2012-1-17 55296]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-8-30 147784]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-8-30 199312]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-8-31 275208]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-8-28 14904]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-19 634632]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-8-28 129856]
R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-2-9 133632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-8-28 166720]
R2 LGCoreTemp;Logitech CPU Core Tempurature;C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys [2015-6-21 14184]
R2 LogiRegistryService;Logitech Gaming Registry Service;C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [2017-8-18 225400]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-1-15 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-1-15 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-4-22 450168]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-8-28 365344]
R2 WLANBelkinService;Belkin WLAN service;C:\Program Files (x86)\Belkin\F9L1101\V1\wlansrv.exe [2012-10-5 86016]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-8-31 7452288]
R3 cmudaxp;ASUS Xonar DGX Audio Interface;C:\Windows\System32\drivers\cmudaxp.sys [2014-9-13 2727936]
R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2012-2-9 25536]
R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2012-2-9 25536]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2012-2-9 44992]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-8-28 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-8-28 788760]
R3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2017-8-18 36496]
R3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);C:\Windows\System32\drivers\LGJoyXlCore.sys [2017-8-18 67736]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2017-8-18 26008]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-5-11 50208]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2017-7-24 48248]
R3 nvvhci;NVVHCI Enumerator Service;C:\Windows\System32\drivers\nvvhci.sys [2017-4-22 76840]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-8-28 565352]
R3 VirtuWDDM;VirtuWDDM;C:\Windows\System32\drivers\VirtuWDDM.sys [2014-8-28 66336]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\drivers\WPRO_41_2001.sys [2014-8-28 34752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-6-19 4470736]
S3 aswHwid;aswHwid;C:\Windows\System32\drivers\aswHwid.sys [2014-8-30 47016]
S3 BCMH43XX;N+ Wireless USB Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2011-4-19 1254464]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-8-18 1522184]
S3 CM_VENDER_CMD;CM_VENDER_CMD;C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [2014-7-30 17104]
S3 FNETTBOH_305;FNETTBOH_305;C:\Windows\System32\drivers\FNETTBOH_305.SYS [2014-8-29 32320]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-10-11 114688]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-8-28 342528]
S3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-8-12 177376]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2014-7-30 410008]
S3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2014-7-30 102808]
S3 ladfGSS;Logitech USB Surround Filter Driver (LGS);C:\Windows\System32\drivers\ladfGSS.sys [2017-8-18 45192]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2007-5-11 1361952]
S3 LVUVC64;Logitech QuickCam Fusion(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2007-5-11 3612704]
S3 MBAMFarflt;MBAMFarflt;C:\Windows\System32\drivers\farflt.sys [2017-6-19 113592]
S3 MBAMProtection;MBAMProtection;C:\Windows\System32\drivers\mbam.sys [2017-6-19 44960]
S3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2017-6-19 84256]
S3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2014-8-28 32344]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-1-15 495224]
S3 NVFLASH;NVFLASH;C:\Windows\System32\drivers\nvflash.sys [2016-11-3 15648]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-7-24 30328]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-8-30 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-8-30 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
.
=============== File Associations ===============
.
ShellExec: SZBrowser.exe: open="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2017-09-02 19:09:33 -------- d-----w- C:\ProgramData\SWCUTemp
2017-09-02 19:03:15 94656 ----a-w- C:\Windows\System32\WPRO_41_2001woem.tmp
2017-08-24 19:25:59 -------- d-----w- C:\Users\Anthony\AppData\Local\Discord
2017-08-24 19:02:21 -------- d-----w- C:\Program Files\Common Files\Logitech
2017-08-19 03:26:30 -------- d-----w- C:\Users\Anthony\AppData\Local\UnrealEngine
2017-08-19 03:26:30 -------- d-----w- C:\Users\Anthony\AppData\Local\TslGame
2017-08-19 03:25:43 -------- d-----w- C:\Program Files (x86)\Common Files\BattlEye
2017-08-18 09:01:32 67736 ----a-w- C:\Windows\System32\drivers\LGJoyXlCore.sys
2017-08-18 09:01:32 36496 ----a-w- C:\Windows\System32\drivers\LGBusEnum.sys
2017-08-18 09:01:32 26008 ----a-w- C:\Windows\System32\drivers\LGVirHid.sys
2017-08-18 08:41:52 45192 ----a-w- C:\Windows\System32\drivers\ladfGSS.sys
2017-08-18 08:41:52 4379648 ----a-w- C:\Windows\System32\RenderAPO.dll
2017-08-18 08:41:52 2171656 ----a-w- C:\Windows\System32\CaptureAPO.dll
2017-08-15 19:17:31 57736 ----a-w- C:\Windows\System32\drivers\aswbuniva.sys
2017-08-15 19:17:30 343296 ----a-w- C:\Windows\System32\drivers\aswbloga.sys
2017-08-15 19:17:30 198976 ----a-w- C:\Windows\System32\drivers\aswbidsha.sys
2017-08-15 19:17:29 320528 ----a-w- C:\Windows\System32\drivers\aswbidsdrivera.sys
.
==================== Find3M ====================
.
2017-09-02 19:03:43 253856 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2017-09-02 19:03:15 34752 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys
2017-08-31 17:38:54 84416 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2017-08-31 17:38:54 47016 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2017-08-31 17:38:54 361336 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2017-08-31 17:38:54 199312 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2017-08-31 17:38:54 147784 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2017-08-31 17:38:53 110376 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2017-08-31 17:38:31 1016384 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2017-08-31 17:38:30 41832 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2017-08-10 04:19:24 803328 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2017-08-10 04:19:23 144896 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2017-07-27 05:19:39 104624 ----a-w- C:\Windows\System32\drivers\aswHdsKe.sys
2017-07-18 23:24:44 6463608 ----a-w- C:\Windows\System32\nvcpl.dll
2017-07-18 23:24:44 2479040 ----a-w- C:\Windows\System32\nvsvc64.dll
2017-07-18 23:24:42 81856 ----a-w- C:\Windows\System32\nv3dappshextr.dll
2017-07-18 23:24:42 69752 ----a-w- C:\Windows\System32\nvshext.dll
2017-07-18 23:24:42 549312 ----a-w- C:\Windows\System32\nv3dappshext.dll
2017-07-18 23:24:42 392312 ----a-w- C:\Windows\System32\nvmctray.dll
2017-07-18 23:24:42 1762936 ----a-w- C:\Windows\System32\nvsvcr.dll
2017-07-18 22:54:58 1951 ----a-w- C:\Windows\NvContainerRecovery.bat
2017-07-18 22:38:35 135800 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2017-07-14 05:15:21 77376 ----a-w- C:\Windows\System32\drivers\mbae64.sys
2017-07-13 01:37:09 8095171 ----a-w- C:\Windows\System32\nvcoproc.bin
2017-07-04 05:38:20 84256 ----a-w- C:\Windows\System32\drivers\mwac.sys
2017-07-03 19:09:15 113592 ----a-w- C:\Windows\System32\drivers\farflt.sys
2017-07-03 19:09:14 44960 ----a-w- C:\Windows\System32\drivers\mbam.sys
2017-06-21 07:07:20 1903224 ----a-w- C:\Windows\System32\nvspcap64.dll
2017-06-21 07:07:20 1489528 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2017-06-21 07:07:19 1755256 ----a-w- C:\Windows\System32\nvspbridge64.dll
2017-06-21 07:07:19 1317496 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2017-06-21 07:07:19 121464 ----a-w- C:\Windows\System32\NvRtmpStreamer64.dll
2017-06-21 07:07:15 48248 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2017-06-21 07:07:15 179320 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2017-06-21 07:07:15 146552 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2017-06-20 20:58:22 1951 ----a-w- C:\Windows\NvTelemetryContainerRecovery.bat
2017-06-20 01:03:18 188312 ----a-w- C:\Windows\System32\drivers\MBAMChameleon.sys
.
============= FINISH: 12:22:24.94 ===============


