-
Junior Member
In desparate need of help- jipse
My computer has been taken over by the S-1-5-9 type account to the point where it has blocked me from doing most anything. I cannot update with windows, it also took over the HP critical update that would allow windows updates. It has taken over my spybot teatimer which I have disabled. I was able to gain the two information files for you as instructed in the before you post thread.
Computer life for me is at a standstill without your help.
Now most my restore points are gone but I did have backup on an external G drive but this think has taken admin rights on that too.
I did reinstall/backup my system several times before I realized what was happening. My sincere apologies if this becomes a hinderance. I see no happy ending at this point, only request for mercy and justice.
DDS
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: BrowserJavaVersion: 10.21.2
Run by Kim at 13:17:13 on 2014-03-10
#Option MBR scan is disabled.
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1918.779 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\System32\snmp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Opera\18.0.1284.63\opera.exe
C:\Program Files\Opera\18.0.1284.63\opera.exe
C:\Program Files\Opera\18.0.1284.63\opera.exe
C:\Program Files\Opera\18.0.1284.63\opera.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Opera\18.0.1284.63\opera.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\spybot - search & destroy\SpybotSD.exe
C:\Program Files\Opera\18.0.1284.63\opera.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Program Files\Opera\18.0.1284.63\opera.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\System32\svchost.exe -k ipripsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://s17-us2.startpage.com/do/mypage.pl?prfh=sslEEE1N1Nfont_sizeEEEmediumN1Ndisable_open_in_new_windowEEE0N1Nnum_of_resultsEEE10N1N
uSearch Bar = about:blank
uSearch Page = about:blank
mStart Page = about:blank
uProxyServer = hxxp=127.0.0.1:49248;https=127.0.0.1:49248
mSearchAssistant = about:blank
mCustomizeSearch = about:blank
BHO: <No Name>: {02478D38-C3F9-4efb-9B51-7695ECA05670} -
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} -
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
BHO: DVDVideoSoft WebPageAdjuster Class: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
mRun: [SpybotSnD] "c:\program files\spybot - search & destroy\SpybotSD.exe" /autocheck /autofix /autoclose /waitstart /waitmore
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
StartupFolder: c:\users\kim\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Open with WordPerfect - c:\program files\wordperfect office x3\programs\WPLauncher.hta
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.15.1
TCP: Interfaces\{45B92B1C-5EB6-4F63-910D-235D9D70E117} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{AA1B8839-BB67-4B20-857F-20287593E2F8} : DHCPNameServer = 192.168.15.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.146\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\kim\appdata\roaming\mozilla\firefox\profiles\h6rwaysc.default\
FF - prefs.js: browser.startup.homepage - hxxps://s17-us2.startpage.com/do/mypage.pl?prfh=sslEEE1N1Nfont_sizeEEEmediumN1Ndisable_open_in_new_windowEEE0N1Nnum_of_resultsEEE10N1N
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\0\NP_wtapp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\kim\appdata\local\directv player\npPlayerPlugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
R1 RapportCerberus_59849;RapportCerberus_59849;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\baseline\RapportCerberus32_59849.sys [2013-10-29 340432]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-10-25 157264]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-10-25 230448]
R2 iprip;RIP Listener;c:\windows\system32\svchost.exe -k ipripsvc [2009-7-13 20992]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-9-27 104768]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dsiarhwprog;dsiarhwprog;c:\windows\system32\drivers\dsiarhwprog.sys [2013-8-22 35256]
S3 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-10-25 108816]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-20 52224]
S3 usbdpfp;Fingerprint Reader Class Driver;c:\windows\system32\drivers\usbdpfp.sys [2006-9-16 47360]
S3 V0500Dev;Dynex 1.3MP Webcam Driver;c:\windows\system32\drivers\V0500Vid.sys [2009-8-10 251264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2014-3-9 1343400]
S4 NTI BackupNowEZSvr;NTI BackupNowEZSvr;c:\program files\nti\nti backup now ez\BackupNowEZSvr.exe [2013-2-5 46072]
S4 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-10-25 1444120]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="c:\program files\opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-03-10 04:37:27 7947048 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{8c651b31-d9d3-4542-b51e-e37af8dc0d9d}\mpengine.dll
2014-03-10 04:35:47 -------- d-----w- c:\windows\system32\Wat
2014-03-09 22:53:19 154624 ----a-w- c:\windows\system32\iisRtl.dll
2014-03-09 22:53:18 50688 ----a-w- c:\windows\system32\admwprox.dll
2014-03-09 22:53:18 15360 ----a-w- c:\windows\system32\iisreset.exe
2014-03-09 22:53:17 8192 ----a-w- c:\windows\system32\iisrstap.dll
2014-03-09 22:53:17 26624 ----a-w- c:\windows\system32\ahadmin.dll
2014-03-09 22:53:17 10752 ----a-w- c:\windows\system32\wamregps.dll
2014-03-09 21:25:29 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{656ee378-71a0-4b62-abcd-5672e85b06aa}\gapaengine.dll
2014-03-09 21:24:44 7947048 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-03-09 21:10:19 -------- d-----w- c:\windows\system32\BestPractices
2014-03-09 21:10:16 -------- d-----w- C:\inetpub
2014-03-09 21:03:20 -------- d-----w- c:\users\kim\appdata\roaming\HpUpdate
2014-03-09 21:03:13 -------- d-----w- c:\windows\Hewlett-Packard
2014-03-09 20:52:35 -------- d-----w- c:\users\kim\appdata\local\ElevatedDiagnostics
2014-03-07 20:22:21 -------- d-----w- c:\program files\Roxio Creator 2011
2014-03-07 19:34:10 3419136 ----a-w- c:\windows\system32\d2d1.dll
2014-03-07 19:34:10 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
.
