1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Need help to remove "search.conduit.com"

Discussion in 'Malware and Virus Removal Archive' started by Pepse, 2014/03/08.

Thread Status:
Not open for further replies.
  1. 2014/03/08
    Pepse

    Pepse Well-Known Member Thread Starter

    Joined:
    2002/01/08
    Messages:
    328
    Likes Received:
    1
    [Inactive] Need help to remove "search.conduit.com "

    I ran MBAM, spybot, and a few other things and this search.conduit is still attached to Chrome. So, hopefully we can dump it.

    Here are the logs as requested: Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2014.03.09.02

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.16518
    Sheryl :: LAPTOP [administrator]

    3/8/2014 9:31:50 PM
    mbam-log-2014-03-08 (21-31-50).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 222049
    Time elapsed: 4 minute(s), 3 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Users\Sheryl\Downloads\ZipSetup.exe (PUP.Optional.FriedCookie) -> No action taken.

    (end)

    DDS Log:DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.51.2
    Run by Sheryl at 21:41:42 on 2014-03-08
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.3466 [GMT -6:00]
    .
    AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
    FW: ESET Personal firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files\IDT\WDM\STacSV64.exe
    C:\Windows\system32\Hpservice.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k WbioSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\IDT\WDM\AESTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\SysWOW64\ezSharedSvcHost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files\Zune\ZuneLauncher.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files (x86)\Creative Home\Hallmark Card Studio Select\Planner\PLNRnote.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Users\Sheryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sheryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sheryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sheryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sheryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sheryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sheryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sheryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sheryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Windows\notepad.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uProxyOverride = ;192.168.*.*
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe "
    mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
    mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe "
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe "
    mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe "
    mRunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\60bf690a-5673-4f58-ab24-64a1d7ba86ed.exe /check
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\EVENTP~1.LNK - C:\Program Files (x86)\Creative Home\Hallmark Card Studio Select\Planner\PLNRnote.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: EnableShellExecuteHooks = dword:1
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: HideFastUserSwitching = dword:0
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{7CB8ED6A-1CE6-4683-8D7E-B346F5DFEBE3} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{9DB0F705-C83D-4E83-8E5D-802A2C53DCB4} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{9DB0F705-C83D-4E83-8E5D-802A2C53DCB4}\25564664963786D27657563747 : DHCPNameServer = 192.168.3.1
    TCP: Interfaces\{9DB0F705-C83D-4E83-8E5D-802A2C53DCB4}\46C696E6B6 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{9DB0F705-C83D-4E83-8E5D-802A2C53DCB4}\64F485 : DHCPNameServer = 192.168.0.1 205.171.202.166
    TCP: Interfaces\{9DB0F705-C83D-4E83-8E5D-802A2C53DCB4}\64F68702A392 : DHCPNameServer = 10.0.0.1
    TCP: Interfaces\{9DB0F705-C83D-4E83-8E5D-802A2C53DCB4}\94E6E6F667164796F6E67596478694E637079627164796F6E6 : DHCPNameServer = 74.115.8.8 74.115.8.9
    TCP: Interfaces\{9DB0F705-C83D-4E83-8E5D-802A2C53DCB4}\960586F6E656 : DHCPNameServer = 172.20.10.1
    TCP: Interfaces\{9DB0F705-C83D-4E83-8E5D-802A2C53DCB4}\E41434 : DHCPNameServer = 68.115.71.53 68.113.206.10 66.189.0.100
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
    x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
    x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
    x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
    x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe "
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    x64-RunOnce: [NCPluginUpdater] "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
    x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-17 65776]
    R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-17 207904]
    R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2013-9-17 62136]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-6-17 1038072]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-6-17 421704]
    R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2013-9-17 239320]
    R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2013-9-17 44120]
    R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-11-28 89600]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-6-17 78648]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-2-11 50344]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-9-12 1337752]
    R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
    R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-17 265544]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
    R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-7-11 26680]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-9-22 13592]
    R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-11-28 2413056]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-23 418376]
    R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
    R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-9-22 2656280]
    R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2013-12-20 80184]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
    R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-9-22 317440]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-23 25928]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-11-28 91648]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-11-28 208896]
    R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-9-22 338536]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-9-22 428136]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
    S0 edevmon;edevmon;C:\Windows\System32\drivers\edevmon.sys [2013-9-17 239296]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-23 701512]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-12 111616]
    S3 OlyCamComm;OLYMPUS USB Communication Device;C:\Windows\System32\drivers\OlyCamComm.sys [2009-9-9 24208]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
    S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-12-8 16152]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-16 1255736]
    S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2014-03-08 19:46:39 -------- d-----w- C:\Users\Sheryl\AppData\Roaming\ESET
    2014-03-08 19:46:39 -------- d-----w- C:\Users\Sheryl\AppData\Local\ESET
    2014-03-08 19:46:15 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{11D60C1D-EDA9-4240-9B4B-A037667DCC40}\offreg.dll
    2014-03-08 19:39:41 -------- d-----w- C:\Program Files\ESET
    2014-03-08 19:20:04 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{11D60C1D-EDA9-4240-9B4B-A037667DCC40}\mpengine.dll
    2014-02-24 05:33:11 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-02-24 05:33:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-02-24 04:42:59 -------- d-sh--w- C:\$RECYCLE.BIN
    2014-02-23 21:59:47 17858952 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2014-02-16 17:05:32 -------- d-----w- C:\Program Files\CCleaner
    2014-02-13 01:26:10 548864 ----a-w- C:\Windows\System32\vbscript.dll
    2014-02-13 01:26:10 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2014-02-13 00:38:45 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
    2014-02-13 00:38:45 2048 ----a-w- C:\Windows\System32\msxml3r.dll
    2014-02-13 00:38:45 1882112 ----a-w- C:\Windows\System32\msxml3.dll
    2014-02-13 00:38:45 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
    .
    ==================== Find3M ====================
    .
    2014-02-23 21:59:54 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-02-23 21:59:54 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-02-11 23:36:03 80184 ----a-w- C:\Windows\System32\drivers\aswstm.sys
    2014-02-11 23:36:03 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2014-02-11 23:36:03 1038072 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2014-02-11 23:36:02 43152 ----a-w- C:\Windows\avastSS.scr
    2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
    2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
    2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
    2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
    2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
    2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
    2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
    2014-02-03 18:20:54 270496 ------w- C:\Windows\System32\MpSigStub.exe
    2013-12-29 19:57:28 16152 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
    2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
    2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
    2013-12-20 18:43:43 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2013-12-19 03:09:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-12-17 15:16:15 4188160 ----a-w- C:\Program Files (x86)\GUT32A5.tmp
    .
    ============= FINISH: 21:42:06.69 ===============
    Pepse.
     
