Jump to content

jlunt14

Members
 View Profile  See their activity

  • Posts

    7

  • Joined

  • Last visited

Reputation

0 Neutral
  1. jlunt14

    Thanks, walked me through a solution to my problem step by step, took less than an hour. I spent days looking for a solution before I found him!

  2. jlunt14
    Thanks friend.
  3. jlunt14
    Results of screen317's Security Check version 0.99.79 Windows 7 Service Pack 1 x64 (UAC is enabled) ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Google Chrome 32.0.1700.107 Google Chrome 33.0.1750.117 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
  4. jlunt14
    # AdwCleaner v3.019 - Report created 24/02/2014 at 09:18:15 # Updated 17/02/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Jon - JON-PC # Running from : C:\Users\Jon\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AVG Security Toolbar Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKLM\Software\caphyon Key Deleted : HKLM\Software\InstallCore ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7601.17514 Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] -\\ Google Chrome v33.0.1750.117 [ File : C:\Users\Jon\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [3437 octets] - [24/02/2014 09:17:02] AdwCleaner[s0].txt - [2872 octets] - [24/02/2014 09:18:15] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2932 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.02.24.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Jon :: JON-PC [administrator] 2/24/2014 9:21:17 AM mbam-log-2014-02-24 (09-21-17).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 213534 Time elapsed: 1 minute(s), 31 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) My computer hasn't had any issues so far this morning.
  5. jlunt14
    ComboFix 14-02-24.01 - Jon 02/24/2014 9:08.3.6 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8089.6321 [GMT -5:00] Running from: c:\users\Jon\Desktop\ComboFix.exe Command switches used :: c:\users\Jon\Desktop\CFScript.txt SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . . --------------- FCopy --------------- . c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll --> c:\windows\system32\rpcss.dll . ((((((((((((((((((((((((( Files Created from 2014-01-24 to 2014-02-24 ))))))))))))))))))))))))))))))) . . 2014-02-24 14:10 . 2014-02-24 14:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-02-24 01:02 . 2014-02-24 01:02 -------- d-----w- C:\_OTL 2014-02-22 09:36 . 2014-02-17 06:32 10536864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73D26B13-4963-4366-B416-4EA8280E230A}\mpengine.dll 2014-01-31 15:23 . 2014-01-31 15:23 -------- d-----w- c:\users\Jon\AppData\Roaming\Malwarebytes 2014-01-31 15:22 . 2014-01-31 15:22 -------- d-----w- c:\programdata\Malwarebytes 2014-01-31 15:22 . 2014-01-31 15:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2014-01-31 15:22 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-01-31 15:22 . 2014-01-31 15:22 -------- d-----w- c:\users\Jon\AppData\Local\Programs 2014-01-30 00:59 . 2014-01-30 00:59 -------- d-----w- c:\programdata\AVG Security Toolbar 2014-01-27 06:30 . 2014-01-27 06:30 -------- d-----w- c:\program files\Microsoft Silverlight 2014-01-27 06:30 . 2014-01-27 06:30 -------- d-----w- c:\program files (x86)\Microsoft Silverlight . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-01-16 04:29 . 2014-01-09 20:39 86054176 ----a-w- c:\windows\system32\MRT.exe 2013-12-18 11:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe 2013-12-06 22:08 . 2013-12-06 22:08 157736 ----a-w- c:\windows\system32\amdhcp64.dll 2013-12-06 22:08 . 2013-12-06 22:08 142304 ----a-w- c:\windows\SysWow64\amdhcp32.dll 2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\atimpc64.dll 2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\amdpcom64.dll 2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll 2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll 2013-12-06 22:04 . 2013-12-06 22:04 143304 ----a-w- c:\windows\system32\atiuxp64.dll 2013-12-06 22:03 . 2013-12-06 22:03 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll 2013-12-06 22:03 . 2013-12-06 22:03 115512 ----a-w- c:\windows\system32\atiu9p64.dll 2013-12-06 22:02 . 2013-12-06 22:02 98496 ----a-w- c:\windows\SysWow64\atiu9pag.dll 2013-12-06 22:01 . 2013-12-06 22:01 1318552 ----a-w- c:\windows\system32\aticfx64.dll 2013-12-06 22:01 . 2013-12-06 22:01 1100216 ----a-w- c:\windows\SysWow64\aticfx32.dll 2013-12-06 22:00 . 