==================== Find3M ====================
.
2014-03-07 20:34:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-07 20:34:42 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 13:19:09.44 ===============
for ERUNT my access was denied and I could garnish nothing
Please please help.
Thank You,
Jipse
I get thru this in one piece I promise my continuous donation to your network
-
Hi jipse,
We will get two downloads to start with and go from there. One is called Malwarebytes AntiMalware (MBAM) which you can keep and use as a antimalware app. The other is Roguekiller which we may use once or twice. Download and run MBAM first:
Please download the free version of Malwarebytes to your desktop.
Double-click mbam-setup.exe and follow the prompts to install the program.
Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click *Remove Selected.*
*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*
When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.
Next:
Download & SAVE to RogueKiller to your desktop. Not the X64 version, the other one
Double click to start
For Vista or Windows 7, right-click and select run as Admin
A prescan will start--Once the Prescan has finished click the Scan button
Once the scan is done a report.txt will be generated on your desktop.
Exit Rougekiller by going to File>Quit.
copy/paste the RKreport saved to your DeskTop in your reply.
-
Junior Member
Malwarebytes results
Thank You so much for your reply.
I installed and ran the Malwarbytes program. Log is below. This process with my external drive takes 4+ hours.
However, I cannot get the Rogue Killer to Run, I run as administrator and as soon as I agree to license to run it goes away.
This thing is still in here with me as my public internet access keeps getting turned on and I still cannot update windows. Also I ran the defender offline scan and it found nothing!
I will keep trying to run rogue from another account. If I get a result I will post it.
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2014.03.11.10
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Kim :: COMPADRE [administrator]
Protection: Enabled
3/11/2014 4:57:53 PM
mbam-log-2014-03-11 (16-57-53).txt
Scan type: Full scan (C:\|D:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 619229
Time elapsed: 4 hour(s), 18 minute(s), 21 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 2
C:\Users\Kim\AppData\Roaming\AntiMalwareSuite (Rogue.AntiMalwareSuite) -> Quarantined and deleted successfully.
C:\Users\Kim\AppData\Roaming\AntiMalwareSuite\Logs (Rogue.AntiMalwareSuite) -> Quarantined and deleted successfully.
Files Detected: 8
C:\Users\Kari\Documents\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Kim\Downloads\downloads 2\FreeYouTubeDownload.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Kim\Music\seven nation army.exe (Adware.InstallCore) -> Quarantined and deleted successfully.
G:\Knew Stockpile\W1\Downloads\downloads\aTube_Catcher.exe (PUP.Optional.Spigot.A) -> Quarantined and deleted successfully.
G:\Knew Stockpile\W1\Downloads\downloads\FreeYouTubeDownload.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Kari\Documents\My Music\My Music.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Users\Kari\Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Users\Kim\AppData\Roaming\AntiMalwareSuite\Logs\scns.log (Rogue.AntiMalwareSuite) -> Quarantined and deleted successfully.
(end)
-
Junior Member
RogueKiller results
I got RogueKiller to run the first two entries for zip.exe are from my first attempts to download RogueKiller
RogueKiller V8.8.10 [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Kim [Admin rights]
Mode : Scan -- Date : 03/11/2014 23:55:39
| ARK || FAK || MBR |
¤¤¤ Bad processes : 1 ¤¤¤
[SVCHOST] svchost.exe -- C:\Windows\System32\svchost.exe [7] -> KILLED [TermProc]
¤¤¤ Registry Entries : 8 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:49248;hxxps=127.0.0.1:49248 [Country: (Private Address) (XX), City: (Private Address)]) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 2 ¤¤¤
[V2][SUSP PATH] {4E2CCE4E-F188-40F1-8FAF-13E2759D8159} : C:\Users\Kim\Desktop\ZipSetup.exe [-] -> FOUND
[V2][SUSP PATH] {F9042162-28A9-458C-8DCB-283B3A2C09DA} : C:\Users\Kim\Desktop\ZipSetup.exe [-] -> FOUND
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
[Address] IAT @explorer.exe (ExitWindowsEx) : USER32.dll -> HOOKED (C:\Program Files\NTI\NTI Backup Now EZ\Pehook.DLL @ 0x10001940)
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 hi.studioaperto.net
127.0.0.1 www.hi.studioaperto.net
127.0.0.1 webbrowser.tv
127.0.0.1 www.webbrowser.tv
127.0.0.1 wazzupnet.com
127.0.0.1 www.wazzupnet.com
127.0.0.1 gueb.com
127.0.0.1 www.gueb.com
[...]
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) Hitachi HDT725025VLA SCSI Disk Device +++++
--- User ---
[MBR] b881d5145f86244c6b5f765817ce096e
[BSP] 10c2bb9d012386fb99a850a73404f73d : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 228408 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 467780670 | Size: 10064 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )
Finished : << RKreport[0]_S_03112014_235539.txt >>
-
ok thanks for the info. We will get another download and rerun rougekiller.
