Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Toshiba Satellite L305 Laptop freezing issues  (Read 21568 times)

0 Members and 1 Guest are viewing this topic.

JPDisturbed

    Topic Starter


    Rookie

    • Experience: Familiar
    • OS: Windows Vista
    Toshiba Satellite L305 Laptop freezing issues
    « on: November 15, 2013, 04:43:58 PM »
    This problem just recently started. I've tried just about everything I know to do from Checking memory, running defrag, CCleaner and System Restore etc. I use Google Chrome as default browser, and it will freeze as well as off net features like after opening Control Panel, then going to exit from it, will freeze and say Internet Explorer encountered a problem (and I do not use IE) and needs to be restarted, or will ask me if I want to wait for it to respond, close program or reload the program. But even after clicking option to just close it (and it's not even open to begin with), it will say it's sending an error report and take ten years on that, and so I attempt to close that part and it refuses to close, so I hit Escape and STILL it will not close out (freezes), and the screen will have a white haze on it. This happens with just about any part of the laptop I attempt to work on, with and use. Only works for short period of time before the issues act up. In safe mode the issues do not happen. There are no existing other users on the laptop. There is 2G Memory.

    Also, while in browser, it suddenly started asking me to allow cookies on sites I frequent anyhow. It's never done that before either. And prior to this, would tell me a program or something is wanting permission to add cookies or something on my computer, with options to allow, block, do not allow, do not ask me this again etc. This issue (freezing) also happens if I want to preview any pictures on my laptop.

    If there is anything and I mean ANYTHING anyone can provide to help me with this problem to be fixed, PLEASE by all means...ANY and ALL HELP is GREATLY appreciated!

    Oh and I have Windows Vista

    JPDisturbed

      Topic Starter


      Rookie

      • Experience: Familiar
      • OS: Windows Vista
      Re: Toshiba Satellite L305 Laptop freezing issues
      « Reply #1 on: November 15, 2013, 04:51:02 PM »
      Oh and after hitting escape to get one of those windows that says it's sending an error report seems to be the only way they will close. But the white haze always shows up afterwards too. White haze and freeze happens when I attempt to close out browser altogether, and CTRL+F4 doesn't even close em out.

      DaveLembke



        Sage
      • Thanked: 662
      • Certifications: List
      • Computer: Specs
      • Experience: Expert
      • OS: Windows 10
      Re: Toshiba Satellite L305 Laptop freezing issues
      « Reply #2 on: November 15, 2013, 05:30:42 PM »
      Sounds like you may be infected with malware. Have you run any virus scans with up to date definitions, as well as run a tool called Malwarebytes to check for malware?

      I submitted a suggestion to moderator to move this to Computer Viruses and Spyware section where you will get help from specialists. Please do not post a duplicate post to that forum or elsewhere, this will get redirected to that section if the moderator agrees with my diagnosis of what you have for an issue based on information shared.

      Quote
      Also, while in browser, it suddenly started asking me to allow cookies on sites I frequent anyhow. It's never done that before either. And prior to this, would tell me a program or something is wanting permission to add cookies or something on my computer, with options to allow, block, do not allow, do not ask me this again etc.

      Quote
      In safe mode the issues do not happen.

      JPDisturbed

        Topic Starter


        Rookie

        • Experience: Familiar
        • OS: Windows Vista
        Re: Toshiba Satellite L305 Laptop freezing issues
        « Reply #3 on: November 15, 2013, 05:51:53 PM »
        Ok Thank you very much for letting me know. Where is there a trusted site to get that tool?

        SuperDave

        • Malware Removal Specialist


        • Genius
        • Thanked: 1020
        • Certifications: List
        • Experience: Expert
        • OS: Windows 10
        Re: Toshiba Satellite L305 Laptop freezing issues
        « Reply #4 on: November 15, 2013, 06:39:47 PM »
        Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

        1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
        2. The fixes are specific to your problem and should only be used for this issue on this machine.
        3. If you don't know or understand something, please don't hesitate to ask.
        4. Please DO NOT run any other tools or scans while I am helping you.
        5. It is important that you reply to this thread. Do not start a new topic.
        6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
        7. Absence of symptoms does not mean that everything is clear.

