Jump to content

superman101189

Honorary Members
  • Posts

    40
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Results of screen317's Security Check version 0.99.82 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials (On Access scanning disabled!) Error obtaining update status for antivirus! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 17 Java version out of Date! Adobe Flash Player 13.0.0.206 Adobe Reader 9 Adobe Reader XI ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  2. C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentControl2\tbuTor.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\uTorrentControl2\tbuTor.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\uTorrentControl2\tbuTor.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application C:\Users\Owner\AppData\LocalLow\uTorrentControl2\tbuTor.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application
  3. I do apologize it has taken me so long to reply. I will post the log very soon.
  4. Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0 Cached Online Validation Code: 0x0 Windows Product Key: *****-*****-QCPVQ-KHRB8-RMV82 Windows Product Key Hash: +Rj3N34NLM2JqoBO/OzgzTZXgbY= Windows Product ID: 00359-OEM-8992687-00095 Windows Product ID Type: 2 Windows License Type: OEM SLP Windows OS version: 6.1.7601.2.00010300.1.0.003 ID: {80A105AA-63BA-41A7-A696-8B83E44C1F48}(1) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Home Premium Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.130828-1532 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files\Internet Explorer\iexplore.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> Other data--> Office Details: <GenuineResults><MachineData><UGUID>{80A105AA-63BA-41A7-A696-8B83E44C1F48}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-RMV82</PKey><PID>00359-OEM-8992687-00095</PID><PIDType>2</PIDType><SID>S-1-5-21-2760510842-1826996787-2274628961</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>XPS 8300 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A03</Version><SMBIOSVersion major="2" minor="6"/><Date>20110215000000.000000+000</Date></BIOS><HWID>CD283207018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>FX09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Software licensing service version: 6.1.7601.17514 Name: Windows® 7, HomePremium edition Description: Windows Operating System - Windows® 7, OEM_SLP channel Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64 Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f Extended PID: 00359-00178-926-800095-02-1033-7600.0000-0902011 Installation ID: 018591663503038070783315871746100023520906548551959573 Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338 Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339 Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341 Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340 Partial Product Key: RMV82 License Status: Licensed Remaining Windows rearm count: 4 Trusted time: 4/29/2014 5:48:37 AM Windows Activation Technologies--> HrOffline: 0x00000000 HrOnline: 0x00000000 HealthStatus: 0x0000000000000000 Event Time Stamp: 4:24:2014 10:36 ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: HWID Data--> HWID Hash Current: NAAAAAMAAQABAAEAAQACAAAAAgABAAEAonbgXfDpdxbN7FAE5Lm0KQMgui7Wyoh2xKkucw== OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x20001 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC DELL FX09 FACP DELL FX09 HPET DELL FX09 MCFG DELL FX09 SSDT AMICPU PROC SLIC DELL FX09 OSFR DELL FX09
  5. My system is definitely legitimate. I quarantined file and removed it. I did another full scan and no threats were identified.
  6. I was reactivating my security software after running comboFix, and decided to do a Full scan with Microsoft Security Essentials. After the scan was over, the antivirus detected a potential threat. The detected item reads as follows: HackTool:Win32/Wpakill.B Alert level: Medium Status: Active I am being asked to select an action of either remove, quarantine, or allow. Do you think this is the reason as to why my webroot was also displaying a threat. And what should I do now?
  7. Everything has been running smooth since I disabled webroot. All updates are up to date and windows defender is up and running. I guess next step is to clean everything up.