Do you see this .exe on your desktop C:\Users\Kim\Desktop\------->ZipSetup.exe
I would bet its malware thats scheduled to install itself, Since its registered as a scheduled task. You can delete it from the desktop Some malware may use Windows task scheduler.
Please download AdwCleaner to your desktop. http://www.bleepingcomputer.com/download/adwcleaner/
Double click on AdwCleaner.exe, select OK, then Run. Accept Terms of Use
Click on SCAN. Once the scan completes, click the Clean button.
Machine will reboot and on restart will display a log file that you can copy/paste in your reply
You can also find the logfile at C:\AdwCleaner[R1].txt as well.
Next:
Rerun Roguekiller like before:
Double click Rougekiller icon to start
For Vista or Windows 7, right-click and select run as Admin
A prescan will start--Once the Prescan has finished click the Scan button.
Once the scan has finished click on the Fix Proxy button and then also the Delete button once it becomes available
Finally click the report button. Copy/paste the contents in your reply
File>Quit to Exit Rougekiller then reboot your machine.
-
Junior Member
Can't delete zip.exe ~ AdwC Log and RK Report
Okay, So I do see the .exe on my desktop C:\Users\Kim\Desktop\------->ZipSetup.exe
It will not allow me to delete it without permission from myself and no option to do that.
I have been unable to delete it. Please help with that.
Ran AdwCleaner/Rebooted and log file below.
Then Reran Roguekiller like before:clicked Fix Proxy button and then also the Delete button once it became available
Report below/Rebooted. Had to reboot twice.
On first reboot the firewall was disabled and I could not enable it or restore to default so I rebooted again. seems okay so far.
_________________________
ADWCLEANER LOG FILE
_________________________
# AdwCleaner v3.021 - Report created 12/03/2014 at 20:08:17
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Kim - COMPADRE
# Running from : C:\Users\Kim\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\Users\Kim\AppData\Roaming\dvdvideosoftiehelpers
File Deleted : C:\Users\Kari\AppData\Roaming\Mozilla\Firefox\Profiles\yrtaa5si.default\searchplugins\search.xml
File Deleted : C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\h6rwaysc.default\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C13FE3D3-FDF0-43BA-BDC9-002517B9A6BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\caphyon
Key Deleted : HKCU\Software\CompeteInc
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v24.0 (en-US)
[ File : C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\h6rwaysc.default\prefs.js ]
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.userId", "{54670371-c611-4b45-b047-ee7f70121046}");
Line Deleted : user_pref("plugin.state.npviewpoint", 0);
[ File : C:\Users\Kari\AppData\Roaming\Mozilla\Firefox\Profiles\yrtaa5si.default\prefs.js ]
[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fm6r9jy.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [4980 octets] - [12/03/2014 19:57:37]
AdwCleaner[S0].txt - [4880 octets] - [12/03/2014 20:08:17]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4940 octets] ##########
_____________________
ROGUE KILLER REPORT
_____________________
RogueKiller V8.8.10 [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Kim [Admin rights]
Mode : Remove -- Date : 03/12/2014 20:40:51
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 7 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REPLACED (1)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Scheduled tasks : 2 ¤¤¤
[V2][SUSP PATH] {4E2CCE4E-F188-40F1-8FAF-13E2759D8159} : C:\Users\Kim\Desktop\ZipSetup.exe [-] -> DELETED
[V2][SUSP PATH] {F9042162-28A9-458C-8DCB-283B3A2C09DA} : C:\Users\Kim\Desktop\ZipSetup.exe [-] -> DELETED
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 hi.studioaperto.net
127.0.0.1 www.hi.studioaperto.net
127.0.0.1 webbrowser.tv
127.0.0.1 www.webbrowser.tv
127.0.0.1 wazzupnet.com
127.0.0.1 www.wazzupnet.com
127.0.0.1 gueb.com
127.0.0.1 www.gueb.com
[...]
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) Hitachi HDT725025VLA SCSI Disk Device +++++
--- User ---
[MBR] b881d5145f86244c6b5f765817ce096e
[BSP] 10c2bb9d012386fb99a850a73404f73d : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 228408 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 467780670 | Size: 10064 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) TOSHIBA External USB 3.0 USB Device +++++
--- User ---
[MBR] 0b939978dcaf59ace1963eba7bd22f60
[BSP] dd7c339f4eca6474db601c948a5f994f : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )
Finished : << RKreport[0]_D_03122014_204051.txt >>
RKreport[0]_S_03122014_203902.txt
I will wait for your next advised move.
I will also mention that my computer crashed this afternoon and I had to use startup repair to set it right again. UGH :0(
Thank You for your time and help! :0)
-
Junior Member
poss wrong rk file
I think I may have posted the wrong RK report (I had three) so I redid it
here is most recent report
RogueKiller V8.8.10 [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Kim [Admin rights]
Mode : Remove -- Date : 03/13/2014 15:07:39
| ARK || FAK || MBR |
¤¤¤ Bad processes : 1 ¤¤¤
[SVCHOST] svchost.exe -- C:\Windows\System32\svchost.exe [7] -> KILLED [TermProc]
¤¤¤ Registry Entries : 0 ¤¤¤
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
[Address] IAT @explorer.exe (ExitWindowsEx) : USER32.dll -> HOOKED (C:\Program Files\NTI\NTI Backup Now EZ\Pehook.DLL @ 0x10001940)
[Address] IAT @explorer.exe (ExitWindowsEx) : USER32.dll -> HOOKED (C:\Program Files\NTI\NTI Backup Now EZ\Pehook.DLL @ 0x10001940)
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 hi.studioaperto.net
127.0.0.1 www.hi.studioaperto.net
127.0.0.1 webbrowser.tv
127.0.0.1 www.webbrowser.tv
127.0.0.1 wazzupnet.com
127.0.0.1 www.wazzupnet.com
127.0.0.1 gueb.com
127.0.0.1 www.gueb.com
[...]
