Jump to content

Malwarebytes (and AVG) are stopping during scan

nomad20001

By nomad20001
in Resolved Malware Removal Logs

 Share

Recommended Posts

nomad20001

nomad20001

Posted
Posted
Hi!

 

When running a scan in Malwarebytes, the program scans about 60K files and then stops responding. The first assumption is that it is a problem with the program, but the same thing is happening with AVG antivirus, so I'm not sure if this is a malware issue or not. Most times, the programs stop when scanning files in the same directory ("C:\$Recycle.Bin\S-1-5-21-1419232504-1716939858-4126110430") and no logs are generated.

 

I have tried doing the scan in safe mode and have also run RKill before starting a scan but I've gotten the same results.

 

I have been running Malwarebytes (and AVG) on this machine successfully for about a year. O/S is Windows 7 (32-bit).

 

Thank you in advance for your help.

 

MD

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Hello nomad20001 and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites
nomad20001

nomad20001

Posted
  • Author
Posted
DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2

Run by fpeyton at 15:24:51 on 2014-02-06

Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3037.1139 [GMT -8:00]

.

AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ================

.

C:\PROGRA~1\AVG\AVG2014\avgrsx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe

C:\Program Files\AVG\AVG2014\avgidsagent.exe

C:\Program Files\AVG\AVG2014\avgwdsvc.exe

C:\Program Files\Broadcom\BPowMon\BPowMon.exe

C:\Program Files\Jungle Disk Server Edition\JungleDiskServer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files\AVG\AVG2014\avgnsx.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

C:\Windows\system32\vmnat.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe

C:\Users\fpeyton\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Users\fpeyton\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Users\fpeyton\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

C:\Program Files\VMware\VMware Player\vmware-authd.exe

C:\Windows\system32\vmnetdhcp.exe

C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\notepad.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\AVG\AVG2014\avgcsrvx.exe

C:\Program Files\AVG\AVG2014\avgcsrvx.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\Adobe\Adobe Fireworks CS5.1\Fireworks.exe

C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\svchost.exe -k Akamai

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

.

============== Pseudo HJT Report ===============

.


uProxyOverride = 127.0.0.1:9421;<local>

BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

uRun: [AdobeBridge] <no file>

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin

mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "c:\program files\common files\adobe\cs5.5servicemanager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"

mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY

mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [sDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"

StartupFolder: c:\users\fpeyton\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\fpeyton\appdata\roaming\dropbox\bin\Dropbox.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\allfil~1.lnk - c:\All Files

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:255

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: HideFastUserSwitching = dword:0

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

LSP: c:\program files\vmware\vmware player\vsocklib.dll





TCP: NameServer = 68.105.29.16 68.105.28.16 68.4.16.30

TCP: Interfaces\{D20E8F56-064B-4D35-9D00-B28CA6B6F092} : DHCPNameServer = 68.105.29.16 68.105.28.16 68.4.16.30

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Name-Space Handler: ftp\* - {419A0123-4312-1122-A0C0-434FDA6DA542} - c:\program files\coreftp\pftpns.dll

Notify: igfxcui - igfxdev.dll

Notify: SDWinLogon - SDWinLogon.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.107\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\fpeyton\appdata\roaming\mozilla\firefox\profiles\103tyhbr.default\




FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll

FF - component: c:\users\fpeyton\appdata\roaming\mozilla\firefox\profiles\103tyhbr.default\extensions\{6ac85730-7d0f-4de0-b3fa-21142dd85326}\platform\winnt\components\ColorZilla.dll

FF - component: c:\users\fpeyton\appdata\roaming\mozilla\firefox\profiles\103tyhbr.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc_fireftp.dll

FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\acrobat 10.0\acrobat\air\nppdf32.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect32.dll

FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect64.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\fpeyton\appdata\local\citrix\plugins\94\npappdetector.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_44.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-10-24 147768]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448]

R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-5 120600]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-4 209176]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-17 22840]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-10-31 176952]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848]

R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2010-9-28 81920]

R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 20992]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2013-11-11 3478544]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008]

R2 BPowMon;Broadcom Power monitoring service;c:\program files\broadcom\bpowmon\BPowMon.exe [2009-8-17 79168]