        If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
        *************************************************************************
        Please download AdwCleaner by Xplode onto your Desktop.
        • Please close all open programs and internet browsers.
        • Double click on adwcleaner.exe to run the tool.
        • Click on Delete.
        • Confirm each time with OK
        • Your computer will be rebooted automatically. A text file will open after the restart.
        • Please post the content of that logfile in your reply.
        • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
        *********************************************
        Please download Malwarebytes Anti-Malware from here.
        Double Click mbam-setup.exe to install the application.
        • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
        • If an update is found, it will download and install the latest version.
        • Once the program has loaded, select "Perform Full Scan", then click Scan.
        • The scan may take some time to finish,so please be patient.
        • When the scan is complete, click OK, then Show Results to view the results.
        • Make sure that everything is checked, and click Remove Selected.
        • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
        • Please save the log to a location you will remember.
        • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
        • Copy and paste the entire report in your next reply.
        Extra Note:

        If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
        *************************************************
        Please download Junkware Removal Tool to your desktop.

        Warning! Once the scan is complete JRT will shut down your browser with NO warning.

        Shut down your protection software now to avoid potential conflicts.

        •Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

        •Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

        •The tool will open and start scanning your system.

        •Please be patient as this can take a while to complete depending on your system's specifications.

        •On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

        •Copy and Paste the JRT.txt log into your next message.
        Windows 8 and Windows 10 dual boot with two SSD's

        JPDisturbed

          Topic Starter


          Rookie

          • Experience: Familiar
          • OS: Windows Vista
          Re: Toshiba Satellite L305 Laptop freezing issues
          « Reply #5 on: November 15, 2013, 08:29:55 PM »
          First of all, thank you so very much for your detailed and very informative reply! :) Second, you mentioned not to run any other scans while working with you on this problem. Should I turn my antivirus program off  since it does automatic scans on it's own? I use AVAST!. And should I download each of those tools you added separately and run them each after each download? Or should I download them each after one another, and then run them separately as you instruct after one another?

          I hope that made sense lol.

          JPDisturbed

            Topic Starter


            Rookie

            • Experience: Familiar
            • OS: Windows Vista
            Re: Toshiba Satellite L305 Laptop freezing issues
            « Reply #6 on: November 15, 2013, 08:32:16 PM »
            Oh and yes, I am able to get online on the computer we are speaking of. Out of curiosity, I've never heard of holding down SHIFT while inserting a USB device, as you described. What does that do exactly, if I may ask?

            JPDisturbed

              Topic Starter


              Rookie

              • Experience: Familiar
              • OS: Windows Vista
              Re: Toshiba Satellite L305 Laptop freezing issues
              « Reply #7 on: November 15, 2013, 09:38:06 PM »
              First of all, thank you so very much for your detailed and very informative reply! :) Second, you mentioned not to run any other scans while working with you on this problem. Should I turn my antivirus program off  since it does automatic scans on it's own? I use AVAST!. And should I download each of those tools you added separately and run them each after each download? Or should I download them each after one another, and then run them separately as you instruct after one another?

              I hope that made sense lol.
              You did mention temporarily shutting down any antivirus software during the JRT scan. Would that be the only time I'd do this, or should I Temp. Shutdown before performing any of the scans to avoid any conflicts?