2013-12-06 22:00 9753752 ----a-w- c:\windows\system32\atidxx64.dll 2013-12-06 21:59 . 2013-12-06 21:59 8406024 ----a-w- c:\windows\SysWow64\atidxx32.dll 2013-12-06 21:59 . 2013-12-06 21:59 8287008 ----a-w- c:\windows\SysWow64\atiumdva.dll 2013-12-06 21:58 . 2013-12-06 21:58 6630232 ----a-w- c:\windows\SysWow64\atiumdag.dll 2013-12-06 21:57 . 2013-12-06 21:57 8927704 ----a-w- c:\windows\system32\atiumd6a.dll 2013-12-06 21:56 . 2013-12-06 21:56 7751920 ----a-w- c:\windows\system32\atiumd64.dll 2013-12-06 21:52 . 2013-12-06 21:52 13207552 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2013-12-06 21:49 . 2013-12-06 21:49 51200 ----a-w- c:\windows\system32\kdbsdk64.dll 2013-12-06 21:44 . 2013-12-06 21:44 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll 2013-12-06 21:38 . 2013-12-06 21:38 230912 ----a-w- c:\windows\system32\clinfo.exe 2013-12-06 21:38 . 2013-12-06 21:38 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe 2013-12-06 21:38 . 2013-12-06 21:38 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe 2013-12-06 21:38 . 2013-12-06 21:38 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe 2013-12-06 21:38 . 2013-12-06 21:38 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe 2013-12-06 21:38 . 2013-12-06 21:38 99840 ----a-w- c:\windows\system32\OpenVideo64.dll 2013-12-06 21:38 . 2013-12-06 21:38 83968 ----a-w- c:\windows\SysWow64\OpenVideo.dll 2013-12-06 21:38 . 2013-12-06 21:38 86528 ----a-w- c:\windows\system32\OVDecode64.dll 2013-12-06 21:38 . 2013-12-06 21:38 73728 ----a-w- c:\windows\SysWow64\OVDecode.dll 2013-12-06 21:37 . 2013-12-06 21:37 29382144 ----a-w- c:\windows\system32\amdocl64.dll 2013-12-06 21:35 . 2013-12-06 21:35 24860160 ----a-w- c:\windows\SysWow64\amdocl.dll 2013-12-06 21:33 . 2013-12-06 21:33 63488 ----a-w- c:\windows\system32\OpenCL.dll 2013-12-06 21:33 . 2013-12-06 21:33 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll 2013-12-06 21:26 . 2013-12-06 21:26 129536 ----a-w- c:\windows\system32\coinst_13.251.dll 2013-12-06 21:16 . 2013-12-06 21:16 26352128 ----a-w- c:\windows\system32\atio6axx.dll 2013-12-06 21:13 . 2013-12-06 21:13 368640 ----a-w- c:\windows\system32\atiapfxx.exe 2013-12-06 21:12 . 2013-12-06 21:12 62464 ----a-w- c:\windows\system32\aticalrt64.dll 2013-12-06 21:12 . 2013-12-06 21:12 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll 2013-12-06 21:12 . 2013-12-06 21:12 55808 ----a-w- c:\windows\system32\aticalcl64.dll 2013-12-06 21:12 . 2013-12-06 21:12 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll 2013-12-06 21:12 . 2013-12-06 21:12 15716352 ----a-w- c:\windows\system32\aticaldd64.dll 2013-12-06 21:09 . 2013-12-06 21:09 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll 2013-12-06 20:58 . 2013-12-06 20:58 22157824 ----a-w- c:\windows\SysWow64\atioglxx.dll 2013-12-06 20:53 . 2013-12-06 20:53 442368 ----a-w- c:\windows\system32\atidemgy.dll 2013-12-06 20:53 . 2013-12-06 20:53 31232 ----a-w- c:\windows\system32\atimuixx.dll 2013-12-06 20:53 . 2013-12-06 20:53 588288 ----a-w- c:\windows\system32\atieclxx.exe 2013-12-06 20:52 . 2013-12-06 20:52 239616 ----a-w- c:\windows\system32\atiesrxx.exe 2013-12-06 20:50 . 2013-12-06 20:50 190976 ----a-w- c:\windows\system32\atitmm64.dll 2013-12-06 20:22 . 2013-12-06 20:22 96256 ----a-w- c:\windows\system32\amdave64.dll 2013-12-06 20:22 . 2013-12-06 20:22 90112 ----a-w- c:\windows\SysWow64\amdave32.dll 2013-12-06 20:22 . 2013-12-06 20:22 1144320 ----a-w- c:\windows\system32\atiadlxx.dll 2013-12-06 20:22 . 2013-12-06 20:22 89088 ----a-w- c:\windows\system32\atisamu64.dll 2013-12-06 20:22 . 2013-12-06 20:22 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll 2013-12-06 20:22 . 2013-12-06 20:22 825344 ----a-w- c:\windows\SysWow64\atiadlxy.dll 2013-12-06 20:22 . 2013-12-06 20:22 74752 ----a-w- c:\windows\system32\atig6pxx.dll 2013-12-06 20:22 . 2013-12-06 20:22 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll 2013-12-06 20:22 . 2013-12-06 20:22 69632 ----a-w- c:\windows\system32\atiglpxx.dll 2013-12-06 20:22 . 2013-12-06 20:22 100352 ----a-w- c:\windows\system32\atig6txx.dll 2013-12-06 20:21 . 2013-12-06 20:21 96768 ----a-w- c:\windows\SysWow64\atigktxx.dll 2013-12-06 20:21 . 2013-12-06 20:21 626176 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2013-12-06 20:18 . 