1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Start menu items vanish and programs wont open

Discussion in 'Malware and Virus Removal Archive' started by XiggyCheshire, 2015/02/13.

Thread Status:
Not open for further replies.
  1. 2015/02/13
    XiggyCheshire

    XiggyCheshire Inactive Thread Starter

    Joined:
    2015/02/13
    Messages:
    2
    Likes Received:
    0
    [Inactive] Start menu items vanish and programs wont open

    Hello, I have a Dell xps M1710 laptop. Its a tad old, but it has windows 7 ultimate.

    Recently when I started my laptop it was running fine then after about 10 to 20 minutes all the items in my start menu vanished and when I tried to open up anything (control panel, pictures, ect.) It said files dont exist or it wont even show an error. They just wont open. I keep having to restart my computer to simply use it. How do I fix this? Is it a virus? Am I missing a program or something? Please help me. Thank you.

    P.S.
    I haven't installed or uninstalled anything before this happened. It was random.

    Attached Goes with DDS
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 5/3/2014 11:28:46 AM
    System Uptime: 2/13/2015 2:10:57 AM (0 hours ago)
    .
    Motherboard: Dell Inc. | |
    Processor: Intel(R) Core(TM) Duo CPU T2700 @ 2.33GHz | Microprocessor | 2333/166mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 223 GiB total, 109.915 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: VBoxAsw Support Driver
    Device ID: ROOT\LEGACY_VBOXASWDRV\0000
    Manufacturer:
    Name: VBoxAsw Support Driver
    PNP Device ID: ROOT\LEGACY_VBOXASWDRV\0000
    Service: VBoxAswDrv
    .
    ==== System Restore Points ===================
    .
    RP58: 10/8/2014 11:49:54 PM - Installed DirectX
    RP59: 10/16/2014 9:43:22 PM - Scheduled Checkpoint
    RP60: 10/19/2014 5:48:38 PM - Windows Update
    RP61: 10/27/2014 5:34:35 PM - Scheduled Checkpoint
    RP62: 11/4/2014 4:31:04 PM - Windows Update
    RP63: 11/26/2014 2:40:57 AM - Scheduled Checkpoint
    RP65: 12/3/2014 12:27:54 PM - avast! antivirus system restore point
    RP66: 12/8/2014 2:28:50 AM - Windows Update
    RP67: 12/12/2014 8:18:08 PM - Windows Update
    RP68: 1/4/2015 12:54:49 AM - Scheduled Checkpoint
    RP69: 1/13/2015 5:27:32 PM - Windows Update
    RP70: 1/24/2015 1:15:26 AM - Scheduled Checkpoint
    RP71: 2/12/2015 12:17:28 AM - Windows Update
    RP72: 2/12/2015 12:32:25 AM - Restore Operation
    RP74: 2/12/2015 12:34:53 AM - avast! antivirus system restore point
    RP75: 2/12/2015 1:11:18 AM - Restore Operation
    RP77: 2/12/2015 1:14:42 AM - avast! antivirus system restore point
    RP78: 2/12/2015 1:16:12 AM - Restore Operation
    RP80: 2/12/2015 1:19:38 AM - avast! antivirus system restore point
    RP81: 2/12/2015 2:12:55 AM - Restore Operation
    RP83: 2/12/2015 2:15:48 AM - avast! antivirus system restore point
    RP84: 2/12/2015 5:09:06 AM - Windows Update
    RP85: 2/13/2015 12:47:01 AM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Adobe AIR
    Adobe Flash Player 16 ActiveX
    Adobe Flash Player 17 NPAPI
    Adobe Reader XI (11.0.10)
    Adobe Refresh Manager
    Adobe Shockwave Player 12.1
    Apple Application Support
    Apple Software Update
    Avast Free Antivirus
    Bandisoft MPEG-1 Decoder
    Conexant HDA D110 MDC V.92 Modem
    Dell SupportAssist
    Dell System Detect
    Firestorm-Release (remove only)
    Google Chrome
    Google Update Helper
    Java 7 Update 67
    Java 8 Update 25
    Java 8 Update 31
    Java Auto Updater
    Malwarebytes Anti-Malware version 2.0.4.1028
    Microsoft .NET Framework 4.5.2
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Mozilla Firefox 35.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Nero 7 Premium
    neroxml
    Nexon Game Manager
    Nexon Launcher
    NVIDIA Drivers
    NVIDIA nView Desktop Manager
    OZ776 SCR Driver V1.1.3.9
    QuickTime 7
    RaidCall
    Rappelz_US
    RICOH Media Driver ver.2.07.01.04
    RICOH R5U8xx Media Driver ver.3.62.02
    RollerCoaster Tycoon: Deluxe
    Skype™ 7.0
    Steam
    swMSM
    Vindictus
    VLC media player
    WinRAR archiver
    Yahoo! Messenger
    Yahoo! Software Update
    .
    ==== Event Viewer Messages From Past Week ========
    .
    2/9/2015 1:27:24 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 0.0.0.0 with the system having network hardware address 00-00-00-00-00-00. Network operations on this system may be disrupted as a result.
    2/13/2015 2:11:25 AM, Error: Service Control Manager [7000] - The VBoxAsw Support Driver service failed to start due to the following error: The system cannot find the file specified.
    2/13/2015 2:11:23 AM, Error: Service Control Manager [7001] - The Search Protect Service service depends on the Remote Desktop Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    2/12/2015 4:12:46 AM, Error: Microsoft-Windows-GroupPolicy [1125] - The processing of Group Policy failed because of an internal system error. Please see the Group Policy operational log for the specific error message. An attempt will be made to process Group Policy again at the next refresh cycle.
    2/12/2015 1:09:08 AM, Error: Service Control Manager [7000] - The VBoxAsw Support Driver service failed to start due to the following error: The system cannot find the path specified.
    .
    ==== End Of File ===========================
     
