1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Malware scan log

Discussion in 'Malware and Virus Removal Archive' started by Eleanor316, 2014/09/27.

  1. 2014/09/27
    Eleanor316

    Eleanor316 Well-Known Member Thread Starter

    Joined:
    2002/09/29
    Messages:
    268
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Brentwood, CA (not EJ's Brentwood)
    Computer Experience:
    Experienced
    [Inactive] Malware scan log

    Windows 7, Firefox 32.0.3 Malware Bytes Premium

    I fell prey to awful malware when I foolishly downloaded some freeware.
    I tried to uninstall the items on Control Panel/Programs Features and was able to remove Astromedia so the program no appears on Programs list, but a shortcut for Cut The Rope (an Astromedia games) remains on my desktop and I can start the program from it and I cannot uninstall SnapDo and SnapDo engine from Programs/Features.

    Malware Bytes Premium does not identify any of those items on scan.

    Hijack This does not find any of the 3 items on scan. How do I get rid of them?
    http://www.windowsbbs.com/images/smilies/mad.gif
     
  2. 2014/09/27
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,483
    Likes Received:
    103
    Trophy Points:
    843
    Location:
    Daly City, CA
    Computer Experience:
    Experienced
    Please, complete all steps listed HERE

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
     

  3. to hide this advert.

  4. 2014/09/27
    Eleanor316

    Eleanor316 Well-Known Member Thread Starter

    Joined:
    2002/09/29
    Messages:
    268
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Brentwood, CA (not EJ's Brentwood)
    Computer Experience:
    Experienced
    Malware scan log

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 9/27/2014
    Scan Time: 8:33:09 PM
    Logfile: malware scan log.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.09.28.02
    Rootkit Database: v2014.09.19.01
    License: Premium
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Enabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: John Fox

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 323225
    Time Elapsed: 3 min, 52 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)
     
  5. 2014/09/27
    Eleanor316

    Eleanor316 Well-Known Member Thread Starter

    Joined:
    2002/09/29
    Messages:
    268
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Brentwood, CA (not EJ's Brentwood)
    Computer Experience:
    Experienced
    DDS.txt

