ReverendG
-
Posts
4 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by ReverendG
-
-
Scratch that. My bad. It saved it to the desktop of the admin account! I was running it out of a regular user account. Here's the file:
RogueKiller V8.3.1 [Nov 20 2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Dovie [Admin rights]
Mode : Scan -- Date : 11/21/2012 14:43:32
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 11 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : ISUSPM ("C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-2578162646-1362529772-1929396617-1001[...]\Run : ISUSPM ("C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler) -> FOUND
[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\Run : Nuance PDF Converter Professional 7-reminder ("C:\Program Files (x86)\Nuance\PDF Professional 7\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Converter Professional 7\Ereg\Ereg.ini") -> FOUND
[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\RunOnce : InnoSetupRegFile.0000000001 ("C:\Windows\is-LE15J.exe" /REG /REGSVRMODE) -> FOUND
[RUN][NOTFOUND] HKLM\[...]\Wow6432Node\RunOnce : Malwarebytes Anti-Malware (cleanup) (rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript) -> FOUND
[services][ROGUE ST] HKLM\[...]\ControlSet001\Services\61883 (C:\Windows\system32\DRIVERS\61883.sys) -> FOUND
[services][ROGUE ST] HKLM\[...]\ControlSet002\Services\61883 (C:\Windows\system32\DRIVERS\61883.sys) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-21-2578162646-1362529772-1929396617-1003\$f4767e202308210301eea51910c4830f\U --> FOUND
[ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-21-2578162646-1362529772-1929396617-1003\$f4767e202308210301eea51910c4830f\L --> FOUND
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 lmm.localhost.com
127.0.0.1 lmm2.localhost.com
127.0.0.1 prairie.localhost.com
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD10 EADS-65M2B1 SCSI Disk Device +++++
--- User ---
[MBR] bba2998af15daa2b051bf87a071ce06e
[bSP] 62efa5f06658fedda3cab65eb5a0f01d : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 942581 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1930613185 | Size: 11185 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive4: Generic- SD/MMC USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[2]_S_11212012_02d1443.txt >>
RKreport[1]_S_11212012_02d1440.txt ; RKreport[2]_S_11212012_02d1443.txt
-
I downloaded and ran it (on a side note, McAfee tried to stop me from DL-ing it saying it contained bad things - I assumed, since I clicked on the link you posted, that it was a false positive).
No text file was created on my Desktop. After it finished the scan it started flashing this "Zero Access" thing inside its GUI and popped open a webpage trying to sell me something.
-
I actually saw another post here with this same exact problem but I want to make sure I fix this the right way. Just today I noticed some Google results redirecting. I've had this before, and the solution then (before I knew about these forums) ended up being a reformat. I'd like to avoid that since it's a pain. I ran MBAM and it found/deleted the Trojan, but it's still happening. Below are two files I think I'm supposed to include.
Thank you.