I have also attached the attach.txt file. Also, I do not have access to a Windows install disc or boot cd. Another thing I'd like to add is that the Avast SafeZone browser seems to be working just fine for me, that is what I am using right now. I tried to reinstall Firefox, but I still have the same problem when I try to open it.

I greatly appreciate the help you guys are offering, thank you all so much.
Attached Files
File Type: txt attach.txt (14.4 KB, 5 views)
Sasquatch63 is offline  
Sponsored Links
Advertisement
 
Old 09-02-2017, 09:54 PM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

We want all our members to perform the steps outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post/attach the logs in your next reply.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

-----------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan
  • Once the Scan is done, select Clean
  • Once done it will ask to reboot, please allow the reboot.
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • It also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 09-02-2017, 10:11 PM   #3
Registered Member
 
Join Date: Sep 2017
Posts: 14
OS: Windows 7 Pro



Misread your post. Doing the scans now, will update soon.
Sasquatch63 is offline  
Sponsored Links
Advertisement
 
Old 09-02-2017, 10:34 PM   #4
Registered Member
 
Join Date: Sep 2017
Posts: 14
OS: Windows 7 Pro



AdwCleaner:

# AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 03 05:15:08 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Owner\AppData\Local\apn


***** [ Files ] *****

Deleted: C:\END


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C168639F-5810-4EC8-B1E8-0251AA8A771C}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1076 B] - [2017/9/3 5:14:16]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########


FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Anthony (administrator) on ANTHONY-PC (02-09-2017 22:30:18)
Running from C:\Users\Anthony\Desktop
Loaded Profiles: Anthony (Available Profiles: Anthony)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\Belkin\F9L1101\V1\PBN.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Belkin\F9L1101\V1\wlansrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Software Security System) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekag20nt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser_crashreporter.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [VIRTU MVP] => C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe [3006240 2012-03-12] ()
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-08-31] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [THX TruStudio NB Settings] => C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2040620910-4191831847-3032762144-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-2040620910-4191831847-3032762144-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-2040620910-4191831847-3032762144-1000\...\MountPoints2: {533e11af-2ec1-11e4-8cca-806e6f6e6963} - D:\ASRSetup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-08-30] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\appinit_dll.dll => C:\Windows\system32\appinit_dll.dll [172320 2012-03-12] (Lucidlogix Inc.)
AppInit_DLLs-x32: C:\Windows\SysWOW64\appinit_dll.dll => C:\Windows\SysWOW64\appinit_dll.dll [148256 2012-03-12] (Lucidlogix Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Belkin USB Wireless Adaptor Utility.lnk [2014-08-29]
ShortcutTarget: Belkin USB Wireless Adaptor Utility.lnk -> C:\Program Files (x86)\Belkin\F9L1101\V1\PBN.exe ()
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2012-09-07]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1906FD99-FD17-4D90-AAA2-4856F3F2B2D4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2023922C-EB20-4094-A279-49AE083C27B9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6A43B67C-5472-4CA4-A288-F21C57389202}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A1E11ED5-53EE-4955-A895-F886EE11497F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-08-31] (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-08-31] (AVAST Software)
Toolbar: HKU\S-1-5-21-2040620910-4191831847-3032762144-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\0hp6lv80.default [2017-09-01]
FF NewTab: Mozilla\Firefox\Profiles\0hp6lv80.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\0hp6lv80.default -> Yahoo! (Avast)
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\0hp6lv80.default -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\0hp6lv80.default -> hxxps://search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\0hp6lv80.default -> Yahoo! (Avast)
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\0hp6lv80.default -> Yahoo! (Avast)
FF Homepage: Mozilla\Firefox\Profiles\0hp6lv80.default -> hxxps://www.google.com/
FF Keyword.URL: Mozilla\Firefox\Profiles\0hp6lv80.default -> hxxps://search.yahoo.com/yhs/search
FF Extension: (Avast SafePrice) - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\0hp6lv80.default\Extensions\[email protected] [2017-08-24]
FF Extension: (Avast Online Security) - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\0hp6lv80.default\Extensions\[email protected] [2017-08-17]
FF Extension: (WOT) - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\0hp6lv80.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2017-08-16]
FF Extension: (Adblock Plus) - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\0hp6lv80.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-08-16]
FF Extension: (Firefox Screenshots) - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\0hp6lv80.default\features\{4d7d60e0-61b2-4db6-bda6-78ca3fae739a}\[email protected] [2017-08-26]
FF SearchPlugin: C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\0hp6lv80.default\searchplugins\yahoo-avast.xml [2016-11-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-18] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-08-31] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-08-31] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-08-18] ()
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WLANBelkinService; C:\Program Files (x86)\Belkin\F9L1101\V1\wlansrv.exe [86016 2012-10-05] () [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-08-31] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-08-31] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-08-31] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-08-31] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-08-31] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-08-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-08-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-08-31] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-08-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-08-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-08-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-08-31] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-08-31] (AVAST Software)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2727936 2011-12-19] (C-Media Inc)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-07-13] ()