  8. SystemLook 30.07.11 by jpshortstuff Log created at 22:28 on 27/04/2014 by Owner Administrator - Elevation successful ========== filefind ========== Searching for "svchost.exe" C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe --a---- 742200 bytes [06:02 21/04/2014] [13:49 03/04/2014] 96820649733BFB2B0499C371904B7B40 C:\Windows\erdnt\cache64\svchost.exe --a---- 27136 bytes [00:16 28/04/2014] [01:39 14/07/2009] C78655BC80301D76ED4FEF1C1EA40A7D C:\Windows\erdnt\cache86\svchost.exe --a---- 20992 bytes [00:16 28/04/2014] [06:35 21/04/2014] 54A47F6B5E09A77E61649109C6A08866 C:\Windows\System32\svchost.exe ------- 27136 bytes [23:31 13/07/2009] [01:39 14/07/2009] C78655BC80301D76ED4FEF1C1EA40A7D C:\Windows\SysWOW64\svchost.exe --a---- 20992 bytes [23:19 13/07/2009] [06:35 21/04/2014] 54A47F6B5E09A77E61649109C6A08866 C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe --a---- 20992 bytes [23:19 13/07/2009] [06:35 21/04/2014] 54A47F6B5E09A77E61649109C6A08866 -= EOF =-
  9. ComboFix 14-04-26.01 - Owner 04/27/2014 20:11:20.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6126.4068 [GMT -4:00] Running from: c:\users\Owner\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} AV: Webroot SecureAnywhere *Disabled/Updated* {66A6FE14-08CB-F415-3742-517201416109} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Webroot SecureAnywhere *Disabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\PCDr\6426\AddOnDownloaded\0bb0beb6-da93-477d-980d-15bb6e2df09c.dll c:\programdata\PCDr\6426\AddOnDownloaded\59be3af2-87f2-4d3a-b380-7509f3d47c40.dll c:\programdata\PCDr\6426\AddOnDownloaded\8745715d-dc8a-4b32-b6a6-89cd3d0cc3c5.dll c:\programdata\PCDr\6426\AddOnDownloaded\bc1b45ef-7c18-4b8a-95cd-f77c43d4f7df.dll c:\programdata\PCDr\6426\AddOnDownloaded\d48ca7e0-0e31-445b-a98c-56b7318daa06.dll c:\programdata\PCDr\6426\AddOnDownloaded\e0db530c-27fc-4e55-af38-073796a09e9d.dll . . ((((((((((((((((((((((((( Files Created from 2014-03-28 to 2014-04-28 ))))))))))))))))))))))))))))))) . . 2014-04-28 00:15 . 2014-04-28 00:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2014-04-28 00:15 . 2014-04-28 00:15 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-04-27 22:26 . 2014-04-27 22:26 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A03ED823-8E6E-412B-A972-6D053C45686A}\offreg.dll 2014-04-27 22:26 . 2014-04-27 22:26 45352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A03ED823-8E6E-412B-A972-6D053C45686A}\MpKslee36e801.sys 2014-04-27 22:21 . 2014-04-27 22:20 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BDE35596-0E66-428A-A579-B5266248393A}\gapaengine.dll 2014-04-27 22:20 . 2014-04-16 07:22 10651704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A03ED823-8E6E-412B-A972-6D053C45686A}\mpengine.dll 2014-04-27 22:19 . 2014-04-27 22:19 -------- d-----w- c:\program files (x86)\Microsoft Security Client 2014-04-27 22:19 . 2014-04-27 22:19 -------- d-----w- c:\program files\Microsoft Security Client 2014-04-27 21:59 . 2014-04-27 22:03 -------- d-----w- c:\windows\system32\catroot2 2014-04-26 09:50 . 2014-04-26 09:50 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{06110B58-8A3F-40DA-98E5-089FDDBBA624}\offreg.dll 2014-04-26 09:48 . 2014-04-17 09:31 10651704 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{06110B58-8A3F-40DA-98E5-089FDDBBA624}\mpengine.dll 2014-04-25 08:09 . 2014-04-25 08:09 -------- d-s---w- c:\windows\system32\CompatTel 2014-04-25 08:09 . 2014-04-14 02:24 465408 ----a-w- c:\windows\system32\aepdu.dll 2014-04-25 08:09 . 2014-04-14 02:19 424448 ----a-w- c:\windows\system32\aeinv.dll 2014-04-25 06:02 . 2014-04-25 06:02 -------- d-----w- c:\program files (x86)\Tweaking.com 2014-04-23 08:10 . 2014-04-27 21:53 -------- d-----w- c:\windows\SysWow64\wbem\Performance 2014-04-23 07:59 . 2014-04-27 21:58 181064 ----a-w- c:\windows\PSEXESVC.EXE 2014-04-21 06:02 . 2014-04-27 20:55 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-04-21 06:02 . 2014-04-21 18:01 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-04-21 06:02 . 2014-04-21 06:02 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2014-04-21 06:02 . 2014-04-03 13:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-04-21 06:02 . 2014-04-03 13:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-04-18 11:21 . 2014-04-21 06:13 -------- d-----w- C:\FRST 2014-04-17 20:41 . 2014-04-21 07:02 -------- d-----w- C:\AdwCleaner 2014-04-17 19:46 . 2014-04-21 18:13 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2014-04-17 08:08 . 2014-04-21 06:02 -------- d-----w- c:\programdata\Malwarebytes 2014-04-12 20:17 . 2014-04-12 20:17 -------- d-sh--w- c:\users\Owner\AppData\Local\EmieUserList 2014-04-12 20:17 . 2014-04-12 20:17 -------- d-sh--w- c:\users\Owner\AppData\Local\EmieSiteList 2014-04-12 07:00 . 2014-03-06 07:59 255488 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub.ScriptedSandboxPlugin.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-04-21 06:35 . 