              JPDisturbed

                Topic Starter


                Rookie

                • Experience: Familiar
                • OS: Windows Vista
                Re: Toshiba Satellite L305 Laptop freezing issues
                « Reply #8 on: November 15, 2013, 10:58:05 PM »
                Text File After running AdwCleaner:

                # AdwCleaner v3.012 - Report created 15/11/2013 at 23:51:29
                # Updated 11/11/2013 by Xplode
                # Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
                # Username : Owner - JANEE-PC
                # Running from : C:\Users\Owner\Desktop\adwcleaner.exe
                # Option : Clean

                ***** [ Services ] *****


                ***** [ Files / Folders ] *****

                Folder Deleted : C:\ProgramData\Ask
                Folder Deleted : C:\ProgramData\boost_interprocess
                Folder Deleted : C:\Program Files\AskBarDis
                Folder Deleted : C:\Program Files\Conduit
                Folder Deleted : C:\Program Files\Ilivid
                Folder Deleted : C:\Program Files\NCH Software
                Folder Deleted : C:\Program Files\OApps
                Folder Deleted : C:\Users\Owner\AppData\Local\Conduit
                Folder Deleted : C:\Users\Owner\AppData\Local\Ilivid Player
                Folder Deleted : C:\Users\Owner\AppData\Local\PackageAware
                Folder Deleted : C:\Users\Owner\AppData\LocalLow\boost_interprocess
                Folder Deleted : C:\Users\Owner\AppData\LocalLow\Conduit
                Folder Deleted : C:\Users\Owner\AppData\LocalLow\Toolbar4
                Folder Deleted : C:\Users\Owner\AppData\Roaming\NCH Software
                Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6wv9rj96.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
                Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6wv9rj96.default\Extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
                File Deleted : C:\END
                File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6wv9rj96.default\user.js

                ***** [ Shortcuts ] *****


                ***** [ Registry ] *****

                Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
                Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
                Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
                Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
                Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3198785
                Key Deleted : HKLM\SOFTWARE\Classes\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}
                Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
                Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
                Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
                Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
                Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
                Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
                Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
                Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}
                Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
                Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
                Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
                Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
                Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B00FE392-639D-4688-976E-A1BFF368CB96}
                Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64697678-0000-0010-8000-00AA00389B71}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
                Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
                Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
                Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
                Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
                Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
                Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
                Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
                Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
                Key Deleted : HKCU\Software\APN PIP
                Key Deleted : HKCU\Software\Conduit
                Key Deleted : HKCU\Software\DataMngr
                Key Deleted : HKCU\Software\ilivid
                Key Deleted : HKCU\Software\NCH Software
                Key Deleted : HKCU\Software\YahooPartnerToolbar
                Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
                Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
                Key Deleted : HKLM\Software\Conduit
                Key Deleted : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
                Key Deleted : HKLM\Software\NCH Software
                Key Deleted : HKLM\Software\PIP
                Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

                ***** [ Browsers ] *****

                -\\ Internet Explorer v9.0.8112.16514

                Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
                Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

                -\\ Mozilla Firefox v

                [ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6wv9rj96.default\prefs.js ]


                *************************

                AdwCleaner[R0].txt - [6906 octets] - [15/11/2013 23:47:11]
                AdwCleaner[S0].txt - [6870 octets] - [15/11/2013 23:51:29]

                ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6930 octets] ##########


                After running and completing AdwCleaner and it restarted, Avast! Antivirus Sandbox opened as well. It opened Manage Add-Ons and read, "View and manage your Internet Explorer add-ons". It's left panel read,
                Add-On Types
                -Toolbars and Extensions
                - Search Providers
                - Accelerators
                - Tracking Protection

                In a window pane to the right of that shows w/ columns
                Name/Status/Listing Order/Search Suggestions/Top Result. Under each (a couple under Status were blank but one) in the order above:
                Google (name), 1 (Listing Order), enabled (Search Suggestions) Not Available (Top Result)
                Next Line:
                Yahoo! (Name), Default (Status), 2 (Listing), enabled (Search Suggestions), Not Available (Top Result)
                Next Line:
                eBay (Name), 3 (Listing Order), enabled (search suggestions), Not Available (Top Result)
                A Bottom Pane under those two read as follows:
                "Select the Search Provider You Want to View or Change" and at the bottom of that w/ two check boxes already checked read:
                - Prevent programs from suggesting changes to my default search provider
                - Search in the address bar
                Thereafter, below those were two clickable links that read:
                - Find more search providers
                - Learn more about search provider preferences

                I've never seen this pop up before in Avast! antivirus program. I didn't click on anything, nor on any of the clickable links w/in any part of that which showed up, save for Close to close it out. Also, I've not had Mozilla Firefox on this machine and noticed AdwCleaner showed some things from that in it's lists.