2013-12-06 20:18 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208] "Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-11-18 442712] "KrakenLauncher"="c:\program files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe" [2013-07-25 865624] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x] S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x] S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x] S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\DRIVERS\AE2500w764.sys;c:\windows\SYSNATIVE\DRIVERS\AE2500w764.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x] S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-02-21 22:10 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2014-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 01:35] . 2014-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 01:35] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-08-07 6827664] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2014-02-24 09:11:38 ComboFix-quarantined-files.txt 2014-02-24 14:11 ComboFix2.txt 2014-02-24 13:46 ComboFix3.txt 2014-02-24 01:16 . Pre-Run: 80,299,692,032 bytes free Post-Run: 80,241,737,728 bytes free . - - End Of File - - 4AC5EAB92FC5391647C0BF69FEB23491 A36C5E4F47E84449FF07ED3517B43A31
  6. jlunt14
    ComboFix 14-02-24.01 - Jon 02/24/2014 8:43.2.6 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8089.6390 [GMT -5:00] Running from: c:\users\Jon\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2014-01-24 to 2014-02-24 ))))))))))))))))))))))))))))))) . . 2014-02-24 13:45 . 2014-02-24 13:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-02-24 01:02 . 2014-02-24 01:02 -------- d-----w- C:\_OTL 2014-02-22 09:36 . 2014-02-17 06:32 10536864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73D26B13-4963-4366-B416-4EA8280E230A}\mpengine.dll 2014-01-31 15:23 . 2014-01-31 15:23 -------- d-----w- c:\users\Jon\AppData\Roaming\Malwarebytes 2014-01-31 15:22 . 2014-01-31 15:22 -------- d-----w- c:\programdata\Malwarebytes 2014-01-31 15:22 . 2014-01-31 15:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2014-01-31 15:22 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-01-31 15:22 . 2014-01-31 15:22 -------- d-----w- c:\users\Jon\AppData\Local\Programs 2014-01-30 00:59 . 2014-01-30 00:59 -------- d-----w- c:\programdata\AVG Security Toolbar 2014-01-27 06:30 . 2014-01-27 06:30 -------- d-----w- c:\program files\Microsoft Silverlight 2014-01-27 06:30 . 2014-01-27 06:30 -------- d-----w- c:\program files (x86)\Microsoft Silverlight . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-01-16 04:29 . 2014-01-09 20:39 86054176 ----a-w- c:\windows\system32\MRT.exe 2013-12-18 11:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe 2013-12-06 22:08 . 2013-12-06 22:08 157736 ----a-w- c:\windows\system32\amdhcp64.dll 2013-12-06 22:08 . 2013-12-06 22:08 142304 ----a-w- c:\windows\SysWow64\amdhcp32.dll 2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\atimpc64.dll 2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\amdpcom64.dll 2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll 2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll 2013-12-06 22:04 . 2013-12-06 22:04 143304 ----a-w- c:\windows\system32\atiuxp64.dll 2013-12-06 22:03 . 2013-12-06 22:03 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll 2013-12-06 22:03 . 2013-12-06 22:03 115512 ----a-w- c:\windows\system32\atiu9p64.dll 2013-12-06 22:02 . 2013-12-06 22:02 98496 ----a-w- c:\windows\SysWow64\atiu9pag.dll 2013-12-06 22:01 . 2013-12-06 22:01 1318552 ----a-w- c:\windows\system32\aticfx64.dll 2013-12-06 22:01 . 2013-12-06 22:01 1100216 ----a-w- c:\windows\SysWow64\aticfx32.dll 2013-12-06 22:00 . 2013-12-06 22:00 9753752 ----a-w- c:\windows\system32\atidxx64.dll 2013-12-06 21:59 . 2013-12-06 21:59 8406024 ----a-w- c:\windows\SysWow64\atidxx32.dll 2013-12-06 21:59 . 2013-12-06 21:59 8287008 ----a-w- c:\windows\SysWow64\atiumdva.dll 2013-12-06 21:58 . 2013-12-06 21:58 6630232 ----a-w- c:\windows\SysWow64\atiumdag.dll 2013-12-06 21:57 . 2013-12-06 21:57 8927704 ----a-w- c:\windows\system32\atiumd6a.dll 2013-12-06 21:56 . 2013-12-06 21:56 7751920 ----a-w- c:\windows\system32\atiumd64.dll 2013-12-06 21:52 . 2013-12-06 21:52 13207552 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2013-12-06 21:49 . 2013-12-06 21:49 51200 ----a-w- c:\windows\system32\kdbsdk64.dll 2013-12-06 21:44 . 2013-12-06 21:44 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll 2013-12-06 21:38 . 2013-12-06 21:38 230912 ----a-w- c:\windows\system32\clinfo.exe 2013-12-06 21:38 . 2013-12-06 21:38 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe 2013-12-06 21:38 . 2013-12-06 21:38 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe 2013-12-06 21:38 . 