2009-07-13 23:19 20992 ----a-w- c:\windows\SysWow64\svchost.exe 2014-04-13 16:03 . 2012-02-10 08:51 154248 ----a-w- c:\windows\SysWow64\WRusr.dll 2014-04-13 16:03 . 2012-02-10 08:51 105320 ----a-w- c:\windows\system32\WRusr.dll 2014-04-13 16:03 . 2012-02-10 08:51 115680 ----a-w- c:\windows\system32\drivers\WRkrn.sys 2014-04-09 07:01 . 2011-04-19 21:48 90655440 ----a-w- c:\windows\system32\MRT.exe 2014-03-24 19:15 . 2013-11-22 06:57 291944 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2014-03-24 19:15 . 2013-10-09 06:55 291944 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2014-03-21 00:24 . 2013-10-09 06:55 291944 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2014-03-12 11:49 . 2012-08-09 01:46 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-03-12 11:49 . 2011-05-26 00:47 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-03-12 11:49 . 2014-03-12 11:49 5777288 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2014-03-11 13:52 . 2014-03-11 13:52 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2014-03-05 08:57 . 2012-10-17 03:39 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2014-03-05 08:57 . 2012-10-17 03:38 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2014-03-05 08:57 . 2012-10-17 03:38 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2014-03-04 09:17 . 2014-04-09 02:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2014-03-01 05:16 . 2014-03-12 04:36 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll 2014-03-01 04:58 . 2014-03-12 04:36 2765824 ----a-w- c:\windows\system32\iertutil.dll 2014-03-01 04:52 . 2014-03-12 04:36 66048 ----a-w- c:\windows\system32\iesetup.dll 2014-03-01 04:51 . 2014-03-12 04:36 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll 2014-03-01 04:42 . 2014-03-12 04:36 53760 ----a-w- c:\windows\system32\jsproxy.dll 2014-03-01 04:40 . 2014-03-12 04:36 33792 ----a-w- c:\windows\system32\iernonce.dll 2014-03-01 04:37 . 2014-03-12 04:36 574976 ----a-w- c:\windows\system32\ieui.dll 2014-03-01 04:33 . 2014-03-12 04:36 139264 ----a-w- c:\windows\system32\ieUnatt.exe 2014-03-01 04:33 . 2014-03-12 04:36 111616 ----a-w- c:\windows\system32\ieetwcollector.exe 2014-03-01 04:32 . 2014-03-12 04:36 708608 ----a-w- c:\windows\system32\jscript9diag.dll 2014-03-01 04:23 . 2014-03-12 04:36 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2014-03-01 04:17 . 2014-03-12 04:36 218624 ----a-w- c:\windows\system32\ie4uinit.exe 2014-03-01 04:02 . 2014-03-12 04:36 195584 ----a-w- c:\windows\system32\msrating.dll 2014-03-01 03:54 . 2014-03-12 04:36 5768704 ----a-w- c:\windows\system32\jscript9.dll 2014-03-01 03:52 . 2014-03-12 04:36 61952 ----a-w- c:\windows\SysWow64\iesetup.dll 2014-03-01 03:51 . 2014-03-12 04:36 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll 2014-03-01 03:42 . 2014-03-12 04:36 627200 ----a-w- c:\windows\system32\msfeeds.dll 2014-03-01 03:38 . 2014-03-12 04:36 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2014-03-01 03:37 . 2014-03-12 04:36 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll 2014-03-01 03:35 . 2014-03-12 04:36 2041856 ----a-w- c:\windows\system32\inetcpl.cpl 2014-03-01 03:18 . 2014-03-12 04:36 13051904 ----a-w- c:\windows\system32\ieframe.dll 2014-03-01 03:14 . 2014-03-12 04:36 4244480 ----a-w- c:\windows\SysWow64\jscript9.dll 2014-03-01 03:10 . 2014-03-12 04:36 2334208 ----a-w- c:\windows\system32\wininet.dll 2014-03-01 03:00 . 2014-03-12 04:36 1964032 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2014-03-01 02:38 . 2014-03-12 04:36 1393664 ----a-w- c:\windows\system32\urlmon.dll 2014-03-01 02:32 . 2014-03-12 04:36 1820160 ----a-w- c:\windows\SysWow64\wininet.dll 2014-03-01 02:25 . 2014-03-12 04:36 817664 ----a-w- c:\windows\system32\ieapfltr.dll 2014-02-28 09:39 . 2012-10-30 09:42 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2014-02-28 09:38 . 2012-10-30 09:31 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2014-02-28 09:38 . 2012-10-30 09:31 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2014-02-28 09:38 . 2012-10-17 03:38 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2014-02-07 01:23 . 2014-03-12 04:36 3156480 ----a-w- c:\windows\system32\win32k.sys 2014-02-04 02:32 . 2014-03-12 04:36 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll 2014-02-04 02:32 . 2014-03-12 04:36 624128 ----a-w- c:\windows\system32\qedit.dll 2014-02-04 02:04 . 2014-03-12 04:36 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll 2014-02-04 02:04 . 2014-03-12 04:36 509440 ----a-w- c:\windows\SysWow64\qedit.dll 2014-01-29 02:32 . 2014-03-12 04:36 484864 ----a-w- c:\windows\system32\wer.dll 2014-01-29 02:06 . 2014-03-12 04:36 381440 ----a-w- c:\windows\SysWow64\wer.dll 2014-01-28 02:32 . 2014-03-12 04:36 228864 ----a-w- c:\windows\system32\wwansvc.dll 2013-12-11 19:44 . 2012-11-03 18:13 10395072 ----a-w- c:\program files (x86)\Common Files\wruninstall.exe 2013-10-13 03:10 . 2014-03-24 20:59 224 ----a-w- c:\program files\update-FIFA14.bat . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912] "EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-04-25 3588952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160] "ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2010-03-10 237568] "THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640] "InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2011-02-25 1770400] "WRSVC"="c:\program files\Webroot\WRSA.exe" [2014-04-13 766040] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-14 59720] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] "BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2013-05-13 601928] "CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448] "IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-03-26 449168] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888] . c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384] . c:\users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2010-5-28 1324384] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Install Webroot FF RunOnce.lnk - c:\program files (x86)\Common Files\wruninstall.exe -q -name=webroot -ffuuid {8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} --disablenotes --disableidentities --disablevault --disablecontext [2012-11-3 10395072] Install Webroot IE RunOnce.lnk - c:\program files (x86)\Common Files\wruninstall.exe -p -name=webroot -ffuuid {8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} --disablenotes --disableidentities --disablevault --disablecontext [2012-11-3 10395072] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2010-5-28 1324384] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 0 (0x0) . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe;c:\program files\Webroot\WRSA.exe [x] R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x] R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS;c:\windows\SYSNATIVE\drivers\BVRPMPR5a64.SYS [x] R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys;c:\windows\SYSNATIVE\DRIVERS\FlyUsb.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x] R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x] R3 LVUVC64;Logitech Webcam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x] R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys;c:\windows\SYSNATIVE\DRIVERS\motodrv.sys [x] R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x] R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x] R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys;c:\windows\SYSNATIVE\drivers\WRkrn.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 MpKslee36e801;MpKslee36e801;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A03ED823-8E6E-412B-A972-6D053C45686A}\MpKslee36e801.sys;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A03ED823-8E6E-412B-A972-6D053C45686A}\MpKslee36e801.sys [x] S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [x] S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [x] S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x] S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [x] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys;c:\windows\SYSNATIVE\DRIVERS\sxuptp.sys [x] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - MPFILTER *NewlyCreated* - MPKSLEE36E801 *NewlyCreated* - NISDRV . Contents of the 'Scheduled Tasks' folder . 2014-04-27 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-09 11:49] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-23 10920552] "RunDLLEntry_THXCfg"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920] "RunDLLEntry_EptMon"="c:\windows\system32\EptMon64.dll" [2009-10-15 21504] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-20 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-20 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-20 439064] "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm Trusted Zone: blueearth.net\graderdev Trusted Zone: blueearth.net\snapdev2010 Trusted Zone: blueearth.net\snappreview2010 Trusted Zone: blueearth.net\snapstage Trusted Zone: emcp.com\snap2010 Trusted Zone: blueearth.net\graderdev Trusted Zone: blueearth.net\snapdev2010 Trusted Zone: blueearth.net\snappreview2010 Trusted Zone: blueearth.net\snapstage Trusted Zone: emcp.com\snap2010 TCP: DhcpNameServer = 65.32.5.111 65.32.5.112 . . ------- File Associations ------- . inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1 JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %* txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-GameXN GO - c:\programdata\GameXN\GameXNGO.exe Wow6432Node-HKLM-Run-<NO NAME> - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-uTorrentControl2 Toolbar - c:\program files (x86)\uTorrentControl2\uninstall.exe AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce, 9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d "{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93, aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}"=hex:51,66,7a,6c,4c,1d,3b,1b,64,78,4c, 54,75,5c,8a,34,aa,62,82,42,ba,d5,f4,71 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:9a,69,78,45,81,09,cc,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4d,2e,2c,de,1a,07,5e,4b,95,87,df,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4d,2e,2c,de,1a,07,5e,4b,95,87,df,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . Completion time: 2014-04-27 20:17:14 ComboFix-quarantined-files.txt 2014-04-28 00:17 . Pre-Run: 81,757,417,472 bytes free Post-Run: 81,598,517,248 bytes free . - - End Of File - - D1B8D415F0F6D9983114923A8BC35C29
