Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I was told by Microtek Support I had 11,500 infections


  • Please log in to reply
13 replies to this topic

#1 poosu

poosu

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:55 AM

Posted 16 December 2013 - 02:39 PM

I have had several issues in the last month or so including false emails to friends, opened tabs in IE and Firefox which I did not open, inability to open sites that used to work and slow performance.  Today I was trying to update Adobe Flash Player and somehow got to Microtek.  I allowed the technician to scan my computer and he found many programs that are "stopped" and also showed a list of 11,500 infections.  They want $200 to fix then and maintain the computer for the rest of it's life.  My son steered me toward bleeping computer so I'm here and want to know if there is anything I can do.  It's a year old HP computer running Windows XP home, and Microsoft Security Essentails



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:55 AM

Posted 16 December 2013 - 02:53 PM

Hello poosu
 
Lets get a second opinion and run these.
 
I moved this to the Am I Infected forum.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 16 December 2013 - 03:03 PM.
spellling

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jonuk76

jonuk76

  • Members
  • 2,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:08:55 AM

Posted 16 December 2013 - 02:58 PM

You were probably shown the Event Viewer (eventvwr) which will show a certain number of errors on everyone's computer.  This is often used by less than honest "tech support" people to convince you to part with money.  However it does sound like your computer might well have something on it so follow the advice above.


7sbvuf-6.png


#4 poosu

poosu
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:55 AM

Posted 16 December 2013 - 03:38 PM

Downloaded all and am in the process of performing the suggestions.  Don't see how to attach results to this post



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:55 AM

Posted 16 December 2013 - 05:01 PM

Copy/ paste
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 poosu

poosu
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:55 AM

Posted 16 December 2013 - 07:04 PM

I have run all the recommended programs.

 

Minitoolkit results are: on my desk top. 

I have tried copy/paste several different ways and can't seem to make it work. It copies OK but when I right click on this page there is no paste option.

 

TDSkiller detected nothing

 

ADWcleaner found and removed one item

 

JRT results are also on my desk top and I can't seem to get them onto this post.

 

ESET has been running for over 2 hours and is 28 % finished at 42,000+ files.  It is moving very slowly and took 20 minutes to scan 7 files.  The last time I did a full scan with Microsoft Security Essentials took over 10 hours and had over 100,000 files.

 

I feel dumb not being able to get the results on this page, but I never saw a scan run so slowly

 

poosu at 1903 EST

 

 

 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:55 AM

Posted 16 December 2013 - 08:15 PM

Let it run, most likely reason is scans are not done often enough.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 poosu

poosu
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:55 AM

Posted 17 December 2013 - 08:35 AM

Here are my results for Mini toolbar

 

MiniToolBox by Farbar  Version: 13-07-2013

 

Ran by poosu (administrator) on 16-12-2013 at 15:26:11

 

Running from "C:\Users\poosu\Desktop"

 

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

 

Boot Mode: Normal

 

***************************************************************************

 

 

========================= Flush DNS: ===================================

 

 

Windows IP Configuration

 

 

Successfully flushed the DNS Resolver Cache.

 

 

========================= IE Proxy Settings: ==============================

 

 

Proxy is not enabled.

 

No Proxy Server is set.

 

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

 

========================= FF Proxy Settings: ==============================

 

 

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

 

========================= Hosts content: =================================

 

 

 

========================= IP Configuration: ================================

 

Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Connected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global icmpredirects=enabled

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : home

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

   DNS Suffix Search List. . . . . . : cfl.rr.com

 

Ethernet adapter Local Area Connection:

 

   Connection-specific DNS Suffix  . : cfl.rr.com

   Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)

   Physical Address. . . . . . . . . : E0-CB-4E-FB-94-EC

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::b937:d20b:2b6d:10ae%13(Preferred)

   IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : Monday, December 16, 2013 6:04:01 AM

   Lease Expires . . . . . . . . . . : Tuesday, December 17, 2013 12:26:08 PM

   Default Gateway . . . . . . . . . : 192.168.1.1

   DHCP Server . . . . . . . . . . . : 192.168.1.1

   DHCPv6 IAID . . . . . . . . . . . : 272130167

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-9E-B4-89-E0-CB-4E-FB-94-EC

   DNS Servers . . . . . . . . . . . : 65.32.5.111

                                       65.32.5.112

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Tunnel adapter Local Area Connection* 9:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft 6to4 Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Local Area Connection* 12:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:cb5:17d0:bcf7:e686(Preferred)