2013-12-06 21:38 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe 2013-12-06 21:38 . 2013-12-06 21:38 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe 2013-12-06 21:38 . 2013-12-06 21:38 99840 ----a-w- c:\windows\system32\OpenVideo64.dll 2013-12-06 21:38 . 2013-12-06 21:38 83968 ----a-w- c:\windows\SysWow64\OpenVideo.dll 2013-12-06 21:38 . 2013-12-06 21:38 86528 ----a-w- c:\windows\system32\OVDecode64.dll 2013-12-06 21:38 . 2013-12-06 21:38 73728 ----a-w- c:\windows\SysWow64\OVDecode.dll 2013-12-06 21:37 . 2013-12-06 21:37 29382144 ----a-w- c:\windows\system32\amdocl64.dll 2013-12-06 21:35 . 2013-12-06 21:35 24860160 ----a-w- c:\windows\SysWow64\amdocl.dll 2013-12-06 21:33 . 2013-12-06 21:33 63488 ----a-w- c:\windows\system32\OpenCL.dll 2013-12-06 21:33 . 2013-12-06 21:33 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll 2013-12-06 21:26 . 2013-12-06 21:26 129536 ----a-w- c:\windows\system32\coinst_13.251.dll 2013-12-06 21:16 . 2013-12-06 21:16 26352128 ----a-w- c:\windows\system32\atio6axx.dll 2013-12-06 21:13 . 2013-12-06 21:13 368640 ----a-w- c:\windows\system32\atiapfxx.exe 2013-12-06 21:12 . 2013-12-06 21:12 62464 ----a-w- c:\windows\system32\aticalrt64.dll 2013-12-06 21:12 . 2013-12-06 21:12 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll 2013-12-06 21:12 . 2013-12-06 21:12 55808 ----a-w- c:\windows\system32\aticalcl64.dll 2013-12-06 21:12 . 2013-12-06 21:12 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll 2013-12-06 21:12 . 2013-12-06 21:12 15716352 ----a-w- c:\windows\system32\aticaldd64.dll 2013-12-06 21:09 . 2013-12-06 21:09 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll 2013-12-06 20:58 . 2013-12-06 20:58 22157824 ----a-w- c:\windows\SysWow64\atioglxx.dll 2013-12-06 20:53 . 2013-12-06 20:53 442368 ----a-w- c:\windows\system32\atidemgy.dll 2013-12-06 20:53 . 2013-12-06 20:53 31232 ----a-w- c:\windows\system32\atimuixx.dll 2013-12-06 20:53 . 2013-12-06 20:53 588288 ----a-w- c:\windows\system32\atieclxx.exe 2013-12-06 20:52 . 2013-12-06 20:52 239616 ----a-w- c:\windows\system32\atiesrxx.exe 2013-12-06 20:50 . 2013-12-06 20:50 190976 ----a-w- c:\windows\system32\atitmm64.dll 2013-12-06 20:22 . 2013-12-06 20:22 96256 ----a-w- c:\windows\system32\amdave64.dll 2013-12-06 20:22 . 2013-12-06 20:22 90112 ----a-w- c:\windows\SysWow64\amdave32.dll 2013-12-06 20:22 . 2013-12-06 20:22 1144320 ----a-w- c:\windows\system32\atiadlxx.dll 2013-12-06 20:22 . 2013-12-06 20:22 89088 ----a-w- c:\windows\system32\atisamu64.dll 2013-12-06 20:22 . 2013-12-06 20:22 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll 2013-12-06 20:22 . 2013-12-06 20:22 825344 ----a-w- c:\windows\SysWow64\atiadlxy.dll 2013-12-06 20:22 . 2013-12-06 20:22 74752 ----a-w- c:\windows\system32\atig6pxx.dll 2013-12-06 20:22 . 2013-12-06 20:22 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll 2013-12-06 20:22 . 2013-12-06 20:22 69632 ----a-w- c:\windows\system32\atiglpxx.dll 2013-12-06 20:22 . 2013-12-06 20:22 100352 ----a-w- c:\windows\system32\atig6txx.dll 2013-12-06 20:21 . 2013-12-06 20:21 96768 ----a-w- c:\windows\SysWow64\atigktxx.dll 2013-12-06 20:21 . 2013-12-06 20:21 626176 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2013-12-06 20:18 . 2013-12-06 20:18 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2010-11-21 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll [-] 2010-11-21 . 8835403CED6F590B3150C8F551624A38 . 512512 . . [6.1.7601.17514] .. c:\windows\system32\rpcss.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208] "Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-11-18 442712] "KrakenLauncher"="c:\program files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe" [2013-07-25 865624] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x] S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x] S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x] S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\DRIVERS\AE2500w764.sys;c:\windows\SYSNATIVE\DRIVERS\AE2500w764.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x] S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-02-21 22:10 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2014-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 01:35] . 2014-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 01:35] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-08-07 6827664] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2014-02-24 08:46:20 ComboFix-quarantined-files.txt 2014-02-24 13:46 ComboFix2.txt 2014-02-24 01:16 . Pre-Run: 80,106,979,328 bytes free Post-Run: 80,246,394,880 bytes free . - - End Of File - - 6546E9B3677EE048EF35946BB2D68A06 A36C5E4F47E84449FF07ED3517B43A31
