Sign in to follow this  
Followers 0
rfilippo

Threat Removal

34 posts in this topic

Currently I am using the trial on my son's Inspiron Windows 7 64 bit. Lately every time a run a scan it finds hundreds of threats, some serious. I quarantine/remove them but still suspect a problem. I do another scan and find hundreds of threats again moments later. This time I did a critical point scan and it found over 500. During the removal process it stopped at 200. I ended the scan and the remaining threats were the right amount (the original number of threats less the ones it removed before freezing) so I was hopeful but it froze after 10. I did this again and it is frozen after 1. I guess this is a 2-part question because I am concerned that the removal process is stuck and I don't understand why the computer is still vulnerable. Thank you

Share this post


Link to post
Share on other sites

The situation seemed to be fixed, however as soon as I open Mozilla i get warnings and popups. I ran the software and seemed to succesfully remove everything. I uninstalled mozilla and opened chrome and the same thing happened. After each event I ran a scan and then reboted. My son opened Internet Explorer and all Hell broke loose. I tried to disable extensions/add ons and do some other maintenance on Chrome but as soon as you open it you get the popups/warnings and it freezes. I am typing this from another laptop as I cannot do anything on his.

Share this post


Link to post
Share on other sites

Trying to create disc. When I click "write Image" I am supposed to find locatio of ISO file. It brings me to documents and most files are empty. I can't find it anywhere. I've done it a few times

Share this post


Link to post
Share on other sites

I was able to get it onto a flash drive  and boot. It scanned and found nothing but I still can't open any browsers without the warnings/popups.

Share this post


Link to post
Share on other sites

When you see the pop up try pressing Prt scr (print screen) on your keyboard when you restart you may be able to paste it into Paint.

 

Also, does the popups happen in Safe mode with Networking ?

Share this post


Link to post
Share on other sites

I went into safe mode and ran malwarebytes, superantispyware and MS Security Essentials. No threats found. I went into Chrome to make sure there were no unwanted search engines. I went into control panel to uninstall everything I didn't want. Chrome is still infected. I can only tell you that when you enter info to search, another tab automatically opens (this time it was My Binary System) and then a window that says "The Page at b1.zjaggf.com says: WARNING!!! Your Java Version is Outdated, Have Security Risks, Please Update Now! " with a box to click "OK" everything is frozen at that point.

Share this post


Link to post
Share on other sites

won't let me do a screen capture. All I can do is hard shut down (sometimes ctrl alt del works.) The pop ups didn't happen in safe mode

Share this post


Link to post
Share on other sites

Can you use a working computer and download adwcleaner select Scan and then Clean.

 

Restart the computer and see if you can paste the log file here.

Share this post


Link to post
Share on other sites

# AdwCleaner v4.101 - Report created 18/11/2014 at 10:48:12
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : owner - OWNER-PC
# Running from : F:\adwcleaner_4.101(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v


-\\ Google Chrome v

[C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

*************************

AdwCleaner[R0].txt - [10121 octets] - [17/11/2014 15:30:58]
AdwCleaner[R1].txt - [1684 octets] - [18/11/2014 10:40:10]
AdwCleaner[s0].txt - [10193 octets] - [17/11/2014 15:38:24]
AdwCleaner[s1].txt - [1479 octets] - [18/11/2014 10:48:12]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1539 octets] ##########

Share this post


Link to post
Share on other sites

Those look like the files causing the issues, all in the chrome profile.

 

Are you able to access the internet now?