R2 JungleDiskServerService;JungleDiskServerService;c:\program files\jungle disk server edition\JungleDiskServer.exe [2010-9-24 7203840]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2011-4-29 47640]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-3-8 418376]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-3-8 701512]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2014-2-4 3921880]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2014-2-4 171416]

R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2010-9-21 539184]

R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2010-9-28 273960]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-3-8 22856]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-2-6 40776]

R3 staccel;staccel;c:\windows\system32\drivers\staccel.sys [2011-12-22 32864]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2014-2-4 1042272]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 288112]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 glancedrv;glancedrv;c:\windows\system32\drivers\glancedrv.sys [2011-3-15 34080]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-1-29 108032]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-2-28 14848]

S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-11-12 49152]

S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\microsoft visual studio 10.0\team tools\performance tools\VSPerfDrv100.sys [2011-1-18 54144]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-6 1343400]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-22 47128]

S4 RsFx0105;RsFx0105 Driver;c:\windows\system32\drivers\RsFx0105.sys [2011-9-22 238696]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2011-9-22 370024]

.

=============== File Associations ===============

.

FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [userChoice]

FileExt: .js: Applications\sublime_text.exe="c:\program files\sublime text 2\sublime_text.exe" "%1" [userChoice]

ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5.5\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2014-02-06 18:53:37 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2014-02-04 21:54:55 -------- d-----w- C:\!KillBox

2014-02-04 21:50:50 18968 ----a-w- c:\windows\system32\sdnclean.exe

2014-02-04 21:50:49 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2014-02-04 21:50:45 -------- d-----w- c:\program files\Spybot - Search & Destroy 2

2014-02-04 21:45:17 388096 ----a-r- c:\users\fpeyton\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2014-02-04 21:45:16 -------- d-----w- c:\program files\Trend Micro

2014-01-21 18:35:46 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-01-14 19:57:51 2349056 ----a-w- c:\windows\system32\win32k.sys

2014-01-14 19:57:50 240576 ----a-w- c:\windows\system32\drivers\netio.sys

2014-01-14 19:57:39 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2014-01-14 19:57:39 6016 ----a-w- c:\windows\system32\drivers\usbd.sys

2014-01-14 19:57:39 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys

2014-01-14 19:57:39 284672 ----a-w- c:\windows\system32\drivers\usbport.sys

2014-01-14 19:57:39 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys

2014-01-14 19:57:39 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2014-01-14 19:57:39 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys

.

==================== Find3M  ====================

.

2014-02-04 23:09:09 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-02-04 23:09:09 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-11-26 09:23:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb

2013-11-26 09:22:11 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll

2013-11-26 08:53:56 61952 ----a-w- c:\windows\system32\iesetup.dll

2013-11-26 08:52:26 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll

2013-11-26 08:29:55 112128 ----a-w- c:\windows\system32\ieUnatt.exe

2013-11-26 08:29:52 108032 ----a-w- c:\windows\system32\ieetwcollector.exe

2013-11-26 08:28:16 553472 ----a-w- c:\windows\system32\jscript9diag.dll

2013-11-26 08:16:12 4243968 ----a-w- c:\windows\system32\jscript9.dll

2013-11-26 07:32:06 1928192 ----a-w- c:\windows\system32\inetcpl.cpl

2013-11-26 06:33:33 1820160 ----a-w- c:\windows\system32\wininet.dll

2013-11-23 18:26:20 417792 ----a-w- c:\windows\system32\WMPhoto.dll

2013-11-12 02:07:29 2048 ----a-w- c:\windows\system32\tzres.dll

.

============= FINISH: 15:25:48.04 ===============

 

 

 


.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional 

Boot Device: \Device\HarddiskVolume2

Install Date: 10/4/2010 12:39:20 PM

System Uptime: 2/6/2014 10:28:40 AM (5 hours ago)

.

Motherboard: Dell Inc. |  | 07N90W

Processor: Pentium® Dual-Core  CPU      E5400  @ 2.70GHz | CPU 1 | 2693/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 290 GiB total, 140.019 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: LogMeIn Kernel Information Provider

Device ID: ROOT\LEGACY_LMIINFO\0000

Manufacturer: 

Name: LogMeIn Kernel Information Provider

PNP Device ID: ROOT\LEGACY_LMIINFO\0000

Service: LMIInfo

.