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17280
    Run by John Fox at 20:52:29 on 2014-09-27
    Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.12205.9750 [GMT -7:00]
    .
    AV: ThreatTrack Security VIPRE *Enabled/Updated* {FFE93D16-FD09-0282-C7D3-8B1731B6A051}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: ThreatTrack Security VIPRE *Enabled/Updated* {4488DCF2-DB33-0D0C-FD63-B0654A31EAEC}
    FW: ThreatTrack Security VIPRE *Enabled* {C7D2BC33-B766-03DA-EC8C-2222CF65E72A}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
    C:\Program Files (x86)\Common Files\Diagnostics\node\service.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Common Files\Diagnostics\node\node.exe
    C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe
    c:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Program Files (x86)\Common Files\Diagnostics\node\service.exe
    C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
    C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\System32\rundll32.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files (x86)\VIPRE\SBAMTray.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\VIPRE\SBAMSvc.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
    C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
    C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = www.google.com
    uSearch Bar = Preserve
    uSearch Page = www.google.com
    uSearchAssistant = www.google.com
    mWinlogon: Userinit = userinit.exe,
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: VIPRE Search Guard Helper: {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSGN.dll
    TB: FindWide Toolbar: {827232A3-7935-41A2-82FC-FD11B5148B12} -
    TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSGN.dll
    TB: FindWide Toolbar: {827232A3-7935-41A2-82FC-FD11B5148B12} -
    TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSGN.dll
    uRun: [DellSystemDetect] C:\Users\John Fox\AppData\Local\Apps\2.0\C9XJO8QA.VYO\99KE99JV.VXA\dell..tion_0f612f649c4a10af_0005.000b_17ede8fa7a4e5cac\DellSystemDetect.exe
    mRun: [SBAMTray] "C:\Program Files (x86)\VIPRE\SBAMTray.exe "
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mExplorerRun: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe "
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: DisableCAD = dword:1
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    Trusted Zone: dell.com
    TCP: NameServer = 192.168.1.254
    TCP: Interfaces\{70EC5D86-07D8-4B6F-BED8-5CDB80AEF14E} : DHCPNameServer = 192.168.1.254
    Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSGN.dll
    SSODL: WebCheck - <orphaned>
    x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
    x64-TB: FindWide Toolbar: {827232A3-7935-41A2-82FC-FD11B5148B12} -
    x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe "
    x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe "
    x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe "
    x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
    x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
    x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1
    x64-Run: [RtHDVBg_PushButton] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
    x64-Run: [SBRegRebootCleaner] "C:\Program Files (x86)\VIPRE\SBRC.exe "
    x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
    x64-Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\John Fox\AppData\Roaming\Mozilla\Firefox\Profiles\wz4eybqq.default-1411856583880\
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
    FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-2-26 666984]
    R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-2-26 28008]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-2-26 20464]
    R1 SbFw;SbFw;C:\Windows\System32\drivers\SbFw.sys [2014-9-21 260816]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-2-26 98208]
    R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2013-7-2 312448]
    R2 Diagnostics;Diagnostics;C:\Program Files (x86)\Common Files\Diagnostics\node\service.exe [2014-9-10 154112]
    R2 gfi_lanss11_attservice;GFI LanGuard 11 Attendant Service;C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe [2012-11-23 133496]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-7-29 14696]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-2-26 169432]
    R2 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-9-21 91352]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-9-21 1809720]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-9-21 860472]
    R2 Proxy;Proxy;C:\Program Files (x86)\Common Files\Diagnostics\node\service.exe [2014-9-10 154112]
    R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-2-26 246488]
    R2 SBAMSvc;VIPRE Internet Security;C:\Program Files (x86)\VIPRE\SBAMSvc.exe [2013-9-5 3937472]
