Alright! Looking good. dracee.exe is definitely bad as well. Delete it! Better have a closer look at these. Please upload them for me....
We're looking for errors or entries following the 'started' entries that say the service was stopped. You can, if you want, right click an event...
Thanks for the uploads! The sol491.txt file is definitely infected. The dracee.exe file came in at zero bytes, which means it didn't upload...
That's odd ......... both show the service as started. Nothing else in any of the event logs? I'm running ComboFix on my test machine right now...
Please upload the following files to my submission channel. Leave a link back to this topic. C:\WINDOWS\dracee.exe...
It's very possible that the restore point(s) could be infected, though it's not a definite 'yes they are'. It depends on whether a restore point...
Did you zip and upload the qoobox folder? Once again, reset the Log On for security center to Local Service and reboot. Click Start>Run and...
Welcome to WindowsBBS gkyoder :) Download SmitfraudFix by S!Ri, saving it to the desktop. Download Deckard's System Scanner (dss.exe) and...
Highlight and copy the contents of the quote box below to a blank notepad. Save it to the desktop as; Filename: fix.reg Save as type: All...
Please do a scan with Deckard's system scanner and post the log.
Welcome to WindowsBBS Brit :) Your log appears clean. If you just want to clear your past restore points, instructions follow. Clear past...
Glad to hear you got it sorted. Thanks for the update Valerie. :)
Hi Dr Ha, and welcome. :) If you don't use the Logitech Desktop Messenger software, please uninstall it via Add/Remove programs. It will help...
Been a while since I looked at either one's registry exports, but my first guess would be they use a different regedit version. Right click>Edit a...
Hi Terry, The export of wscsvc appeared to already have this configured properly, but lets check it anyway. Open the Services console and...
Looking good. The Dellspmsg.dll appears legit. Would you please upload the biosmsg.dll to my submission channel. Leave a link back to this topic....
Empty the C:\Temp folder. Highlight and copy the contents of the code box below and paste it into a blank notepad, then save it to your desktop...
Same error when trying to start the service? I've got some errands to run .... will check back in later.
First, export the wscsvc key to a reg file for backup. Double click the ObjectName entry then enter the following. NT AUTHORITY\LocalService...
Please export the following key to txt and post it here. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc Verify also the the...
Separate names with a comma.