Class GUID: {4d36e968-e325-11ce-bfc1-08002be10318}

Description: LogMeIn Mirror Driver

Device ID: ROOT\DISPLAY\0001

Manufacturer: LogMeIn, Inc.

Name: LogMeIn Mirror Driver

PNP Device ID: ROOT\DISPLAY\0001

Service: lmimirr

.

==== System Restore Points ===================

.

RP258: 1/21/2014 10:30:17 AM - Installed Java 7 Update 51

RP259: 1/28/2014 2:50:50 PM - Scheduled Checkpoint

RP260: 1/29/2014 4:55:00 PM - Windows Modules Installer

RP261: 1/29/2014 5:13:54 PM - Windows Update

RP262: 1/29/2014 7:25:16 PM - Windows Update

RP263: 2/4/2014 1:06:21 PM - Restore Operation

RP264: 2/4/2014 1:44:42 PM - Installed HiJackThis

.

==== Installed Programs ======================

.

Acrobat.com

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe After Effects CS4

Adobe After Effects CS4 Presets

Adobe After Effects CS4 Template Projects & Footage

Adobe After Effects CS4 Third Party Content

Adobe AIR

Adobe Anchor Service CS4

Adobe Asset Services CS4

Adobe Bridge CS4

Adobe CMaps CS4

Adobe Color - Photoshop Specific CS4

Adobe Color EU Extra Settings CS4

Adobe Color JA Extra Settings CS4

Adobe Color NA Recommended Settings CS4

Adobe Color Video Profiles AE CS4

Adobe Color Video Profiles CS CS4

Adobe Community Help

Adobe Content Viewer

Adobe Contribute CS4

Adobe Creative Suite 4 Master Collection

Adobe Creative Suite 5.5 Design Premium

Adobe CS4 American English Speech Analysis Models

Adobe CS4 French Speech Analysis Models

Adobe CS4 German Speech Analysis Models

Adobe CS4 International English Speech Analysis Models

Adobe CS4 Italian Speech Analysis Models

Adobe CS4 Japanese Speech Analysis Models

Adobe CS4 Korean Speech Analysis Models

Adobe CS4 Spanish Speech Analysis Models

Adobe CSI CS4

Adobe Default Language CS4

Adobe Device Central CS4

Adobe Download Assistant

Adobe Dreamweaver CS4

Adobe Drive CS4

Adobe Dynamiclink Support

Adobe Encore CS4

Adobe Encore CS4 Codecs

Adobe Encore CS4 Library

Adobe ExtendScript Toolkit CS4

Adobe Extension Manager CS4

Adobe Fireworks CS4

Adobe Flash CS4

Adobe Flash CS4 Extension - Flash Lite STI en

Adobe Flash CS4 STI-en

Adobe Flash Player 12 ActiveX

Adobe Flash Player 12 Plugin

Adobe Fonts All

Adobe Illustrator CS4

Adobe InDesign CS4

Adobe InDesign CS4 Application Feature Set Files (Roman)

Adobe InDesign CS4 Common Base Files

Adobe InDesign CS4 Icon Handler

Adobe InDesign CS5.5

Adobe Linguistics CS4

Adobe Media Encoder CS4

Adobe Media Encoder CS4 Additional Exporter

Adobe Media Encoder CS4 Dolby

Adobe Media Encoder CS4 Exporter

Adobe Media Encoder CS4 Importer

Adobe Media Player

Adobe MotionPicture Color Files CS4

Adobe OnLocation CS4

Adobe Output Module

Adobe PDF Library Files CS4

Adobe Photoshop CS4

Adobe Photoshop CS4 Support

Adobe Premiere Pro CS4

Adobe Premiere Pro CS4 Functional Content

Adobe Premiere Pro CS4 Third Party Content

Adobe Reader X (10.1.9)

Adobe Search for Help

Adobe Service Manager Extension

Adobe Setup

Adobe SGM CS4

Adobe SING CS4

Adobe Soundbooth CS4

Adobe Soundbooth CS4 Codecs

Adobe Type Support CS4

Adobe Update Manager CS4

Adobe Version Cue CS4 Server

Adobe Widget Browser

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS4

AdobeColorCommonSetCMYK

AdobeColorCommonSetRGB

AIM for Windows

Akamai NetSession Interface

Akamai NetSession Interface Service

AOL Messaging Toolbar

Audacity 1.3.14 (Unicode)

Audacity 2.0.3

AVG 2014

Broadcom Gigabit NetLink Controller

Broadcom Management Programs

Camtasia Studio 8

Connect

Core FTP LE

Crystal Reports for Visual Studio

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell Backup and Recovery Manager

Dell Edoc Viewer

Dell Support Center

Download Updater (AOL Inc.)