    R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2013-6-18 88928]
    R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [2013-9-5 176016]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2014-5-2 1915920]
    R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2014-2-26 81536]
    R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2013-7-2 89800]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2013-7-2 347336]
    R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2013-7-2 116424]
    R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2013-7-2 34384]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2013-7-2 179432]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2013-7-2 77464]
    R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2013-7-2 137928]
    R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2013-7-2 589000]
    R3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2014-9-21 41032]
    R3 gfiutil;gfiutil;C:\Windows\System32\drivers\gfiutil.sys [2014-9-21 31264]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-2-26 368112]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-2-26 786416]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-9-21 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-9-21 122584]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-9-21 63704]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-2-26 263896]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-2-26 849992]
    R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\System32\drivers\SbFwIm.sys [2014-9-21 120608]
    R3 sbwtis;sbwtis;C:\Windows\System32\drivers\sbwtis.sys [2012-12-11 88864]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-17 111616]
    S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-2-26 452088]
    S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
    S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-9-26 19456]
    S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;C:\Windows\System32\drivers\SbFwIm.sys [2014-9-21 120608]
    S3 sbhips;sbhips;C:\Windows\System32\drivers\sbhips.sys [2014-9-21 63184]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
    S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-9-26 56832]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-9-26 30208]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-9-18 1255736]
    .
    =============== Created Last 30 ================
    .
    2014-09-28 00:28:46 741480 ------w- C:\Windows\System32\HPDiscoPMBC11.dll
    2014-09-28 00:28:35 -------- d-----w- C:\Program Files\HP
    2014-09-27 22:26:52 -------- d-----w- C:\AdwCleaner
    2014-09-27 21:46:50 122584 ----a-w- C:\Windows\System32\drivers\35127FA2.sys
    2014-09-27 21:24:15 -------- d-----w- C:\Users\John Fox\AppData\Roaming\0T1M1P0A1E1E0M1T1G
    2014-09-26 23:21:12 15360 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
    2014-09-26 23:21:10 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
    2014-09-26 23:21:10 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
    2014-09-26 23:21:06 3174912 ----a-w- C:\Windows\System32\rdpcorets.dll
    2014-09-26 23:21:06 243200 ----a-w- C:\Windows\System32\rdpudd.dll
    2014-09-26 23:21:06 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
    2014-09-26 23:21:06 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
    2014-09-26 23:20:30 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2014-09-26 23:20:29 366592 ----a-w- C:\Windows\System32\qdvd.dll
    2014-09-26 23:20:21 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
    2014-09-26 23:20:21 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
    2014-09-26 23:20:21 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
    2014-09-26 23:20:21 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
    2014-09-26 21:57:20 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2014-09-26 21:57:20 2048 ----a-w- C:\Windows\System32\tzres.dll
    2014-09-24 20:55:52 -------- d-----w- C:\Program Files (x86)\Free File Shredder
    2014-09-23 23:11:11 -------- d-----w- C:\Users\John Fox\AppData\Roaming\IrfanView
    2014-09-23 23:11:11 -------- d-----w- C:\Program Files (x86)\IrfanView
    2014-09-23 00:36:36 -------- d-----w- C:\Users\John Fox\AppData\Roaming\Visan
    2014-09-22 20:53:58 -------- d-----w- C:\Users\John Fox\AppData\Local\Deployment
    2014-09-22 00:51:41 -------- d-----w- C:\ProgramData\HP Photo Creations
    2014-09-22 00:51:41 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
    2014-09-22 00:09:59 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