--------------------------
DDS.txt
---------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.7.2
Run by Dovie at 14:24:52 on 2012-11-21
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.5887.4357 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Windows\system32\svchost.exe -k imgsvc
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Lexmark 5200 Series\ezprint.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Windows\SysWOW64\RAMASST.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
C:\Program Files (x86)\Freecorder\FLVSrvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 7\bin\PlusIEContextMenu.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: ZeonIEEventHelper Class: {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDF Professional 7\bin\ZeonIEFavClient.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: FlashFXP Helper for Internet Explorer: {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files (x86)\FlashFXP\IEFlash.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB: Nuance PDF: {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\bin\ZeonIEFavClient.dll
TB: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
TB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
uRun: [iSUSPM] "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
uRun: [TweakRAM] "C:\Program Files (x86)\TweakRAM\TweakRAM.exe"
uRunOnce: [Application Restart #0] C:\Program Files\Microsoft Security Client\msseces.exe -Recover
mRun: [hpsysdrv] "c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"
mRun: [HP Remote Solution] "C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [startNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
mRun: [HP Software Update] "c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe
mRun: [PDF7 Registry Controller] C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe
mRun: [Nuance PDF Converter Professional 7-reminder] "C:\Program Files (x86)\Nuance\PDF Professional 7\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Converter Professional 7\Ereg\Ereg.ini"
mRun: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [innoSetupRegFile.0000000001] "C:\Windows\is-LE15J.exe" /REG /REGSVRMODE
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAMASST.lnk - C:\Windows\System32\RAMASST.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append the content of the link to existing PDF file - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Open with Nuance PDF Converter 7.0 - C:\Program Files (x86)\Nuance\PDF Professional 7\cnvres_eng.dll /100
IE: Open with PDF Professional 7 - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{20914F8E-0929-4C24-ABC8-0C05A33EF444} : DHCPNameServer = 192.168.1.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - C:\Program Files (x86)\NavNetApp\ComUtilities.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
SSODL: WebCheck - <orphaned>
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [PC-Doctor for Windows localizer] "C:\Program Files\PC-Doctor for Windows\localizer.exe"
x64-Run: [smartMenu] "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background
x64-Run: [lxbtmon.exe] "C:\Program Files (x86)\Lexmark 5200 Series\lxbtmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark 5200 Series\ezprint.exe"
x64-Run: [CanonMyPrinter] "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" /logon
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dovie\AppData\Roaming\Mozilla\Firefox\Profiles\pgf4vuhi.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z192&install_date=20110908
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=WBR&o=13993&locale=en_US&apn_uid=dd3e5831-76e4-47ed-af5a-5a36ff28e3d0&apn_ptnrs=W5&apn_sauid=87C811FC-4FDA-4B14-AA6C-BF1F23F9A9E3&apn_dtid=YYYYYYYYUS&&q=
FF - component: C:\Program Files (x86)\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
FF - plugin: C:\PROGRA~2\palmOne\PACKAG~1\NPInstal.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 Soluto;Soluto;C:\Windows\System32\drivers\Soluto.sys [2011-7-13 54728]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2012-8-22 103472]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-4-14 54824]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
S2 SolutoService;Soluto PCGenome Core Service;C:\Program Files\Soluto\SolutoService.exe [2012-9-6 604688]
S3 Apache2.2;Apache2.2;C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [2012-1-28 20549]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2012-1-11 16776]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2012-1-11 9096]
S3 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-5-25 351136]
S3 LVUVC64;Logitech Webcam 200(UVC);C:\Windows\System32\drivers\LVUVC64.sys [2011-4-1 4186528]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-6-17 237008]
S3 nosGetPlusHelper;getPlus® Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms [2009-9-16 23536]
S3 PDFProFiltSrv;PDFProFiltSrv;C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe [2010-8-26 134944]
S3 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-4-29 1153368]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-5-25 442656]
S3 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-7-27 267488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-29 1255736]
.
=============== File Associations ===============
.
FileExt: .js: JSFile="C:\Program Files (x86)\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"
.
=============== Created Last 30 ================
.
2012-11-21 16:37:19 711240 ----a-w- C:\Windows\is-LE15J.exe
2012-11-21 10:02:37 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{66F327C3-B34B-401B-89A3-CB1679608E51}\mpengine.dll
2012-11-20 10:03:53 9125352 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-16 09:23:37 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-16 09:23:37 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-16 09:23:37 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-16 09:23:37 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-16 09:06:56 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-16 09:06:55 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-16 09:06:55 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-16 09:06:54 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-16 09:06:51 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-16 09:06:50 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-16 09:06:50 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-16 04:51:43 3147264 ----a-w- C:\Windows\System32\win32k.sys
2012-11-16 04:51:25 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-11-16 04:51:24 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-11-15 04:20:47 -------- d-----w- C:\Temp
2012-11-15 04:20:19 -------- d-----w- C:\Lxk5200
2012-11-08 04:33:33 -------- d-----w- C:\Users\Dovie\.DbSchema
2012-11-08 04:32:59 -------- d-----w- C:\Program Files (x86)\DbSchema
.
