Jump to content

Scorpion Saver

Aussiewd

By Aussiewd
in Resolved Malware Removal Logs

 Share

Recommended Posts

MrCharlie

MrCharlie

Posted
Posted

Welcome to the forum, first.....try to uninstall it from your add/remove programs.

Then........

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Next..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Next........

Clean out temp files by using disk cleanup or.........

Download, install and run CCleaner free to clean out temp files.

Here's a Tutorial if needed.

You may want to uncheck "cookies" and please stay away from the registry cleaner.

Last......

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
  • MrC
Link to post
Share on other sites
Aussiewd

Aussiewd

Posted
  • Author
Posted

Many thanks for the advice Mr. Charlie.

Here is contents of AdwCleaner[s0].txt):

# AdwCleaner v3.014 - Report created 05/12/2013 at 06:35:56
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Warren'sDellXPS - WARRENNEW
# Running from : C:\Temp\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Level Quality Watcher

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\TubeDimmer
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Users\Warren'sDellXPS\AppData\Local\Conduit
Folder Deleted : C:\Users\Warren'sDellXPS\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Warren'sDellXPS\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Warren'sDellXPS\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Warren'sDellXPS\AppData\Roaming\Iminent
File Deleted : C:\Users\Warren'sDellXPS\AppData\Roaming\Mozilla\Firefox\Profiles\3lltnjcn.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\Warren'sDellXPS\AppData\Roaming\Mozilla\Firefox\Profiles\3lltnjcn.default\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Warren'sDellXPS\AppData\Roaming\Mozilla\Firefox\Profiles\3lltnjcn.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Warren'sDellXPS\AppData\Roaming\Mozilla\Firefox\Profiles\3lltnjcn.default\prefs.js ]

Line Deleted : user_pref("extensions.dynconff.cache.forums.malwarebytes.org.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1674_1164_1524_1146_1169_1348_1482_1493_1521\"><content id=\"MB_P1\">\r\n <ne[...]

*************************

AdwCleaner[R0].txt - [14647 octets] - [05/12/2013 06:29:23]
AdwCleaner[s0].txt - [14160 octets] - [05/12/2013 06:35:56]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [14221 octets] ##########

And here is log after re-running MalwareBytes.  Only one item detected (which I then removed)

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.05.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Warren'sDellXPS :: WARRENNEW [administrator]

Protection: Enabled

12/5/2013 6:44:08 AM
mbam-log-2013-12-04 (16-08-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220196
Time elapsed: 2 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> No action taken.

(end)

Deletion

Files Detected: 1
C:\Temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

 