   Link-local IPv6 Address . . . . . : fe80::cb5:17d0:bcf7:e686%12(Preferred)

   Default Gateway . . . . . . . . . : ::

   NetBIOS over Tcpip. . . . . . . . : Disabled

Server:  dns-redir-lb-01.tampabay.rr.com

Address:  65.32.5.111

 

Name:    google.com

Addresses:  2607:f8b0:4002:c06::71

   74.125.196.101

   74.125.196.102

   74.125.196.113

   74.125.196.138

   74.125.196.139

   74.125.196.100

 

 

Pinging google.com [74.125.196.138] with 32 bytes of data:

Reply from 74.125.196.138: bytes=32 time=52ms TTL=40

Reply from 74.125.196.138: bytes=32 time=54ms TTL=40

 

Ping statistics for 74.125.196.138:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 52ms, Maximum = 54ms, Average = 53ms

Server:  dns-redir-lb-01.tampabay.rr.com

Address:  65.32.5.111

 

Name:    yahoo.com

Addresses:  206.190.36.45

   98.138.253.109

   98.139.183.24

 

 

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=98ms TTL=41

Reply from 206.190.36.45: bytes=32 time=98ms TTL=41

 

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 98ms, Maximum = 98ms, Average = 98ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

13...e0 cb 4e fb 94 ec ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)

  1...........................Software Loopback Interface 1

11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter

12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.103     20

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

      192.168.1.0    255.255.255.0         On-link     192.168.1.103    276

    192.168.1.103  255.255.255.255         On-link     192.168.1.103    276

    192.168.1.255  255.255.255.255         On-link     192.168.1.103    276

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link     192.168.1.103    276

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link     192.168.1.103    276

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination      Gateway

12     58 ::/0                     On-link

  1    306 ::1/128                  On-link

12     58 2001::/32                On-link

12    306 2001:0:9d38:90d7:cb5:17d0:bcf7:e686/128

                                    On-link

13    276 fe80::/64                On-link

12    306 fe80::/64                On-link

12    306 fe80::cb5:17d0:bcf7:e686/128

                                    On-link

13    276 fe80::b937:d20b:2b6d:10ae/128

                                    On-link

  1    306 ff00::/8                 On-link

12    306 ff00::/8                 On-link

13    276 ff00::/8                 On-link

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

 

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)

Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)

Catalog9 01 C:\Windows\system32\AdpeakProxy.dll [338944] (Adpeak, Inc.)

Catalog9 02 C:\Windows\system32\AdpeakProxy.dll [338944] (Adpeak, Inc.)

Catalog9 03 C:\Windows\system32\AdpeakProxy.dll [338944] (Adpeak, Inc.)

Catalog9 04 C:\Windows\system32\AdpeakProxy.dll [338944] (Adpeak, Inc.)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 15 C:\Windows\system32\AdpeakProxy.dll [338944] (Adpeak, Inc.)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)

x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)

x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)

x64-Catalog9 01 C:\Windows\System32\AdpeakProxy64.dll [439296] (Adpeak, Inc.)

x64-Catalog9 02 C:\Windows\System32\AdpeakProxy64.dll [439296] (Adpeak, Inc.)

x64-Catalog9 03 C:\Windows\System32\AdpeakProxy64.dll [439296] (Adpeak, Inc.)

x64-Catalog9 04 C:\Windows\System32\AdpeakProxy64.dll [439296] (Adpeak, Inc.)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 12 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 13 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 14 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 15 C:\Windows\System32\AdpeakProxy64.dll [439296] (Adpeak, Inc.)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (12/16/2013 00:17:54 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 7270

 

Error: (12/16/2013 00:17:54 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 7270

 

Error: (12/16/2013 00:17:54 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/16/2013 00:17:53 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6256

 

Error: (12/16/2013 00:17:53 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6256

 

Error: (12/16/2013 00:17:53 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/16/2013 00:17:52 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5257

 

Error: (12/16/2013 00:17:52 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 5257

 

Error: (12/16/2013 00:17:52 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/16/2013 00:17:51 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4259

 

 

System errors:

=============

Error: (12/15/2013 11:01:01 PM) (Source: DCOM) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

 

Error: (12/15/2013 10:26:56 PM) (Source: Service Control Manager) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

 

Error: (12/15/2013 10:26:56 PM) (Source: Service Control Manager) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Garmin Core Update Service service.