    Last edited: 2015/02/13
    XiggyCheshire,
    #1
  2. 2015/02/13
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,919
    Likes Received:
    511
    Hi XiggyChesire, Welcome to Windowsbbs! :)

    Lets make sure you don't have any malware infections that could be interfering with your system.

    Please read this and post the requested logs in your next reply.

    Also please enter your System Details. It helps us in answering your questions.

    Note: A common error is to forget to show your System Details in your profile:

    Make sure to do the above when entering your System Details, thanks.
     
    Evan Omo,
    #2


  3. to hide this advert.

  4. 2015/02/13
    XiggyCheshire

    XiggyCheshire Inactive Thread Starter

    Joined:
    2015/02/13
    Messages:
    2
    Likes Received:
    0
    Ok, So I ran the malware scan and then the DDS one and I'm not really sure what to do next. I've run a few virus programs and Its not showing me any virus's or anything is a threat. I updated my system details. What I knew at least. The laptop was a gift from someone else about a year ago. So I dont know much about it. I normally can fix issues but this one is stumping me really badly. I hope I'm doing this right. I've never had to do this before.

    Here's the DDS Log

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 10.0.9200.17229 BrowserJavaVersion: 11.31.2
    Run by Dell at 2:29:37 on 2015-02-13
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.824 [GMT -6:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
    C:\Windows\system32\STacSV.exe
    C:\Program Files\ConstaSurf\updateConstaSurf.exe
    C:\Program Files\ConstaSurf\bin\utilConstaSurf.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\002\yewimmxqbs32.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    C:\Windows\System32\StikyNot.exe
    C:\Users\Dell\AppData\Local\Apps\2.0\2581J152.CJW\Q67ON9AD.CQ8\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\System32\svchost.exe -k swprv
    .
    ============== Pseudo HJT Report ===============
    .
    uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_31\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_31\bin\jp2ssv.dll
    uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe "
    uRun: [OutfoxTV] c:\program files\outfoxtv\outfoxtv\DesktopContainer.exe
    uRun: [GoogleChromeAutoLaunch_D622EF8A2681BC7366969A9522AD93CD] "c:\program files\google\chrome\application\chrome.exe" --no-startup-window
    uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
    uRun: [DellSystemDetect] c:\users\dell\appdata\local\apps\2.0\2581j152.cjw\q67on9ad.cq8\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe "
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
    mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
    mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
    mRun: [nwiz] nwiz.exe /install
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe "
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
    mRunOnce: [Malwarebytes Anti-Malware (cleanup)] "c:\programdata\malwarebytes\malwarebytes anti-malware\mbamdor.exe" "c:\programdata\malwarebytes\Malwarebytes Anti-Malware "
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    mPolicies-System: SoftwareSASGeneration = dword:1
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    Trusted Zone: dell.com
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{EE85AFB0-CE11-483F-BCCC-FF69099A18A4} : DHCPNameServer = 192.168.1.1
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\40.0.2214.111\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\dell\appdata\roaming\mozilla\firefox\profiles\w5wgosoh.default\
    FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\update\1.3.26.9\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre1.8.0_31\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
    FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
    FF - plugin: c:\users\dell\appdata\roaming\raidcall\plugins\nprcplugin.dll
    FF - plugin: c:\windows\system32\adobe\director\np32dsw_1210150.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_17_0_0_99.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-5-3 49944]
    R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-5-3 206248]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2014-5-3 787800]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-5-3 423784]
    R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-5-3 24184]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-5-3 70384]