Share this post


Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 10.51.2
Run by owner at 14:20:00 on 2014-11-18
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3990.2473 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{1693CD14-5023-48A4-94A1-A562A6ACD417} : NameServer = 31.168.224.100,5.135.12.56
TCP: Interfaces\{24238CF6-1FEF-4415-AF34-34957BFB6B58} : NameServer = 31.168.224.100,5.135.12.56
TCP: Interfaces\{24238CF6-1FEF-4415-AF34-34957BFB6B58} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{24238CF6-1FEF-4415-AF34-34957BFB6B58}\876696E696479777966696 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{9242686B-F6EF-4C9C-9B58-15F272A2B750} : NameServer = 31.168.224.100,5.135.12.56
TCP: Interfaces\{E2C3D797-05E3-4960-8823-3844E572229A} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: VideoMedia+Player_v2.3: {11111111-1111-1111-1111-110611491169} -
x64-BHO: {11111111-1111-1111-1111-110611501155} - <orphaned>
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [bLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-22 172344]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-3-29 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-15 659976]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-8-26 1137016]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2013-8-26 1685880]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-8-26 1157496]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-4-23 135952]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-3-29 290520]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-3-17 4915040]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-6-25 3325232]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2013-7-22 140600]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2013-9-5 1390904]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2013-4-23 69088]
R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2012-5-17 26136]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-10-25 96768]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-10-25 213504]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-10-8 129752]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-6-25 272688]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-7-17 125584]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-18 1255736]
.
=============== Created Last 30 ================
.
2014-11-18 16:21:32    11632448    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{396E00A2-D54E-4D53-B7CC-6A578F5C4379}\mpengine.dll
2014-11-17 22:18:54    4    ----a-w-    C:\Users\owner\AppData\Roaming\appdataFr2.bin
2014-11-17 21:30:49    --------    d-----w-    C:\AdwCleaner
2014-11-17 15:19:50    1188440    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{79849832-607A-416E-AD44-5CEA729F10E1}\gapaengine.dll
2014-11-17 15:18:09    11627712    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-11-17 14:58:25    --------    d-----w-    C:\Program Files (x86)\Microsoft Security Client
2014-11-17 14:58:18    --------    d-----w-    C:\Program Files\Microsoft Security Client
2014-11-16 18:22:06    --------    d-----w-    C:\Users\owner\AppData\Roaming\Compete
2014-11-16 18:19:28    --------    d-----w-    C:\Program Files (x86)\Setup Support for Consumer Input
2014-11-16 18:19:21    --------    d-sh--w-    C:\Users\owner\AppData\Local\EmieBrowserModeList
2014-11-16 18:19:06    --------    d-----w-    C:\Program Files (x86)\b91374d8-d884-4518-8e61-430b3493b81b
2014-11-16 18:18:59    --------    d-----w-    C:\Program Files (x86)\ada2fff9-86b8-4e30-b468-d340d24e96ad
2014-11-15 18:24:04    --------    d-----w-    C:\Program Files\SUPERAntiSpyware
2014-11-15 04:40:38    --------    d-----w-    C:\SUPERDelete
2014-11-15 04:39:28    --------    d-----w-    C:\Users\owner\AppData\Roaming\SUPERAntiSpyware.com
2014-11-15 04:39:03    --------    d-----w-    C:\ProgramData\SUPERAntiSpyware.com
2014-11-14 14:24:53    11627712    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CECB6C9C-C483-470E-B712-F2B6E30100EA}\mpengine.dll
2014-11-12 15:52:35    2048    ----a-w-    C:\Windows\SysWow64\msxml3r.dll
2014-11-12 04:47:29    17926832    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-11-10 23:02:09    3231832    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\d3dcompiler_46.dll
2014-11-10 23:02:09    220784    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\sandboxbroker.dll
2014-10-31 04:37:02    --------    d-sh--w-    C:\Users\owner\AppData\Local\EmieUserList
2014-10-31 04:37:02    --------    d-sh--w-    C:\Users\owner\AppData\Local\EmieSiteList
2014-10-29 05:01:34    --------    d-----w-    C:\ProgramData\551c00805fd50fb
2014-10-24 00:32:38    --------    d-sh--w-    C:\found.000
.
==================== Find3M  ====================
.
2014-11-18 16:20:22    129752    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-12 04:48:19    701104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-12 04:48:15    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-06 04:04:03    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03    66560    ----a-w-    C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12    580096    ----a-w-    C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28    88064    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22    144384    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08    114688    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18    814080    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57    6040064    ----a-w-    C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18    968704    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43    501248    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36    62464    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44    47616    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58    64000    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29    77824    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36    115712    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38    620032    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39    1359360    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25    2124288    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49    4298240    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25    2051072    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37    1155072    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24    2365440    ----a-w-    C:\Windows\System32\wininet.dll