Dropbox

Google Chrome

Google Earth

Google Update Helper

GoToMeeting 6.0.0.1259

Help & Manual 5

HiJackThis

Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182)

Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2890573)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2529927)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2548139)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2549864)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2565057)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2635973)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2736182)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2890573)

ImgBurn

Intel® Graphics Media Accelerator Driver

Java 7 Update 51

Java Auto Updater

Java SE Development Kit 7 Update 4

Java 6 Update 30

JavaFX 2.1.0

JavaFX 2.1.0 SDK

Jungle Disk Server Edition

Juniper Networks Setup Client

Junk Mail filter update

kuler

LAME v3.99.3 (for Windows)

Malwarebytes Anti-Malware version 1.75.0.1300

Marketing Studio

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft .NET Framework 4.5.1

Microsoft Application Error Reporting

Microsoft ASP.NET MVC 2

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools

Microsoft Help Viewer 1.0

Microsoft Office 2010 Primary Interop Assemblies

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Silverlight 3 SDK

Microsoft Silverlight 4 SDK

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2008

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 Native Client

Microsoft SQL Server 2008 R2 Data-Tier Application Framework

Microsoft SQL Server 2008 R2 Data-Tier Application Project

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server 2008 R2 Transact-SQL Language Service

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files 

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Database Publishing Wizard 1.4

Microsoft SQL Server System CLR Types

Microsoft SQL Server VSS Writer

Microsoft Sync Framework Runtime v1.0 SP1 (x86)

Microsoft Sync Framework SDK v1.0 SP1

Microsoft Sync Framework Services v1.0 SP1 (x86)

Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)

Microsoft Team Foundation Server 2010 Object Model - ENU

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319

Microsoft Visual F# 2.0 Runtime

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

Microsoft Visual Studio 2010 Performance Collection Tools SP1 - ENU

Microsoft Visual Studio 2010 Premium - ENU

Microsoft Visual Studio 2010 Service Pack 1

Microsoft Visual Studio 2010 SharePoint Developer Tools

Microsoft Visual Studio 2010 Tools for Office Runtime (x86)

Microsoft Visual Studio Macro Tools

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

Mozilla Firefox 26.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

NetBeans IDE 7.1.2

Notepad++

Opera 12.16

PDF Settings CS4

PDF Settings CS5

Photoshop Camera Raw

Pixel Bender Toolkit

PowerDVD DX

QuickTime

Realtek High Definition Audio Driver

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE 10.3

Roxio Creator Tools

Roxio Express Labeler 3

Roxio Update Manager

Safari

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition

Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition

Security Update for Microsoft Visual Studio 2010 Premium - ENU (KB2644980)

Security Update for Microsoft Visual Studio 2010 Premium - ENU (KB2645410)

Security Update for Microsoft Visual Studio Macro Tools (KB2669970)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition

Service Pack 3 for SQL Server 2008 (KB2546951)

ShoreTel Communicator

Skype™ 6.11

SmartDraw 2014

SmartDraw PDF Export (novaPDF 6.4  printer)

Spybot - Search & Destroy

Sql Server Customer Experience Improvement Program

Suite Shared Configuration CS4

TextPad 6

tools-linux

tools-windows

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

Visual Studio 2012 x86 Redistributables

Visual Studio Tools for the Office system 3.0 Runtime

Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)

VLC media player 1.1.11

VMware Player

WampServer 2.0

WCF RIA Services V1.0 SP1

Web Deployment Tool

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

WinRAR archiver

.

==== Event Viewer Messages From Past Week ========

.