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-08-29] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-08-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [45192 2017-08-18] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc.)
S3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [113592 2017-07-03] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [44960 2017-07-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [253856 2017-09-02] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-07-03] (Malwarebytes)
S3 NPF; C:\Windows\System32\drivers\NPF.sys [40464 2007-11-07] (CACE Technologies)
S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15648 2013-04-19] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-03-31] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2017-09-02] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-02 22:30 - 2017-09-02 22:30 - 000020441 _____ C:\Users\Anthony\Desktop\FRST.txt
2017-09-02 22:27 - 2017-09-02 22:27 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-09-02 22:16 - 2017-09-02 22:16 - 000094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2017-09-02 22:14 - 2017-09-02 22:14 - 000001076 _____ C:\Users\Anthony\Desktop\AdwCleaner[S0].txt
2017-09-02 22:13 - 2017-09-02 22:30 - 000000000 ____D C:\FRST
2017-09-02 22:10 - 2017-09-02 22:10 - 002395648 _____ (Farbar) C:\Users\Anthony\Desktop\FRST64.exe
2017-09-02 22:09 - 2017-09-02 22:15 - 000000000 ____D C:\AdwCleaner
2017-09-02 22:08 - 2017-09-02 22:08 - 008182736 _____ (Malwarebytes) C:\Users\Anthony\Desktop\AdwCleaner.exe
2017-09-02 12:22 - 2017-09-02 12:29 - 000023037 _____ C:\Users\Anthony\Desktop\dds.txt
2017-09-02 12:22 - 2017-09-02 12:29 - 000014698 _____ C:\Users\Anthony\Desktop\attach.txt
2017-09-02 12:21 - 2017-09-02 12:21 - 000688992 ____R (Swearware) C:\Users\Anthony\Desktop\dds.scr
2017-09-02 12:10 - 2017-09-02 12:10 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-09-02 12:10 - 2017-09-02 12:10 - 000000924 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-09-02 12:10 - 2017-09-02 12:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-02 12:10 - 2017-09-02 12:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-02 12:08 - 2017-09-02 12:08 - 000245720 _____ (Mozilla) C:\Users\Anthony\Downloads\Firefox Installer.exe
2017-09-01 12:03 - 2017-09-01 12:03 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-09-01 12:03 - 2017-09-01 12:03 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2017-09-01 11:38 - 2017-09-01 11:38 - 000002974 _____ C:\Windows\System32\Tasks\{A5E12B50-B027-4EE4-BABA-C4BDDF669D2A}
2017-09-01 11:38 - 2017-09-01 11:38 - 000002974 _____ C:\Windows\System32\Tasks\{77844FA2-0B2A-4185-84CD-D9D9B81C563C}
2017-08-31 10:39 - 2017-08-31 10:38 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-08-24 12:26 - 2017-08-24 12:26 - 000002176 _____ C:\Users\Anthony\Desktop\Discord.lnk
2017-08-24 12:26 - 2017-08-24 12:26 - 000000000 ____D C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-08-24 12:25 - 2017-09-01 23:46 - 000000000 ____D C:\Users\Anthony\AppData\Local\Discord
2017-08-24 12:25 - 2017-08-24 12:25 - 054332920 _____ (Discord Inc.) C:\Users\Anthony\Downloads\DiscordSetup.exe
2017-08-24 12:02 - 2017-08-24 12:02 - 000000000 ____D C:\Program Files\Common Files\Logitech
2017-08-24 12:01 - 2017-08-24 12:01 - 004657696 _____ C:\Users\Anthony\Downloads\G430Update.exe
2017-08-24 12:00 - 2017-08-24 12:00 - 120742160 _____ (Logitech Inc.) C:\Users\Anthony\Downloads\LGS_8.96.81_x64_Logitech.exe
2017-08-18 20:26 - 2017-08-18 20:26 - 000000000 ____D C:\Users\Anthony\AppData\Local\UnrealEngine
2017-08-18 20:26 - 2017-08-18 20:26 - 000000000 ____D C:\Users\Anthony\AppData\Local\TslGame
2017-08-18 20:07 - 2017-08-18 20:07 - 000000222 _____ C:\Users\Anthony\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2017-08-18 02:01 - 2017-08-18 02:01 - 000067736 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGJoyXlCore.sys
2017-08-18 02:01 - 2017-08-18 02:01 - 000036496 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGBusEnum.sys
2017-08-18 02:01 - 2017-08-18 02:01 - 000026008 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGVirHid.sys
2017-08-18 01:41 - 2017-08-18 01:41 - 004379648 _____ (Logitech Inc.) C:\Windows\system32\RenderAPO.dll
2017-08-18 01:41 - 2017-08-18 01:41 - 002171656 _____ (Logitech Inc.) C:\Windows\system32\CaptureAPO.dll
2017-08-18 01:41 - 2017-08-18 01:41 - 000045192 _____ (Logitech Inc.) C:\Windows\system32\Drivers\ladfGSS.sys