2014-11-06 01:52:35    1892864    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-10-30 11:25:26    275080    ------w-    C:\Windows\System32\MpSigStub.exe
2014-10-25 01:57:59    77824    ----a-w-    C:\Windows\System32\packager.dll
2014-10-25 01:32:37    67584    ----a-w-    C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23    861696    ----a-w-    C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18    571904    ----a-w-    C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37    155064    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06    683520    ----a-w-    C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00    3241984    ----a-w-    C:\Windows\System32\msi.dll
2014-10-14 02:12:57    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31    146432    ----a-w-    C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31    681984    ----a-w-    C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41    2363904    ----a-w-    C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30    146432    ----a-w-    C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02    681984    ----a-w-    C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42    3198976    ----a-w-    C:\Windows\System32\win32k.sys
2014-10-03 02:12:00    500224    ----a-w-    C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54    284672    ----a-w-    C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51    680960    ----a-w-    C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51    440832    ----a-w-    C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51    296448    ----a-w-    C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42    442880    ----a-w-    C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26    374784    ----a-w-    C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26    195584    ----a-w-    C:\Windows\SysWow64\AudioSes.dll
2014-10-01 17:11:26    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-10-01 17:11:16    93400    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-01 17:11:12    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-09-25 02:08:38    0    ----a-w-    C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50    519680    ----a-w-    C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49    342016    ----a-w-    C:\Windows\System32\schannel.dll
2014-09-19 09:42:47    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47    309760    ----a-w-    C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:44    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-09-19 09:42:41    22016    ----a-w-    C:\Windows\System32\credssp.dll
2014-09-19 09:23:55    172032    ----a-w-    C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52    65536    ----a-w-    C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49    248832    ----a-w-    C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46    221184    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:42    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-09-19 09:23:36    17408    ----a-w-    C:\Windows\SysWow64\credssp.dll
2014-09-09 22:11:04    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-09-09 21:47:10    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-09-04 05:23:20    424448    ----a-w-    C:\Windows\System32\rastls.dll
2014-09-04 05:04:15    372736    ----a-w-    C:\Windows\SysWow64\rastls.dll
2014-08-23 02:07:00    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-08-21 06:43:26    1882624    ----a-w-    C:\Windows\System32\msxml3.dll
2014-08-21 06:40:32    2048    ----a-w-    C:\Windows\System32\msxml3r.dll
2014-08-21 06:26:21    1237504    ----a-w-    C:\Windows\SysWow64\msxml3.dll
.
============= FINISH: 14:20:41.62 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/12/2014 8:34:57 PM
System Uptime: 11/18/2014 11:09:38 AM (3 hours ago)
.
Motherboard: Dell Inc. |  |       
Processor: Intel® Core i3-2330M CPU @ 2.20GHz | CPU | 2200/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 596 GiB total, 530.308 GiB free.
D: is CDROM (CDFS)
E: is Removable
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart D110 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart D110 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP100: 10/31/2014 11:28:37 AM - Windows Update
RP101: 11/4/2014 11:30:35 AM - Windows Update
RP102: 11/7/2014 6:02:18 PM - Windows Update
RP103: 11/11/2014 11:02:58 AM - Windows Update
RP105: 11/13/2014 11:15:17 AM - Windows Modules Installer
RP106: 11/15/2014 11:56:00 PM - avast! antivirus system restore point
RP107: 11/18/2014 9:30:04 AM - Windows Update
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.09)
Adobe Shockwave Player 12.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
BufferChm
Consumer Input Update Helper
D110
Dell Touchpad
Destinations
DeviceDiscovery
Dropbox
Google Chrome
GPBaseService2
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPAppStudio
HPPhotoGadget
HPProductAssistant
HPSSupply
Intel PROSet Wireless
Intel® Chipset Device Software
Intel® Processor Graphics
Intel® PROSet/Wireless for Bluetooth® + High Speed
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1342.1)
Intel® PROSet/Wireless WiFi Software
Intel® Watchdog Timer Driver (Intel® WDT)
iTunes
Java 7 Update 51
Java 7 Update 51 (64-bit)
Java Auto Updater
Malwarebytes Anti-Malware version 2.0.3.1025
MarketResearch
Microsoft .NET Framework 4.5.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Network64