    2014-09-21 22:15:48 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2014-09-21 20:16:53 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2014-09-21 20:16:44 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2014-09-21 20:16:44 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2014-09-21 20:16:44 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-09-21 20:16:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-21 15:12:41 31264 ----a-w- C:\Windows\System32\drivers\gfiutil.sys
    2014-09-21 15:12:40 41032 ----a-w- C:\Windows\System32\drivers\gfiark.sys
    2014-09-21 15:11:50 -------- d-----w- C:\Users\John Fox\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
    2014-09-21 15:11:10 63184 ----a-w- C:\Windows\System32\drivers\sbhips.sys
    2014-09-21 15:11:00 120608 ----a-w- C:\Windows\System32\drivers\SbFwIm.sys
    2014-09-21 15:10:59 48016 ----a-w- C:\Windows\System32\sbbd.exe
    2014-09-21 15:10:59 260816 ----a-w- C:\Windows\System32\drivers\SbFw.sys
    2014-09-21 15:10:57 -------- d-----w- C:\Windows\SysWow64\System32
    2014-09-21 15:10:57 -------- d-----w- C:\ProgramData\GFI
    2014-09-21 15:10:57 -------- d-----w- C:\Program Files (x86)\GFI
    2014-09-21 15:10:56 -------- d-----w- C:\ProgramData\VIPRE
    2014-09-21 15:10:48 -------- d-----w- C:\ProgramData\Downloaded Installations
    2014-09-21 15:08:05 -------- d-----w- C:\Program Files (x86)\VIPRE
    2014-09-21 15:07:32 -------- d-----w- C:\Users\John Fox\AppData\Roaming\VIPRE
    2014-09-21 15:07:32 -------- d-----w- C:\Users\John Fox\AppData\Local\VIPRE
    2014-09-21 03:48:15 -------- d-----w- C:\ProgramData\REGSERVO64
    2014-09-21 02:14:10 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2014-09-21 02:12:37 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2014-09-21 02:12:29 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{461909F9-98BC-452A-BF6E-9893C0287B43}\mpengine.dll
    2014-09-21 02:08:09 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
    2014-09-20 23:56:31 -------- d-----w- C:\ProgramData\Malwarebytes
    2014-09-20 20:58:23 -------- d-----w- C:\Users\John Fox\AppData\Local\Diagnostics
    2014-09-20 19:24:44 0 ---ha-w- C:\Users\John Fox\AppData\Local\BITA739.tmp
    2014-09-20 19:19:48 -------- d-----w- C:\Users\John Fox\AppData\Local\DesktopTemperature
    2014-09-20 19:19:04 -------- d-----w- C:\Users\John Fox\AppData\Roaming\FirefoxToolbar
    2014-09-20 19:18:58 -------- d-----w- C:\Users\John Fox\AppData\Local\Google
    2014-09-20 19:18:57 49940480 ----a-w- C:\Program Files (x86)\GUT5B1F.tmp
    2014-09-20 15:44:09 -------- d-----w- C:\Users\John Fox\AppData\Local\Apps
    2014-09-20 00:02:32 -------- d-----w- C:\Users\John Fox\AppData\Roaming\ParetoLogic
    2014-09-20 00:02:32 -------- d-----w- C:\Users\John Fox\AppData\Roaming\DriverCure
    2014-09-20 00:02:06 -------- d-----w- C:\ProgramData\ParetoLogic
    2014-09-19 14:51:48 -------- d-----w- C:\Users\John Fox\AppData\Local\Macromedia
    2014-09-19 03:58:17 -------- d-----w- C:\Users\John Fox\AppData\Local\CrashDumps
    2014-09-19 02:18:02 -------- d-----w- C:\Users\John Fox\AppData\Roaming\AVG2015
    2014-09-19 02:17:36 -------- d-----w- C:\Users\John Fox\AppData\Roaming\TuneUp Software
    2014-09-19 02:17:15 -------- d--h--w- C:\$AVG
    2014-09-19 02:17:15 -------- d-----w- C:\ProgramData\AVG2015
    2014-09-19 02:16:47 -------- d-----w- C:\Program Files (x86)\AVG
    2014-09-19 02:14:04 -------- d--h--w- C:\ProgramData\Common Files
    2014-09-19 02:14:04 -------- d-----w- C:\Users\John Fox\AppData\Local\MFAData
    2014-09-19 02:14:04 -------- d-----w- C:\Users\John Fox\AppData\Local\Avg2015
    2014-09-19 02:14:04 -------- d-----w- C:\ProgramData\MFAData
    2014-09-19 01:44:17 -------- d-----w- C:\Users\John Fox\AppData\Local\LogMeIn Rescue Applet
    2014-09-19 00:45:08 -------- d-----w- C:\Program Files (x86)\Common Files\Cache utility
    2014-09-19 00:45:05 -------- d-----w- C:\Program Files (x86)\Common Files\Display settings
    2014-09-19 00:45:03 -------- d-----w- C:\Program Files (x86)\Common Files\Hoist Search
    2014-09-19 00:45:01 -------- d-----w- C:\Program Files (x86)\Common Files\DealAlly
    2014-09-18 23:44:35 -------- d-----w- C:\Program Files (x86)\Optimizer Pro
    2014-09-18 23:44:34 -------- d-----w- C:\Users\John Fox\AppData\Local\Programs
    2014-09-18 23:44:10 -------- d-----w- C:\Program Files (x86)\Common Files\Diagnostics
    2014-09-18 23:44:01 -------- d-----w- C:\Program Files (x86)\Common Files\Common dictionary
    2014-09-18 23:41:28 -------- d-----w- C:\Users\John Fox\AppData\Local\ElevatedDiagnostics
    2014-09-18 23:23:53 -------- d-----w- C:\Program Files (x86)\LPT
    2014-09-18 23:23:29 -------- d-----w- C:\Users\John Fox\AppData\Local\LPT
    2014-09-18 23:11:12 -------- d-----w- C:\Users\John Fox\AppData\Local\CrashRpt
    2014-09-18 23:07:10 -------- d-----w- C:\Users\John Fox\AppData\Local\globalUpdate
    2014-09-18 23:07:10 -------- d-----w- C:\Program Files (x86)\globalUpdate