2017-08-16 12:44 - 2017-09-01 14:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-15 12:17 - 2017-08-31 10:39 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-08-15 12:17 - 2017-08-31 10:38 - 000343296 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-08-15 12:17 - 2017-08-31 10:38 - 000320528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-08-15 12:17 - 2017-08-31 10:38 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-08-15 12:17 - 2017-08-31 10:38 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-02 22:27 - 2014-11-07 23:23 - 000000000 ____D C:\Users\Anthony\AppData\Local\CrashDumps
2017-09-02 22:27 - 2009-07-13 21:45 - 000021792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-02 22:27 - 2009-07-13 21:45 - 000021792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-02 22:20 - 2017-01-15 23:16 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-02 22:18 - 2017-06-19 18:03 - 000253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-02 22:16 - 2014-08-28 23:23 - 000034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2017-09-02 22:16 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-02 22:12 - 2015-09-03 23:37 - 000000000 ____D C:\Users\Anthony\AppData\Local\Warframe
2017-09-02 19:04 - 2014-08-30 00:49 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-01 23:48 - 2014-08-28 08:05 - 000000000 ____D C:\Users\Anthony
2017-09-01 23:46 - 2015-11-03 18:58 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2017-09-01 23:46 - 2014-08-28 23:36 - 000000000 ____D C:\Users\Anthony\Lucidlogix
2017-09-01 23:46 - 2014-08-28 23:14 - 000000000 ____D C:\ProgramData\Intel
2017-09-01 23:46 - 2009-07-14 00:45 - 000000000 ___RD C:\Users\Public\Recorded TV
2017-09-01 23:46 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\registration
2017-09-01 23:46 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2017-09-01 23:46 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\AppCompat
2017-09-01 17:37 - 2014-08-30 00:35 - 000001417 _____ C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-09-01 12:03 - 2014-11-11 19:26 - 000000000 ____D C:\Users\Anthony\AppData\Local\Adobe
2017-09-01 12:03 - 2014-08-28 23:26 - 000000000 ____D C:\Users\Anthony\AppData\Roaming\Adobe
2017-09-01 12:03 - 2014-08-28 23:26 - 000000000 ____D C:\ProgramData\Adobe
2017-09-01 12:03 - 2014-08-28 23:26 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-09-01 11:39 - 2014-08-28 08:54 - 000000000 ____D C:\Users\Anthony\AppData\Local\ElevatedDiagnostics
2017-09-01 11:24 - 2016-07-12 13:28 - 000003896 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468355305
2017-09-01 11:23 - 2015-12-03 09:29 - 000000000 ____D C:\Program Files\Common Files\AV
2017-08-31 18:00 - 2016-06-15 23:40 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-31 10:38 - 2016-07-11 12:13 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-08-31 10:38 - 2014-08-30 00:40 - 001016384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-08-31 10:38 - 2014-08-30 00:40 - 000590880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-08-31 10:38 - 2014-08-30 00:40 - 000361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-08-31 10:38 - 2014-08-30 00:40 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-08-31 10:38 - 2014-08-30 00:40 - 000147784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-08-31 10:38 - 2014-08-30 00:40 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-08-31 10:38 - 2014-08-30 00:40 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-08-31 10:38 - 2014-08-30 00:40 - 000047016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-08-24 12:26 - 2017-03-13 16:29 - 000000000 ____D C:\Users\Anthony\AppData\Roaming\discord
2017-08-24 12:26 - 2017-03-13 16:29 - 000000000 ____D C:\Users\Anthony\AppData\Local\SquirrelTemp
2017-08-24 12:06 - 2015-11-03 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-08-22 23:09 - 2016-11-18 01:19 - 000000000 ____D C:\Users\Anthony\AppData\LocalLow\Mozilla
2017-08-18 20:27 - 2014-08-29 01:12 - 000000000 ____D C:\Users\Anthony\AppData\Local\NVIDIA Corporation
2017-08-18 20:25 - 2015-11-03 18:57 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-17 00:46 - 2014-08-30 00:37 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-15 16:29 - 2017-01-25 01:29 - 000000000 ____D C:\temp
2017-08-15 16:21 - 2009-07-13 22:32 - 000000000 ____D C:\Program Files\Windows Sidebar
2017-08-15 12:17 - 2014-08-30 00:40 - 000146696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.150282467147207
2017-08-15 12:16 - 2014-08-30 00:40 - 000146664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.150282466217303
2017-08-15 12:15 - 2014-08-30 00:40 - 001015848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.150282467147207
2017-08-09 21:39 - 2016-06-15 23:40 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-09 21:19 - 2014-12-16 16:03 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-08-09 21:19 - 2014-08-29 04:07 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-08-09 21:19 - 2014-08-29 04:07 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-09 21:19 - 2014-08-29 04:07 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-09 21:19 - 2014-08-29 04:07 - 000000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories =======

