Another scorpionsaver / adpeak victim please help

[gds1]

Experts,

I foolishly downloaded a program from CNET. Now I have malware Adpeak virus that I cannot get rid of. I tried Malwarebytes PRO, but it keeps re-installing itself.

Glenn

 

[gds1]

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.25.2
Run by Glenn at 12:29:47 on 2013-12-04
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3891.2123 [GMT -5:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\ThpSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\WUDFHost.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uSearch Bar = Preserve
uProxyOverride = <local>;*.local
mWinlogon: Userinit = userinit.exe,
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\ipsbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll




TCP: NameServer = 65.32.5.111 65.32.5.112 192.168.1.1
TCP: Interfaces\{CF3D1BF0-E064-4CBC-ADED-C5C5DBFA054D} : DHCPNameServer = 65.32.5.111 65.32.5.112 192.168.1.1
TCP: Interfaces\{CF3D1BF0-E064-4CBC-ADED-C5C5DBFA054D}\76463777C616E6 : DHCPNameServer = 65.32.5.111 65.32.5.112
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [HDMICtrlMan] C:\Program Files (x86)\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\windows\System32\drivers\N360x64\1501000.012\SymDS64.sys [2013-11-13 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys [2013-11-13 1147480]
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2009-6-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2010-9-3 482384]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-3 1526488]
R1 ccSet_N360;N360 Settings Manager;C:\windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys [2013-11-13 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20131203.002\IDSviA64.sys [2013-12-4 521816]
R1 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\N360x64\1501000.012\Ironx64.sys [2013-11-13 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\N360x64\1501000.012\symnets.sys [2013-11-13 590936]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-10 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-10 701512]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [2013-11-13 264360]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [2012-7-1 132504]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2010-9-3 126392]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-10-18 1025408]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-9-3 2320920]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-12-4 137648]
R3 HECIx64;Intel® Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2010-9-3 56344]
R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-2-26 158976]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2012-10-10 25928]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2010-9-3 35008]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2010-9-3 331880]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-9-3 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-6-18 39832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 acpials;ALS Sensor Filter;C:\windows\System32\drivers\acpials.sys [2009-7-14 9728]
S3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
S3 EsgScanner;EsgScanner;C:\windows\System32\drivers\EsgScanner.sys [2013-11-29 22704]
S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2013-11-30 57840]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2013-11-29 111616]
S3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2010-5-18 164464]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);C:\windows\System32\drivers\sscebus.sys [2013-9-10 127488]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;C:\windows\System32\drivers\sscemdfl.sys [2013-9-10 18944]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;C:\windows\System32\drivers\sscemdm.sys [2013-9-10 161280]
S3 TFsExDisk;TFsExDisk;C:\windows\System32\drivers\TFsExDisk.sys [2013-9-10 16448]
S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-3-2 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2010-10-10 1255736]
.
=============== Created Last 30 ================
.
2013-11-30 16:21:21 -------- d-----w- C:\windows\en
2013-11-30 16:19:12 57840 ----a-w- C:\windows\System32\drivers\fssfltr.sys
2013-11-30 16:18:43 22240 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-11-30 16:17:57 77656 ----a-w- C:\windows\System32\XAPOFX1_5.dll
2013-11-30 16:17:57 74072 ----a-w- C:\windows\SysWow64\XAPOFX1_5.dll
2013-11-30 16:17:57 527192 ----a-w- C:\windows\SysWow64\XAudio2_7.dll
2013-11-30 16:17:57 518488 ----a-w- C:\windows\System32\XAudio2_7.dll
2013-11-30 16:17:56 2526056 ----a-w- C:\windows\System32\D3DCompiler_43.dll
2013-11-30 16:17:56 2106216 ----a-w- C:\windows\SysWow64\D3DCompiler_43.dll
2013-11-30 16:17:44 276832 ----a-w- C:\windows\System32\d3dx11_43.dll
2013-11-30 16:17:44 248672 ----a-w- C:\windows\SysWow64\d3dx11_43.dll
2013-11-30 16:14:13 5659096 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2ae36b8e1ceede706\skydrivesetup.exe
2013-11-30 16:14:13 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive
2013-11-30 16:14:13 -------- d-----r- C:\Users\Glenn\SkyDrive
2013-11-30 16:14:02 -------- d-----w- C:\ProgramData\Microsoft SkyDrive
2013-11-30 16:13:52 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\267fe20d1ceede705\DSETUP.dll