    2014-09-18 21:39:08 -------- d-sh--w- C:\Users\John Fox\AppData\Local\EmieUserList
    2014-09-18 21:39:07 -------- d-sh--w- C:\Users\John Fox\AppData\Local\EmieSiteList
    2014-09-18 16:20:05 -------- d-----w- C:\Windows\Migration
    2014-09-18 16:15:46 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
    2014-09-18 16:15:46 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
    2014-09-18 16:15:46 744448 ----a-w- C:\Windows\System32\WUDFx.dll
    2014-09-18 16:15:46 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
    2014-09-18 16:15:46 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
    2014-09-18 16:15:46 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
    2014-09-18 16:15:46 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
    2014-09-18 16:15:13 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
    2014-09-18 16:15:13 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
    2014-09-18 16:12:57 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
    2014-09-18 16:08:12 -------- d-----w- C:\Windows\System32\appmgmt
    2014-09-18 15:14:52 -------- d-----w- C:\Windows\pss
    2014-09-18 15:09:45 -------- d-----w- C:\Windows\SysWow64\Wat
    2014-09-18 15:09:45 -------- d-----w- C:\Windows\System32\Wat
    2014-09-18 04:16:04 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
    2014-09-18 04:16:04 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
    2014-09-18 04:16:04 8856 ----a-w- C:\Windows\System32\icardres.dll
    2014-09-18 04:16:04 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
    2014-09-18 04:16:04 171160 ----a-w- C:\Windows\System32\infocardapi.dll
    2014-09-18 04:16:04 1389208 ----a-w- C:\Windows\System32\icardagt.exe
    2014-09-18 04:15:59 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
    2014-09-18 04:15:59 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
    2014-09-17 22:48:47 -------- d-----w- C:\Users\John Fox\AppData\Local\Mozilla
    2014-09-17 22:05:37 -------- d-----w- C:\Windows\PCHEALTH
    2014-09-17 22:01:18 -------- d-----w- C:\Users\John Fox\AppData\Local\Microsoft Help
    2014-09-17 20:48:53 -------- d-----w- C:\ProgramData\Visan
    2014-09-17 20:47:51 -------- d-----w- C:\Users\John Fox\AppData\Roaming\HpUpdate
    2014-09-17 20:47:23 -------- d-----w- C:\Program Files (x86)\HP
    2014-09-17 20:43:58 -------- d-----w- C:\Users\John Fox\AppData\Local\HP
    2014-09-17 20:38:57 -------- d-----w- C:\Users\John Fox\AppData\Local\Adobe
    2014-09-17 20:36:32 -------- d-----w- C:\Users\John Fox\AppData\Local\softthinks
    2014-09-17 20:36:32 -------- d-----w- C:\ProgramData\softthinks
    2014-09-17 20:09:49 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
    2014-09-17 20:09:49 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
    2014-09-17 20:05:15 -------- d-----w- C:\Windows\System32\MRT
    2014-09-17 20:02:54 728064 ----a-w- C:\Windows\System32\kerberos.dll
    2014-09-17 20:01:56 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
    2014-09-17 19:58:26 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
    2014-09-17 19:58:26 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
    2014-09-17 19:47:25 -------- d-----w- C:\Users\John Fox\AppData\Roaming\Intel Corporation
    2014-09-17 19:46:38 -------- d-----w- C:\Users\John Fox\AppData\Local\BMExplorer
    2014-09-17 19:46:26 -------- d-----w- C:\Users\John Fox\AppData\Roaming\Atheros
    2014-09-17 19:46:05 -------- d-----w- C:\Users\John Fox\AppData\Local\VirtualStore
    2014-09-17 19:36:16 -------- d-----w- C:\Users\John Fox\AppData\Roaming\Dell
    2014-09-17 19:31:20 2620928 ----a-w- C:\Windows\System32\wucltux.dll
    2014-09-17 19:31:04 97792 ----a-w- C:\Windows\System32\wudriver.dll
    2014-09-17 19:31:04 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
    .
    ==================== Find3M ====================
    .
    2014-09-21 21:11:05 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-09-21 21:11:05 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-08-25 13:53:42 270496 ------w- C:\Windows\System32\MpSigStub.exe
    2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
    2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
    2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
    2014-08-01 11:53:22 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
    2014-07-25 09:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
    2014-07-25 06:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
    2014-07-07 02:06:35 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
    2014-07-07 01:40:21 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2014-07-07 01:40:12 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2014-07-07 01:39:16 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    .
    ============= FINISH: 20:52:41.59 ===============
     