                And it didn't give me an option to Delete, just to Clean.
                « Last Edit: November 15, 2013, 11:10:39 PM by JPDisturbed »

                JPDisturbed

                  Topic Starter


                  Rookie

                  • Experience: Familiar
                  • OS: Windows Vista
                  Re: Toshiba Satellite L305 Laptop freezing issues
                  « Reply #9 on: November 15, 2013, 11:01:23 PM »
                  Also, I had to go back into Safe Mode in order to go here to post this, as when I tried to in normal boot, things were still freezing up, and not letting me get online using IE (before any of this posted at all to you, I Uninstalled my Google Chrome thinking maybe if I did so then reinstalled would fix the problem). I was connected to the internet, it's just that the freeze made it difficult to get online w/o freezing up with that all white haze in windows.

                  JPDisturbed

                    Topic Starter


                    Rookie

                    • Experience: Familiar
                    • OS: Windows Vista
                    Re: Toshiba Satellite L305 Laptop freezing issues
                    « Reply #10 on: November 16, 2013, 01:45:17 AM »
                    This tool didn't give me any time to say whether to restart or not. It just restarted on it's own and found 1 files infected.

                    2013/11/16 01:58:36 -0500   JANEE-PC   Owner   MESSAGE   Starting protection
                    2013/11/16 01:58:36 -0500   JANEE-PC   Owner   MESSAGE   Protection started successfully
                    2013/11/16 01:58:36 -0500   JANEE-PC   Owner   MESSAGE   Starting IP protection
                    2013/11/16 01:58:58 -0500   JANEE-PC   Owner   MESSAGE   IP Protection started successfully
                    2013/11/16 01:59:19 -0500   JANEE-PC   Owner   MESSAGE   Starting database refresh
                    2013/11/16 01:59:19 -0500   JANEE-PC   Owner   MESSAGE   Stopping IP protection
                    2013/11/16 01:59:21 -0500   JANEE-PC   Owner   MESSAGE   IP Protection stopped successfully
                    2013/11/16 01:59:27 -0500   JANEE-PC   Owner   MESSAGE   Database refreshed successfully
                    2013/11/16 01:59:27 -0500   JANEE-PC   Owner   MESSAGE   Starting IP protection
                    2013/11/16 01:59:34 -0500   JANEE-PC   Owner   MESSAGE   IP Protection started successfully
                    2013/11/16 03:29:15 -0500   JANEE-PC   Owner   MESSAGE   Starting protection
                    2013/11/16 03:29:17 -0500   JANEE-PC   Owner   MESSAGE   Protection started successfully
                    2013/11/16 03:29:17 -0500   JANEE-PC   Owner   MESSAGE   Starting IP protection
                    2013/11/16 03:29:28 -0500   JANEE-PC   Owner   MESSAGE   IP Protection started successfully

                    SuperDave

                    • Malware Removal Specialist


                    • Genius
                    • Thanked: 1020
                    • Certifications: List
                    • Experience: Expert
                    • OS: Windows 10
                    Re: Toshiba Satellite L305 Laptop freezing issues
                    « Reply #11 on: November 16, 2013, 11:33:33 AM »
                    Quote
                    Should I turn my antivirus program off  since it does automatic scans on it's own? I use AVAST!. And should I download each of those tools you added separately and run them each after each download? Or should I download them each after one another, and then run them separately as you instruct after one another?
                    Please leave your AV active unless requested before running a scan. You should download and run each scanner in the sequence I've instructed.
                    Quote
                    I've never heard of holding down SHIFT while inserting a USB device, as you described. What does that do exactly, if I may ask?
                    It prevents any chance of cross-infections.