 

Error: (12/15/2013 09:28:59 PM) (Source: Service Control Manager) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

 

Error: (12/15/2013 07:46:58 PM) (Source: BugCheck) (User: )

Description: 0x00000116 (0xfffffa8003a324e0, 0xfffff88003ebfa1c, 0x0000000000000000, 0x0000000000000002)C:\Windows\Minidump\121513-21793-01.dmp121513-21793-01

 

Error: (12/15/2013 07:46:57 PM) (Source: EventLog) (User: )

Description: The previous system shutdown at 7:45:12 PM on ?12/?15/?2013 was unexpected.

 

Error: (12/15/2013 02:39:14 PM) (Source: BugCheck) (User: )

Description: 0x00000116 (0xfffffa8005b014e0, 0xfffff88003c1fa1c, 0x0000000000000000, 0x0000000000000002)C:\Windows\Minidump\121513-18626-01.dmp121513-18626-01

 

Error: (12/15/2013 02:39:13 PM) (Source: EventLog) (User: )

Description: The previous system shutdown at 2:37:26 PM on ?12/?15/?2013 was unexpected.

 

Error: (12/13/2013 03:27:47 AM) (Source: DCOM) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

 

Error: (12/13/2013 03:03:44 AM) (Source: Service Control Manager) (User: )

Description: The Windows Search service failed to start due to the following error:

%%1053

 

 

Microsoft Office Sessions:

=========================

 

=========================== Installed Programs ============================

 

Update for Microsoft Office 2007 (KB2508958)

Adobe AIR (Version: 2.6.0.19120)

Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)

Adobe Reader XI (11.0.05) (Version: 11.0.05)

AMD APP SDK Runtime (Version: 2.4.650.9)

AMD Media Foundation Decoders (Version: 1.0.60512.1804)

AMD VISION Engine Control Center (Version: 2011.0512.1812.30806)

Apple Application Support (Version: 2.3.6)

Apple Mobile Device Support (Version: 7.0.0.117)

Apple Software Update (Version: 2.1.3.127)

ATI Catalyst Install Manager (Version: 3.0.829.0)

Bejeweled 3 (Version: 2.2.0.97)

Bing Bar (Version: 7.2.241.0)

Blackhawk Striker 2 (Version: 2.2.0.95)

Bonjour (Version: 3.0.0.10)

Catalyst Control Center - Branding (Version: 1.00.0000)

Catalyst Control Center Graphics Previews Common (Version: 2011.0512.1812.30806)

Catalyst Control Center InstallProxy (Version: 2011.0512.1812.30806)

Catalyst Control Center Localization All (Version: 2011.0512.1812.30806)

CCC Help Chinese Standard (Version: 2011.0512.1811.30806)

CCC Help Chinese Traditional (Version: 2011.0512.1811.30806)

CCC Help Czech (Version: 2011.0512.1811.30806)

CCC Help Danish (Version: 2011.0512.1811.30806)

CCC Help Dutch (Version: 2011.0512.1811.30806)

CCC Help English (Version: 2011.0512.1811.30806)

CCC Help Finnish (Version: 2011.0512.1811.30806)

CCC Help French (Version: 2011.0512.1811.30806)

CCC Help German (Version: 2011.0512.1811.30806)

CCC Help Greek (Version: 2011.0512.1811.30806)

CCC Help Hungarian (Version: 2011.0512.1811.30806)

CCC Help Italian (Version: 2011.0512.1811.30806)

CCC Help Japanese (Version: 2011.0512.1811.30806)

CCC Help Korean (Version: 2011.0512.1811.30806)

CCC Help Norwegian (Version: 2011.0512.1811.30806)

CCC Help Polish (Version: 2011.0512.1811.30806)

CCC Help Portuguese (Version: 2011.0512.1811.30806)

CCC Help Russian (Version: 2011.0512.1811.30806)

CCC Help Spanish (Version: 2011.0512.1811.30806)

CCC Help Swedish (Version: 2011.0512.1811.30806)

CCC Help Thai (Version: 2011.0512.1811.30806)

CCC Help Turkish (Version: 2011.0512.1811.30806)

ccc-utility64 (Version: 2011.0512.1812.30806)

Chuzzle Deluxe (Version: 2.2.0.95)

Cradle of Rome 2 (Version: 2.2.0.98)

D3DX10 (Version: 15.4.2368.0902)

DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)

Dora's World Adventure (Version: 2.2.0.95)

Dropbox (Version: 2.0.22)

Elevated Installer (Version: 2.3.16.0)