  7. jlunt14
    Malwarebytes results: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.02.24.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Jon :: JON-PC [administrator] 2/24/2014 8:18:46 AM mbam-log-2014-02-24 (08-18-46).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 213394 Time elapsed: 1 minute(s), 30 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 Run by Jon at 8:22:52 on 2014-02-24 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8089.6175 [GMT -5:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\atieclxx.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Windows\DAODx.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\notepad.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" mRun: [KrakenLauncher] C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe /start uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: NameServer = 192.168.1.1 TCP: Interfaces\{58614640-E129-4D9C-9C16-35F14D9A8959} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{58614640-E129-4D9C-9C16-35F14D9A8959}\34963736F61303136373D27657563747 : DHCPNameServer = 192.168.3.1 TCP: Interfaces\{B8441E82-C514-4F98-8863-84A08C7C1125} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2014-1-8 82560] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2014-1-8 42624] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-6 344064] R2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2013-9-19 59648] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-31 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-31 701512] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208] R3 Linksys_adapter_H;Linksys Adapter Network Driver;C:\Windows\System32\drivers\AE2500w764.sys [2014-1-8 1254464] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-31 25928] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-8 726160] R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2013-11-15 39080] R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2013-11-15 149160] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2014-1-8 58536] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-8 1255736] . =============== Created Last 30 ================ . 2014-02-24 01:20:42 -------- d-sh--w- C:\$RECYCLE.BIN 2014-02-24 01:12:29 98816 ----a-w- C:\Windows\sed.exe 2014-02-24 01:12:29 256000 ----a-w- C:\Windows\PEV.exe 2014-02-24 01:12:29 208896 ----a-w- C:\Windows\MBR.exe 2014-02-24 01:02:32 -------- d-----w- C:\_OTL 2014-02-22 09:36:51 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2014-02-22 09:36:50 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73D26B13-4963-4366-B416-4EA8280E230A}\mpengine.dll 2014-01-31 15:23:08 -------- d-----w- C:\Users\Jon\AppData\Roaming\Malwarebytes 2014-01-31 15:22:59 -------- d-----w- C:\ProgramData\Malwarebytes 2014-01-31 15:22:58 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-01-31 15:22:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-31 15:22:48 -------- d-----w- C:\Users\Jon\AppData\Local\Programs 2014-01-30 00:59:40 -------- d-----w- C:\ProgramData\AVG Security Toolbar . ==================== Find3M ==================== . 2014-01-09 02:17:47 0 ----a-w- C:\Windows\ativpsrm.bin 2013-12-18 11:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe 2013-12-06 22:08:46 157736 ----a-w- C:\Windows\System32\amdhcp64.dll 2013-12-06 22:08:22 142304 ----a-w- C:\Windows\SysWow64\amdhcp32.dll 2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\atimpc64.dll 2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\amdpcom64.dll 2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2013-12-06 22:04:10 143304 ----a-w- C:\Windows\System32\atiuxp64.dll 2013-12-06 22:03:46 126336 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2013-12-06 22:03:00 115512 ----a-w- C:\Windows\System32\atiu9p64.dll 2013-12-06 22:02:38 98496 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2013-12-06 22:01:52 1318552 ----a-w- C:\Windows\System32\aticfx64.dll 2013-12-06 22:01:04 1100216 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2013-12-06 22:00:16 9753752 ----a-w- C:\Windows\System32\atidxx64.dll 2013-12-06 21:59:50 8406024 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2013-12-06 21:59:00 8287008 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2013-12-06 21:58:10 6630232 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2013-12-06 