Farbar Addition.txt file

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-12-2013
Ran by Warren'sDellXPS at 2013-12-05 06:56:26
Running from C:\Users\Warren'sDellXPS\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.21 (x32 Version: 9.21.00.0)
Acronis True Image 2014 (x32 Version: 17.0.6614)
Adobe Acrobat X Pro (x32 Version: 10.1.8)
Adobe Digital Editions 2.0 (x32 Version: 2.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.152)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
AMD APP SDK Runtime (Version: 10.0.851.6)
AMD AVIVO64 Codecs (Version: 12.2.0.20120)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AutoHotkey 1.1.09.04 (Version: 1.1.09.04)
BCL easyConverter 3.0 Licensing Module (BCL License) (x32 Version: 3.0.18)
BCL easyConverter 3.0 Loader SDK Module (x32 Version: 3.0.18)
BCL easyConverter 3.0 Module (Loader, BCL License) (x32 Version: 3.0.18)
BCL easyConverter 3.0 Module (RTF, BCL License) (x32 Version: 3.0.18)
BCL easyConverter 3.0 RTF SDK Module (x32 Version: 3.0.18)
BCL easyConverter 3.0 SDK Module (x32 Version: 3.0.18)
Belarc Advisor 8.3 (x32 Version: 8.3.0.0)
calibre (x32 Version: 1.7.0)
Canon PowerShot SX40 HS Camera User Guide (x32 Version: 1.0.0.1)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.0120.420.7502)
Catalyst Control Center InstallProxy (x32 Version: 2012.0120.420.7502)
Catalyst Control Center Localization All (x32 Version: 2012.0120.420.7502)
CCC Help Chinese Standard (x32 Version: 2012.0120.0419.7502)
CCC Help Chinese Traditional (x32 Version: 2012.0120.0419.7502)
CCC Help Czech (x32 Version: 2012.0120.0419.7502)
CCC Help Danish (x32 Version: 2012.0120.0419.7502)
CCC Help Dutch (x32 Version: 2012.0120.0419.7502)
CCC Help English (x32 Version: 2012.0120.0419.7502)
CCC Help Finnish (x32 Version: 2012.0120.0419.7502)
CCC Help French (x32 Version: 2012.0120.0419.7502)
CCC Help German (x32 Version: 2012.0120.0419.7502)
CCC Help Greek (x32 Version: 2012.0120.0419.7502)
CCC Help Hungarian (x32 Version: 2012.0120.0419.7502)
CCC Help Italian (x32 Version: 2012.0120.0419.7502)
CCC Help Japanese (x32 Version: 2012.0120.0419.7502)
CCC Help Korean (x32 Version: 2012.0120.0419.7502)
CCC Help Norwegian (x32 Version: 2012.0120.0419.7502)
CCC Help Polish (x32 Version: 2012.0120.0419.7502)
CCC Help Portuguese (x32 Version: 2012.0120.0419.7502)
CCC Help Russian (x32 Version: 2012.0120.0419.7502)
CCC Help Spanish (x32 Version: 2012.0120.0419.7502)
CCC Help Swedish (x32 Version: 2012.0120.0419.7502)
CCC Help Thai (x32 Version: 2012.0120.0419.7502)
CCC Help Turkish (x32 Version: 2012.0120.0419.7502)
ccc-utility64 (Version: 2012.0120.420.7502)
CCleaner (Version: 4.08)
CyberLink PowerDVD 9.6 (x32 Version: 9.6.1.6523)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dell WLAN and Bluetooth Client Installation (x32 Version: 9.0)
DHTML Editing Component (x32 Version: 6.02.0001)
DirectX 9 Runtime (x32 Version: 1.00.0000)
DisplayLink Core Software (Version: 5.6.31854.0)
Dropbox (HKCU Version: 2.4.6)
EPSON Artisan 837 Series Printer Uninstall
Epson Event Manager (x32 Version: 3.01.0003)
EPSON Scan (x32)
EPSON XP-600 Series Printer Uninstall
EpsonNet Print (x32 Version: 2.5.00)
ePub DRM Removal (x32 Version: 1.4.1)
Family Tree Maker Version 16 (x32)
Garmin Express (x32 Version: 2.2.21)
Garmin Express Tray (x32 Version: 2.2.21)
Garmin Update Service (x32 Version: 2.2.21)
GENViewer version 1.23 (x32)
HP USB Graphics (Version: 5.6.31979.0)
IrfanView (remove only) (x32 Version: 4.35)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
LizardTech DjVu Control (x32)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office FrontPage 2003 (x32 Version: 11.0.8173.0)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.6123.5001)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (Version: 2.0.1578.0)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (Version: 2.0.1578.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
PDF2Word Converter Version 1.0.7 (Build 142, bioPDF) (x32 Version: PDF2Word Converter - Version 1.0.7 (Build 142))
Photo Story 3 for Windows (x32 Version: 3.0.1115.11)
PhotoShowExpress (x32 Version: 2.0.063)
Quicken 2013 (x32 Version: 22.1.12.7)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6537)
Roxio Activation Module (x32 Version: 1.0)
Roxio BackOnTrack (x32 Version: 1.3.3)
Roxio Burn (x32 Version: 1.8)
Roxio Creator Starter (x32 Version: 1.0.439)
Roxio Creator Starter (x32 Version: 12.1.77.0)
Roxio Creator Starter (x32 Version: 5.0.0)
Roxio Express Labeler 3 (x32 Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Skype Click to Call (x32 Version: 6.13.13771)
Skype™ 6.9 (x32 Version: 6.9.106)
SnagIt 8 (x32 Version: 8.2.3)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0)
Streaming Audio Recorder V3.1.4 (x32 Version: 3.1.4)
SUPERAntiSpyware (Version: 5.6.1040)
Ulead PhotoImpact X3 (x32 Version: 1.00.0000)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Video Download Capture V4.6.5 (x32 Version: 4.6.5)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Phone app for desktop (x32 Version: 1.0.1720.1)