  10. To use computer I have been shutting webroot off and using Microsoft Security Essentials instead.
  11. It pops up almost instantly when I turn on my computer, and if I close out or select clean later it pops up almost instantly right after. It makes using the computer a hassle since I have to keep closing it. If I hit continue and go through removing it, it will say deleted, restart, and pop up again on startup.
  12. Yes everything is up to date and firewall is on. My webroot antivirus is still showing a threat. What are the next steps?
  13. The Windows Defender update is only important update that failed to install.
  14. As of that scan log time, my windows Firewall is back on, but I'm still unable to do windows update. It downloads just fine, but won't install the important updates with the same error code. The important update is a definition update for windows defender - KB915597 and the error found is code 80070005. Also I'm still receiving a threats identified window from my Webroot Antivirus. It keeps popping up over and over again even if I close out or select cleanup later.
  15. System Variables -------------------------------------------------------------------------------- OS: Windows 7 Home Premium OS Architecture: 64-bit OS Version: 6.1.7601 OS Service Pack: Service Pack 1 Computer Name: GERARDOS Windows Drive: C:\ Windows Path: C:\Windows Current Profile: C:\Users\Owner Current Profile SID: S-1-5-21-2760510842-1826996787-2274628961-1000 Current Profile Classes: S-1-5-21-2760510842-1826996787-2274628961-1000_Classes Profiles Location: C:\Users Profiles Location 2: C:\Windows\ServiceProfiles Local Settings AppData: C:\Users\Owner\AppData\Local -------------------------------------------------------------------------------- System Information -------------------------------------------------------------------------------- System Up Time: 01 Day 21:56:55 Process Count: 69 Commit Total: 1.78 GB Commit Limit: 11.96 GB Commit Peak: 7.12 GB Handle Count: 19648 Kernel Total: 605.59 MB Kernel Paged: 481.95 MB Kernel Non Paged: 123.64 MB System Cache: 4.61 GB Thread Count: 792 -------------------------------------------------------------------------------- Memory Before Cleaning with CleanMem -------------------------------------------------------------------------------- Memory Total: 5.98 GB Memory Used: 1.38 GB(23.0599%) Memory Avail.: 4.60 GB -------------------------------------------------------------------------------- Cleaning Memory Before Starting Repairs... Memory After Cleaning with CleanMem -------------------------------------------------------------------------------- Memory Total: 5.98 GB Memory Used: 1.09 GB(18.2258%) Memory Avail.: 4.89 GB -------------------------------------------------------------------------------- Starting Repairs... Start (4/25/2014 2:17:19 AM) 01 - Reset Registry Permissions 01/03 HKEY_CURRENT_USER & Sub Keys Start (4/25/2014 2:17:22 AM) Running Repair Under Current User Account Done (4/25/2014 2:17:27 AM) 01 - Reset Registry Permissions 02/03 HKEY_LOCAL_MACHINE & Sub Keys Start (4/25/2014 2:17:27 AM) Running Repair Under System Account Done (4/25/2014 2:18:35 AM) 01 - Reset Registry Permissions 03/03 HKEY_CLASSES_ROOT & Sub Keys Start (4/25/2014 2:18:35 AM) Running Repair Under System Account Done (4/25/2014 2:19:06 AM) 02 - Reset File Permissions: C: C: & Sub Folders Start (4/25/2014 2:19:06 AM) Running Repair Under System Account Done (4/25/2014 2:23:41 AM) 02 - Reset File Permissions: Q: Q: & Sub Folders Start (4/25/2014 2:23:41 AM) Running Repair Under System Account Done (4/25/2014 2:23:43 AM) 02 - Reset File Permissions: All Profiles C:\Users & Sub Folders Start (4/25/2014 2:23:43 AM) Running Repair Under System Account Done (4/25/2014 2:24:35 AM) 02 - Reset File Permissions: Current Profile C:\Users\Owner & Sub Folders Start (4/25/2014 2:24:35 AM) Running Repair Under System Account Done (4/25/2014 2:24:58 AM) 02 - Reset File Permissions: Cleanup Repairing Restricted Folders Permissions To Avoid Infinite Loops Start (4/25/2014 2:24:58 AM) Running Repair Under System Account Processing ACL of: <\\?\C:\Documents and Settings> SetACL finished successfully. Processing ACL of: <\\?\C:\ProgramData\Application Data> SetACL finished successfully. Processing ACL of: <\\?\C:\ProgramData\Desktop> SetACL finished successfully. Processing ACL of: <\\?\C:\ProgramData\Documents> SetACL finished successfully. Processing ACL of: <\\?