21:57:20 8927704 ----a-w- C:\Windows\System32\atiumd6a.dll 2013-12-06 21:56:54 7751920 ----a-w- C:\Windows\System32\atiumd64.dll 2013-12-06 21:52:14 13207552 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2013-12-06 21:49:18 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll 2013-12-06 21:44:26 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll 2013-12-06 21:38:52 230912 ----a-w- C:\Windows\System32\clinfo.exe 2013-12-06 21:38:40 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe 2013-12-06 21:38:40 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe 2013-12-06 21:38:38 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe 2013-12-06 21:38:38 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe 2013-12-06 21:38:34 99840 ----a-w- C:\Windows\System32\OpenVideo64.dll 2013-12-06 21:38:28 83968 ----a-w- C:\Windows\SysWow64\OpenVideo.dll 2013-12-06 21:38:22 86528 ----a-w- C:\Windows\System32\OVDecode64.dll 2013-12-06 21:38:18 73728 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2013-12-06 21:37:58 29382144 ----a-w- C:\Windows\System32\amdocl64.dll 2013-12-06 21:35:36 24860160 ----a-w- C:\Windows\SysWow64\amdocl.dll 2013-12-06 21:33:28 63488 ----a-w- C:\Windows\System32\OpenCL.dll 2013-12-06 21:33:24 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2013-12-06 21:26:44 129536 ----a-w- C:\Windows\System32\coinst_13.251.dll 2013-12-06 21:16:40 26352128 ----a-w- C:\Windows\System32\atio6axx.dll 2013-12-06 21:13:02 368640 ----a-w- C:\Windows\System32\atiapfxx.exe 2013-12-06 21:12:52 62464 ----a-w- C:\Windows\System32\aticalrt64.dll 2013-12-06 21:12:50 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2013-12-06 21:12:42 55808 ----a-w- C:\Windows\System32\aticalcl64.dll 2013-12-06 21:12:40 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2013-12-06 21:12:26 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll 2013-12-06 21:09:18 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2013-12-06 20:58:50 22157824 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2013-12-06 20:53:18 442368 ----a-w- C:\Windows\System32\atidemgy.dll 2013-12-06 20:53:10 31232 ----a-w- C:\Windows\System32\atimuixx.dll 2013-12-06 20:53:04 588288 ----a-w- C:\Windows\System32\atieclxx.exe 2013-12-06 20:52:10 239616 ----a-w- C:\Windows\System32\atiesrxx.exe 2013-12-06 20:50:36 190976 ----a-w- C:\Windows\System32\atitmm64.dll 2013-12-06 20:22:54 96256 ----a-w- C:\Windows\System32\amdave64.dll 2013-12-06 20:22:48 90112 ----a-w- C:\Windows\SysWow64\amdave32.dll 2013-12-06 20:22:42 1144320 ----a-w- C:\Windows\System32\atiadlxx.dll 2013-12-06 20:22:38 89088 ----a-w- C:\Windows\System32\atisamu64.dll 2013-12-06 20:22:34 80896 ----a-w- C:\Windows\SysWow64\atisamu32.dll 2013-12-06 20:22:28 825344 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2013-12-06 20:22:12 74752 ----a-w- C:\Windows\System32\atig6pxx.dll 2013-12-06 20:22:08 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2013-12-06 20:22:08 69632 ----a-w- C:\Windows\System32\atiglpxx.dll 2013-12-06 20:22:04 100352 ----a-w- C:\Windows\System32\atig6txx.dll 2013-12-06 20:21:54 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2013-12-06 20:21:44 626176 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2013-12-06 20:18:12 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll . ============= FINISH: 8:23:01.14 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 1/8/2014 7:51:01 PM System Uptime: 2/24/2014 8:15:45 AM (0 hours ago) . Motherboard: ASUSTeK COMPUTER INC. | | M5A97 R2.0 Processor: AMD FX-6300 Six-Core Processor | Socket 942 | 3500/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 112 GiB total, 74.597 GiB free. D: is FIXED (NTFS) - 932 GiB total, 850.282 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP43: 2/9/2014 7:00:06 PM - Windows Backup RP44: 2/16/2014 7:00:06 PM - Windows Backup RP53: 2/21/2014 8:13:06 PM - Windows Modules Installer RP54: 2/21/2014 8:15:15 PM - Windows Modules Installer RP96: 2/23/2014 1:15:41 AM - Windows Update RP97: 2/23/2014 7:00:05 PM - Windows Backup RP98: 2/23/2014 7:54:35 PM - OTL Restore Point - 2/23/2014 7:54:34 PM . ==== Installed Programs ====================== . AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD Wireless Display v3.0 Asmedia ASM104x USB 3.0 Host Controller Driver Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Google Chrome Google Update Helper League of Legends Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4.5 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Pando Media Booster PlanetSide 2 Razer Synapse 2.0 Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4.5 (KB2737083) Security Update for Microsoft .NET Framework 4.5 (KB2742613) Security Update for Microsoft .NET Framework 4.5 (KB2789648) Security Update for Microsoft .NET Framework 4.5 (KB2833957) Security Update for Microsoft .NET Framework 4.5 (KB2840642v2) Security Update for Microsoft .NET Framework 4.5 (KB2861208) Security Update for Microsoft .NET Framework 4.5 (KB2898864) Skype™ 6.11 Soldier Front 2 Steam Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables . ==== Event Viewer Messages From Past Week ======== . 