==================== Restore Points  =========================

04-12-2013 11:24:06 Windows Update

==================== Hosts content: ==========================

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {21BFDCC8-8B17-4E9A-829D-E81A6C45AC64} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {56F58949-8540-4196-B3B0-18E5C60F79F4} - System32\Tasks\Update files => C:\Program Files\SyncToy 2.1\SyncToyCmd.exe
Task: {802A7D98-F9A4-41B1-84B9-75128C708379} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-03] (Adobe Systems Incorporated)
Task: {8753190F-A156-4B6D-A369-BAB05BB11DC4} - System32\Tasks\SUPERAntiSpyware Scheduled Task c6c8565b-5f7f-4ed8-9e8a-ed01a33e81d2 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-10-10] (SUPERAdBlocker.com)
Task: {A0C150FC-76FE-4FFA-A492-328FF89D1ED0} - System32\Tasks\{0DB47E27-A8F4-4E92-A9C2-0A140DF534C2} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.169.387&LastError=404
Task: {E24FE0DD-2BF5-4B0E-A340-CB9858281C10} - System32\Tasks\SUPERAntiSpyware Scheduled Task 09c12714-6009-4ac7-b37a-728338d02902 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-10-10] (SUPERAdBlocker.com)
Task: {F1298FC7-84AB-4382-8042-90367C01C0B1} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 09c12714-6009-4ac7-b37a-728338d02902.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c6c8565b-5f7f-4ed8-9e8a-ed01a33e81d2.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe

==================== Loaded Modules (whitelisted) =============

2013-10-01 10:26 - 2013-10-01 10:26 - 02810968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2013-08-22 13:00 - 2013-08-22 13:00 - 00009728 _____ () C:\Program Files (x86)\Garmin\Express Tray\Garmin.Cartography.MapUpdate.Device.DataTypes.dll
2012-01-20 02:13 - 2012-01-20 02:13 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 07:55 - 2011-11-09 07:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-08-23 11:01 - 2013-08-23 11:01 - 25100288 _____ () C:\Users\Warren'sDellXPS\AppData\Roaming\Dropbox\bin\libcef.dll
2010-11-24 20:44 - 2010-11-24 20:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2013-03-21 07:44 - 2007-08-02 20:07 - 00034064 _____ () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
2013-10-24 17:06 - 2013-10-24 17:06 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-10-24 17:06 - 2013-10-24 17:06 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-10-24 17:09 - 2013-10-24 17:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-09-04 08:28 - 2013-11-12 19:39 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-12-03 12:32 - 2013-12-03 12:32 - 16237448 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:5B811727

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Dell Wireless 1703 802.11b/g/n (2.4GHz)
Description: Dell Wireless 1703 802.11b/g/n (2.4GHz)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/05/2013 06:40:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 06:38:36 AM) (Source: Desktop Window Manager) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x88980406)

Error: (12/05/2013 05:35:19 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/05/2013 04:40:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 04:38:40 AM) (Source: Desktop Window Manager) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x88980406)

Error: (12/04/2013 10:00:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: MsiExec.exe, version: 5.0.7601.17514, time stamp: 0x4ce792c4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x0003469c
Faulting process id: 0x2120
Faulting application start time: 0xMsiExec.exe0
Faulting application path: MsiExec.exe1
Faulting module path: MsiExec.exe2
Report Id: MsiExec.exe3

Error: (12/04/2013 10:00:11 PM) (Source: Microsoft-Windows-RestartManager) (User: WARRENNEW)
Description: Application or service 'Internet Explorer' could not be shut down.