2/6/2014 3:20:17 PM, Error: Microsoft-Windows-GroupPolicy [1055]  - The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:  a) Name Resolution failure on the current domain controller.  b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

2/6/2014 2:22:11 PM, Error: Microsoft-Windows-GroupPolicy [1053]  - The processing of Group Policy failed. Windows could not resolve the user name. This could be caused by one of more of the following:  a) Name Resolution failure on the current domain controller.  b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

2/6/2014 10:33:38 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

2/6/2014 10:31:30 AM, Error: Microsoft-Windows-TerminalServices-RemoteConnectionManager [1067]  - The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The RPC server is unavailable. .

2/6/2014 10:31:08 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

2/6/2014 10:30:32 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.

2/6/2014 10:30:32 AM, Error: Service Control Manager [7000]  - The Spybot-S&D 2 Updating Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

2/6/2014 10:29:59 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

2/6/2014 10:29:59 AM, Error: Service Control Manager [7000]  - The Spybot-S&D 2 Scanner Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

2/6/2014 10:29:13 AM, Error: Service Control Manager [7000]  - The LogMeIn Kernel Information Provider service failed to start due to the following error:  The system cannot find the path specified.

2/6/2014 10:29:13 AM, Error: NETLOGON [5719]  - This computer was not able to set up a secure session with a domain controller in domain AD due to the following:  There are currently no logon servers available to service the logon request.  This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.   ADDITIONAL INFO  If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

2/4/2014 12:46:57 PM, Error: Microsoft-Windows-GroupPolicy [1129]  - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

2/4/2014 10:36:03 AM, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.

2/4/2014 10:35:56 AM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.

2/4/2014 10:35:54 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

2/4/2014 10:35:53 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

2/4/2014 10:35:47 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

2/4/2014 10:35:47 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

2/4/2014 10:35:41 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

2/4/2014 10:35:34 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

2/4/2014 10:34:05 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

2/4/2014 10:34:03 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD Avgdiskx AVGIDSDriver AVGIDSShim Avgldx86 Avgtdix CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf ws2ifsl

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The Netlogon service depends on the Workstation service which failed to start because of the following error:  The dependency service or group failed to start.

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.

2/4/2014 10:34:02 AM, Error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.

2/3/2014 11:54:04 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

2/3/2014 11:54:04 AM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

2/3/2014 11:54:04 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

1/31/2014 10:34:32 AM, Error: Microsoft-Windows-TerminalServices-RemoteConnectionManager [1067]  - The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted. .

.

==== End Of File ===========================

 

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites
nomad20001

nomad20001

Posted
  • Author
Posted
ComboFix 14-02-05.02 - fpeyton 02/10/2014  11:03:53.1.2 - x86

Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3037.1604 [GMT -8:00]

Running from: c:\users\fpeyton\Desktop\ComboFix.exe

AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\fpeyton\g2mdlhlpx.exe

c:\windows\Fonts\USPSIMBStandard.ttf

.

.

(((((((((((((((((((((((((   Files Created from 2014-01-10 to 2014-02-10  )))))))))))))))))))))))))))))))

.

.

2014-02-10 19:15 . 2014-02-10 19:15 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-02-10 19:15 . 2014-02-10 19:15 -------- d-----w- c:\users\sditch\AppData\Local\temp

2014-02-10 19:15 . 2014-02-10 19:15 -------- d-----w- c:\users\MindFireSupport\AppData\Local\temp

2014-02-10 19:15 . 2014-02-10 19:15 -------- d-----w- c:\users\administrator\AppData\Local\temp

2014-02-06 18:53 . 2014-02-06 18:53 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2014-02-04 21:54 . 2014-02-04 21:54 -------- d-----w- C:\!KillBox

2014-02-04 21:50 . 2014-02-10 18:50 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2014-02-04 21:50 . 2014-02-10 18:53 -------- d-----w- c:\program files\Spybot - Search & Destroy 2

2014-02-04 21:45 . 2014-02-04 21:45 388096 ----a-r- c:\users\fpeyton\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2014-02-04 21:45 . 2014-02-04 21:45 -------- d-----w- c:\program files\Trend Micro

2014-01-21 18:35 . 2013-12-19 05:10 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-01-14 19:57 . 2013-11-26 10:10 2349056 ----a-w- c:\windows\system32\win32k.sys

2014-01-14 19:57 . 2013-11-26 11:11 240576 ----a-w- c:\windows\system32\drivers\netio.sys

2014-01-14 19:57 . 2013-11-27 01:14 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys

2014-01-14 19:57 . 2013-11-27 01:13 284672 ----a-w- c:\windows\system32\drivers\usbport.sys

2014-01-14 19:57 . 2013-11-27 01:13 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2014-01-14 19:57 . 2013-11-27 01:13 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys

2014-01-14 19:57 . 2013-11-27 01:13 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys

2014-01-14 19:57 . 2013-11-27 01:13 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2014-01-14 19:57 . 2013-11-27 01:13 6016 ----a-w- c:\windows\system32\drivers\usbd.sys

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-02-04 23:09 . 2012-04-04 13:23 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-02-04 23:09 . 2011-06-10 16:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-11-27 00:19 . 2013-11-27 00:19 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-11-27 00:19 . 2013-11-27 00:19 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2013-11-27 00:19 . 2013-11-27 00:19 645120 ----a-w- c:\windows\system32\jsIntl.dll

2013-11-27 00:19 . 2013-11-27 00:19 194048 ----a-w- c:\windows\system32\elshyph.dll

2013-11-27 00:19 . 2013-11-27 00:19 62464 ----a-w- c:\windows\system32\tdc.ocx

2013-11-27 00:19 . 2013-11-27 00:19 34816 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll

2013-11-27 00:19 . 2013-11-27 00:19 337408 ----a-w- c:\windows\system32\html.iec

2013-11-27 00:19 . 2013-11-27 00:19 182272 ----a-w- c:\windows\system32\msls31.dll

2013-11-27 00:19 . 2013-11-27 00:19 24576 ----a-w- c:\windows\system32\licmgr10.dll

2013-11-27 00:19 . 2013-11-27 00:19 1051136 ----a-w- c:\windows\system32\mshtmlmedia.dll

2013-11-27 00:19 . 2013-11-27 00:19 454656 ----a-w- c:\windows\system32\vbscript.dll

2013-11-27 00:19 . 2013-11-27 00:19 151552 ----a-w- c:\windows\system32\iexpress.exe

2013-11-27 00:19 . 2013-11-27 00:19 139264 ----a-w- c:\windows\system32\wextract.exe

2013-11-27 00:19 . 2013-11-27 00:19 13312 ----a-w- c:\windows\system32\mshta.exe

2013-11-27 00:19 . 2013-11-27 00:19 86016 ----a-w- c:\windows\system32\iesysprep.dll

2013-11-27 00:19 . 2013-11-27 00:19 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-11-27 00:19 . 2013-11-27 00:19 61952 ----a-w- c:\windows\system32\MshtmlDac.dll

2013-11-27 00:19 . 2013-11-27 00:19 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-11-27 00:19 . 2013-11-27 00:19 36352 ----a-w- c:\windows\system32\imgutil.dll

2013-11-27 00:19 . 2013-11-27 00:19 111616 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-11-23 18:26 . 2013-12-10 19:39 417792 ----a-w- c:\windows\system32\WMPhoto.dll

2013-11-13 00:55 . 2011-01-05 20:41 2297888 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 131248 ----a-w- c:\users\fpeyton\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 131248 ----a-w- c:\users\fpeyton\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 131248 ----a-w- c:\users\fpeyton\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 131248 ----a-w- c:\users\fpeyton\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Akamai NetSession Interface"="c:\users\fpeyton\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]

"Spotify Web Helper"="c:\program files\Spotify\Data\SpotifyWebHelper.exe" [2012-11-05 1199576]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-15 20584608]

"AIM for Windows"="c:\users\fpeyton\AppData\Local\AOL\AIM\aim.exe" [2013-09-09 1074216]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-12 7739936]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]

"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2011-04-01 611712]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]

"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2013-12-18 41336]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2013-12-18 840568]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 137752]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 171032]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 172568]

"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-11-08 4956176]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

.

c:\users\fpeyton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\fpeyton\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-2 30714328]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

All Files - Shortcut.lnk - C:\All Files [2013-2-27] [Folder]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"HideFastUserSwitching"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ   autocheck autochk *\0\0sdnclean.exe

.