  6. 2014/09/27
    Eleanor316

    Eleanor316 Well-Known Member Thread Starter

    Joined:
    2002/09/29
    Messages:
    268
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Brentwood, CA (not EJ's Brentwood)
    Computer Experience:
    Experienced
    attach.txt

    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 9/17/2014 12:30:21 PM
    System Uptime: 9/27/2014 2:51:24 PM (6 hours ago)
    .
    Motherboard: Dell Inc. | | 088DT1
    Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz | CPU 1 | 3101/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 910 GiB total, 841.248 GiB free.
    D: is CDROM ()
    E: is Removable
    Y: is FIXED (NTFS) - 22 GiB total, 11.546 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP20: 9/21/2014 3:16:05 PM - Installed SpyHunter
    RP21: 9/21/2014 5:08:51 PM - Windows Update
    RP22: 9/21/2014 5:43:33 PM - Removed HP Photosmart 6520 series Basic Device Software
    RP23: 9/23/2014 4:20:09 PM - Removed HP Photosmart 6520 series Basic Device Software
    RP24: 9/23/2014 4:21:09 PM - Removed HP Photosmart 6520 series Help
    RP25: 9/23/2014 4:21:50 PM - Removed HP Photosmart 6520 series Product Improvement Study
    RP26: 9/24/2014 6:03:40 PM - All systems are good
    RP27: 9/26/2014 2:57:27 PM - Windows Update
    RP28: 9/26/2014 3:12:36 PM - Windows Update
    RP29: 9/26/2014 4:15:22 PM - Windows Update
    RP30: 9/26/2014 4:20:32 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Accidental Damage Services Agreement
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 15 Plugin
    Adobe Reader XI MUI
    Banctec Service Agreement
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Common dictionary
    Complete Care Business Service Agreement
    Consumer In-Home Service Agreement
    Dell Backup and Recovery
    Dell Backup and Recovery - Support Software
    Dell Edoc Viewer
    Dell Home Systems Service Agreement
    Dell Product Registration
    Dell System Detect
    Dell WLAN and Bluetooth Client Installation
    DSC/AA Factory Installer
    Free File Shredder 5.5.2
    HP Photo Creations
    HP Photosmart 7520 series Basic Device Software
    HP Photosmart 7520 series Help
    HP Photosmart 7520 series Product Improvement Study
    HP Update
    Intel(R) Management Engine Components
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    Intel(R) USB 3.0 eXtensible Host Controller Driver
    Intel® Trusted Connect Service Client
    IrfanView (remove only)
    Malwarebytes Anti-Malware version 2.0.2.1012
    Microsoft .NET Framework 4.5.1
    Microsoft Office
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Home and Student 2007
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Shared 64-bit MUI (English) 2007
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Mozilla Firefox 32.0.3 (x86 en-US)
    Mozilla Maintenance Service
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    My Dell
    Premium Service Agreement
    Qualcomm Atheros Bluetooth Suite (64)
    QualxServ Service Agreement
    Realtek Card Reader
    Realtek High Definition Audio Driver
    Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
    Shared C Run-time for x64
    Snap.Do
    Snap.Do Engine
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    VIPRE Internet Security
    Visual Studio 2012 x64 Redistributables
    Visual Studio 2012 x86 Redistributables
    .
    ==== Event Viewer Messages From Past Week ========
    .
    9/27/2014 2:50:44 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Type with the following error: Access is denied.
    9/27/2014 2:50:40 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DeleteFlag with the following error: Access is denied.
    9/26/2014 4:22:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: Intel Corporation - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - Intel(R) HD Graphics 4600.
    9/21/2014 7:31:08 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    9/21/2014 5:09:36 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
    9/21/2014 5:09:36 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    9/20/2014 5:20:08 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa800da11bf0, 0xfffff80000b9c3d8, 0xfffffa800f3268d0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092014-27190-01.
    9/20/2014 1:08:55 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
    .
    ==== End Of File ===========================
     
  7. 2014/09/28
    Admin.

    Admin. Administrator Administrator Staff

    Joined:
    2001/12/30
    Messages:
    6,570
    Likes Received:
    82
    Trophy Points:
    743
    Location:
    Birkirkara, Malta
    Computer Experience:
    ***
    Please hit Reply when posting the required logs. Don't post a new thread for every one of them.

    I have merged them here.
     
  8. 2014/09/28
    Eleanor316

    Eleanor316 Well-Known Member Thread Starter

    Joined:
    2002/09/29
    Messages:
    268
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Brentwood, CA (not EJ's Brentwood)
    Computer Experience:
    Experienced
    I couldn't seem to get them in one post. Do you have a solution for me?
     
  9. 2014/09/28
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,483
    Likes Received:
    103
    Trophy Points:
    843
    Location:
    Daly City, CA
    Computer Experience:
    Experienced
    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

    Download [​IMG] Malwarebytes Anti-Rootkit to your desktop.
    • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
    • Double click on downloaded file. OK self extracting prompt.
    • MBAR will start. Click "Next" to continue.
    • Click in the following screen "Update" to obtain the latest malware definitions.
    • Once the update is complete select "Next" and click "Scan ".
    • When the scan is finished and no malware has been found select "Exit ".
    • If malware was detected, make sure to check all the items and click "Cleanup ". Reboot your computer.
    • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
      • "mbar-log-{date} (xx-xx-xx).txt "
      • "system-log.txt "
     
  10. 2014/09/28
    Eleanor316

    Eleanor316 Well-Known Member Thread Starter

    Joined:
    2002/09/29
    Messages:
    268
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Brentwood, CA (not EJ's Brentwood)
    Computer Experience:
    Experienced
    We're going to be gone for a couple of weeks. Will continue with this on our return.Thanks for your help so far.
     
  11. 2014/09/29
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,483
    Likes Received:
    103
    Trophy Points:
    843
    Location:
    Daly City, CA
    Computer Experience:
    Experienced
    Sure thing :)
     
  12. 2014/10/15
    Eleanor316

    Eleanor316 Well-Known Member Thread Starter

    Joined:
    2002/09/29
    Messages:
    268
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Brentwood, CA (not EJ's Brentwood)
    Computer Experience:
    Experienced
    Have decided not to pursue this any further, not worth the time involved and doesn't seem to be affecting anything. Consider this resolved, thanks for the help.
     
  13. 2014/10/15
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,483
    Likes Received:
    103
    Trophy Points:
    843
    Location:
    Daly City, CA
    Computer Experience:
    Experienced
    No problem.
     

Share This Page