Inactive Unsure if its a virus - dll/win32/Microsoft problems

Only Contributing Members can post attachments

 

If you need to provide a screenshot...

With the window open that you want to take the Screenshot of, press the Print Screen/SysRq Key (next to F12 on the keyboard).
If you only want a screenshot of an active window within the main window press ALT+Print Screen/SysRq.

Now open Microsoft Paint by pressing Start > All Programs > Accessories > Paint.

This will open the Paint window.
On the menu bar at the top left, click on Edit and select Paste. This will put your screenshot in the Paint window.

Next, click File on the menu bar and click Save As.

In the drop-down box that appears, where it shows File name replace the highlighted Untitled with a suitable name.
In the Save as type box press the down arrow and select JPEG from the list of options.
In the Save in box at the top press the down arrow and navigate to Desktop and select it then press Save at the bottom.

Upload the file(s) here: http://www.sendspace.com/
Click on Browse button and navigate to the file you want to upload.
Click on Upload button.
Click on FIRST Copy Link button and paste the link in your next reply.

===========================================

Run OTL

• Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following

Code:

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe -- (vToolbarUpdater17.2.0)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\zwciwaol.sys -- (zwciwaol)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\hewfhhna.sys -- (hewfhhna)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\paultess\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/05/23 07:39:13 | 000,043,368 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\gfiark.sys -- (gfiark)
DRV - [2013/11/10 10:26:03 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtpx86.sys -- (avgtp)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-2410994966-3734587764-1746882321-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
[2013/12/08 17:25:38 | 000,269,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/12/08 17:25:04 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/12/08 17:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/12/08 17:22:53 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/12/09 06:50:47 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2013/12/08 17:27:33 | 000,000,000 | ---D | M] -- C:\Users\paultess\AppData\Roaming\AVAST Software
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:98181191
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:373E1720

:Services

:Reg

:Files
C:\FRST

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]

• Then click the [color= "#FF0000"]Run Fix[/color] button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.

Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan ".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click on List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

 

Delete your SecurityCheck file, disable AV program for the moment, download fresh file and try again.

 

Go ahead with other steps.

 

Same to you

I need to see all logs.

1. Replace not working shortcuts with new ones.
2. Do you problem with ANY link in your email program?

 

Post #20?
That's OTL which is just a scanner. It doesn't make any changes.

 

I don't see anything in OTL fix which could cause this kind of problems.

Give me more details as to what exactly is not working and what is the exact error message.
Please be specific.

 

What email program do you use?

 

I'm not familiar with Torch at all.
Did you try to reinstall it?
How do you know links in your email program don't work since you just said the program is gone?