PS_AIO_07_D110_SW_Min
QuickTime 7
QuickTransfer
Ralink RT2870 Wireless LAN Card
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
Scan
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Status
SUPERAntiSpyware
swMSM
TeamViewer 9
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899525) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WebReg
.
==== Event Viewer Messages From Past Week ========
.
11/18/2014 9:59:15 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.189.116.0).
11/18/2014 9:58:41 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.187.2374.0      Update Source: Microsoft Update Server      Update Stage: Install      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.11104.0      Error code: 0x80070643      Error description: Fatal error during installation.
11/18/2014 9:58:39 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version: 1.189.116.0      Previous Signature Version: 1.187.2374.0      Update Source: User      Update Stage: Install      Source Path:       Signature Type: AntiVirus      Update Type: Delta      User: NT AUTHORITY\SYSTEM      Current Engine Version: 1.1.11104.0      Previous Engine Version: 1.1.11104.0      Error code: 0x80070666      Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
11/18/2014 9:58:39 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version: 1.189.116.0      Previous Signature Version: 1.187.2374.0      Update Source: User      Update Stage: Install      Source Path:       Signature Type: AntiSpyware      Update Type: Delta      User: NT AUTHORITY\SYSTEM      Current Engine Version: 1.1.11104.0      Previous Engine Version: 1.1.11104.0      Error code: 0x80070666      Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
11/18/2014 7:58:42 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/18/2014 7:58:41 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/18/2014 7:58:37 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/18/2014 7:58:35 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
11/18/2014 7:58:24 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/18/2014 7:58:21 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  discache MpFilter SASDIFSV SASKUTIL spldr Wanarpv6
11/18/2014 7:58:18 AM, Error: Service Control Manager [7001]  - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
11/18/2014 7:58:15 AM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.      Feature: On Access      Error Code: 0x8007043c      Error description: This service cannot be started in Safe Mode       Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
11/18/2014 7:57:29 AM, Error: Service Control Manager [7023]  - The Server service terminated with the following error:  The service has not been started.
11/18/2014 7:57:27 AM, Error: Service Control Manager [7038]  - The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/18/2014 7:57:27 AM, Error: Service Control Manager [7038]  - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/18/2014 7:57:27 AM, Error: Service Control Manager [7038]  - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/18/2014 7:57:27 AM, Error: Service Control Manager [7038]  - The HPSLPSVC service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/18/2014 7:57:27 AM, Error: Service Control Manager [7038]  - The bthserv service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/18/2014 7:57:27 AM, Error: Service Control Manager [7001]  - The Application Information service depends on the User Profile Service service which failed to start because of the following error:  A system shutdown is in progress.
11/18/2014 7:57:27 AM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not start due to a logon failure.
11/18/2014 7:57:27 AM, Error: Service Control Manager [7000]  - The User Profile Service service failed to start due to the following error:  A system shutdown is in progress.
11/18/2014 7:57:27 AM, Error: Service Control Manager [7000]  - The Portable Device Enumerator Service service failed to start due to the following error:  A system shutdown is in progress.
11/18/2014 7:57:27 AM, Error: Service Control Manager [7000]  - The Network List Service service failed to start due to the following error:  The service did not start due to a logon failure.
11/18/2014 7:57:27 AM, Error: Service Control Manager [7000]  - The Network Connections service failed to start due to the following error:  A system shutdown is in progress.
11/18/2014 7:57:27 AM, Error: Service Control Manager [7000]  - The Microsoft Network Inspection service failed to start due to the following error:  The pipe has been ended.
11/18/2014 7:57:27 AM, Error: Service Control Manager [7000]  - The hpqcxs08 service failed to start due to the following error:  A system shutdown is in progress.
11/18/2014 7:57:27 AM, Error: Service Control Manager [7000]  - The HP Network Devices Support service failed to start due to the following error:  The service did not start due to a logon failure.
11/18/2014 7:57:27 AM, Error: Service Control Manager [7000]  - The Diagnostic Service Host service failed to start due to the following error:  The service did not start due to a logon failure.
11/18/2014 7:57:27 AM, Error: Service Control Manager [7000]  - The Bluetooth Support Service service failed to start due to the following error:  The service did not start due to a logon failure.
11/18/2014 7:55:46 AM, Error: Service Control Manager [7038]  - The NisSrv service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/18/2014 7:55:46 AM, Error: Service Control Manager [7001]  - The Application Information service depends on the User Profile Service service which failed to start because of the following error:  The service has not been started.
11/18/2014 7:55:46 AM, Error: Service Control Manager [7000]  - The Microsoft Network Inspection service failed to start due to the following error:  The service did not start due to a logon failure.