2013-11-30 16:13:52 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\267fe20d1ceede705\DXSETUP.exe
2013-11-30 16:13:52 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\267fe20d1ceede705\dsetup32.dll
2013-11-30 16:13:47 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\210a9a4c1ceede704\DSETUP.dll
2013-11-30 16:13:47 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\210a9a4c1ceede704\DXSETUP.exe
2013-11-30 16:13:47 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\210a9a4c1ceede704\dsetup32.dll
2013-11-30 16:13:27 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1a1f9a801ceede701\DSETUP.dll
2013-11-30 16:13:27 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1a1f9a801ceede701\DXSETUP.exe
2013-11-30 16:13:27 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1a1f9a801ceede701\dsetup32.dll
2013-11-30 14:37:39 -------- d-----w- C:\Users\Glenn\AppData\Local\{E29828DE-70AB-4C7D-AFD9-5A25EC12DC50}
2013-11-30 00:28:15 22704 ----a-w- C:\windows\System32\drivers\EsgScanner.sys
2013-11-30 00:28:08 110080 ----a-r- C:\Users\Glenn\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-11-30 00:28:08 110080 ----a-r- C:\Users\Glenn\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-11-30 00:28:08 110080 ----a-r- C:\Users\Glenn\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-11-30 00:28:06 -------- d-----w- C:\sh4ldr
2013-11-30 00:28:06 -------- d-----w- C:\Program Files\Enigma Software Group
2013-11-30 00:27:31 -------- d-----w- C:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-30 00:27:29 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-11-29 18:52:35 -------- d-----w- C:\Users\Glenn\AppData\Local\{3B224F44-AB45-4886-A001-C4157ADC87DB}
2013-11-27 14:26:53 -------- d-----w- C:\Users\Glenn\AppData\Local\{5AD274B4-3171-48DF-83FB-F066E1AE4EBB}
2013-11-26 17:42:12 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2013-11-26 16:01:52 -------- d-----w- C:\temp
2013-11-26 14:57:11 -------- d-----w- C:\Users\Glenn\AppData\Local\{7BA4A89F-72AC-491A-86E1-B5FA9168BDBA}
2013-11-25 21:31:05 -------- d-----w- C:\Users\Glenn\AppData\Local\{E5701279-97A8-4BD9-ADA8-069B518D96B2}
2013-11-25 15:23:04 -------- d-----w- C:\Users\Glenn\AppData\Local\{DB2CB319-5817-4235-B5A1-AE5BEE4EE515}
2013-11-24 20:08:44 -------- d-----w- C:\Users\Glenn\AppData\Local\{B16C5D1F-F82A-47FF-9E4F-80ED8CA59D0A}
2013-11-23 18:06:31 -------- d-----w- C:\Users\Glenn\AppData\Local\{7C3611E4-06A2-45D2-9677-4C583F78E1FB}
2013-11-23 00:03:48 -------- d-----w- C:\Users\Glenn\AppData\Local\{A361A350-D91B-45D9-A1AA-0C219BB70471}
2013-11-21 21:15:20 -------- d-----w- C:\Users\Glenn\AppData\Local\{854BBF48-92DB-41EB-958C-240CBCA66B29}
2013-11-21 02:53:04 -------- d-----w- C:\Users\Glenn\AppData\Local\{1BAC3FFB-5591-4818-A077-0B7EB8B848A9}
2013-11-20 14:44:57 -------- d-----w- C:\Users\Glenn\AppData\Local\{BAE6B06E-204A-468E-B0A7-A6D78F27333C}
2013-11-19 22:26:20 -------- d-----w- C:\Users\Glenn\AppData\Local\{2BBD9E41-45FA-4010-8BC5-62D82E6DD814}
2013-11-14 18:57:46 -------- d-----w- C:\Users\Glenn\AppData\Local\{A89E1A25-9160-47F4-B423-D12EFBE0E68E}
2013-11-14 01:07:04 858200 ----a-r- C:\windows\System32\drivers\N360x64\1501000.012\srtsp64.sys
2013-11-14 01:07:04 590936 ----a-r- C:\windows\System32\drivers\N360x64\1501000.012\symnets.sys
2013-11-14 01:07:04 493656 ----a-r- C:\windows\System32\drivers\N360x64\1501000.012\SymDS64.sys
2013-11-14 01:07:04 36952 ----a-r- C:\windows\System32\drivers\N360x64\1501000.012\srtspx64.sys
2013-11-14 01:07:04 264280 ----a-r- C:\windows\System32\drivers\N360x64\1501000.012\Ironx64.sys
2013-11-14 01:07:04 23568 ----a-r- C:\windows\System32\drivers\N360x64\1501000.012\SymELAM.sys
2013-11-14 01:07:04 162392 ----a-r- C:\windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys
2013-11-14 01:07:04 1147480 ----a-r- C:\windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys
2013-11-14 01:06:36 -------- d-----w- C:\windows\System32\drivers\N360x64\1501000.012
2013-11-08 22:38:20 -------- d-----w- C:\Users\Glenn\AppData\Local\{C4875630-82E6-4D76-9260-B13862D9FEA4}
2013-11-08 02:06:21 -------- d-----w- C:\Users\Glenn\AppData\Local\{AEB9E104-B6DD-413B-BB24-8B612B72148D}
2013-11-07 14:06:11 -------- d-----w- C:\Users\Glenn\AppData\Local\{6B6B905A-951B-4C20-B2CF-FE84C62E13B5}
2013-11-06 22:57:10 -------- d-----w- C:\Users\Glenn\AppData\Local\{40145A92-E5FA-49DF-9DF4-D7C061D6B60F}
2013-11-05 20:28:23 -------- d-----w- C:\Users\Glenn\AppData\Local\{78CE01F1-DB58-4C61-9E21-7190B7E59C0D}
.
==================== Find3M  ====================
.
2013-11-14 01:08:52 177752 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS
2013-10-12 02:30:42 830464 ----a-w- C:\windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\windows\SysWow64\FWPUCLNT.DLL
2013-10-08 17:59:22 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-08 17:59:22 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-10-05 20:25:35 1474048 ----a-w- C:\windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\windows\SysWow64\gdi32.dll
2013-09-28 01:09:10 497152 ----a-w- C:\windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\windows\System32\lsass.exe
2013-09-10 02:47:43 78936 ----a-r- C:\windows\System32\drivers\SymIMV.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\windows\SysWow64\mswsock.dll
.
============= FINISH: 12:31:51.23 ===============
 