                    Download Combofix from any of the links below, and save it to your DESKTOP
                    If your version of Windows defaults to you download folder you will need to copy it to your desktop.

                    Link 1
                    Link 2
                    Link 3

                    To prevent your anti-virus application interfering with  ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.
                    • Close any open windows and double click ComboFix.exe to run it.

                      You will see the following image:


                    Click I Agree to start the program.

                    ComboFix will then extract the necessary files and you will see this:



                    As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to  have this pre-installed on your machine before doing any malware  removal. This will not occur in Windows Vista and 7

                    It will allow you to boot up into a special recovery/repair  mode that will allow us to more easily help you should your computer  have a problem after an attempted removal of malware.

                    If you did not have it installed, you will see the prompt below. Choose YES.



                    Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

                    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

                    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



                    Click on Yes, to continue scanning for malware.

                    When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

                    Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

                    Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
                    Windows 8 and Windows 10 dual boot with two SSD's

                    JPDisturbed

                      Topic Starter


                      Rookie

                      • Experience: Familiar
                      • OS: Windows Vista
                      Re: Toshiba Satellite L305 Laptop freezing issues
                      « Reply #12 on: November 16, 2013, 03:17:24 PM »
                      This is the JRT Log

                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                      Junkware Removal Tool (JRT) by Thisisu
                      Version: 6.0.8 (11.05.2013:1)
                      OS: Windows Vista (TM) Home Basic x86
                      Ran by Owner on Sat 11/16/2013 at 16:59:09.80
                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




                      ~~~ Services



                      ~~~ Registry Values



                      ~~~ Registry Keys

                      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{362269bd-c93c-460f-9255-3bd667eb7f0a}



                      ~~~ Files



                      ~~~ Folders

                      Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\cre"



                      ~~~ Event Viewer Logs were cleared





                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                      Scan was completed on Sat 11/16/2013 at 17:05:31.11
                      Computer was rebooted
                      End of JRT log
                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

                      JPDisturbed

                        Topic Starter


                        Rookie

                        • Experience: Familiar
                        • OS: Windows Vista
                        Re: Toshiba Satellite L305 Laptop freezing issues
                        « Reply #13 on: November 16, 2013, 03:24:07 PM »
                        Ok now I am off to do the Combofix. After all of this is done and posted logs, what then? I can tell there was something like spyware and stuff it may have caught. I just assume that from the amount of time this has all taken (not long for them at all), we caught it before it done too much damage. And will this stop all those grey little windows from popping up asking me to constantly allow, block etc. cookies? Because I've never had that before this either. And I do mean a lot whenever I go to any page online now. They just relentlessly keep popping up!

                        Do you think I should contact my antivirus company and tell them what's going on, and ask them why these things aren't being caught like they're supposed to, as they claimed their product would also protect from?

                        JPDisturbed

                          Topic Starter


                          Rookie

                          • Experience: Familiar
                          • OS: Windows Vista
                          Re: Toshiba Satellite L305 Laptop freezing issues
                          « Reply #14 on: November 16, 2013, 04:20:20 PM »
                          I am hoping this will soon be fixed. I have done everything you asked in the order you specified. Have not done anything else in between etc. What's next? :)