  2. 2014/03/08
    Pepse

    Pepse Well-Known Member Thread Starter

    Joined:
    2002/01/08
    Messages:
    328
    Likes Received:
    1
    DDS part 2:.
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 10/16/2011 5:49:23 PM
    System Uptime: 3/8/2014 1:15:51 PM (8 hours ago)
    .
    Motherboard: Hewlett-Packard | | 1658
    Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz | CPU1 | 2401/1333mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 582 GiB total, 514.192 GiB free.
    D: is FIXED (NTFS) - 14 GiB total, 1.57 GiB free.
    E: is CDROM ()
    F: is FIXED (FAT32) - 0 GiB total, 0.083 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Photosmart Prem C310 series
    Device ID: ROOT\IMAGE\0000
    Manufacturer: HP
    Name: Photosmart Prem C310 series
    PNP Device ID: ROOT\IMAGE\0000
    Service: StillCam
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Photosmart Prem C310 series
    Device ID: ROOT\MULTIFUNCTION\0000
    Manufacturer: HP
    Name: Photosmart Prem C310 series
    PNP Device ID: ROOT\MULTIFUNCTION\0000
    Service:
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Deskjet 3050A J611 series
    Device ID: ROOT\MULTIFUNCTION\0001
    Manufacturer: HP
    Name: Deskjet 3050A J611 series
    PNP Device ID: ROOT\MULTIFUNCTION\0001
    Service:
    .
    ==== System Restore Points ===================
    .
    RP294: 2/11/2014 5:34:54 PM - avast! antivirus system restore point
    RP295: 2/12/2014 6:20:31 PM - Windows Update
    RP296: 2/12/2014 7:24:58 PM - Windows Update
    RP297: 2/14/2014 9:53:17 PM - Windows Update
    RP298: 2/23/2014 2:07:14 PM - Windows Update
    RP299: 2/23/2014 9:07:52 PM - Sheryl52
    RP300: 2/23/2014 9:57:48 PM - sherylannsekola
    RP301: 3/8/2014 1:19:36 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    64 Bit HP CIO Components Installer
    Adobe Flash Player 12 ActiveX
    Adobe Flash Player 12 Plugin
    Adobe Reader XI (11.0.06)
    Adobe Shockwave Player 11.5
    Agatha Christie - Peril at End House
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AuthenTec TrueAPI
    avast! Free Antivirus
    Bejeweled 2 Deluxe
    Bejeweled 3
    Blackhawk Striker 2
    Blasterball 3
    Blio
    Bonjour
    Bounce Symphony
    Broadcom 802.11 Wireless LAN Adapter
    BufferChm
    Build-a-lot 2
    C310
    Cake Mania
    CCleaner
    Chuzzle Deluxe
    Coupon Printer for Windows
    CyberLink YouCam
    D3DX10
    Destinations
    DeviceDiscovery
    Diner Dash 2 Restaurant Rescue
    Dora's World Adventure
    DriverUpdate
    Energy Star Digital Logo
    ESET Smart Security
    ESU for Microsoft Windows 7
    Evernote v. 4.2.2
    Farm Frenzy
    FATE - The Traitor Soul
    Google Chrome
    Google Drive
    Google Update Helper
    GPBaseService2
    Hallmark Card Studio Select
    Hewlett-Packard ACLM.NET v1.2.2.3
    HP 3D DriveGuard
    HP Auto
    HP Client Services
    HP Connection Manager
    HP Customer Experience Enhancements
    HP Customer Participation Program 14.0
    HP Documentation
    HP Games
    HP Imaging Device Functions 14.0
    HP MovieStore
    HP On Screen Display
    HP Photo Creations
    HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7
    HP Power Manager
    HP Product Detection
    HP Quick Launch
    HP Setup
    HP Setup Manager
    HP SimplePass 2011
    HP Smart Web Printing 4.60
    HP Software Framework
    HP Solution Center 14.0
    HP Support Assistant
    HP Update
    HPAppStudio
    HPDiagnosticAlert