[HKLM\~\startupfolder\C:^Users^fpeyton^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^RescueTime.lnk]

path=c:\users\fpeyton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk

backup=c:\windows\pss\RescueTime.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

2012-11-05 22:27 89184 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-11-10 09:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]

2009-12-29 21:35 140520 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShoreTel Personal Call Manager]

2011-12-23 02:44 2392064 ----a-w- c:\program files\Shoreline Communications\ShoreWare Client\ShoreTel.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]

2010-09-21 10:42 64048 ----a-w- c:\program files\VMware\VMware Player\hqtray.exe

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [2013-11-12 3478544]

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]

R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]

R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2011-04-01 288112]

R3 glancedrv;glancedrv;c:\windows\system32\DRIVERS\glancedrv.sys [2009-05-13 34080]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-02-06 40776]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]

R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2011-01-19 54144]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-06 1343400]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-07 11520]

R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]

R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [2011-09-23 238696]

R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-23 370024]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2013-10-25 147768]

S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2013-11-01 222520]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2013-09-10 27448]

S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2013-11-06 120600]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2013-11-05 209176]

S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2013-09-17 22840]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2013-11-01 176952]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2009-03-31 81920]

S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]

S2 BPowMon;Broadcom Power monitoring service;c:\program files\Broadcom\BPowMon\BPowMon.exe [2009-08-17 79168]

S2 JungleDiskServerService;JungleDiskServerService;c:\program files\Jungle Disk Server Edition\JungleDiskServer.exe [2010-09-24 7203840]

S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2010-09-21 70704]

S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-09-21 539184]

S3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-08-21 273960]

S3 staccel;staccel;c:\windows\system32\DRIVERS\staccel.sys [2011-12-22 32864]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ   Akamai

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-02-04 01:49 1211720 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-02-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 23:09]

.

2014-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-27 17:08]

.

2014-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-27 17:08]

.

2014-02-10 c:\windows\Tasks\SDMsgUpdate (SD).job

- c:\progra~1\SMARTD~2\Messages\SDNotify.exe [2013-02-28 15:18]

.

2014-02-10 c:\windows\Tasks\SDMsgUpdate (TE).job

- c:\progra~1\SMARTD~2\Messages\SDNotify.exe [2013-02-28 15:18]

.

.

------- Supplementary Scan -------

.


uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105

LSP: c:\program files\VMware\VMware Player\vsocklib.dll

TCP: DhcpNameServer = 68.105.29.16 68.105.28.16 68.4.16.30

FF - ProfilePath - c:\users\fpeyton\AppData\Roaming\Mozilla\Firefox\Profiles\103tyhbr.default\




FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

HKCU-Run-AdobeBridge - (no file)

HKCU-Run-GoogleDriveSync - c:\program files\Google\Drive\googledrivesync.exe

HKCU-Run-22FB734BB809AC3A957DA6B6E205842FD23F3A61._service_run - c:\users\fpeyton\AppData\Local\Google\Chrome\Application\chrome.exe

HKCU-Run-ROC_ROC_APR2013_AV - c:\users\fpeyton\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe

HKCU-Run-AVG-Secure-Search-Update_0913a - c:\users\fpeyton\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe

HKLM-Run-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe

MSConfigStartUp-Aim - c:\program files\AIM\aim.exe

MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe

MSConfigStartUp-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe

AddRemove-1029933973.studio.mdl.io - c:\program files\Microsoft Silverlight\5.1.20513.0\Silverlight.Configuration.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]

"ServiceDll"="c:\program files\common files\akamai/netsession_win_8fa3539.dll"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2014-02-10  11:19:16

ComboFix-quarantined-files.txt  2014-02-10 19:19

.

Pre-Run: 148,724,051,968 bytes free

Post-Run: 148,374,499,328 bytes free

.

- - End Of File - - F67C8BC4D812AE0DCEAE7D03C3472120

CDB4DE4BBD714F152979DA2DCBEF57EB
Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites
nomad20001

nomad20001

Posted
  • Author
Posted

New information: After I ran ComboFix, I ran a scan using AVG and then MalwareBytes. Both scans completed successfully (they were not interrupted).

 

Here is the "List Threats" from ESET Online Scan:

 

C:\Program Files\AudioConverter\AudioConverter.exe a variant of Win32/InstallCore.A potentially unwanted application deleted - quarantined

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Glad I could help! :)

Last steps:

Step 1

  • Download OTL to your desktop and run it.
  • Click on CleanUp button.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2

Please uninstall ESET Online Scanner .

Step 3

Some malware preventions:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.