Error: (12/04/2013 10:00:11 PM) (Source: Microsoft-Windows-RestartManager) (User: WARRENNEW)
Description: Application or service 'Internet Explorer' could not be shut down.

Error: (12/04/2013 09:58:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16736, time stamp: 0x5258c4cc
Faulting module name: IECore.dll, version: 0.0.0.0, time stamp: 0x529ce18d
Exception code: 0xc0000005
Fault offset: 0x000015e5
Faulting process id: 0x220
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (12/04/2013 04:09:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/05/2013 06:38:28 AM) (Source: Service Control Manager) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
%%2

Error: (12/05/2013 06:38:26 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:37:19 AM on ‎12/‎5/‎2013 was unexpected.

Error: (12/05/2013 04:38:26 AM) (Source: Service Control Manager) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
%%2

Error: (12/04/2013 10:23:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DisplayLinkService service.

Error: (12/04/2013 04:07:47 PM) (Source: Service Control Manager) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
%%2

Error: (12/04/2013 02:57:25 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DisplayLinkService service.

Error: (12/04/2013 10:28:07 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (12/04/2013 10:19:07 AM) (Source: Service Control Manager) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
%%2

Error: (12/04/2013 08:24:33 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DisplayLinkService service.

Error: (12/04/2013 08:20:56 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.


Microsoft Office Sessions:
=========================
Error: (12/05/2013 06:40:16 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 06:38:36 AM) (Source: Desktop Window Manager)(User: )
Description: 0x88980406

Error: (12/05/2013 05:35:19 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (12/05/2013 04:40:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 04:38:40 AM) (Source: Desktop Window Manager)(User: )
Description: 0x88980406

Error: (12/04/2013 10:00:13 PM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.7601.175144ce792c4ntdll.dll6.1.7601.18247521ea8e7c00000050003469c212001cef17f42809375c:\Windows\syswow64\MsiExec.exeC:\Windows\SysWOW64\ntdll.dll80fe976e-5d72-11e3-b39d-a417316a1368

Error: (12/04/2013 10:00:11 PM) (Source: Microsoft-Windows-RestartManager)(User: WARRENNEW)
Description: 1C:\Program Files (x86)\Internet Explorer\iexplore.exeInternet Explorer0111767920

Error: (12/04/2013 10:00:11 PM) (Source: Microsoft-Windows-RestartManager)(User: WARRENNEW)
Description: 1C:\Program Files (x86)\Internet Explorer\iexplore.exeInternet Explorer0111748760

Error: (12/04/2013 09:58:12 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.167365258c4ccIECore.dll0.0.0.0529ce18dc0000005000015e522001cef17bef9bd755C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\ScorpionSaver\IECore.dll38e3deca-5d72-11e3-b39d-a417316a1368

Error: (12/04/2013 04:09:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-11-27 15:57:07.386
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dlumd64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-11-27 15:57:07.346
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dlumd64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-11-27 15:57:07.296
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dlumd64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-11-27 15:57:07.256
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dlumd64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 16344.95 MB
Available physical RAM: 13039.77 MB
Total Pagefile: 32688.07 MB
Available Pagefile: 29045.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (OSDisk) (Fixed) (Total:209.9 GB) (Free:54.46 GB) NTFS
Drive d: (Recovery) (Fixed) (Total:13.67 GB) (Free:5.98 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (Old Sys - storage) (Fixed) (Total:1849.34 GB) (Free:1689.6 GB) NTFS
Drive g: () (Removable) (Total:1.81 GB) (Free:1.81 GB) FAT
Drive h: (Expansion Drive) (Fixed) (Total:465.76 GB) (Free:239.42 GB) NTFS
Drive j: (DATAPART1) (Fixed) (Total:238.47 GB) (Free:237.96 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4DB95B22)
Partition 1: (Not Active) - (Size=-213307621376) - (Type=07 NTFS)
Partition 2: (Active) - (Size=14 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: F6CC6EA8)
Partition 1: (Not Active) - (Size=238 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 224 GB) (Disk ID: EB43AEB5)
Partition 1: (Not Active) - (Size=210 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=14 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 2 GB) (Disk ID: B253E799)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)