Facebook (Version: 1.1.0004)

Farm Frenzy (Version: 2.2.0.98)

Farmscapes (Version: 2.2.0.98)

FATE (Version: 2.2.0.97)

Final Drive Fury (Version: 2.2.0.95)

Garmin City Navigator North America NT 2010.10 (Version: 13.0.0.0)

Garmin Express (Version: 2.3.16.0)

Garmin Express Tray (Version: 2.3.16.0)

Garmin MapSource (Version: 6.16.3)

Garmin USB Drivers (Version: 2.3.1.0)

Garmin WebUpdater (Version: 2.5.6)

Google Chrome (Version: 31.0.1650.63)

Google Drive (Version: 1.13.5782.599)

Google Earth (Version: 7.1.2.2041)

Google Toolbar for Internet Explorer (Version: 1.0.0)

Google Toolbar for Internet Explorer (Version: 7.5.4805.320)

Google Update Helper (Version: 1.3.22.3)

GoPro CineForm Studio 1.3.2 (Version: 1.3.2)

GSAK 8.2.0.11

Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)

Hoyle Card Games (Version: 2.2.0.95)

HP Application Assistant (Version: 1.0.409.3882)

HP Auto (Version: 1.0.12935.3667)

HP Calendar (Version: 5.1.4245.23508)

HP Client Services (Version: 1.1.12938.3539)

HP Clock (Version: 5.1.4244.16367)

HP Customer Experience Enhancements (Version: 6.0.1.8)

HP Games (Version: 1.0.2.5)

HP LinkUp (Version: 2.01.029)

HP Magic Canvas (Version: 5.1.15.0)

HP Magic Canvas Tutorials (Version: 5.0.0.3)

HP MovieStore (Version: 2.1.091)

HP MovieStore (Version: 2.1.21091.0)

HP Notes (Version: 5.1.4274.30382)

HP Odometer (Version: 2.10.0000)

HP RSS (Version: 5.1.4301.21494)

HP Setup (Version: 9.0.15076.3891)

HP Setup Manager (Version: 1.2.15145.3905)

HP Support Assistant (Version: 7.0.39.15)

HP Support Information (Version: 11.00.0001)

HP TouchSmart RecipeBox (Version: 3.0.3830.27730)

HP Update (Version: 5.003.001.001)

HP Vision Hardware Diagnostics (Version: 2.12.1.0)

HP Weather (Version: 5.1.4295.16450)

iTunes (Version: 11.0.4.4)

Jewel Match 3 (Version: 2.2.0.98)

Jewel Quest Mysteries: The Seventh Gate Collector's Edition (Version: 2.2.0.98)

John Deere Drive Green (Version: 2.2.0.95)

Junk Mail filter update (Version: 16.4.3505.0912)

LabelPrint (Version: 2.5.4507)

Letters from Nowhere 2 (Version: 2.2.0.97)

Luxor HD (Version: 2.2.0.98)

Mah Jong Medley (Version: 2.2.0.95)

Metric Converter (Version: 1.0.0.0)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft Access database engine 2010 (English) (Version: 14.0.6029.1000)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Mathematics (Version: 4.0)

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010 (Version: 14.0.4763.1000)

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)

Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)

Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Security Client (Version: 4.4.0304.0)

Microsoft Security Essentials (Version: 4.4.304.0)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft SkyDrive (Version: 16.4.6013.0910)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Streets & Trips 2013 (Version: 19.0.17.2200)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)

Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)

Movie Maker (Version: 16.4.3505.0912)

Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)

Mozilla Maintenance Service (Version: 26.0)

MSVCRT (Version: 15.4.2862.0708)

MSVCRT_amd64 (Version: 15.4.2862.0708)

MSVCRT110 (Version: 16.4.1108.0727)

MSVCRT110_amd64 (Version: 16.4.1109.0912)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

opensource (Version: 1.0.14960.3876)

PDF Complete Special Edition (Version: 4.0.65)

Penguins! (Version: 2.2.0.98)

Photo Gallery (Version: 16.4.3505.0912)

Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)

PlayReady PC Runtime amd64 (Version: 1.3.0)

PlayReady PC Runtime x86 (Version: 1.3.0)

Poker Superstars III (Version: 2.2.0.95)

Polar Bowler (Version: 2.2.0.97)

Polar Golfer (Version: 2.2.0.98)

PressReader (Version: 5.11.0721.0)

Quicken 2007 (Version: 16.1.2.25)

Realtek High Definition Audio Driver (Version: 6.0.1.6387)

Recovery Manager (Version: 5.5.0.4424)

Remote Graphics Receiver (Version: 5.4.5)

RollerCoaster Tycoon 3: Platinum (Version: 2.2.0.98)

ScorpionSaver (Version: 1.0.0.0)

ScorpionSaver Services (Version: 1.0.0.0)

Skype™ 5.10 (Version: 5.10.116)

Spot (Version: 1.0.0.0)

Tap Tap Bear (Version: 1.0.0.0)

The Treasures of Mystery Island: The Ghost Ship (Version: 2.2.0.98)

Torchlight (Version: 2.2.0.98)

TSHostedAppLauncher (Version: 5.1.15.0)

TurboTax 2011

TurboTax 2011 WinPerFedFormset (Version: 011.000.2999)

TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0474)

TurboTax 2011 WinPerTaxSupport (Version: 011.000.0214)

TurboTax 2011 wrapper (Version: 011.000.0121)

TurboTax 2012 (Version: 2012.0)

TurboTax 2012 WinPerFedFormset (Version: 012.000.2114)

TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0451)

TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179)

TurboTax 2012 wrapper (Version: 012.000.0127)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update Installer for WildTangent Games App

Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.98)

WildTangent Games App (HP Games) (Version: 4.0.5.32)

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)

Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (Version: 03/07/2012 )

Windows Live Communications Platform (Version: 16.4.3505.0912)

Windows Live Essentials (Version: 16.4.3505.0912)

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)

Windows Live Installer (Version: 16.4.3505.0912)

Windows Live Mail (Version: 16.4.3505.0912)

Windows Live Messenger (Version: 16.4.3505.0912)

Windows Live MIME IFilter (Version: 16.4.3505.0912)

Windows Live Photo Common (Version: 16.4.3505.0912)

Windows Live PIMT Platform (Version: 16.4.3505.0912)

Windows Live SOXE (Version: 16.4.3505.0912)

Windows Live SOXE Definitions (Version: 16.4.3505.0912)

Windows Live UX Platform (Version: 16.4.3505.0912)

Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)

Windows Live Writer (Version: 16.4.3505.0912)

Windows Live Writer Resources (Version: 16.4.3505.0912)

Zinio Reader 4 (Version: 4.2.4164)

Zuma's Revenge (Version: 2.2.0.98)

 

========================= Memory info: ===================================

 

Percentage of memory in use: 45%

Total physical RAM: 3686.54 MB

Available physical RAM: 2011.02 MB

Total Pagefile: 7371.27 MB

Available Pagefile: 4577.97 MB

Total Virtual: 4095.88 MB

Available Virtual: 3965.65 MB

 

========================= Partitions: =====================================

 

1 Drive c: (OS) (Fixed) (Total:449.07 GB) (Free:355.9 GB) NTFS

2 Drive d: (HP_RECOVERY) (Fixed) (Total:16.59 GB) (Free:2.07 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\HOME

 

Administrator            Guest                    poosu                   

 

 

**** End of log ****

 

 

 

 

 

 

 

Here are my results for JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Junkware Removal Tool (JRT) by Thisisu

 

Version: 6.0.8 (11.05.2013:1)

 

OS: Windows 7 Home Premium x64

 

Ran by poosu on Mon 12/16/2013 at 16:06:07.76

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

~~~ Services

 

 

 

 

~~~ Registry Values

 

 

 

 

~~~ Registry Keys

 

 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{35901452-B02E-42E9-8124-C03EDE3525CA}

 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8DFDC147-5545-4E0E-9C78-172E8A5A7BFA}

 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8DFDC147-5545-4E0E-9C78-172E8A5A7BFA}

 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}

 

 

 

 

~~~ Files

 

 

 

 

~~~ Folders

 

 

Successfully deleted: [Folder] "C:\Users\poosu\appdata\local\cre"

 

Successfully deleted: [Empty Folder] C:\Users\poosu\appdata\local\{2AC039F1-332F-41C1-AB59-3FB184CE8BCE}

 

Successfully deleted: [Empty Folder] C:\Users\poosu\appdata\local\{47607B38-9477-4321-8E18-04C6F06E1850}

 

Successfully deleted: [Empty Folder] C:\Users\poosu\appdata\local\{AC028507-6C97-4169-B685-854D4A1B4105}

 

Successfully deleted: [Empty Folder] C:\Users\poosu\appdata\local\{F504564F-E33A-4C53-B10B-DFB990943E1C}

 

 

 

 