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) Hitachi HDT725025VLA SCSI Disk Device +++++
--- User ---
[MBR] b881d5145f86244c6b5f765817ce096e
[BSP] 10c2bb9d012386fb99a850a73404f73d : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 228408 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 467780670 | Size: 10064 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) TOSHIBA External USB 3.0 USB Device +++++
--- User ---
[MBR] 0b939978dcaf59ace1963eba7bd22f60
[BSP] dd7c339f4eca6474db601c948a5f994f : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )
Finished : << RKreport[0]_D_03132014_150739.txt >>
RKreport[0]_D_03122014_204051.txt;RKreport[0]_S_03122014_203902.txt;RKreport[0]_S_03122014_220207.txt
RKreport[0]_S_03132014_150201.txt
-
ok thanks for the info. Looks like the desktop file was deleted by RK: C:\Users\Kim\Desktop\ZipSetup.exe [-] -> DELETED. Is it gone from the desktop?
Can you rerun DDS and copy/paste in both the logs. In the settings panel when you start it please make sure that under SCAN that dds txt and attach txt is checked and under options for dds txt: ensure that check MBR is checked.
Then click the start button to run. Copy/paste the logs in your reply. thanks
-
Junior Member
Zip file still here new DDS TXT posted
The Zip.Exe file is still on the desktop
dds txt here.
dds attach will be in new thread... too big
DDS TXT
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: BrowserJavaVersion: 10.51.2
Run by Kim at 20:03:58 on 2014-03-13
#Option Extended Search is enabled.
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1918.857 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Roxio\BackOnTrack\App\SaibSVC.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Nexon\Mabinogi\npkcmsvc.exe
C:\Windows\system32\PSIService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\System32\snmp.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\taskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Roxio\BackOnTrack\App\BService.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Opera\20.0.1387.77\opera.exe
C:\Program Files\Opera\20.0.1387.77\opera.exe
C:\Program Files\Opera\20.0.1387.77\opera.exe
C:\Program Files\Opera\20.0.1387.77\opera.exe
C:\Windows\explorer.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Opera\20.0.1387.77\opera.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\System32\svchost.exe -k ipripsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://s17-us2.startpage.com/do/mypage.pl?prfh=sslEEE1N1Nfont_sizeEEEmediumN1Ndisable_open_in_new_windowEEE0N1Nnum_of_resultsEEE10N1N
uSearch Bar = about:blank
uSearch Page = about:blank
mStart Page = about:blank
mSearchAssistant = about:blank
mCustomizeSearch = about:blank
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
mRun: [SpybotSnD] "c:\program files\spybot - search & destroy\SpybotSD.exe" /autocheck /autofix /autoclose /waitstart /waitmore
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [CPMonitor] "c:\program files\roxio\cineplayer\5.0\CPMonitor.exe"
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Open with WordPerfect - c:\program files\wordperfect office x3\programs\WPLauncher.hta
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
TCP: NameServer = 192.168.15.1
TCP: Interfaces\{45B92B1C-5EB6-4F63-910D-235D9D70E117} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{AA1B8839-BB67-4B20-857F-20287593E2F8} : DHCPNameServer = 192.168.15.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.149\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\kim\appdata\roaming\mozilla\firefox\profiles\h6rwaysc.default\
FF - prefs.js: browser.startup.homepage - hxxps://s17-us2.startpage.com/do/mypage.pl?prfh=sslEEE1N1Nfont_sizeEEEmediumN1Ndisable_open_in_new_windowEEE0N1Nnum_of_resultsEEE10N1N
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\0\NP_wtapp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\kim\appdata\local\directv player\npPlayerPlugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [2014-3-13 21488]
R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [2014-3-13 15856]
R1 MpKslfc5582ca;MpKslfc5582ca;c:\programdata\microsoft\microsoft antimalware\definition updates\{549c8f01-fda3-4785-8b84-71c3690f28f0}\MpKslfc5582ca.sys [2014-3-13 39464]
R1 RapportCerberus_59849;RapportCerberus_59849;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\baseline\RapportCerberus32_59849.sys [2013-10-29 340432]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2014-2-10 155704]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2014-2-10 228888]
R1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [2014-3-13 25584]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\roxio\backontrack\app\SaibSVC.exe [2009-6-2 457200]
R2 BOT4Service;BOT4Service;c:\program files\roxio\backontrack\app\BService.exe [2010-8-30 39408]
R2 iprip;RIP Listener;c:\windows\system32\svchost.exe -k ipripsvc [2009-7-13 20992]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2014-3-11 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2014-3-11 701512]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-9-27 104768]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2014-2-10 1444120]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-3-11 22856]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 NTI BackupNowEZSvr;NTI BackupNowEZSvr;c:\program files\nti\nti backup now ez\BackupNowEZSvr.exe [2013-2-5 46072]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\common files\roxio shared\13.0\sharedcom\RoxWatch13.exe [2010-7-16 354288]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dsiarhwprog;dsiarhwprog;c:\windows\system32\drivers\dsiarhwprog.sys [2013-8-22 35256]
S3 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2014-2-10 107256]
S3 RoxMediaDB13;RoxMediaDB13;c:\program files\common files\roxio shared\13.0\sharedcom\RoxMediaDB13.exe [2010-7-16 1099248]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-20 52224]
S3 usbdpfp;Fingerprint Reader Class Driver;c:\windows\system32\drivers\usbdpfp.sys [2006-9-16 47360]
S3 V0500Dev;Dynex 1.3MP Webcam Driver;c:\windows\system32\drivers\V0500Vid.sys [2009-8-10 251264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2014-3-9 1343400]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
SUnknown MpKsl9ea580df;MpKsl9ea580df; [x]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="c:\program files\opera\Launcher.exe" "%1"
.