                          ComboFix Log

                          ComboFix 13-11-16.01 - Owner 11/16/2013  17:43:01.1.1 - x86
                          Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.1.1033.18.1915.1060 [GMT -5:00]
                          Running from: c:\users\Owner\Desktop\ComboFix.exe
                          AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
                          SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
                          SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                          .
                          .
                          (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
                          .
                          .
                          C:\Install.exe
                          c:\windows\system32\FlashPlayerApp.exe
                          c:\windows\system32\pt
                          c:\windows\system32\pt\toscdspd.cpl.mui
                          .
                          .
                          (((((((((((((((((((((((((   Files Created from 2013-10-16 to 2013-11-16  )))))))))))))))))))))))))))))))
                          .
                          .
                          2013-11-16 22:52 . 2013-11-16 22:53   --------   d-----w-   c:\users\Owner\AppData\Local\temp
                          2013-11-16 22:52 . 2013-11-16 22:52   --------   d-----w-   c:\users\Default\AppData\Local\temp
                          2013-11-16 21:51 . 2013-11-16 21:51   --------   d-----w-   c:\windows\ERUNT
                          2013-11-16 06:58 . 2013-11-16 06:58   --------   d-----w-   c:\users\Owner\AppData\Roaming\Malwarebytes
                          2013-11-16 06:57 . 2013-11-16 06:57   --------   d-----w-   c:\programdata\Malwarebytes
                          2013-11-16 06:57 . 2013-11-16 06:58   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
                          2013-11-16 06:57 . 2013-04-04 19:50   22856   ----a-w-   c:\windows\system32\drivers\mbam.sys
                          2013-11-16 06:45 . 2013-11-16 06:45   62576   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{9E42377D-538F-4325-A264-FEDBCD5E3C18}\offreg.dll
                          2013-11-16 04:46 . 2013-11-16 04:53   --------   dc----w-   C:\AdwCleaner
                          2013-11-15 19:33 . 2013-10-16 05:20   7796464   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{9E42377D-538F-4325-A264-FEDBCD5E3C18}\mpengine.dll
                          2013-11-15 19:33 . 2013-11-15 19:33   --------   dc----w-   C:\3c17a5aa777f7cf316b2facc44
                          2013-11-13 20:46 . 2013-10-03 12:45   297984   ----a-w-   c:\windows\system32\gdi32.dll
                          2013-11-13 20:46 . 2013-10-03 12:45   993792   ----a-w-   c:\windows\system32\crypt32.dll
                          2013-11-13 20:45 . 2013-10-11 02:08   444928   ----a-w-   c:\windows\system32\IKEEXT.DLL
                          2013-11-13 20:45 . 2013-10-11 02:07   596480   ----a-w-   c:\windows\system32\FWPUCLNT.DLL
                          2013-10-24 23:40 . 2013-10-24 23:40   --------   d-----w-   c:\users\Owner\AppData\Roaming\AVAST Software
                          2013-10-21 04:35 . 2013-10-21 04:35   --------   d-----w-   c:\programdata\AVAST Software
                          2013-10-21 04:32 . 2013-06-29 02:07   197632   ----a-w-   c:\windows\system32\drivers\usbhub.sys
                          2013-10-21 04:32 . 2013-06-29 02:07   73216   ----a-w-   c:\windows\system32\drivers\usbccgp.sys
                          2013-10-21 04:32 . 2013-06-29 02:06   6016   ----a-w-   c:\windows\system32\drivers\usbd.sys
                          2013-10-21 04:32 . 2013-06-29 02:07   226304   ----a-w-   c:\windows\system32\drivers\usbport.sys
                          2013-10-21 04:32 . 2011-05-05 13:54   39936   ----a-w-   c:\windows\system32\drivers\usbehci.sys
                          2013-10-21 04:32 . 2011-05-05 13:54   23552   ----a-w-   c:\windows\system32\drivers\usbuhci.sys
                          2013-10-21 04:32 . 2013-07-12 09:04   73344   ----a-w-   c:\windows\system32\drivers\USBAUDIO.sys
                          2013-10-21 04:32 . 2013-06-26 23:01   527064   ----a-w-   c:\windows\system32\drivers\Wdf01000.sys
                          2013-10-21 04:32 . 2013-07-04 04:21   532480   ----a-w-   c:\windows\system32\comctl32.dll
                          2013-10-21 04:31 . 2013-07-03 02:10   25472   ----a-w-   c:\windows\system32\drivers\hidparse.sys
                          2013-10-21 04:25 . 2013-10-08 11:50   94632   ----a-w-   c:\windows\system32\WindowsAccessBridge.dll
                          .
                          .
                          .
                          ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
                          .
                          2013-11-15 19:32 . 2009-05-07 09:29   403440   ----a-w-   c:\windows\system32\drivers\aswsp.sys
                          2013-10-21 04:39 . 2013-03-04 10:07   178304   ----a-w-   c:\windows\system32\drivers\aswVmm.sys
                          2013-10-21 04:39 . 2013-03-04 10:07   49944   ----a-w-   c:\windows\system32\drivers\aswRvrt.sys
                          2013-10-21 04:39 . 2011-04-04 02:14   774392   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
                          2013-10-21 04:39 . 2009-05-07 09:29   57672   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
                          2013-10-21 04:39 . 2009-05-07 09:29   54832   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
                          2013-10-21 04:39 . 2009-05-07 09:29   35656   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
                          2013-10-21 04:39 . 2009-05-07 09:29   70384   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
                          2013-10-21 04:39 . 2010-07-08 13:38   43152   ----a-w-   c:\windows\avastSS.scr
                          2013-10-21 04:39 . 2009-05-07 09:29   269216   ----a-w-   c:\windows\system32\aswBoot.exe
                          2013-10-21 04:13 . 2011-06-16 14:14   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