========================================================
Disk: 4 (Size: 466 GB) (Disk ID: 00616895)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Farbar FRST.txt File

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-12-2013
Ran by Warren'sDellXPS at 2013-12-05 06:56:26
Running from C:\Users\Warren'sDellXPS\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.21 (x32 Version: 9.21.00.0)
Acronis True Image 2014 (x32 Version: 17.0.6614)
Adobe Acrobat X Pro (x32 Version: 10.1.8)
Adobe Digital Editions 2.0 (x32 Version: 2.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.152)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
AMD APP SDK Runtime (Version: 10.0.851.6)
AMD AVIVO64 Codecs (Version: 12.2.0.20120)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AutoHotkey 1.1.09.04 (Version: 1.1.09.04)
BCL easyConverter 3.0 Licensing Module (BCL License) (x32 Version: 3.0.18)
BCL easyConverter 3.0 Loader SDK Module (x32 Version: 3.0.18)
BCL easyConverter 3.0 Module (Loader, BCL License) (x32 Version: 3.0.18)
BCL easyConverter 3.0 Module (RTF, BCL License) (x32 Version: 3.0.18)
BCL easyConverter 3.0 RTF SDK Module (x32 Version: 3.0.18)
BCL easyConverter 3.0 SDK Module (x32 Version: 3.0.18)
Belarc Advisor 8.3 (x32 Version: 8.3.0.0)
calibre (x32 Version: 1.7.0)
Canon PowerShot SX40 HS Camera User Guide (x32 Version: 1.0.0.1)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.0120.420.7502)
Catalyst Control Center InstallProxy (x32 Version: 2012.0120.420.7502)
Catalyst Control Center Localization All (x32 Version: 2012.0120.420.7502)
CCC Help Chinese Standard (x32 Version: 2012.0120.0419.7502)
CCC Help Chinese Traditional (x32 Version: 2012.0120.0419.7502)
CCC Help Czech (x32 Version: 2012.0120.0419.7502)
CCC Help Danish (x32 Version: 2012.0120.0419.7502)
CCC Help Dutch (x32 Version: 2012.0120.0419.7502)
CCC Help English (x32 Version: 2012.0120.0419.7502)
CCC Help Finnish (x32 Version: 2012.0120.0419.7502)
CCC Help French (x32 Version: 2012.0120.0419.7502)
CCC Help German (x32 Version: 2012.0120.0419.7502)
CCC Help Greek (x32 Version: 2012.0120.0419.7502)
CCC Help Hungarian (x32 Version: 2012.0120.0419.7502)
CCC Help Italian (x32 Version: 2012.0120.0419.7502)
CCC Help Japanese (x32 Version: 2012.0120.0419.7502)
CCC Help Korean (x32 Version: 2012.0120.0419.7502)
CCC Help Norwegian (x32 Version: 2012.0120.0419.7502)
CCC Help Polish (x32 Version: 2012.0120.0419.7502)
CCC Help Portuguese (x32 Version: 2012.0120.0419.7502)
CCC Help Russian (x32 Version: 2012.0120.0419.7502)
CCC Help Spanish (x32 Version: 2012.0120.0419.7502)
CCC Help Swedish (x32 Version: 2012.0120.0419.7502)
CCC Help Thai (x32 Version: 2012.0120.0419.7502)
CCC Help Turkish (x32 Version: 2012.0120.0419.7502)
ccc-utility64 (Version: 2012.0120.420.7502)
CCleaner (Version: 4.08)
CyberLink PowerDVD 9.6 (x32 Version: 9.6.1.6523)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dell WLAN and Bluetooth Client Installation (x32 Version: 9.0)
DHTML Editing Component (x32 Version: 6.02.0001)
DirectX 9 Runtime (x32 Version: 1.00.0000)
DisplayLink Core Software (Version: 5.6.31854.0)
Dropbox (HKCU Version: 2.4.6)
EPSON Artisan 837 Series Printer Uninstall
Epson Event Manager (x32 Version: 3.01.0003)
EPSON Scan (x32)
EPSON XP-600 Series Printer Uninstall
EpsonNet Print (x32 Version: 2.5.00)
ePub DRM Removal (x32 Version: 1.4.1)
Family Tree Maker Version 16 (x32)
Garmin Express (x32 Version: 2.2.21)
Garmin Express Tray (x32 Version: 2.2.21)
Garmin Update Service (x32 Version: 2.2.21)
GENViewer version 1.23 (x32)
HP USB Graphics (Version: 5.6.31979.0)
IrfanView (remove only) (x32 Version: 4.35)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
LizardTech DjVu Control (x32)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office FrontPage 2003 (x32 Version: 11.0.8173.0)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.6123.5001)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (Version: 2.0.1578.0)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (Version: 2.0.1578.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
PDF2Word Converter Version 1.0.7 (Build 142, bioPDF) (x32 Version: PDF2Word Converter - Version 1.0.7 (Build 142))
Photo Story 3 for Windows (x32 Version: 3.0.1115.11)
PhotoShowExpress (x32 Version: 2.0.063)
Quicken 2013 (x32 Version: 22.1.12.7)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6537)
Roxio Activation Module (x32 Version: 1.0)
Roxio BackOnTrack (x32 Version: 1.3.3)
Roxio Burn (x32 Version: 1.8)
Roxio Creator Starter (x32 Version: 1.0.439)
Roxio Creator Starter (x32 Version: 12.1.77.0)
Roxio Creator Starter (x32 Version: 5.0.0)
Roxio Express Labeler 3 (x32 Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Skype Click to Call (x32 Version: 6.13.13771)
Skype™ 6.9 (x32 Version: 6.9.106)
SnagIt 8 (x32 Version: 8.2.3)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0)
Streaming Audio Recorder V3.1.4 (x32 Version: 3.1.4)
SUPERAntiSpyware (Version: 5.6.1040)
Ulead PhotoImpact X3 (x32 Version: 1.00.0000)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Video Download Capture V4.6.5 (x32 Version: 4.6.5)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Phone app for desktop (x32 Version: 1.0.1720.1)