    R2 aswStm;aswStm;c:\windows\system32\drivers\aswstm.sys [2014-5-3 91496]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-12-3 50344]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
    R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2013-3-14 375336]
    R3 NETwLv32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwLv32.sys [2013-3-14 6639616]
    RUnknown Update ConstaSurf;Update ConstaSurf; [x]
    RUnknown Util ConstaSurf;Util ConstaSurf; [x]
    RUnknown yewimmxqbs32;yewimmxqbs32; [x]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2014-12-11 315496]
    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2013-4-12 110920]
    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2013-4-12 333128]
    S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\avast software\avast\ng\vbox\avastvboxsvc.exe --> c:\program files\avast software\avast\ng\vbox\AvastVBoxSVC.exe [?]
    S3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiagx.sys [2013-3-14 75816]
    S3 BFN7x86;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x86.sys [2013-3-14 130152]
    S3 bxfcoe;bxfcoe;c:\windows\system32\drivers\bxfcoe.sys [2013-3-14 150568]
    S3 bxois;bxois;c:\windows\system32\drivers\bxois.sys [2013-3-14 435240]
    S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-11 62464]
    S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\drivers\EtronHub3.sys [2013-2-27 65152]
    S3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\system32\drivers\EtronSTOR.sys [2013-2-27 32512]
    S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\drivers\EtronXHCI.sys [2013-2-27 88832]
    S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys [2013-4-12 359560]
    S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2013-4-12 792712]
    S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2013-2-27 73984]
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2013-2-27 165120]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-5-20 14848]
    S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
    S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
    S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
    S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2011-4-11 77184]
    S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2013-5-20 24064]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-5-20 49664]
    S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-5-20 27136]
    S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2011-4-11 112640]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2013-5-20 1343400]
    SUnknown CltMngSvc;CltMngSvc; [x]
    .
    =============== Created Last 30 ================
    .
    2015-02-13 08:26:12 52440 ----a-w- c:\windows\system32\drivers\nnorxx.sys
    2015-02-13 07:12:26 -------- d-----w- c:\users\dell\appdata\roaming\Dell
    2015-02-13 07:12:18 -------- d-----w- c:\programdata\PC-Doctor for Windows
    2015-02-13 07:12:17 -------- d-----w- c:\programdata\PCDr
    2015-02-13 07:12:16 -------- d-----w- c:\program files\Dell Support Center
    2015-02-13 07:11:42 -------- d-----w- c:\program files\Dell
    2015-02-13 07:10:34 -------- d-----w- c:\users\dell\appdata\roaming\PCDr
    2015-02-13 07:09:33 -------- d-----w- c:\users\dell\appdata\local\Deployment
    2015-02-13 07:09:33 -------- d-----w- c:\users\dell\appdata\local\Apps
    2015-02-13 06:53:36 23040 ----a-w- c:\windows\system32\mfpmp.exe
    2015-02-13 06:53:36 2048 ----a-w- c:\windows\system32\mferror.dll
    2015-02-13 06:53:36 103424 ----a-w- c:\windows\system32\mfps.dll
    2015-02-13 06:53:35 50176 ----a-w- c:\windows\system32\rrinstaller.exe
    2015-02-13 06:53:35 3209728 ----a-w- c:\windows\system32\mf.dll
    2015-02-12 11:08:53 2380288 ----a-w- c:\windows\system32\win32k.sys
    2015-02-12 11:08:51 686080 ----a-w- c:\windows\system32\adtschema.dll
    2015-02-12 11:08:51 369968 ----a-w- c:\windows\system32\drivers\cng.sys
    2015-02-12 11:08:51 1061376 ----a-w- c:\windows\system32\lsasrv.dll
    2015-02-12 11:08:50 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2015-02-12 11:08:50 60416 ----a-w- c:\windows\system32\msobjs.dll
    2015-02-12 11:08:50 50176 ----a-w- c:\windows\system32\auditpol.exe
    2015-02-12 11:08:50 22528 ----a-w- c:\windows\system32\lsass.exe
    2015-02-12 11:08:50 22016 ----a-w- c:\windows\system32\secur32.dll
    2015-02-12 11:08:50 15872 ----a-w- c:\windows\system32\sspisrv.dll