=============== Created Last 60 ================
.
2014-03-13 22:37:05 39464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{549c8f01-fda3-4785-8b84-71c3690f28f0}\MpKslfc5582ca.sys
2014-03-13 22:34:06 -------- d-----w- c:\users\kim\appdata\roaming\Roxio Burn
2014-03-13 22:21:25 25584 ------w- c:\windows\system32\drivers\SaibVd32.sys
2014-03-13 22:21:24 21488 ------w- c:\windows\system32\drivers\SahdIa32.sys
2014-03-13 22:21:24 15856 ------w- c:\windows\system32\drivers\SaibIa32.sys
2014-03-13 22:07:18 -------- d-----w- c:\program files\common files\Sonic Shared
2014-03-13 21:58:59 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2014-03-13 21:58:58 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2014-03-13 21:58:57 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2014-03-13 21:58:56 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2014-03-13 21:58:54 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2014-03-13 21:58:54 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2014-03-13 21:58:53 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2014-03-13 02:06:27 49940480 ----a-w- c:\program files\GUT6682.tmp
2014-03-13 02:06:27 -------- d-----w- c:\program files\GUM6681.tmp
2014-03-13 01:57:32 -------- d-----w- C:\AdwCleaner
2014-03-13 00:09:34 7947048 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{549c8f01-fda3-4785-8b84-71c3690f28f0}\mpengine.dll
2014-03-12 23:12:07 -------- d-----w- c:\programdata\Uninstall
2014-03-12 23:10:06 -------- d-----w- c:\programdata\eSellerate
2014-03-12 22:51:51 -------- d-----w- c:\users\kim\appdata\roaming\Simple Star
2014-03-12 22:51:35 -------- d-----w- c:\programdata\PhotoShow Shared Assets
2014-03-12 22:51:23 -------- d-----w- c:\program files\Roxio
2014-03-12 22:50:50 -------- d-----w- c:\program files\common files\PX Storage Engine
2014-03-12 22:50:07 -------- d-----w- c:\program files\SmartSound Software
2014-03-12 22:50:02 -------- d-----w- c:\programdata\SmartSound Software Inc
2014-03-12 22:48:09 -------- d-----w- c:\program files\Roxio 2011
2014-03-12 22:44:46 -------- d-----w- c:\windows\system32\directx
2014-03-12 22:37:43 -------- d-----w- c:\users\kim\appdata\roaming\Roxio Log Files
2014-03-12 22:06:39 -------- d-----w- c:\users\kim\appdata\local\Secunia PSI
2014-03-12 22:06:10 -------- d-----w- c:\program files\Secunia
2014-03-12 15:04:49 -------- d-----w- c:\users\kim\appdata\local\CrashDumps
2014-03-11 22:54:35 -------- d-----w- c:\users\kim\appdata\roaming\Malwarebytes
2014-03-11 22:54:14 -------- d-----w- c:\programdata\Malwarebytes
2014-03-11 22:54:11 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-11 22:54:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-03-11 21:55:50 7947048 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-03-11 21:23:07 -------- d-----w- c:\windows\Microsoft Antimalware
2014-03-11 13:32:19 0 ----a-w- c:\windows\system32\RENBEE1.tmp
2014-03-11 13:32:19 0 ----a-w- c:\windows\system32\RENBEE0.tmp
2014-03-11 13:32:19 0 ----a-w- c:\windows\system32\RENBECF.tmp
2014-03-11 13:31:01 0 ----a-w- c:\windows\system32\REN90EE.tmp
2014-03-11 13:31:01 0 ----a-w- c:\windows\system32\REN90DE.tmp
2014-03-11 13:31:01 0 ----a-w- c:\windows\system32\REN90DD.tmp
2014-03-11 13:26:54 0 ----a-w- c:\windows\system32\RENCB5F.tmp
2014-03-11 13:26:54 0 ----a-w- c:\windows\system32\RENCB5E.tmp
2014-03-11 13:26:54 0 ----a-w- c:\windows\system32\RENCB5D.tmp
2014-03-11 13:26:04 0 ----a-w- c:\windows\system32\REN64C.tmp
2014-03-11 13:26:04 0 ----a-w- c:\windows\system32\REN63B.tmp
2014-03-11 13:26:04 0 ----a-w- c:\windows\system32\REN62B.tmp
2014-03-11 13:06:40 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-03-11 09:00:52 164864 ----a-w- c:\program files\windows media player\wmplayer.exe
2014-03-11 09:00:52 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-03-10 04:35:47 -------- d-----w- c:\windows\system32\Wat
2014-03-09 22:53:19 154624 ----a-w- c:\windows\system32\iisRtl.dll
2014-03-09 22:53:18 50688 ----a-w- c:\windows\system32\admwprox.dll
2014-03-09 22:53:18 15360 ----a-w- c:\windows\system32\iisreset.exe
2014-03-09 22:53:17 8192 ----a-w- c:\windows\system32\iisrstap.dll
2014-03-09 22:53:17 26624 ----a-w- c:\windows\system32\ahadmin.dll
2014-03-09 22:53:17 10752 ----a-w- c:\windows\system32\wamregps.dll
2014-03-09 21:25:29 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{656ee378-71a0-4b62-abcd-5672e85b06aa}\gapaengine.dll
2014-03-09 21:10:19 -------- d-----w- c:\windows\system32\BestPractices
2014-03-09 21:10:16 -------- d-----w- C:\inetpub
2014-03-09 21:03:20 -------- d-----w- c:\users\kim\appdata\roaming\HpUpdate
2014-03-09 21:03:13 -------- d-----w- c:\windows\Hewlett-Packard