==================== Restore Points  =========================

04-12-2013 11:24:06 Windows Update

==================== Hosts content: ==========================

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {21BFDCC8-8B17-4E9A-829D-E81A6C45AC64} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {56F58949-8540-4196-B3B0-18E5C60F79F4} - System32\Tasks\Update files => C:\Program Files\SyncToy 2.1\SyncToyCmd.exe
Task: {802A7D98-F9A4-41B1-84B9-75128C708379} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-03] (Adobe Systems Incorporated)
Task: {8753190F-A156-4B6D-A369-BAB05BB11DC4} - System32\Tasks\SUPERAntiSpyware Scheduled Task c6c8565b-5f7f-4ed8-9e8a-ed01a33e81d2 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-10-10] (SUPERAdBlocker.com)
Task: {A0C150FC-76FE-4FFA-A492-328FF89D1ED0} - System32\Tasks\{0DB47E27-A8F4-4E92-A9C2-0A140DF534C2} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.169.387&LastError=404
Task: {E24FE0DD-2BF5-4B0E-A340-CB9858281C10} - System32\Tasks\SUPERAntiSpyware Scheduled Task 09c12714-6009-4ac7-b37a-728338d02902 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-10-10] (SUPERAdBlocker.com)
Task: {F1298FC7-84AB-4382-8042-90367C01C0B1} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 09c12714-6009-4ac7-b37a-728338d02902.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c6c8565b-5f7f-4ed8-9e8a-ed01a33e81d2.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe

==================== Loaded Modules (whitelisted) =============

2013-10-01 10:26 - 2013-10-01 10:26 - 02810968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2013-08-22 13:00 - 2013-08-22 13:00 - 00009728 _____ () C:\Program Files (x86)\Garmin\Express Tray\Garmin.Cartography.MapUpdate.Device.DataTypes.dll
2012-01-20 02:13 - 2012-01-20 02:13 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 07:55 - 2011-11-09 07:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-08-23 11:01 - 2013-08-23 11:01 - 25100288 _____ () C:\Users\Warren'sDellXPS\AppData\Roaming\Dropbox\bin\libcef.dll
2010-11-24 20:44 - 2010-11-24 20:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2013-03-21 07:44 - 2007-08-02 20:07 - 00034064 _____ () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
2013-10-24 17:06 - 2013-10-24 17:06 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-10-24 17:06 - 2013-10-24 17:06 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-10-24 17:09 - 2013-10-24 17:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-09-04 08:28 - 2013-11-12 19:39 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-12-03 12:32 - 2013-12-03 12:32 - 16237448 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:5B811727

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Dell Wireless 1703 802.11b/g/n (2.4GHz)
Description: Dell Wireless 1703 802.11b/g/n (2.4GHz)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/05/2013 06:40:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 06:38:36 AM) (Source: Desktop Window Manager) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x88980406)

Error: (12/05/2013 05:35:19 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/05/2013 04:40:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 04:38:40 AM) (Source: Desktop Window Manager) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x88980406)

Error: (12/04/2013 10:00:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: MsiExec.exe, version: 5.0.7601.17514, time stamp: 0x4ce792c4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x0003469c
Faulting process id: 0x2120
Faulting application start time: 0xMsiExec.exe0
Faulting application path: MsiExec.exe1
Faulting module path: MsiExec.exe2
Report Id: MsiExec.exe3

Error: (12/04/2013 10:00:11 PM) (Source: Microsoft-Windows-RestartManager) (User: WARRENNEW)
Description: Application or service 'Internet Explorer' could not be shut down.

Error: (12/04/2013 10:00:11 PM) (Source: Microsoft-Windows-RestartManager) (User: WARRENNEW)
Description: Application or service 'Internet Explorer' could not be shut down.

Error: (12/04/2013 09:58:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16736, time stamp: 0x5258c4cc
Faulting module name: IECore.dll, version: 0.0.0.0, time stamp: 0x529ce18d
Exception code: 0xc0000005
Fault offset: 0x000015e5
Faulting process id: 0x220
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (12/04/2013 04:09:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/05/2013 06:38:28 AM) (Source: Service Control Manager) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
%%2

Error: (12/05/2013 06:38:26 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:37:19 AM on ‎12/‎5/‎2013 was unexpected.

Error: (12/05/2013 04:38:26 AM) (Source: Service Control Manager) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
%%2

Error: (12/04/2013 10:23:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DisplayLinkService service.

Error: (12/04/2013 04:07:47 PM) (Source: Service Control Manager) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
%%2

Error: (12/04/2013 02:57:25 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DisplayLinkService service.

Error: (12/04/2013 10:28:07 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (12/04/2013 10:19:07 AM) (Source: Service Control Manager) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
%%2

Error: (12/04/2013 08:24:33 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DisplayLinkService service.

Error: (12/04/2013 08:20:56 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.