2/24/2014 8:15:53 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom 2/24/2014 12:32:02 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Plug and Play service, but this action failed with the following error: A system shutdown has already been scheduled. 2/24/2014 12:32:02 AM, Error: Service Control Manager [7031] - The Plug and Play service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine. 2/24/2014 12:32:02 AM, Error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine. 2/24/2014 12:30:58 AM, Error: Service Control Manager [7023] - The Power service terminated with the following error: The WMI request could not be completed and should be retried. 2/24/2014 12:29:25 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Power service, but this action failed with the following error: A system shutdown has already been scheduled. 2/24/2014 12:29:25 AM, Error: Service Control Manager [7031] - The Power service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine. 2/23/2014 8:48:30 PM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243 2/23/2014 8:48:29 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147467243. 2/23/2014 8:48:29 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80004015. 2/23/2014 8:48:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect. 2/23/2014 8:48:28 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/23/2014 8:15:39 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 2/23/2014 8:15:23 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 2/23/2014 8:02:32 PM, Error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s). 2/23/2014 12:51:30 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 2/23/2014 12:51:30 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/23/2014 12:51:29 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect. 2/23/2014 12:51:29 AM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/23/2014 11:53:15 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the DCOM Server Process Launcher service, but this action failed with the following error: A system shutdown has already been scheduled. 2/23/2014 1:16:28 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070216: Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2900986). 2/22/2014 9:51:01 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 2/22/2014 9:37:44 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2757638). 2/22/2014 9:37:43 AM, Error: volsnap [67] - The shadow copy of volume C: being created failed to install. 2/22/2014 9:17:40 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2862335). 2/22/2014 8:57:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2509553). 2/22/2014 8:37:34 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2758857). 2/22/2014 8:17:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2770660). 2/22/2014 7:57:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2845187). 2/22/2014 7:37:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070216: Security Update for Windows 7 for x64-based Systems (KB2862973). 2/22/2014 7:17:20 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2785220). 2/22/2014 6:57:16 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2604115). 2/22/2014 6:37:12 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2536275). 2/22/2014 6:17:09 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2861855). 2/22/2014 5:57:06 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2579686). 2/22/2014 5:37:02 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2685939). 2/22/2014 5:16:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2729452). 2/22/2014 4:56:55 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2742599). 2/22/2014 4:36:46 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2690533). 2/22/2014 4:16:42 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2743555). 