2014-03-07 20:22:21 -------- d-----w- c:\program files\Roxio Creator 2011
2014-03-07 19:36:10 159232 ----a-w- c:\windows\system32\imagehlp.dll
2014-03-07 19:36:08 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-03-07 19:36:08 1237504 ----a-w- c:\windows\system32\msxml3.dll
2014-03-07 19:36:06 163840 ----a-w- c:\windows\system32\scrrun.dll
2014-03-07 19:36:06 141824 ----a-w- c:\windows\system32\wscript.exe
2014-03-07 19:36:06 121856 ----a-w- c:\windows\system32\wshom.ocx
2014-03-07 19:36:05 126976 ----a-w- c:\windows\system32\cscript.exe
2014-03-07 19:35:49 2048 ----a-w- c:\windows\system32\tzres.dll
2014-03-07 19:35:01 428032 ----a-w- c:\windows\system32\vbscript.dll
2014-03-07 19:34:33 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-03-07 19:34:33 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-03-07 19:34:10 3419136 ----a-w- c:\windows\system32\d2d1.dll
2014-03-07 19:34:10 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-10 17:35:40 107256 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
.
==================== Find6M ====================
.
2014-03-12 06:34:18 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 06:34:18 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-04 02:03:20 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2013-12-04 02:03:20 87040 ----a-w- c:\windows\system32\secproc_ssp.dll
2013-12-04 02:03:20 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2013-12-04 02:03:08 428032 ----a-w- c:\windows\system32\secproc.dll
2013-12-04 02:02:06 390144 ----a-w- c:\windows\system32\msdrm.dll
2013-12-04 01:54:14 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2013-12-04 01:54:10 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe
2013-12-04 01:54:09 572416 ----a-w- c:\windows\system32\RMActivate.exe
2013-12-04 01:54:06 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2013-11-27 01:14:25 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:13:46 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-27 01:13:44 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:13:41 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:13:38 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-27 01:13:36 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:13:33 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-12 02:03:08 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:01:41 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01:25 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57:25 1168384 ----a-w- c:\windows\system32\crypt32.dll
2013-10-04 01:58:50 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- c:\windows\system32\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- c:\windows\system32\authui.dll
2013-10-03 01:58:07 305152 ----a-w- c:\windows\system32\gdi32.dll
2013-09-27 16:53:06 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 16:53:06 104768 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-25 02:01:08 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:01:06 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 01:57:46 99840 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 01:56:02 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 00:49:20 22016 ----a-w- c:\windows\system32\lsass.exe
2013-09-25 00:49:18 15872 ----a-w- c:\windows\system32\sspisrv.dll
.
============= FINISH: 20:04:55.46 ===============
-
Junior Member
Dds attach post
DDS ATTACH POST
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/6/2010 9:50:35 PM
System Uptime: 3/13/2014 4:30:29 PM (4 hours ago)
.
Motherboard: ASUSTek Computer INC. | | NARRA3
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket AM2 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 58.804 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 1.623 GiB free.
E: is CDROM (UDF)
G: is FIXED (NTFS) - 931 GiB total, 199.587 GiB free.
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: sptd
Device ID: ROOT\LEGACY_SPTD\0000
Manufacturer:
Name: sptd
PNP Device ID: ROOT\LEGACY_SPTD\0000
Service: sptd
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl9ea580df
Device ID: ROOT\LEGACY_MPKSL9EA580DF\0000
Manufacturer:
Name: MpKsl9ea580df
PNP Device ID: ROOT\LEGACY_MPKSL9EA580DF\0000
Service: MpKsl9ea580df
.
==== System Restore Points ===================
.
RP749: 3/12/2014 7:40:30 PM - after crash 3_12
RP750: 3/12/2014 8:43:18 PM - Windows Update
RP752: 3/13/2014 3:58:06 PM - Installed DirectX
RP754: 3/13/2014 4:00:37 PM - Installed SmartSound Common Data
RP756: 3/13/2014 4:22:27 PM - Installed SmartSound Quicktracks 5
RP757: 3/13/2014 4:45:29 PM - after roxio install
RP758: 3/13/2014 5:52:58 PM - Windows Modules Installer
.