\C:\ProgramData\Favorites> SetACL finished successfully. Processing ACL of: <\\?\C:\ProgramData\Start Menu> SetACL finished successfully. Processing ACL of: <\\?\C:\ProgramData\Templates> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\All Users\Application Data> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\All Users\Desktop> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\All Users\Documents> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\All Users\Favorites> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\All Users\Start Menu> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\All Users\Templates> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default User> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\Application Data> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\Cookies> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\Local Settings> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\My Documents> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\NetHood> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\PrintHood> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\Recent> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\SendTo> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\Start Menu> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\Templates> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Application Data> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\AppData\Local\History> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Temporary Internet Files> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\Documents\My Music> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\Documents\My Pictures> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Default\Documents\My Videos> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Public\Documents\My Music> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Public\Documents\My Pictures> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Public\Documents\My Videos> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\Application Data> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\Cookies> Reading the SD from <\\?\C:\Users\Owner\Cookies> failed with: The system cannot find the file specified. SetACL finished with error(s): SetACL error message: The call to GetNamedSecurityInfo () failed Operating system error message: The system cannot find the file specified. Processing ACL of: <\\?\C:\Users\Owner\Local Settings> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\My Documents> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\NetHood> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\PrintHood> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\Recent> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\SendTo> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\Start Menu> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\Templates> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\AppData\Local\Application Data> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\AppData\Local\History> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\AppData\Local\Temporary Internet Files> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\Documents\My Music> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\Documents\My Pictures> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\Owner\Documents\My Videos> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\Application Data> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\Cookies> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\Local Settings> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\My Documents> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\NetHood> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\PrintHood> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\Recent> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\SendTo> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\Start Menu> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\Templates> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\AppData\Local\Application Data> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\AppData\Local\History> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\AppData\Local\Temporary Internet Files> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\Documents\My Music> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\Documents\My Pictures> SetACL finished successfully. Processing ACL of: <\\?