==================== Find3M ====================
.
2012-10-09 00:16:19 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 00:16:19 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-09-30 01:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-09-06 16:43:20 54728 ----a-w- C:\Windows\System32\drivers\Soluto.sys
2012-09-04 01:57:03 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-04 01:56:58 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-09-04 01:56:58 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-31 18:02:20 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-31 03:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2012-08-31 03:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2004-08-10 04:30:22 40960 ----a-w- C:\Program Files (x86)\Uninstall_CDS.exe
.
============= FINISH: 14:25:48.54 ===============
Attach.txt
------------
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/28/2011 8:54:04 PM
System Uptime: 11/21/2012 11:05:17 AM (3 hours ago)
.
Motherboard: PEGATRON CORPORATION | | VIOLET6
Processor: AMD Athlon II X4 630 Processor | CPU 1 | 2100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 920 GiB total, 122.073 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.601 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 157 GiB total, 155.605 GiB free.
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is FIXED (NTFS) - 98 GiB total, 42.363 GiB free.
L: is FIXED (NTFS) - 98 GiB total, 72.047 GiB free.
M: is FIXED (NTFS) - 98 GiB total, 52.116 GiB free.
N: is FIXED (NTFS) - 49 GiB total, 1.525 GiB free.
O: is FIXED (NTFS) - 49 GiB total, 48.531 GiB free.
P: is FIXED (NTFS) - 49 GiB total, 46.039 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP670: 11/3/2012 3:00:10 AM - Windows Update
RP671: 11/4/2012 2:00:10 AM - Windows Update
RP672: 11/4/2012 3:00:10 AM - Windows Update
RP673: 11/5/2012 3:00:10 AM - Windows Update
RP674: 11/6/2012 3:00:10 AM - Windows Update
RP675: 11/7/2012 3:00:11 AM - Windows Update
RP676: 11/8/2012 3:00:11 AM - Windows Update
RP677: 11/9/2012 3:00:10 AM - Windows Update
RP678: 11/10/2012 3:00:10 AM - Windows Update
RP679: 11/11/2012 3:00:11 AM - Windows Update
RP680: 11/12/2012 3:00:12 AM - Windows Update
RP681: 11/13/2012 3:00:16 AM - Windows Update
RP682: 11/14/2012 3:00:13 AM - Windows Update
RP683: 11/16/2012 3:00:49 AM - Windows Update
RP684: 11/17/2012 3:00:14 AM - Windows Update
RP685: 11/18/2012 3:00:10 AM - Windows Update
RP686: 11/19/2012 3:00:10 AM - Windows Update
RP687: 11/20/2012 3:00:10 AM - Windows Update
RP688: 11/21/2012 3:00:10 AM - Windows Update
.
==== Installed Programs ======================
.
1AVCenter version 2.3.1.21
A-PDF To Image
ActiveCheck component for HP Active Support Library
Adobe Download Manager
Adobe Flash Player 11 Plugin
Adobe Reader X (10.0.1)
Aiseesoft DVD Ripper 6.2.26
Anki
Apache HTTP Server 2.0.58
Apache HTTP Server 2.2.22
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Applian FLV Player
Ashampoo Burning Studio Elements 10.0.9
Ashampoo Photo Commander 8 v.8.5.0
Ask Toolbar
Ask Toolbar Updater
AVS Image Converter 2.0.2.160
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.4
BatchInpaint 1.0
Bonjour
CameraHelperMsi
Canon Easy-PhotoPrint EX
Canon iP3600 series Printer Driver
Canon iP3600 series User Registration
Canon Utilities My Printer
Canon Utilities Solution Menu
Compatibility Pack for the 2007 Office system
ConvertHelper 2.2
Coupon Printer for Windows
coverXP (remove only)
CyberLink DVD Suite Deluxe
DbSchema
DirectX for Managed Code Update (Summer 2004)
DivX Setup
Documents To Go
DP Animation Maker
DVD-MovieAlbumSE 3
DVD-RAM Driver
DVD Menu Pack for HP MediaSmart Video
DVD Solution
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.0
EASEUS Partition Master 9.1.0 Professional
Easy Thumbnails (Remove only)
erLT
FlashFXP v3
Flip Album
FLV Player
Free File Viewer 2011
Freecorder 5
Freecorder Toolbar
GIMP
GPL Ghostscript
GPL Ghostscript 8.71
GRT Recover My File 2.6
Hardware Diagnostic Tools
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MediaSmart Demo
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP MediaSmart SmartMenu
HP MediaSmart/TouchSmart Netflix
HP Odometer
HP Remote Solution
HP Setup
HP Support Assistant
HP Support Information
HP Update
HPAsset component for HP Active Support Library
Hulu Desktop
Ideal DVD Copy V4.1.0
ImgBurn
Inkjet Printer/Scanner Extended Survey Program
iResizer 1.1
iTunes
Jasc Paint Shop Pro 8
Java 7 Update 7
Java Auto Updater
Java 6 Update 31
Java 6 Update 4
Junk Mail filter update
LabelPrint
Lexmark 5200 Series
LightScribe System Software
LimeWire 4.16.4
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Malwarebytes Anti-Malware version 1.65.1.1000
McAfee Security Scan Plus
McAfee SiteAdvisor
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Live Search Toolbar
Microsoft Office 2000 Small Business
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MyHeritage Family Tree Builder
NavNet
NeoDownloader 2.8.1 (GiveAwayOfTheDay Version)
No Limit Texas Hold Em Poker
Nuance PDF Converter Professional 7
NVIDIA Drivers
Paint.NET v3.5.10
Palm Desktop by ACCESS
Photoupz 1.6
PictureMover
PlayReady PC Runtime amd64
Power2Go
PowerDirector
PowerDirector Express
PowerDVD
PowerProducer
QuickTime
Realtek High Definition Audio Driver
Recovery Manager
Scansoft PDF Professional
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Soluto
Spybot - Search & Destroy
StartNow Toolbar
TextPad
Tipard DVD Creator 3.1.18
Trusted Software Assistant
TurboTax 2010
TurboTax 2010 wiliper
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 wiliper
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TweakRAM
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VC80CRTRedist - 8.0.50727.6195
Vuze
Webcam Motion Detector version 1.3
Winamp
Winamp Detector Plug-in
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinRAR archiver
WinZip 14.5
Wondershare DVD Slideshow Builder Standard(Build 6.1.6.55)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zebra Screen Recorder version 1.2
.
==== Event Viewer Messages From Past Week ========
.
11/21/2012 3:04:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Works 9 (KB2754670).
11/21/2012 11:06:54 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: meiudf
11/21/2012 11:06:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Soluto PCGenome Core Service service to connect.
11/21/2012 11:06:50 AM, Error: Service Control Manager [7000] - The Soluto PCGenome Core Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/21/2012 11:05:37 AM, Error: BTHUSB [5] - The Bluetooth driver expected an HCI event with a certain size but did not receive it.
11/21/2012 11:05:28 AM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/21/2012 11:05:26 AM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\meiudf.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/21/2012 11:02:22 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
11/21/2012 10:39:51 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/21/2012 10:39:50 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/21/2012 10:39:49 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/21/2012 10:39:34 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/21/2012 10:39:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/21/2012 10:39:25 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache meiudf MpFilter Soluto spldr Wanarpv6
11/21/2012 10:35:53 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
11/21/2012 10:34:50 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
11/21/2012 10:34:50 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
11/17/2012 4:03:33 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2300.0).
11/17/2012 4:03:28 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.2168.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070643 Error description: Fatal error during installation.
11/15/2012 5:27:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SolutoService service.
.
==== End Of File ===========================
Thank you again, in advance, for your assistance. If I've left anything out that you need, please just ask.
Google results redirect - Trojan.happili
in Resolved Malware Removal Logs
Posted
I disconnected immediately. I'll go the reformat route. Thank you very much for your assistance.