    2015-02-12 11:08:50 146432 ----a-w- c:\windows\system32\msaudite.dll
    2015-02-12 11:08:50 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
    2015-02-12 11:08:50 100352 ----a-w- c:\windows\system32\sspicli.dll
    2015-02-12 11:07:29 3972544 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2015-02-12 11:07:29 3917760 ----a-w- c:\windows\system32\ntoskrnl.exe
    2015-02-12 11:05:57 308224 ----a-w- c:\windows\system32\scesrv.dll
    2015-02-12 11:05:29 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2015-02-12 09:12:01 74864 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
    2015-02-12 09:12:01 49776 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll
    2015-02-12 09:12:01 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
    2015-02-12 09:12:01 20080 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
    2015-02-12 08:27:36 -------- d-----w- c:\users\dell\appdata\roaming\raidcall
    2015-02-12 02:45:26 -------- d-----w- c:\users\dell\appdata\local\ElevatedDiagnostics
    2015-02-03 07:38:46 -------- d-----w- c:\program files\RaidCall
    .
    ==================== Find3M ====================
    .
    2015-02-13 08:27:50 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2015-02-12 08:50:14 767152 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2015-02-12 08:50:14 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2015-02-12 08:21:40 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2015-01-23 04:27:48 2864640 ----a-w- c:\windows\system32\jscript9.dll
    2015-01-13 05:01:46 1762816 ----a-w- c:\windows\system32\wininet.dll
    2015-01-13 05:01:39 523264 ----a-w- c:\windows\system32\vbscript.dll
    2015-01-13 05:00:32 61440 ----a-w- c:\windows\system32\iesetup.dll
    2015-01-13 05:00:32 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2015-01-13 05:00:00 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
    2015-01-13 04:10:25 2706432 ----a-w- c:\windows\system32\mshtml.tlb
    2015-01-13 03:43:05 361984 ----a-w- c:\windows\system32\html.iec
    2015-01-13 03:19:43 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2015-01-09 02:48:18 76800 ----a-w- c:\windows\system32\wdi.dll
    2015-01-09 02:48:07 635904 ----a-w- c:\windows\system32\perftrack.dll
    2015-01-09 02:48:07 27136 ----a-w- c:\windows\system32\powertracker.dll
    2014-12-19 02:43:00 164864 ----a-w- c:\windows\system32\profsvc.dll
    2014-12-19 01:34:44 116224 ----a-w- c:\windows\system32\drivers\mrxdav.sys
    2014-12-12 05:07:26 1174528 ----a-w- c:\windows\system32\crypt32.dll
    2014-12-11 17:47:27 56320 ----a-w- c:\windows\system32\TSWbPrxy.exe
    2014-12-06 03:50:19 242688 ----a-w- c:\windows\system32\nlasvc(105).dll
    2014-12-06 03:50:19 242688 ------w- c:\windows\system32\nlasvc.dll
    2014-12-03 18:29:16 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
    2014-12-03 18:28:59 91496 ----a-w- c:\windows\system32\drivers\aswstm.sys
    2014-12-03 18:28:59 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
    2014-12-03 18:28:59 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2014-12-03 18:28:59 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
    2014-12-03 18:28:59 43152 ----a-w- c:\windows\avastSS.scr
    2014-12-03 18:28:59 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
    2014-12-03 18:28:59 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
    2014-11-26 03:32:05 571904 ----a-w- c:\windows\system32\oleaut32.dll
    2014-11-21 12:14:20 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
    2014-11-21 12:14:10 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-11-21 12:14:06 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
    2014-11-21 07:17:51 1762816 ----a-w- c:\windows\system32\wininet(116).dll
    2014-11-21 07:17:43 1181696 ----a-w- c:\windows\system32\urlmon(110).dll
    2014-11-21 07:16:42 2054656 ----a-w- c:\windows\system32\iertutil(100).dll
    .
    ============= FINISH: 2:30:02.79 ===============
     
    XiggyCheshire,
    #3
  5. 2015/02/13
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    You must also post the attach log (attach.txt) as indicated in Step 3 of the instructions at the head of the forum.

    Then wait for our Malware Analyst, Broni to respond - he is based in California with 8hr time difference from UK.
     
    PeteC,
    #4
  6. 2015/02/13
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =============================

    I still need MBAM log.
     
    broni,
    #5
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...