2015-11-15 19:38 - 2016-09-24 15:29 - 000000117 _____ () C:\Users\Anthony\AppData\Roaming\D2Info0
2015-11-15 19:38 - 2016-09-24 15:37 - 000000008 _____ () C:\Users\Anthony\AppData\Roaming\DofusAppId0_1
2015-11-16 19:24 - 2016-09-18 16:59 - 000000008 _____ () C:\Users\Anthony\AppData\Roaming\DofusAppId0_2
2015-11-22 16:21 - 2016-09-11 19:58 - 000000008 _____ () C:\Users\Anthony\AppData\Roaming\DofusAppId0_3
2015-11-22 16:47 - 2016-09-11 17:20 - 000000008 _____ () C:\Users\Anthony\AppData\Roaming\DofusAppId0_4
2015-11-22 17:24 - 2016-09-12 18:44 - 000000008 _____ () C:\Users\Anthony\AppData\Roaming\DofusAppId0_5
2015-11-23 18:20 - 2016-09-09 14:22 - 000000008 _____ () C:\Users\Anthony\AppData\Roaming\DofusAppId0_6
2015-11-23 23:57 - 2016-09-09 14:22 - 000000008 _____ () C:\Users\Anthony\AppData\Roaming\DofusAppId0_7
2015-11-26 13:27 - 2016-09-09 14:22 - 000000008 _____ () C:\Users\Anthony\AppData\Roaming\DofusAppId0_8
2015-12-05 21:15 - 2016-09-09 17:53 - 000000008 _____ () C:\Users\Anthony\AppData\Roaming\DofusAppId0_9
2015-01-01 20:59 - 2015-01-02 01:59 - 000000062 _____ () C:\Users\Anthony\AppData\Roaming\WB.CFG
2014-08-28 23:25 - 2014-08-28 23:25 - 000000003 _____ () C:\Users\Anthony\AppData\Local\user_data.ini
2014-08-30 02:31 - 2014-08-30 02:31 - 000000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
2014-08-29 04:06 - 2014-08-29 04:06 - 019182768 _____ (Adobe Systems Incorporated) C:\Users\Anthony\AppData\Local\Temp\fp_pl_pfs_installer.exe
2009-08-26 18:52 - 2009-08-26 18:52 - 000086016 _____ () C:\Users\Anthony\AppData\Local\Temp\install.dll
2002-04-13 17:59 - 2002-04-13 17:59 - 000007584 _____ () C:\Users\Anthony\AppData\Local\Temp\KILLW16.EXE
2013-09-12 01:17 - 2017-03-31 18:36 - 000754168 _____ (NVIDIA Corporation) C:\Users\Anthony\AppData\Local\Temp\nvSCPAPI.dll
2013-09-12 01:17 - 2013-09-12 01:17 - 001343840 _____ (NVIDIA Corporation) C:\Users\Anthony\AppData\Local\Temp\nvSCPAPI64.dll
2015-06-21 13:47 - 2017-03-31 18:36 - 000369208 _____ (NVIDIA Corporation) C:\Users\Anthony\AppData\Local\Temp\nvStInst.exe
2017-01-15 23:18 - 2016-12-11 19:37 - 001135552 _____ (NVIDIA Corporation) C:\Users\Anthony\AppData\Local\Temp\NvTelemetry.dll
2017-01-15 23:18 - 2017-01-05 18:10 - 000255032 _____ (NVIDIA Corporation) C:\Users\Anthony\AppData\Local\Temp\NvTelemetryAPI32.dll
2017-01-15 23:18 - 2017-01-05 18:10 - 000335928 _____ (NVIDIA Corporation) C:\Users\Anthony\AppData\Local\Temp\NvTelemetryAPI64.dll
2012-11-12 21:55 - 2012-11-12 21:55 - 028710616 _____ (Belkin ) C:\Users\Anthony\AppData\Local\Temp\setup.exe
2014-08-28 23:29 - 2014-08-28 23:29 - 002048000 _____ (Symantec Corporation) C:\Users\Anthony\AppData\Local\Temp\SymSilent.exe
2017-03-05 20:29 - 2017-03-05 20:29 - 000073728 _____ () C:\Users\Anthony\AppData\Local\Temp\umr_2t1r.dll
2015-02-23 17:43 - 2015-02-23 17:03 - 000455600 _____ (Macrovision Corporation) C:\Users\Anthony\AppData\Local\Temp\_is142D.exe
2015-01-01 19:48 - 2015-06-01 22:58 - 000666112 _____ () C:\Users\Anthony\AppData\Local\Temp\__pythonRunner.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-24 22:00