Microsoft Office Sessions:
=========================
Error: (12/05/2013 06:40:16 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 06:38:36 AM) (Source: Desktop Window Manager)(User: )
Description: 0x88980406

Error: (12/05/2013 05:35:19 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (12/05/2013 04:40:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 04:38:40 AM) (Source: Desktop Window Manager)(User: )
Description: 0x88980406

Error: (12/04/2013 10:00:13 PM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.7601.175144ce792c4ntdll.dll6.1.7601.18247521ea8e7c00000050003469c212001cef17f42809375c:\Windows\syswow64\MsiExec.exeC:\Windows\SysWOW64\ntdll.dll80fe976e-5d72-11e3-b39d-a417316a1368

Error: (12/04/2013 10:00:11 PM) (Source: Microsoft-Windows-RestartManager)(User: WARRENNEW)
Description: 1C:\Program Files (x86)\Internet Explorer\iexplore.exeInternet Explorer0111767920

Error: (12/04/2013 10:00:11 PM) (Source: Microsoft-Windows-RestartManager)(User: WARRENNEW)
Description: 1C:\Program Files (x86)\Internet Explorer\iexplore.exeInternet Explorer0111748760

Error: (12/04/2013 09:58:12 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.167365258c4ccIECore.dll0.0.0.0529ce18dc0000005000015e522001cef17bef9bd755C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\ScorpionSaver\IECore.dll38e3deca-5d72-11e3-b39d-a417316a1368

Error: (12/04/2013 04:09:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-11-27 15:57:07.386
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dlumd64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-11-27 15:57:07.346
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dlumd64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-11-27 15:57:07.296
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dlumd64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-11-27 15:57:07.256
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dlumd64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 16344.95 MB
Available physical RAM: 13039.77 MB
Total Pagefile: 32688.07 MB
Available Pagefile: 29045.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (OSDisk) (Fixed) (Total:209.9 GB) (Free:54.46 GB) NTFS
Drive d: (Recovery) (Fixed) (Total:13.67 GB) (Free:5.98 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (Old Sys - storage) (Fixed) (Total:1849.34 GB) (Free:1689.6 GB) NTFS
Drive g: () (Removable) (Total:1.81 GB) (Free:1.81 GB) FAT
Drive h: (Expansion Drive) (Fixed) (Total:465.76 GB) (Free:239.42 GB) NTFS
Drive j: (DATAPART1) (Fixed) (Total:238.47 GB) (Free:237.96 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4DB95B22)
Partition 1: (Not Active) - (Size=-213307621376) - (Type=07 NTFS)
Partition 2: (Active) - (Size=14 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: F6CC6EA8)
Partition 1: (Not Active) - (Size=238 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 224 GB) (Disk ID: EB43AEB5)
Partition 1: (Not Active) - (Size=210 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=14 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 2 GB) (Disk ID: B253E799)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)

========================================================
Disk: 4 (Size: 466 GB) (Disk ID: 00616895)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Wow - that's a lto of material for you to examine.  Thank you, but of course I have two remaining questions.  WiIl this stop Scorpion from invading again , and woduil it help to invoke AdwCleaner's PUP hosting function?

 

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

OK, you posted the "Additional scan result" twice, I need you to post or attach the FRST.txt.

 

Wow - that's a lto of material for you to examine.  Thank you, but of course I have two remaining questions.  WiIl this stop Scorpion from invading again ,

It won't install again from this infection, it's up to you to keep the computer protected and watch what you download.

 

 

 

and woduil it help to invoke AdwCleaner's PUP hosting function?

Yes it would.

MrC

Link to post
Share on other sites
wrobo00

wrobo00

Posted
Posted

I'm having the same trouble.  I've gone through the following steps already:

 

1. Uninstalled Scorpion Saver through Add/Remove Programs; it keeps coming back and I am now unable to uninstall it.

2. Downloaded AdwCleaner; scanned my system with it; Cleaned my system with it

3. Set Malwarebytes to Show PUP's in Results List and Check for removal; updated; ran a quick scan; removed everything

4. Downloaded Farbar Recovery Scan Tool; scanned with it.

 

I need some help on finishing this up.  Pertinent logs are attached.  Thanks for the assistance!

 

 

AdwCleanerR0.txt

AdwCleanerS0.txt

mbam-log-2013-12-05 (19-35-09).txt

Addition.txt

FRST_05-12-2013_19-49-19.txt

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.