2/22/2014 3:56:39 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240). 2/22/2014 3:36:36 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2706045). 2/22/2014 3:16:33 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2727528). 2/22/2014 2:56:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Update for Windows 7 for x64-based Systems (KB2506014). 2/22/2014 2:36:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Update for Windows 7 for x64-based Systems (KB2868116). 2/22/2014 2:16:22 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698). 2/22/2014 12:56:09 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2532531). 2/22/2014 12:36:06 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2835364). 2/22/2014 12:16:03 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070216: Security Update for Windows 7 for x64-based Systems (KB2653956). 2/22/2014 10:28:06 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The pipe has been ended. 2/22/2014 1:56:19 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2839894). 2/22/2014 1:36:16 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2876331). 2/22/2014 1:16:13 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Update for Windows 7 for x64-based Systems (KB2786081). 2/21/2014 9:55:40 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2813430). 2/21/2014 9:35:36 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2855844). 2/21/2014 9:15:33 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2892074). 2/21/2014 8:55:29 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2712808). 2/21/2014 8:35:26 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2511455). 2/21/2014 8:15:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2564958). 2/21/2014 8:15:15 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2619339). 2/21/2014 8:11:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2876284). 2/21/2014 7:51:43 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2832414). 2/21/2014 7:31:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2834886). 2/21/2014 7:11:36 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2698365). 2/21/2014 6:51:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2736422). 2/21/2014 6:31:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2862152). 2/21/2014 6:11:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2584146). 2/21/2014 11:56:00 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191). 2/21/2014 11:35:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2868623). 2/21/2014 11:15:53 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2705219). 2/21/2014 10:55:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2491683). 2/21/2014 10:35:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2544893). 2/21/2014 10:15:43 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB2654428). . ==== End Of File =========================== RogueKiller V8.8.9 _x64_ [Feb 24 2014] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Jon [Admin rights] Mode : Scan -- Date : 02/24/2014 08:28:38 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] DAODx.exe -- C:\Windows\DAODx.exe [-] -> KILLED [TermProc] ¤¤¤ Registry Entries : 4 ¤¤¤ [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 1 ¤¤¤ [V2][sUSP PATH] RunDAOD : C:\Windows\DAODx.exe [-] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ [Root.Zekos][File] rpcss.dll : C:\Windows\System32\rpcss.dll [-] --> FOUND ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : Root.Zekos ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) KINGSTON SV300S37A120G SATA Disk Device +++++ --- User --- [MBR] 101e0e3ad15f176c8864e9e44fa6fe78 [bSP] 1a1d727b8a796a38cde720e73ba6ed22 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114371 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD10 EZEX-00BN5A0 SATA Disk Device +++++ --- User --- [MBR] 9cb1bced71435c7adcfa9f6c7ce45a2c [bSP] e56c48ed33e35c88510777fd9a8207b4 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_02242014_082838.txt >>
  8. jlunt14
    Hey, my computer keeps randomly restarting after a pop-up that says "Windows must now restart because of a DCOM server failure" or "Windows must now restart because Plug and Play has failed unexpectedly" ect. I've seen solutions to this on a couple sites and I tried one but it seems they're all personalized, including the one on this site. So if anyone could help me out, I'd greatly appreciate it.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.