1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Possible virus interfering with internet connection

Discussion in 'Virus & Other Malware Removal' started by picas723, Jul 3, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. picas723

    picas723 Thread Starter

    Joined:
    Jun 30, 2012
    Messages:
    12
    First of all, I apologize if this is out of place but a few friends and my dad truly believe that I have a virus somewhere in my computer that is slowing my connection to the internet.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:21:36 AM, on 7/3/2012
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16912)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Webroot\Washer\wwDisp.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    C:\Users\Windows7\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
    C:\Users\Windows7\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files (x86)\NETGEAR\WG111T\wlan111t.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Xfire\Xfire.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKCU\..\Run: [Window Washer] C:\Program Files (x86)\Webroot\Washer\wwDisp.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Windows7\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    O4 - HKCU\..\Run: [Spotify] "C:\Users\Windows7\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Windows7\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
    O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe

    --
    End of file - 9330 bytes

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Ultimate, 64 bit
    Processor: AMD Phenom(tm) II X3 720 Processor, AMD64 Family 16 Model 4 Stepping 2
    Processor Count: 3
    RAM: 6142 Mb
    Graphics Card: AMD Radeon HD 6700 Series, 1024 Mb
    Hard Drives: C: Total - 381551 MB, Free - 191251 MB;
    Motherboard: Gigabyte Technology Co., Ltd., GA-MA790X-UD4P
    Antivirus: None
     
  2. picas723

    picas723 Thread Starter

    Joined:
    Jun 30, 2012
    Messages:
    12
  3. picas723

    picas723 Thread Starter

    Joined:
    Jun 30, 2012
    Messages:
    12
  4. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,629
    Read the topmost "sticky" in this section and submit the required logs and information.

    Why hasn't Windows 7 been upgraded to SP1?

    Why is there no full-time antivirus program installed and running?

    -------------------------------------------------------------
     
  5. picas723

    picas723 Thread Starter

    Joined:
    Jun 30, 2012
    Messages:
    12
    My bad, i thought that I only needed the one log.


    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7600.16385
    Run by Windows7 at 13:00:56 on 2012-07-06
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.6142.2913 [GMT -7:00]
    .
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
    C:\Program Files (x86)\Webroot\Washer\wwDisp.exe
    C:\Users\Windows7\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
    C:\Users\Windows7\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    C:\Users\Windows7\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files (x86)\NETGEAR\WG111T\wlan111t.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Xfire\Xfire.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Xfire\xfire64.exe
    C:\Program Files (x86)\Xfire\xfire64.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\Desktop\league of legends\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
    C:\Users\Windows7\Desktop\league of legends\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.71\deploy\LoLLauncher.exe
    C:\Users\Windows7\Desktop\league of legends\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.158\deploy\LolClient.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Windows7\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\Windows7\Desktop\league of legends\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.162\deploy\League of Legends.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://google.com/
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
    uRun: [Window Washer] C:\Program Files (x86)\Webroot\Washer\wwDisp.exe
    uRun: [Google Update] "C:\Users\Windows7\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    uRun: [Spotify Web Helper] "C:\Users\Windows7\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun: [RegistryMechanic]
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WG111T\wlan111t.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{4F46F2F1-1F50-49DE-BCD7-64BD3ADCE88D} : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{B459F65B-3CE3-4368-BBAA-7A2510696E4C} : DhcpNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{D120AFA4-C65C-4DD1-BC4D-D8380DC57B5B} : DhcpNameServer = 209.18.47.61 209.18.47.62
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
    BHO-X64: MegaIEMn - No File
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun-x64: [RegistryMechanic]
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-15 654408]
    R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136]
    R2 wwEngineSvc;Window Washer Engine;C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe [2011-12-24 598856]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-14 160944]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-13 257224]
    S3 athrusb;Netgear WG111T modded device driver;C:\Windows\system32\DRIVERS\athrxusb.sys --> C:\Windows\system32\DRIVERS\athrxusb.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-06-30 18:10:25 -------- d-----w- C:\Program Files\CCleaner
    2012-06-30 04:25:38 106496 ----a-w- C:\_ctypes.pyd
    2012-06-30 04:25:37 867840 ----a-w- C:\tcl85.dll
    2012-06-30 04:25:37 76800 ----a-w- C:\bz2.pyd
    2012-06-30 04:25:37 688128 ----a-w- C:\unicodedata.pyd
    2012-06-30 04:25:37 30208 ----a-w- C:\_tkinter.pyd
    2012-06-30 04:25:37 287232 ----a-w- C:\_hashlib.pyd
    2012-06-30 04:25:37 2246423 ----a-w- C:\Leatrix_Latency_Fix_3.00.exe
    2012-06-30 04:25:37 2206720 ----a-w- C:\python27.dll
    2012-06-30 04:25:37 1320448 ----a-w- C:\tk85.dll
    2012-06-30 04:25:37 11776 ----a-w- C:\select.pyd
    2012-06-30 04:25:37 -------- d-----w- C:\tcl
    2012-06-29 23:58:02 -------- d-----w- C:\Program Files (x86)\Belkin
    2012-06-29 23:57:33 -------- d-----w- C:\Windows\{26F3D17D-4FF9-46D5-9255-A1F9FF6BD7E4}
    .
    ==================== Find3M ====================
    .
    2012-06-29 19:44:55 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-06-29 19:44:55 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-05-05 01:39:41 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-05-03 02:54:46 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll
    2012-05-03 02:54:46 28056 ----a-w- C:\Windows\System32\xfcodec64.dll
    2012-04-19 03:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
    2012-04-19 03:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
    .
    ============= FINISH: 13:01:23.89 ===============
     