[gds1]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/6/2010 7:24:07 PM
System Uptime: 12/4/2013 12:05:09 PM (0 hours ago)
.
Motherboard: TOSHIBA |  | NWQAA
Processor: Intel® Core i5 CPU       M 460  @ 2.53GHz | CPU | 2534/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 453 GiB total, 379.265 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP245: 12/4/2013 9:18:42 AM - GlennVerified
RP246: 12/4/2013 10:06:44 AM - Removed ScorpionSaver
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.3.13 (Unicode)
Bonjour
ClosetMaid v1.5.2
D3DX10
Duplicate Cleaner Free 3.1.6
Google Chrome
Google Earth
Google Update Helper
HDMI Control Manager
IB Updater Service
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® PROSet/Wireless WiFi Software
Intel® Rapid Storage Technology
Intel® Wireless Display
iSEEK AnswerWorks English Runtime
iTunes
Java 7 Update 25
Java Auto Updater
JMicron Flash Media Controller Driver
Junk Mail filter update
Label@Once 1.0
Logitech Harmony Remote Software
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2000 Premium
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Movie Maker
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton 360
Norton PC Checkup
Photo Common
Photo Gallery
PlayReady PC Runtime amd64
Quickbooks Financial Center
Quicken 2012
QuickTime
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
RegHunter
RegistryBooster
Revo Uninstaller 1.95
Samsung Mobile phone USB driver Drive Software
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Skype Launcher
SpyHunter
Synaptics Pointing Device Driver
TIP$TER Pro
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA HDD Protection
TOSHIBA HDD/SSD Alert
Toshiba Laptop Checkup
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax 2012
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wrapper
Uniblue SystemTweaker
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Utility Common Driver
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinZip 17.0
.
==== Event Viewer Messages From Past Week ========
.
12/4/2013 9:33:07 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\IWMSSvc.dll Error Code: 258
12/4/2013 9:02:40 AM, Error: Service Control Manager [7024]  - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
12/4/2013 9:01:39 AM, Error: Service Control Manager [7024]  - The Windows Firewall service terminated with service-specific error Access is denied..
12/4/2013 12:09:15 PM, Error: Service Control Manager [7034]  - The TPCH Service service terminated unexpectedly.  It has done this 1 time(s).
12/4/2013 12:06:28 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  StarOpen
12/4/2013 12:05:30 PM, Error: Application Popup [1060]  - \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/4/2013 12:02:36 PM, Error: Service Control Manager [7022]  - The Background Intelligent Transfer Service service hung on starting.
12/4/2013 10:22:41 AM, Error: Service Control Manager [7034]  - The TPCH Service service terminated unexpectedly.  It has done this 2 time(s).
12/3/2013 9:33:41 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service v4 service to connect.
12/3/2013 9:33:41 PM, Error: Service Control Manager [7000]  - The Intuit Update Service v4 service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/3/2013 9:27:18 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service.
12/3/2013 9:26:48 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/3/2013 8:33:23 PM, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
12/3/2013 8:33:12 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
12/3/2013 8:31:56 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
12/3/2013 8:31:53 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/3/2013 8:31:53 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/3/2013 8:31:52 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/3/2013 8:31:46 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/3/2013 8:31:23 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD BHDrvx64 ccSet_N360 DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSP SRTSPX StarOpen SymIM SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf
12/3/2013 8:31:19 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/3/2013 8:31:19 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
12/3/2013 8:31:19 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
12/3/2013 8:31:19 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
12/3/2013 8:31:19 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
12/3/2013 8:31:19 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
12/3/2013 8:31:19 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/3/2013 8:31:19 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/3/2013 8:31:19 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
12/3/2013 8:31:19 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
12/3/2013 8:28:15 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
12/3/2013 8:27:15 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
12/3/2013 8:26:45 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service.
12/3/2013 8:26:45 PM, Error: Service Control Manager [7000]  - The Background Intelligent Transfer Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/3/2013 8:26:40 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.
12/3/2013 8:26:10 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
12/3/2013 8:25:10 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.
12/3/2013 8:24:40 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
12/3/2013 8:22:49 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003]  - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\windows\System32\IWMSSvc.dll
12/3/2013 8:05:01 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
12/3/2013 8:05:01 PM, Error: Service Control Manager [7000]  - The Windows Live ID Sign-in Assistant service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/3/2013 7:31:47 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
12/3/2013 1:31:25 PM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
12/2/2013 7:41:10 PM, Error: Schannel [36888]  - The following fatal alert was generated: 43. The internal error state is 252.
11/30/2013 5:01:10 PM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 107.
11/30/2013 5:01:10 PM, Error: Schannel [36874]  - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
11/30/2013 11:27:27 AM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
11/29/2013 7:17:52 PM, Error: Service Control Manager [7034]  - The AdpeakProxy service terminated unexpectedly.  It has done this 1 time(s).
11/28/2013 9:32:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
.
==== End Of File ===========================