==== Installed Programs ======================
.
µTorrent
32 Bit HP CIO Components Installer
7-Zip 9.20
Acrobat.com
Action Replay DSi Code Manager
Adobe AIR
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader X (10.1.6)
Adobe Shockwave Player 12.1
Adobe Stock Photos 1.0
AIO_Scan
Any Audio Converter 4.0.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
aTube Catcher
Audacity 2.0.5
Blaze Media Pro
Bonjour
BufferChm
c4200_Help
CCleaner
Coby Media Manager
CyberLink DVD Suite Deluxe
D3DX10
DA DVD Ripper
dBpoweramp Music Converter
dBpowerAMP WMA V9.1 Codec
DC-Bass Source 1.1.1
Defraggler
DIRECTV Player
DotNET35SP1Setup1
Dropbox
Dynex 1.3MP Webcam Driver (1.00.03.0000)
Dynex Webcam User's Guide
Enhanced Multimedia Keyboard Solution
ffdshow [rev 2527] [2008-12-19]
Fishdom
Fishdom 2 Premium Edition
Fishdom H2O - Hidden Odyssey
Free YouTube Download version 3.2.12.827
Google Chrome
Google Update Helper
HandBrake 0.9.9.1
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
HP Active Support Library
HP Customer Feedback
HP Easy Setup - Frontend
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Picasso Media Center Add-In
HP Product Assistant
HP Product Detection
HP Total Care Advisor
HP Update
HPProductAssistant
InFlac 1.1.1
Jasc Paint Shop Pro 8
Java 7 Update 51
Java Auto Updater
LabelPrint
LightScribe System Software
LightScribe Template Designs - Fantasy Pack 1
LightScribe Template Labeler
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Movie Maker
Mozilla Firefox 24.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT Redists
MSVCRT110
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NTI Backup Now EZ
NVIDIA Control Panel 307.83
NVIDIA Drivers
NVIDIA Graphics Driver 307.83
NVIDIA Install Application
OpenOffice.org 2.4
Opera Stable 20.0.1387.77
Photo Common
Photo Gallery
Power2Go
PowerDirector
PVSonyDll
Python 2.5
QuickTime
Rapport
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Reg Tool
Roxio BackOnTrack
Roxio Burn
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2011
Roxio PhotoShow
Roxio Video Capture USB
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
SmartSound Common Data
SmartSound Quicktracks 5
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 8
Spotify
Spybot - Search & Destroy
Spybot - Search & Destroy 1.5.2.20
Super Word Games 10,000
swMSM
Toolbox
UnloadSupport
Vegas Movie Studio HD 11.0
WeatherBug Gadget
Winamp
Windows Driver Package - Datel Design & Development (dsiarhwprog) USBIOControlledDevices (04/21/2009 2.40.0.0)
Windows Driver Package - Datel Design & Development USBIOControlledDevices (04/21/2009 2.40.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
WinRAR archiver
WordPerfect MAIL
WordPerfect Office X3
.
==== Event Viewer Messages From Past Week ========
.
3/9/2014 4:47:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 (KB2913431).
3/9/2014 4:47:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 (KB2847077).
3/9/2014 4:47:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 (KB2574819).
3/9/2014 4:47:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 (KB2912390).
3/9/2014 4:47:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 (KB2862330).
3/9/2014 4:47:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2901112).
3/9/2014 4:47:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2898857).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 (KB971033).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 (KB2919469).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 (KB2913152).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 (KB2904266).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 (KB2891804).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 (KB2830477).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 (KB2916036).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 (KB2913602).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 (KB2909210).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 (KB2893294).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 (KB2892074).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 (KB2887069).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 (KB2862973).
3/9/2014 4:47:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2911501).
3/9/2014 4:34:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {F087771F-D74F-4C1A-BB8A-E16ACA9124EA}
3/9/2014 4:34:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {6D18AD12-BDE3-4393-B311-099C346E6DF9}
3/9/2014 4:34:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
3/9/2014 4:28:27 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
3/9/2014 4:23:26 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
3/9/2014 4:23:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/9/2014 4:23:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/9/2014 4:23:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/9/2014 4:23:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/9/2014 4:20:33 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr sptd Wanarpv6
3/9/2014 4:20:25 PM, Error: Service Control Manager [7001] - The Application Identity service depends on the AppID Driver service which failed to start because of the following error: The dependency service or group failed to start.
3/9/2014 4:20:25 PM, Error: Service Control Manager [7001] - The AppID Driver service depends on the System Attribute Cache service which failed to start because of the following error: A device attached to the system is not functioning.
3/9/2014 3:22:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.167.1426.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10302.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/9/2014 3:22:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.167.1426.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10302.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/9/2014 3:22:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.167.1426.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10302.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/9/2014 3:10:14 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.167.1426.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10302.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/9/2014 3:10:14 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.167.1426.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10302.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/9/2014 3:02:58 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 (KB971033).
3/9/2014 3:02:58 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 (KB2847077).
3/9/2014 3:02:58 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Windows 7 (KB2912390).