    HPPhotoGadget
    HPProductAssistant
    HPSSupply
    IDT Audio
    Intel(R) Control Center
    Intel(R) Management Engine Components
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    iTunes
    Java 7 Update 51
    Java Auto Updater
    Java(TM) 6 Update 24 (64-bit)
    Java(TM) 6 Update 31
    Junk Mail filter update
    Magic Desktop
    Magic DVD Copier V6.1.0
    Mah Jong Medley
    Malwarebytes Anti-Malware version 1.75.0.1300
    MarketResearch
    Mesh Runtime
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Starter 2010 - English
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft WSE 3.0 Runtime
    MotoHelper 2.1.32 Driver 5.4.0
    MotoHelper MergeModules
    Motorola Mobile Drivers Installation 5.4.0
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    Mystery P.I. - Stolen in San Francisco
    Namco All-Stars PAC-MAN
    Network64
    Penguins!
    Plants vs. Zombies - Game of the Year
    PlayReady PC Runtime x86
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    PS_AIO_07_C310_SW_Min
    QuickShare
    QuickTime
    QuickTransfer
    RealDownloader
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealNetworks - Microsoft Visual C++ 2010 Runtime
    RealPlayer
    Realtek Ethernet Controller Driver
    Realtek PCIE Card Reader
    RealUpgrade 1.1
    Recovery Manager
    Renesas Electronics USB 3.0 Host Controller Driver
    RoxioNow Player
    Scan
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
    Shop for HP Supplies
    Skypeâ„¢ 6.3
    Slingo Supreme
    SmartWebPrinting
    SolutionCenter
    Status
    Synaptics TouchPad Driver
    Toolbox
    TrayApp
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
    Update Installer for WildTangent Games App
    Validity WBF DDK
    Virtual Villagers 4 - The Tree of Life
    WebReg
    Wheel of Fortune 2
    WildTangent Games App (HP Games)
    Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Mobile Device Updater Component
    Zuma Deluxe
    Zune
    Zune Language Pack (CHS)
    Zune Language Pack (CHT)
    Zune Language Pack (CSY)
    Zune Language Pack (DAN)
    Zune Language Pack (DEU)
    Zune Language Pack (ELL)
    Zune Language Pack (ESP)
    Zune Language Pack (FIN)
    Zune Language Pack (FRA)
    Zune Language Pack (HUN)
    Zune Language Pack (IND)
    Zune Language Pack (ITA)
    Zune Language Pack (JPN)
    Zune Language Pack (KOR)
    Zune Language Pack (MSL)
    Zune Language Pack (NLD)
    Zune Language Pack (NOR)
    Zune Language Pack (PLK)
    Zune Language Pack (PTB)
    Zune Language Pack (PTG)
    Zune Language Pack (RUS)
    Zune Language Pack (SVE)
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/8/2014 1:39:46 PM, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    3/8/2014 1:17:30 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    .
    ==== End Of File ===========================
    Later. Pepse.
     

  3. to hide this advert.

  4. 2014/03/09
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ================================

    [​IMG] You're running two AV programs, Eset and Avast.
    You must uninstall one of them.

    [​IMG] Your MBAM log says "No action taken ".
    Re-run MBAM fix the issue and post new log.

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

    Download Malwarebytes Anti-Rootkit (MBAR) from HERE
    • Unzip downloaded file.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
     
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.