[MrCharlie]

Welcome to the forum, first.....try to uninstall it from your add/remove programs.

Then........

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

• Double click on AdwCleaner.exe to run the tool.

  Vista/Windows 7/8 users right-click and select Run As Administrator

• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• When it's done you'll see: Pending: Please uncheck elements you don't want removed.
• Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• Look over the log especially under Files/Folders for any program you want to save.
• If there's a program you may want to save, just uncheck it from AdwCleaner.
• If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
• If you're ready to clean it all up.....click the Clean button.
• After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
• Copy and paste the contents of that logfile in your next reply.
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
• Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
• To restore an item that has been deleted:
• Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Next..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Last......

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
• MrC

[gds1]

MrC:

Thanks for replying, but I decided to just wipe the Hard Drive,and re-install Win7. I thank this forum, and your expertise, but I wanted to make sure this junk was gone. I would however appreciate your opinion on how to keep this from happening again... I have Malwarebytes Pro installed, but don't think this prevents these types of PUP's from getting on the PC to begin with. What other precautions (or programs) would you advise to keep us safe from this type of junk. Are there any browser settings, or firewall settings you would advise? It sure would be nice to have a program that stopped infiltration.

Thanks again,

Glenn

[MrCharlie]

MrC:

Thanks for replying, but I decided to just wipe the Hard Drive,and re-install Win7. I thank this forum, and your expertise, but I wanted to make sure this junk was gone. I would however appreciate your opinion on how to keep this from happening again... I have Malwarebytes Pro installed, but don't think this prevents these types of PUP's from getting on the PC to begin with. What other precautions (or programs) would you advise to keep us safe from this type of junk. Are there any browser settings, or firewall settings you would advise? It sure would be nice to have a program that stopped infiltration.

Thanks again,

Glenn

 

You didn't have to do that, it's easily cleaned up.

Install -------->Hosts Anti-Pup/Adwares<-------it's part of AdwCleaner:

http://general-changelog-team.fr/en/tutorials/44-english/tutorials/software/313-how-to-use-adwcleaner-version-3-x

You also have to be careful of what you download, most of PUPs are installed along with other free programs.

You most likely installed this without even knowing so.

The answer to all your other questions can be found in My Preventive Maintenance.

------------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

[Maurice Naggar]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.