3/9/2014 2:56:51 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.167.1426.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10302.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
3/9/2014 2:56:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
3/7/2014 11:41:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/7/2014 11:41:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
3/7/2014 11:41:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
3/7/2014 11:41:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
3/7/2014 11:41:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
3/7/2014 11:41:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
3/7/2014 11:41:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
3/7/2014 11:41:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
3/7/2014 11:41:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
3/7/2014 11:33:44 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
3/7/2014 1:21:23 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/7/2014 1:21:23 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/7/2014 1:21:22 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1511.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/13/2014 5:45:53 PM, Error: Service Control Manager [7034] - The NTI BackupNowEZSvr service terminated unexpectedly. It has done this 1 time(s).
3/13/2014 5:45:32 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/13/2014 4:49:17 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/13/2014 4:34:19 PM, Error: Microsoft-Windows-WMPNSS-Service [14319] - Service 'WMPNetworkSvc' did not start because Group Policy is preventing Windows Media Player from sharing media with other devices.
3/13/2014 4:32:14 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: sptd
3/13/2014 4:32:10 PM, Error: SNMP [1500] - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
3/13/2014 4:32:08 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.
3/13/2014 4:30:31 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
3/13/2014 4:16:26 PM, Error: Service Control Manager [7030] - The Roxio Hard Drive Watcher 12 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
3/13/2014 4:16:25 PM, Error: Service Control Manager [7030] - The RoxMediaDB13 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
3/12/2014 8:58:48 PM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
3/12/2014 8:58:48 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Network Store Interface Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/12/2014 8:58:18 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error The parameter is incorrect..
3/12/2014 8:57:12 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/12/2014 8:57:12 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
3/12/2014 8:57:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
3/12/2014 8:52:55 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/12/2014 8:52:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/12/2014 8:51:43 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: There are no more endpoints available from the endpoint mapper.
3/12/2014 8:51:40 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024882
3/12/2014 8:51:36 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/12/2014 8:51:35 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/12/2014 8:51:35 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the Network Store Interface Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/12/2014 6:04:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2929961).
3/12/2014 6:00:29 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 (KB2918077).
3/12/2014 6:00:29 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2930275).
3/12/2014 5:59:40 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 (KB2929755).
3/12/2014 5:59:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 (KB2929733).
3/12/2014 5:48:47 PM, Error: volmgr [46] - Crash dump initialization failed!
3/12/2014 5:02:17 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
3/12/2014 1:01:49 AM, Error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).
3/12/2014 1:01:39 AM, Error: Service Control Manager [7034] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 3 time(s).
3/11/2014 9:43:07 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
3/11/2014 8:37:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 (KB2913431).
3/11/2014 8:37:52 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 (KB2919469).
3/11/2014 8:37:52 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 (KB2913152).
3/11/2014 8:37:52 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 (KB2904266).
3/11/2014 8:37:52 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 (KB2891804).
3/11/2014 4:14:33 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.167.1528.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10302.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/11/2014 2:50:10 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.167.1528.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10302.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/11/2014 2:37:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.167.1528.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10302.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/11/2014 2:17:35 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.167.1528.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10302.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/11/2014 10:24:37 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/11/2014 10:22:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Windows 7 (KB2916036).
3/11/2014 10:22:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Windows 7 (KB2913602).
3/11/2014 10:22:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Windows 7 (KB2909210).
3/11/2014 10:22:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Windows 7 (KB2893294).
3/11/2014 10:22:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Windows 7 (KB2892074).
3/11/2014 10:22:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Windows 7 (KB2887069).
3/11/2014 10:22:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Windows 7 (KB2862973).
3/11/2014 10:16:43 PM, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
3/11/2014 10:16:09 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
3/10/2014 9:54:33 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Windows 7 (KB2862330).
3/10/2014 7:41:58 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf
3/10/2014 7:41:58 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/10/2014 6:23:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 (KB2893294).
3/10/2014 6:23:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 (KB2862973).
3/10/2014 6:22:53 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 (KB2916036).
3/10/2014 6:22:53 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 (KB2913602).
3/10/2014 6:22:53 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 (KB2909210).
3/10/2014 6:22:53 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 (KB2892074).
3/10/2014 6:22:53 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 (KB2887069).
3/10/2014 6:21:28 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
3/10/2014 6:14:53 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Windows Management Instrumentation service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/10/2014 6:10:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 7 (KB2891804).
3/10/2014 6:10:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 7 (KB2919469).
3/10/2014 6:10:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 7 (KB2913431).
3/10/2014 6:10:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 7 (KB2913152).
3/10/2014 6:10:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 7 (KB2904266).
3/10/2014 6:10:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 7 (KB2847077).
3/10/2014 5:26:08 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Live ID Sign-in Assistant service, but this action failed with the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/10/2014 12:51:44 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2898857).
3/10/2014 12:50:36 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Windows 7 (KB2719033).
3/10/2014 12:50:36 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2911501).
3/10/2014 12:50:36 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2901112).
3/10/2014 11:49:09 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.167.1528.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10302.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/10/2014 11:26:14 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 0.0.0.0;0.0.0.0 Engine version: 0.0.0.0
3/10/2014 11:11:20 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Base Filtering Engine service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/10/2014 11:11:20 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection service depends on the Microsoft Network Inspection System service which failed to start because of the following error: The dependency service or group failed to start.
3/10/2014 11:11:06 PM, Error: Service Control Manager [7001] - The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/10/2014 11:11:06 PM, Error: Service Control Manager [7001] - The Background Intelligent Transfer Service service depends on the COM+ Event System service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.
==== End Of File ===========================
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