11/18/2014 7:55:46 AM, Error: Service Control Manager [7000]  - The HP Network Devices Support service failed to start due to the following error:  The pipe has been ended.
11/17/2014 9:23:25 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.187.2374.0      Update Source: Microsoft Update Server      Update Stage: Download      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.11104.0      Error code: 0x8024001e      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
11/17/2014 9:23:25 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.187.2374.0      Update Source: Microsoft Update Server      Update Stage: Download      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.11104.0      Error code: 0x8024001e      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
11/17/2014 7:24:47 PM, Error: Service Control Manager [7023]  - The Diagnostic System Host service terminated with the following error:  The requested control is not valid for this service.
11/17/2014 3:41:06 PM, Error: Service Control Manager [7034]  - The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).
11/17/2014 3:39:06 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003]  - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
11/17/2014 3:38:35 PM, Error: Service Control Manager [7034]  - The Bluetooth OBEX Service service terminated unexpectedly.  It has done this 1 time(s).
11/17/2014 3:38:35 PM, Error: Service Control Manager [7034]  - The Bluetooth Media Service service terminated unexpectedly.  It has done this 1 time(s).
11/17/2014 3:38:35 PM, Error: Service Control Manager [7034]  - The Bluetooth Device Monitor service terminated unexpectedly.  It has done this 1 time(s).
11/17/2014 3:38:35 PM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/17/2014 3:38:34 PM, Error: Service Control Manager [7034]  - The Realtek Audio Service service terminated unexpectedly.  It has done this 1 time(s).
11/17/2014 3:38:34 PM, Error: Service Control Manager [7034]  - The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
11/17/2014 3:38:34 PM, Error: Service Control Manager [7034]  - The Intel® PROSet/Wireless Registry Service service terminated unexpectedly.  It has done this 1 time(s).
11/17/2014 3:38:34 PM, Error: Service Control Manager [7034]  - The Intel® PROSet/Wireless Event Log service terminated unexpectedly.  It has done this 1 time(s).
11/17/2014 3:38:34 PM, Error: Service Control Manager [7034]  - The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).
11/17/2014 3:38:34 PM, Error: Service Control Manager [7034]  - The Andrea RT Filters Service service terminated unexpectedly.  It has done this 1 time(s).
11/17/2014 3:38:34 PM, Error: Service Control Manager [7034]  - The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
11/17/2014 3:38:34 PM, Error: Service Control Manager [7031]  - The SAS Core Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
11/17/2014 3:38:34 PM, Error: Service Control Manager [7031]  - The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/17/2014 3:38:34 PM, Error: Service Control Manager [7031]  - The Intel® Centrino® Wireless Bluetooth® + High Speed Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/17/2014 3:38:34 PM, Error: Service Control Manager [7031]  - The Intel® Centrino® Wireless Bluetooth® + High Speed Security Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
11/17/2014 3:38:34 PM, Error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/17/2014 12:54:31 PM, Error: Service Control Manager [7000]  - The VO Service component service failed to start due to the following error:  The system cannot find the file specified.
11/17/2014 12:54:27 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Optimizer Pro Crash Monitor service to connect.
11/16/2014 6:26:10 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR2.
11/16/2014 5:45:41 PM, Error: Service Control Manager [7000]  - The globalUpdate Update Service (globalUpdate) service failed to start due to the following error:  This version of globalUpdate Update Service (globalUpdate) is not compatible with the version of Windows you're running. Check your computer's system information to see whether you need a x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher.
11/16/2014 5:45:41 PM, Error: Service Control Manager [7000]  - The ConsumerInput Update Service (consumerinput_update) service failed to start due to the following error:  The system cannot find the path specified.
11/16/2014 5:43:24 PM, Error: Service Control Manager [7000]  - The VO Service component service failed to start due to the following error:  This version of VO Service component is not compatible with the version of Windows you're running. Check your computer's system information to see whether you need a x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher.
11/16/2014 5:43:23 PM, Error: Service Control Manager [7000]  - The DonutQuotes service failed to start due to the following error:  This version of DonutQuotes is not compatible with the version of Windows you're running. Check your computer's system information to see whether you need a x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher.
11/16/2014 2:34:44 PM, Error: Service Control Manager [7000]  - The ConsumerInput Update Service (consumerinput_update) service failed to start due to the following error:  This version of ConsumerInput Update Service (consumerinput_update) is not compatible with the version of Windows you're running. Check your computer's system information to see whether you need a x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher.
11/16/2014 12:19:24 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the DonutQuotes service to connect.
11/16/2014 12:19:24 PM, Error: Service Control Manager [7000]  - The DonutQuotes service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/14/2014 10:15:30 PM, Error: Service Control Manager [7000]  - The Search Protect Service service failed to start due to the following error:  The system cannot find the file specified.
.
==== End Of File ===========================