==================== End of FRST.txt ============================


Thank you for your help.
Attached Files
File Type: txt Addition.txt (40.0 KB, 4 views)
Sasquatch63 is offline  
Old 09-03-2017, 01:18 PM   #5
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello Sasquatch63. You're very welcome.

Unfortunately, I see no signs of malware or other causes of your browser problems.

As I am only trained in malware removal, I suggest you seek expert advice in our Internet Browsers and Email forum.

Let them know you were here first and were cleared of malware.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 09-03-2017, 01:23 PM   #6
Registered Member
 
Join Date: Sep 2017
Posts: 14
OS: Windows 7 Pro



Quote:
Originally Posted by chemist View Post
Hello Sasquatch63. You're very welcome.

Unfortunately, I see no signs of malware or other causes of your browser problems.

As I am only trained in malware removal, I suggest you seek expert advice in our Internet Browsers and Email forum.

Let them know you were here first and were cleared of malware.

------------------------------------------------------
That's where I went first and they sent me here lol. Thank you so much for taking the time to help me though, I really do appreciate it. Have a great day.
Sasquatch63 is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Diagnostics policy service won't start
I can access wifi with all devices except my laptop. Problem started first thing this morning. I have run virus scans, reboot router and computer, also tried instructions that were given in another post on this site a to no avail. When I click start the service it says error 5 access denied. This...
kmarion Windows 7 , Windows Vista Support 48 02-16-2014 04:27 PM
Internet stuck on identifying
Hi, I've been having this problem with my acer aspire 5750g laptop AFTER I accidentally use Microsoft's Malicious Software Removal Tool for the system clean up. The system is Windows 7 32-bit Here are some information I've gathered through days of research - My laptop is the only one...
MarcusZ Windows 7 , Windows Vista Support 33 08-01-2012 09:37 PM
Windows XP PC unable to access internet or copy files
Hi - I have a Dell slimline PC running Windows XP that is slowly losing all functionality. I cannot load IE, Chrome has a message ERR 138 (Access Denied). I am unable to copy files from a USB stick and cannot remove certain programs (er McAfee) using the Add / Remove program utility. :facepalm: ...
NDWales Virus/Trojan/Spyware Help 54 07-15-2012 03:19 PM
Side-By-Side Configuration Not working tried everything.
Ok so here's the case whenever i start up games like skyrim i get a message that says "Error: The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log for more detail." and when i'm installing photoshop it's something wrong with...
NocTos Windows 7 , Windows Vista Support 13 04-28-2012 07:26 AM
Am I now clean ? Malware.trace removed
I regularly scan with Malwarebyes and less often with SuperAntiSpyware , Spybot, and Avast AV. A scan with MB detected nothing. However, a scan with SAS found Malware.trace and quarantined it. The only listed problem was one registery entry...
Totten Resolved HJT Threads 80 01-08-2011 02:38 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 01:44 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts