Jump to content

mshanehorn

Members
  • Posts

    5
  • Joined

  • Last visited

Everything posted by mshanehorn

  1. I already have a forum member working on it from the Help sub-forum. Existing Post - http://forums.malwarebytes.org/index.php?showtopic=130269&hl= I posted here just to let you guys know the first post was not an isolated event. Thanks
  2. Alrighty then here we go. 01 Registry Backup Complete 02 Roguekiller x64 - Freezes during the registry scan, no log generated - Screenshot attached. 03 MBAR - Ran fine, no threats - Logs attached 04 JRT - Ran Fine - Logs Attached 05 Adwcleaner - Ran Fine - Logs Attached 06 ESET Online Scanner - 3 potentially unwanted found. OpenCandy('Super' mpeg encoder installer), TFTPD32.A (pxeserver.dll and tb_free.exe, both part of EaseUS Todo Backup) 07 FRST64 - Ran Fine - Logs Attached Addition.txt AdwCleanerR1.txt AdwCleanerS1.txt AdwCleanerS2.txt ESET Online Scanner Results.txt FRST.txt JRT.txt mbar-log-2013-07-30 (22-46-14).txt Roguekiller Freeze.bmp system-log.txt
  3. I cannot figure this one out. I keep getting ip address blocked 95.211.194.79 - type: outgoing - port:xxxxx(changes everytime) process: explorer.exe I have tried everything I know to try and I am getting no where. Please help!!!! As a preface this is what I have tried so far and they all show nothing. MBAM MBAR TDSSKILLER ROGUEKILLER ESET Online Scanner AVAST (Found no infection, but did also block the outgoing ip communication.) I am including DDS logs. OTL log in first reply. ***********************DDS.txt*************************** DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 1.6.0_31 Run by SHANE at 21:12:04 on 2013-07-30 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.12279.8950 [GMT -5:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost C:\Program Files (x86)\Corsair SSD Toolbox\CSSDTService.exe C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\ehome\ehRecvr.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\inetsrv\inetinfo.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\mqsvc.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k iissvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\mqtgsvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Ceton\Ceton InfiniTV\InfiniTVSvc.exe C:\Windows\system32\taskhost.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Ceton\Ceton InfiniTV\CetonTRIFSvc.exe C:\Windows\System32\vds.exe C:\Program Files\Ceton\CData\CDataSvc.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\WUDFHost.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\WMPSideShowGadget.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Logitech\SetPointG\SetPointII.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe C:\Users\SHANE\Downloads\OTL.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\SHANE\Desktop\RogueKillerX64.exe C:\Windows\notepad.exe C:\Windows\notepad.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\System32\MsSpellCheckingFacility.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\SHANE\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - R:\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [Google Update] "C:\Users\SHANE\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [CPN Notifier] C:\Program Files (x86)\Lock Poker\PokerNotifier.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe" mRun: [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe" mRunOnce: [A0] cmd /c "C:\Users\SHANE\Documents\mbar-1.06.0.1004\mbar\mbar.exe" /r /s dRun: [RemotePotatoIRHelper] C:\Program Files (x86)\FatAttitude\Remote Potato\RPKeySender.exe dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Download all by FlashGet3 - C:\Users\SHANE\AppData\Roaming\FlashGetBHO\GetAllUrl.htm IE: Download by FlashGet3 - C:\Users\SHANE\AppData\Roaming\FlashGetBHO\GetUrl.htm IE: E&xport to Microsoft Excel - R:\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - R:\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - R:\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - R:\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.0.1 TCP: Interfaces\{9FD17D49-73BF-4B90-AE9D-C137E9D7BFA4} : DHCPNameServer = 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll x64-SSODL: WebCheck - <orphaned> x64-STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\SHANE\AppData\Roaming\Mozilla\Firefox\Profiles\wd22mgc8.default\ FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Torbutton: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca} - %profile%\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} . ============= SERVICES / DRIVERS =============== . R0 EUBAKUP;EUBAKUP;C:\Windows\System32\drivers\eubakup.sys [2013-7-29 59976] R0 EUBKMON;EUBKMON;C:\Windows\System32\drivers\EUBKMON.sys [2013-7-29 48200] R0 mbamswissarmy;mbamswissarmy;C:\Windows\System32\drivers\48230029.sys [2013-7-30 162008] R1 EUDSKACS;EUDSKACS;C:\Windows\System32\drivers\eudskacs.sys [2013-7-29 18504] R1 EUFDDISK;EUFDDISK;C:\Windows\System32\drivers\EuFdDisk.sys [2013-7-29 189000] R2 CetonInfiniTVSvc;Ceton InfiniTV Support Service;C:\Program Files\Ceton\Ceton InfiniTV\InfiniTVSvc.exe [2013-6-3 82216] R2 CetonTRIFSvc;Ceton InfiniTV Tuning Adapter Service;C:\Program Files\Ceton\Ceton InfiniTV\CetonTRIFSvc.exe [2013-5-29 90624] R2 CorsairSSDToolBox;Corsair SSD ToolBox;C:\Program Files (x86)\Corsair SSD Toolbox\CSSDTService.exe [2013-7-29 1838352] R2 EaseUS Agent;EaseUS Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2013-7-29 68168] R2 Guard Agent;Guard Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2013-7-29 23624] R2 iPodDrv;iPodDrv;C:\Windows\System32\drivers\iPodDrv.sys [2011-3-9 14952] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-13 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-4-13 701512] R3 CDataSvc;Ceton My Media Center CData Service;C:\Program Files\Ceton\CData\CDataSvc.exe [2013-1-12 135944] R3 ceton_mocur;Ceton InfiniTV Network Device;C:\Windows\System32\drivers\ceton_mocur.sys [2011-10-6 40720] R3 ceton_trif_bulkusb;Tuning Adapter Service Driver;C:\Windows\System32\drivers\ceton_trif_bulkusb.sys [2013-2-20 28936] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2011-9-21 95544] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408] R3 LGPBTDD;LGPBTDD.sys Display Driver;C:\Windows\System32\drivers\LGPBTDD.sys [2009-7-1 30728] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-4-13 25928] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2011-9-21 203320] R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2011-10-15 29288] R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2011-10-15 29288] R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys [2011-10-15 29288] R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys [2011-10-15 29288] R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys [2011-10-15 29288] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 BULKUSB;Ceton Tuning Adapter Service;C:\Windows\System32\drivers\ceton_trif_bulkusb.sys [2013-2-20 28936] S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2009-8-7 12744] S3 FlyUsb;FLY Fusion;C:\Windows\System32\drivers\FlyUsb.sys [2008-4-1 24576] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-27 19456] S3 t_mouse.sys;HID-compliand device;C:\Windows\System32\drivers\t_mouse.sys [2012-12-19 6144] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-27 57856] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 VaneFltr;Lachesis Mouse Driver;C:\Windows\System32\drivers\Lachesis.sys [2007-8-17 30336] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-10 1255736] S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-7-2 203264] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 Remote Potato Service;Remote Potato Service;C:\Program Files (x86)\FatAttitude\Remote Potato\RemotePotatoService.exe [2011-7-17 12288] S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\drivers\RsFx0105.sys [2011-9-22 311144] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464] S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264] S4 YammmSvc;Yet Another Media Meta Manager;C:\Program Files\Yammm\YammmSvc.exe [2013-1-12 81672] . =============== Created Last 30 ================ . 2013-07-31 01:22:46 162008 ----a-w- C:\Windows\System32\drivers\48230029.sys 2013-07-30 07:41:55 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{988DC32B-3995-4DFA-94A6-B5F5638C8750}\mpengine.dll 2013-07-30 04:48:03 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-07-29 18:08:33 189000 ----a-w- C:\Windows\System32\drivers\EuFdDisk.sys 2013-07-29 18:08:32 59976 ----a-w- C:\Windows\System32\drivers\eubakup.sys 2013-07-29 18:08:32 18504 ----a-w- C:\Windows\System32\drivers\eudskacs.sys 2013-07-29 18:08:31 48200 ----a-w- C:\Windows\System32\drivers\EUBKMON.sys 2013-07-29 18:08:10 24136 ----a-w- C:\Windows\System32\fbnative.exe 2013-07-29 18:07:41 -------- d-----w- C:\Program Files (x86)\EaseUS 2013-07-29 17:53:17 -------- d-----w- C:\Users\SHANE\AppData\Local\Corsair 2013-07-29 17:53:16 -------- d-----w- C:\Program Files (x86)\Corsair SSD Toolbox 2013-07-29 17:46:24 -------- d-s---w- C:\Windows\SysWow64\Microsoft 2013-07-29 01:20:27 -------- d-----w- C:\Program Files (x86)\ESET 2013-07-29 01:17:37 -------- d--h--w- C:\Windows\AxInstSV 2013-07-28 19:36:45 -------- d-----w- C:\Program Files\AVAST Software 2013-07-28 19:35:46 -------- d-----w- C:\ProgramData\AVAST Software 2013-07-28 19:25:08 -------- d-----w- C:\TDSSKiller_Quarantine 2013-07-11 04:09:19 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll . ==================== Find3M ==================== . 2013-07-17 00:44:33 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-07-17 00:44:33 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll 2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-05-06 06:03:49 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-05-06 04:56:35 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-05-02 15:22:04 2274480 ----a-w- C:\Windows\System32\coin94.dll 2013-05-02 07:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2011-09-14 16:47:48 44 ---h--w- C:\Program Files (x86)\1c0e63a2.tmp 2006-05-03 17:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll 2007-02-21 18:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll 2008-03-16 20:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll . ============= FINISH: 21:12:25.72 =============== *************************Attach.txt************************************ f. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 8/7/2009 1:21:29 PM System Uptime: 7/30/2013 8:23:50 PM (1 hours ago) . Motherboard: EVGA | | X58 SLI Classified Processor: Intel® Core i7 CPU 920 @ 2.67GHz | Socket 423 | 3192/160mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 279 GiB total, 97.651 GiB free. E: is CDROM () R: is FIXED (NTFS) - 1863 GiB total, 1205.534 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP731: 7/9/2013 3:41:02 AM - Windows Update RP732: 7/11/2013 3:00:15 AM - Windows Update RP733: 7/16/2013 3:58:03 AM - Windows Update RP734: 7/23/2013 9:17:00 AM - Windows Update RP735: 7/28/2013 2:36:28 PM - avast! Free Antivirus Setup RP736: 7/29/2013 12:45:51 PM - avast! Free Antivirus Setup RP737: 7/29/2013 11:04:53 PM - Installed Ceton InfiniTV (x64) RP738: 7/30/2013 12:02:14 AM - Malwarebytes Anti-Rootkit Restore Point RP739: 7/30/2013 2:41:18 AM - Windows Update . ==== Installed Programs ====================== . µTorrent Acrobat.com AddOn Studio for World of Warcraft Adobe AIR Adobe Common File Installer Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Help Center 2.0 Adobe Photoshop Elements 4.0 Adobe Premiere Elements 2.0 Adobe Reader XI (11.0.03) Aimersoft DRM Media Converter(Build 1.4.7.2) Aimersoft Video Converter Ultimate(Build 4.0.2.0) Apple Application Support Apple Mobile Device Support Apple Software Update AudibleManager Bonjour Brother MFL-Pro Suite MFC-7840W Bullzip PDF Printer 9.8.0.1599 CCleaner Ceton InfiniTV (x64) Ceton My Media Center (x64) Corsair SSD Toolbox Crystal Reports for Visual Studio Curse Client D-Fend Reloaded 1.3.3 (deinstall) D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Defraggler Diablo III Digital Cable Advisor Dotfuscator Software Services - Community Edition doubleTwist DVD Decrypter (Remove Only) EaseUS Todo Backup Free 6.0 Eraser 5.8.7 eReg erLT ESET Online Scanner v3 EVGA E-LEET ffdshow [rev 2527] [2008-12-19] FileZilla Client 3.5.3 FlashGet 3.5 Google Chrome Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper Hamster Free Video Convertor HandBrake 0.9.5 Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182) Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2813041) Hotfix for Microsoft Visual Studio 2008 Shell (isolated mode) - ENU (KB946040) Hotfix for Microsoft Visual Studio 2008 Shell (isolated mode) - ENU (KB946308) Hotfix for Microsoft Visual Studio 2008 Shell (isolated mode) - ENU (KB946344) Hotfix for Microsoft Visual Studio 2008 Shell (isolated mode) - ENU (KB946581) Hotfix for Microsoft Visual Studio 2008 Shell (isolated mode) - ENU (KB947173) Hotfix for Microsoft Visual Studio 2008 Shell (isolated mode) - ENU (KB947540) Hotfix for Microsoft Visual Studio 2008 Shell (isolated mode) - ENU (KB947789) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2736182) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2813041) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233) Internet TV for Windows Media Center iTunes Java 7 Update 6 (64-bit) Java 6 Update 18 Java 6 Update 22 Java 6 Update 31 Junk Mail filter update League of Legends LeapFrog Connect LeapFrog Tag Junior Plugin LEGO MINDSTORMS NXT Driver for x64 LEGO® MINDSTORMS® NXT - English Language Pack LEGO® MINDSTORMS® NXT Driver LEGO® MINDSTORMS® NXT Software v1.0 Lock Poker Logitech GamePanel Software 3.04.137 Logitech SetPoint 6.32 Magic Online Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Help Viewer 1.1 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Business 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) Microsoft Office Single Image 2010 Microsoft Office Visual Web Developer 2007 Microsoft Office Visual Web Developer MUI (English) 2007 Microsoft Office Word MUI (English) 2010 Microsoft RichCopy 4.0 Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft Silverlight 4 SDK Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime v1.0 SP1 (x64) Microsoft Sync Framework SDK v1.0 SP1 Microsoft Sync Framework Services v1.0 SP1 (x64) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Visual C++ Compilers 2010 Standard - enu - x64 Microsoft Visual C++ Compilers 2010 Standard - enu - x86 Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2008 SDK 1.1 Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Office Developer Tools (x64) Microsoft Visual Studio 2010 Professional - ENU Microsoft Visual Studio 2010 Service Pack 1 Microsoft Visual Studio 2010 SharePoint Developer Tools Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio Macro Tools Microsoft Visual Studio Shell 2008 Service Pack 1 - ENU Microsoft Visual Studio Web Authoring Component Mozilla Firefox (3.5.3) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Netflix in Windows Media Center Nike+ Connect Notepad++ NVIDIA 3D Vision Controller Driver 314.22 NVIDIA 3D Vision Driver 314.22 NVIDIA Control Panel 314.22 NVIDIA Display Control Panel NVIDIA Graphics Driver 314.22 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.12.12 NVIDIA Update Components Paint.NET v3.5.10 Pando Media Booster Path of Exile PDFTK Builder 3.5.3 PeerBlock 1.0+ (r484) PlayReady PC Runtime amd64 Privoxy 3.0.6 PVSonyDll QuickTime Remote Potato Remote Potato Streaming Pack SAMSUNG USB Driver for Mobile Phones Security Update for 2007 Microsoft Office System (KB2288621) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980) Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410) Security Update for Microsoft Visual Studio Macro Tools (KB2669970) Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) SketchUp 8 Skype Toolbars Skype™ 5.10 Spelling Dictionaries Support For Adobe Reader 9 Sql Server Customer Experience Improvement Program Star Wars: The Old Republic StarCraft II Steam SUPER © v2011.build.48 (April 23, 2011) version v2011.build.48 The Elder Scrolls V: Skyrim Tor 0.2.1.19 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update for Microsoft Visual Studio Web Authoring Component (KB945140) Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) Ventrilo Client for Windows x64 Ventrilo Server Vidalia 0.1.15 Visual Studio 2010 Prerequisites - English Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU VLC media player 1.0.1 WCF RIA Services V1.0 SP1 Web Deployment Tool Windows Driver Package - Ceton (ceton_trif_bulkusb) USB (11/22/2010 6.1.7100.0) Windows Driver Package - Ceton (ceton_usb_mocur) Net (01/26/2011 1.0.1.12) Windows Driver Package - Ceton (ceton_usb_mocur) Net (10/27/2010 6.1.7600.16385) Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) Windows Installer XML Toolset 3.0 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows XP Mode WinRAR archiver World of Warcraft Zip Motion Block Video codec (Remove Only) . ==== Event Viewer Messages From Past Week ======== . 7/30/2013 8:30:23 PM, Error: Service Control Manager [7022] - The Windows Search service hung on starting. 7/30/2013 8:27:37 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 7/30/2013 8:27:37 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. 7/30/2013 8:25:41 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004 7/30/2013 8:24:05 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 7 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 7/30/2013 8:24:05 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 6 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 7/30/2013 8:24:05 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 5 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 7/30/2013 8:24:05 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 4 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 7/30/2013 8:24:05 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 7/30/2013 8:24:05 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 2 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 7/30/2013 8:24:05 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 7/30/2013 8:24:05 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 7/30/2013 8:22:56 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied. 7/29/2013 3:05:25 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service. 7/29/2013 3:04:23 AM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 7/29/2013 10:55:17 PM, Error: Service Control Manager [7031] - The Windows Media Center Receiver Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/29/2013 10:30:46 PM, Error: Service Control Manager [7031] - The Windows Media Center Receiver Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 7/29/2013 10:25:11 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Media Center Receiver Service service, but this action failed with the following error: An instance of the service is already running. 7/29/2013 10:24:37 PM, Error: Service Control Manager [7031] - The Windows Media Center Scheduler Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/28/2013 7:51:18 PM, Error: volmgr [46] - Crash dump initialization failed! 7/28/2013 11:19:01 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/28/2013 11:18:54 AM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 7/28/2013 11:12:13 AM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s). 7/28/2013 11:12:05 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 7/27/2013 3:03:42 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wudfsvc service. 7/27/2013 3:03:42 AM, Error: Service Control Manager [7000] - The Windows Driver Foundation - User-mode Driver Framework service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/27/2013 3:03:12 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. 7/25/2013 9:44:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UmRdpService service. 7/25/2013 9:44:17 PM, Error: Service Control Manager [7000] - The Remote Desktop Services UserMode Port Redirector service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/25/2013 3:03:15 AM, Error: Service Control Manager [7000] - The Ceton My Media Center CData Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/25/2013 3:03:14 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Ceton My Media Center CData Service service to connect. 7/24/2013 8:44:35 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user SHANE-PC\SHANE SID (S-1-5-21-3856971831-1982876235-3670766480-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 7/24/2013 8:44:35 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user SHANE-PC\SHANE SID (S-1-5-21-3856971831-1982876235-3670766480-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 7/24/2013 8:44:34 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user SHANE-PC\SHANE SID (S-1-5-21-3856971831-1982876235-3670766480-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. . ==== End Of File ===========================
  4. Same exact issue. IP address 95.211.194.79 Blocked outgoing explorer.exe random port changes every time. Happens about every 1-5 minutes at random. MBAM found nothing. MBAR found nothing. tdsskiller found nothing. roguekiller found nothing. eset found nothing. avast found
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.