Share this post


Link to post
Share on other sites

Lots of issues there.

x64-BHO: VideoMedia+Player_v2.3: {11111111-1111-1111-1111-110611491169} -

x64-BHO: {11111111-1111-1111-1111-110611501155} - <orphaned>

x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

C:\Users\owner\AppData\Roaming\appdataFr2.bin

You'll need to disable and remove these BHO's (browser helper objects).

Disable the two EB: HP BHO's.

Delete the "appdataFr2.bin" file from "C:\Users\owner\AppData\Roaming\".

Open a cmd prompt as Admin (admin priviledges).

Type;

ipconfig /flushdns

Press Enter.

Restart the computer in Safe mode and run SAS again to see what it finds.(make sure to update it first)

Share this post


Link to post
Share on other sites

I'm in the process of running SAS in safe mode. Couldn't locate C:\Users\owner\AppData\Roaming\appdataFr2.bin. Didn't HP BHO's disable when I disabled 3rd party ?

Share this post


Link to post
Share on other sites

C:\Users\owner\AppData\

Enter the above text as you see it in to the start menu search bar, it should give you three different options. Right click Roaming and select Open Folder Location, you should be able to find it there unless its hidden.

Share this post


Link to post
Share on other sites

In the URL bar of chrome type;

 

chrome://extensions/

and disable all extensions.

 

then restart the browser.

Share this post


Link to post
Share on other sites

This is me dancing! Free at last free at last thank God almighty I am free at last! I don't understand because I had already done this very early on but I think I was in a loop of infections. Thank you thank you thank you

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0