                          2013-09-03 18:35 . 2009-10-02 23:22   238872   ------w-   c:\windows\system32\MpSigStub.exe
                          2013-08-26 09:13 . 2013-08-26 09:13   354656   ----a-w-   c:\windows\system32\DivXControlPanelApplet.cpl
                          .
                          .
                          (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
                          .
                          .
                          *Note* empty entries & legit default entries are not shown
                          REGEDIT4
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
                          @="{472083B0-C522-11CF-8763-00608CC02F24}"
                          [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
                          2013-10-21 04:39   321752   ----a-w-   c:\program files\Alwil Software\Avast5\ashShell.dll
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
                          @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                          [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                          2013-05-25 00:36   130736   ----a-w-   c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
                          @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                          [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                          2013-05-25 00:36   130736   ----a-w-   c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
                          @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                          [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                          2013-05-25 00:36   130736   ----a-w-   c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
                          @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
                          [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
                          2013-09-25 22:37   579024   ----a-w-   c:\program files\Google\Drive\googledrivesync32.dll
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
                          @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
                          @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
                          [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
                          2013-09-25 22:37   579024   ----a-w-   c:\program files\Google\Drive\googledrivesync32.dll
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
                          @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
                          @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
                          [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
                          2013-09-25 22:37   579024   ----a-w-   c:\program files\Google\Drive\googledrivesync32.dll
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
                          @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
                          [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
                          2013-09-25 22:37   579024   ----a-w-   c:\program files\Google\Drive\googledrivesync32.dll
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
                          @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
                          [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
                          2013-09-25 22:37   579024   ----a-w-   c:\program files\Google\Drive\googledrivesync32.dll
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
                          @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
                          [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
                          2013-09-25 22:37   579024   ----a-w-   c:\program files\Google\Drive\googledrivesync32.dll
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                          "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
                          "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
                          "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
                          "RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
                          "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-16 178712]
                          "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
                          "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-02-06 431456]
                          "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-06-02 505720]
                          "ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\TSS.exe" [2008-08-04 1242424]
                          "Skytel"="Skytel.exe" [2007-11-21 1826816]
                          "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
                          "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
                          "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
                          "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
                          "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
                          "DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-08-21 450560]
                          "TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2013-08-07 295512]
                          "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
                          "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968]
                          "AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2013-10-21 3568312]
                          .
                          c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                          Dropbox.lnk - c:\users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                          "EnableUIADesktopToggle"= 0 (0x0)
                          .
                          [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
                          @="Service"
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