~~~ Chrome

 

 

Successfully deleted: [Folder] C:\Users\poosu\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl

 

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Scan was completed on Mon 12/16/2013 at 16:25:33.59

 

End of JRT log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

Here are my results for ESET

 

 

C:\AdwCleaner\Quarantine\C\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe.vir Win32/AdWare.Adpeak.B application cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe.vir Win64/Adware.Adpeak.B application cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\Program Files\ScorpionSaver Services\AdpeakProxy.exe.vir Win32/AdWare.Adpeak.A application cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\ScorpionSaver\CustomActionInstall.vir a variant of Win32/AdWare.Adpeak.B application cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\ScorpionSaver\CustomActionUninstall.vir a variant of Win32/AdWare.Adpeak.B application cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\ScorpionSaver\IECore.dll.vir a variant of Win32/AdWare.Adpeak.B application cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\Users\poosu\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll.vir Win32/Toolbar.Linkury.D application cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\Users\poosu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\bootstrap.js.old.vir Win32/AdWare.Adpeak.B application cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\Users\poosu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\bootstrap.js.vir Win32/AdWare.Adpeak.B application cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\Users\poosu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\manifest.json.vir Win32/AdWare.Adpeak.B application cleaned by deleting - quarantined

 

C:\temp\scorpionsaver.exe Win32/AdWare.Adpeak.B application cleaned by deleting - quarantined

 

C:\Users\poosu\AppData\Local\Temp\tbConn.dll a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined

 

C:\Users\poosu\AppData\Local\Temp\ct3153924\ieLogic.exe multiple threats cleaned by deleting - quarantined

 

 

 

I'm hoping someone will check back and tell me what to do next

Thanks

poosu

 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:55 AM

Posted 17 December 2013 - 12:32 PM

Nothing to bad there... How is it running?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 poosu

poosu
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:55 AM

Posted 17 December 2013 - 01:08 PM

I was waiting for the OK so I haven't used it.  I just tried one of the sites I couldn't get on when it was infected and it came up normally.  The other problems are more difficult to test, but You made some progress for sure.

 

Many Thanks

 

poosu



#11 buddy215

buddy215

  • Moderator
  • 13,116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:55 AM

Posted 17 December 2013 - 01:43 PM

Are these items still listed in your Add/ Remove program list?

ScorpionSaver (Version: 1.0.0.0)

ScorpionSaver Services (Version: 1.0.0.0)

 

If so, BC has a Removal Guide here: Scorpion Saver Removal Guide


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 poosu

poosu
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:55 AM

Posted 18 December 2013 - 07:02 AM

I did have ScorpionSaver on my computer when I looked at the list of installed programs on Control Panel.  I went through the steps on Scorpion Saver Removal Guide and a number of items were found including 31 infections on the Malwarebytes full scan.  When I went back into Control Panel after the scan, ScorpionSaver was still listed as installed on my computer.  I thought I saved the results of the runs but I can't seem to find them.

 

Seems like I'm still infected.  Do I need to go through the removal process again?



#13 buddy215

buddy215

  • Moderator
  • 13,116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:55 AM

Posted 18 December 2013 - 07:06 AM

Yes, use the instructions in the guide I linked to.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 poosu

poosu
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:55 AM

Posted 18 December 2013 - 10:08 AM

Before I got to run the the Scorpion Saver Removal for  the second time, Windows 7 crashed twice in about an hour.  Both crashes were during a sleep period while I was away from the computer.  Here's what the error message said.

 

 Problem Event Name: BlueScreen

  OS Version: 6.1.7601.2.1.0.768.3

  Locale ID: 1033

 

Additional information about the problem:

  BCCode: 116

  BCP1: FFFFFA80058F34E0

  BCP2: FFFFF88003E85A1C

  BCP3: 0000000000000000

  BCP4: 0000000000000002

  OS Version: 6_1_7601

  Service Pack: 1_0

  Product: 768_1

 

Files that help describe the problem:

  C:\Windows\Minidump\121813-19749-01.dmp

  C:\Users\poosu\AppData\Local\Temp\WER-58391-0.sysdata.xml

 

Read our privacy statement online:

  http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:

  C:\Windows\system32\en-US\erofflps.txt

 

Is this part of the infection problem or is it a different problem?

 

I'm putting off re running the Scorpion issue until we deal with this.

Thanks

poosu


Edited by poosu, 18 December 2013 - 10:08 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users