\C:\Users\UpdatusUser\Documents\My Videos> SetACL finished successfully. Done (4/25/2014 2:25:00 AM) 03 - Register System Files Start (4/25/2014 2:25:00 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:25:15 AM) 04 - Repair WMI Start (4/25/2014 2:25:15 AM) Starting Security Center So We Can Export The Security Info. Exporting Antivirus Info... Webroot SecureAnywhere Exported. Exporting AntiSpyware Info... Webroot SecureAnywhere Exported. Windows Defender Exported. Exporting 3rd Party Firewall Info... No Firewall Products Reported. Running Repair Under Current User Account Done (4/25/2014 2:26:21 AM) 05 - Repair Windows Firewall Start (4/25/2014 2:26:21 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:26:44 AM) 06 - Repair Internet Explorer Start (4/25/2014 2:26:44 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:26:57 AM) 07 - Repair MDAC/MS Jet Start (4/25/2014 2:26:57 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:27:01 AM) 08 - Repair Hosts File Start (4/25/2014 2:27:01 AM) Running Repair Under System Account Done (4/25/2014 2:27:04 AM) 09 - Remove Policies Set By Infections Start (4/25/2014 2:27:04 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:27:09 AM) 10 - Repair Start Menu Icons Removed By Infections Start (4/25/2014 2:27:09 AM) Running Repair Under System Account Done (4/25/2014 2:27:11 AM) 11 - Repair Icons Start (4/25/2014 2:27:11 AM) Running Repair Under Current User Account Done (4/25/2014 2:27:13 AM) 12 - Repair Winsock & DNS Cache Start (4/25/2014 2:27:13 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:27:30 AM) 13 - Remove Temp Files Start (4/25/2014 2:27:30 AM) Running Repair Under System Account Done (4/25/2014 2:27:33 AM) 14 - Repair Proxy Settings Start (4/25/2014 2:27:33 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:27:38 AM) 15 - Unhide Non System Files Start (4/25/2014 2:27:38 AM) C:\ - Total Files Unhidden: 6 - Check Unhidden_Files.txt for list of files unhidden Q:\ - Total Files Unhidden: 0 - Check Unhidden_Files.txt for list of files unhidden Done (4/25/2014 2:28:15 AM) 16 - Repair Windows Updates Start (4/25/2014 2:28:15 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:28:26 AM) 17 - Repair CD/DVD Missing/Not Working Start (4/25/2014 2:28:26 AM) iTunes was found, adding UpperFilters for iTunes Reg Key UpperFilters added?: True Done (4/25/2014 2:28:26 AM) 18 - Repair Volume Shadow Copy Service Start (4/25/2014 2:28:26 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:28:31 AM) 19 - Repair Windows Sidebar/Gadgets Start (4/25/2014 2:28:31 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:28:35 AM) 20 - Repair MSI (Windows Installer) Start (4/25/2014 2:28:35 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:28:44 AM) 21 - Repair Windows Snipping Tool Start (4/25/2014 2:28:44 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:28:49 AM) 22.01 - Repair bat Association Start (4/25/2014 2:28:49 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:28:54 AM) 22.02 - Repair cmd Association Start (4/25/2014 2:28:54 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:28:58 AM) 22.03 - Repair com Association Start (4/25/2014 2:28:58 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:29:03 AM) 22.04 - Repair Directory Association Start (4/25/2014 2:29:03 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:29:08 AM) 22.05 - Repair Drive Association Start (4/25/2014 2:29:08 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:29:13 AM) 22.06 - Repair exe Association Start (4/25/2014 2:29:13 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:29:17 AM) 22.07 - Repair Folder Association Start (4/25/2014 2:29:17 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:29:22 AM) 22.08 - Repair inf Association Start (4/25/2014 2:29:22 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:29:27 AM) 22.09 - Repair lnk (Shortcuts) Association Start (4/25/2014 2:29:27 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:29:31 AM) 22.10 - Repair msc Association Start (4/25/2014 2:29:31 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:29:36 AM) 22.11 - Repair reg Association Start (4/25/2014 2:29:36 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:29:41 AM) 22.12 - Repair scr Association Start (4/25/2014 2:29:41 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:29:46 AM) 23 - Repair Windows Safe Mode Start (4/25/2014 2:29:46 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:29:50 AM) 24 - Repair Print Spooler Start (4/25/2014 2:29:50 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:30:03 AM) 25 - Restore Important Windows Services Start (4/25/2014 2:30:03 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:30:19 AM) 26 - Set Windows Services To Default Startup Start (4/25/2014 2:30:19 AM) Running Repair Under Current User Account Running Repair Under System Account Done (4/25/2014 2:30:24 AM) Skipping Repair. Repair is for Windows v6.2 (Windows 8 & Newer) or higher. Current version: 6.1 Skipping Repair. Repair is for Windows v6.2 (Windows 8 & Newer) or higher. Current version: 6.1 Skipping Repair. Repair is for Windows v6.2 (Windows 8 & Newer) or higher. Current version: 6.1 Cleaning up empty logs... All Selected Repairs Done. Done (4/25/2014 2:30:24 AM) Total Repair Time: 00:13:06 ...YOU MUST RESTART YOUR SYSTEM... Running Repair Under Current User Account
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.