                          2013-08-29 00:23   1861968   ----a-w-   c:\program files\DivX\DivX Update\DivXUpdate.exe
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMPDPSRV]
                          2002-07-11 14:31   45056   ----a-w-   c:\windows\System32\spool\drivers\w32x86\3\LMpdpsrv.exe
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
                          LocalServiceNoNetwork   REG_MULTI_SZ      PLA DPS BFE mpssvc
                          LocalServiceAndNoImpersonation   REG_MULTI_SZ      FontCache
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
                          2013-07-24 06:43   114176   ----a-w-   c:\windows\System32\advpack.dll
                          .
                          Contents of the 'Scheduled Tasks' folder
                          .
                          2013-11-16 c:\windows\Tasks\Adobe Flash Player Updater.job
                          - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-13 04:13]
                          .
                          2013-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                          - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 08:51]
                          .
                          2013-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                          - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 08:51]
                          .
                          2013-11-15 c:\windows\Tasks\User_Feed_Synchronization-{34AFA83A-3AA9-4C01-BD31-2998440DB7FB}.job
                          - c:\windows\system32\msfeedssync.exe [2013-07-24 06:43]
                          .
                          .
                          ------- Supplementary Scan -------
                          .
                          uStart Page = hxxp://www.google.com
                          mStart Page = hxxp://www.google.com
                          IE: Add to AMV/AVI Video Converter... - c:\program files\Media Player Utilities 4.24\AMVConverter\grab.html
                          IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
                          IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
                          IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
                          TCP: DhcpNameServer = 192.168.0.1
                          .
                          - - - - ORPHANS REMOVED - - - -
                          .
                          Toolbar-10 - (no file)
                          HKCU-Run-toscdspd - TOSCDSPD.EXE
                          HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe
                          SafeBoot-WudfPf
                          SafeBoot-WudfRd
                          .
                          .
                          .
                          **************************************************************************
                          .
                          catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                          Rootkit scan 2013-11-16 17:53
                          Windows 6.0.6002 Service Pack 2 NTFS
                          .
                          scanning hidden processes ... 
                          .
                          scanning hidden autostart entries ...
                          .
                          scanning hidden files ... 
                          .
                          .
                          C:\avast! sandbox
                          .
                          scan completed successfully
                          hidden files: 1
                          .
                          **************************************************************************
                          .
                          --------------------- LOCKED REGISTRY KEYS ---------------------
                          .
                          [HKEY_LOCAL_MACHINE\system\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
                          @Denied: (A) (Users)
                          @Denied: (A) (Everyone)
                          @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                          "BlindDial"=dword:00000000
                          "MSCurrentCountry"=dword:000000b5
                          .
                          [HKEY_LOCAL_MACHINE\system\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
                          @Denied: (A) (Users)
                          @Denied: (A) (Everyone)
                          @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                          "BlindDial"=dword:00000000
                          .
                          [HKEY_LOCAL_MACHINE\system\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
                          @Denied: (A) (Users)
                          @Denied: (A) (Everyone)
                          @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                          "BlindDial"=dword:00000000
                          .
                          [HKEY_LOCAL_MACHINE\system\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
                          @Denied: (A) (Users)
                          @Denied: (A) (Everyone)
                          @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                          "BlindDial"=dword:00000000
                          .
                          [HKEY_LOCAL_MACHINE\system\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
                          @Denied: (A) (Users)
                          @Denied: (A) (Everyone)
                          @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                          "BlindDial"=dword:00000000
                          .
                          Completion time: 2013-11-16  17:55:54
                          ComboFix-quarantined-files.txt  2013-11-16 22:55
                          .
                          Pre-Run: 35,394,928,640 bytes free
                          Post-Run: 35,816,771,584 bytes free
                          .
                          - - End Of File - - D655678F5C2966954F3F2C20C7E8139D
                          5B5E648D12FCADC244C1EC30318E1EB9