  6. picas723

    picas723 Thread Starter

    Joined:
    Jun 30, 2012
    Messages:
    12
    I'm not sure why Win7 isn't updated. I didn't ask when I had it installed.

    And as for no full-time antivirus program, I thought Malwarebytes was OK but I think i'll go back to AVG or Avast unless you have a better recommendation.
     
  7. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,629
    The SP1 upgrade was released by Microsoft over a year ago.

    Have you been installing the important/recommended updates that Microsoft releases on a regular basis?

    Windows Update should've alerted you to the SP1 upgrade and should be alerting you to the regularly-released updates.

    Install and use

    Microsoft Security Essentials 4.0.1526.0

    Malwarebytes Anti-Malware 1.61.0.1400

    SUPERAntiSpyware 5.5.0.1106

    They're all free and very user-friendly and well-recommended here. (y)

    MSE will run in the background and monitor your computer and do its job.

    Start MBAM and SAS once a week, then update their definition files, then run a quick scan with them, then select and remove everything they find.

    ------------------------------------------------------

    Do not install and use AVG 2012 or Avast 7.0. (n)

    ------------------------------------------------------
     
  8. picas723

    picas723 Thread Starter

    Joined:
    Jun 30, 2012
    Messages:
    12
    I'm not getting updates because I'm 99% sure the copy of Windows I have is not genuine. It was installed by a friend of mine who said he would do it when I built it.

    I have the newest MalwareBytes and I just installed the SAS. Running SAS right now.
     
  9. picas723

    picas723 Thread Starter

    Joined:
    Jun 30, 2012
    Messages:
    12
    SAS picked up cookies and removed them.

    Will reply and see if problem persists.
     
  10. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,629
    If Windows 7 is not genuine, we're not allowed to assist you further.

    Read the forum rules - first 2 sections in Category I Offenses.

    -------------------------------------------------------
     
  11. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,656
    Please run the MGA Diagnostic Tool and post back the report it creates:
    • Download MGADiag to your desktop.
    • Double-click on MGADiag.exe to launch the program
    • Click "Continue"
    • Ensure that the "Windows" tab is selected (it should be by default).
    • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
    • Paste the MGA Diagnostic Report back here in your next reply.


    Also please do this:

    Please download WVCheck and save it to your desktop.

    • Double click WVCheck.exe to run it. (If you downloaded the zipped version you will need to extract it first.)
    • As indicated by the prompt, this program can take a while depending on your hard drive space.
    • Once the program is done, copy the contents of the notepad file as a reply.
     
  12. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1059537