Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ShellDll crash in explorer.exe must restart explorer Help


  • Please log in to reply
7 replies to this topic

#1 Mikef1

Mikef1

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 23 February 2014 - 08:18 PM

I have been experiencing this shell dll crash in IE explorer.  It happens when I right click on a folder say to install another.  It is consistent in this matter.  I ran the mini toolbox and here is the results.  Can someone assist or advise please.  Dell 9517c

 

Attached is a word doc with a snipit of the error[attachment=147314:IE Crash.pdf]

 

 

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by mike (administrator) on 23-02-2014 at 19:09:01
Running from "C:\Users\mike\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet  = Local Area Connection (Connected)
Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module = Wireless Network Connection (Hardware not present)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : mike-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
   Physical Address. . . . . . . . . : 00-24-8C-4A-25-7A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6c71:4f04:1054:1ad4%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.9(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, February 23, 2014 1:28:15 PM
   Lease Expires . . . . . . . . . . : Thursday, April 02, 2150 1:37:22 AM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 234890380
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-3C-0A-08-00-24-8C-4A-25-7A
   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Belkin:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:30ec:1385:bde6:5ab6(Preferred)
   Link-local IPv6 Address . . . . . : fe80::30ec:1385:bde6:5ab6%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.2.1

Name:    google.com
Addresses:  2607:f8b0:4000:803::1003
   173.194.115.70
   173.194.115.71
   173.194.115.72
   173.194.115.73
   173.194.115.78
   173.194.115.64
   173.194.115.65
   173.194.115.66
   173.194.115.67
   173.194.115.68
   173.194.115.69

Pinging google.com [173.194.115.36] with 32 bytes of data:
Reply from 173.194.115.36: bytes=32 time=18ms TTL=52
Reply from 173.194.115.36: bytes=32 time=20ms TTL=52

Ping statistics for 173.194.115.36:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 18ms, Maximum = 20ms, Average = 19ms
Server:  UnKnown
Address:  192.168.2.1

Name:    yahoo.com
Addresses:  98.138.253.109
   98.139.183.24
   206.190.36.45

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=90ms TTL=44
Reply from 98.139.183.24: bytes=32 time=86ms TTL=44

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 86ms, Maximum = 90ms, Average = 88ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...00 24 8c 4a 25 7a ......NVIDIA nForce 10/100 Mbps Ethernet
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.9     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link       192.168.2.9    276
      192.168.2.9  255.255.255.255         On-link       192.168.2.9    276
    192.168.2.255  255.255.255.255         On-link       192.168.2.9    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.2.9    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.2.9    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:90d7:30ec:1385:bde6:5ab6/128
                                    On-link
 10    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::30ec:1385:bde6:5ab6/128
                                    On-link
 10    276 fe80::6c71:4f04:1054:1ad4/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/23/2014 01:25:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: SHELL32.dll, version: 6.1.7601.18222, time stamp: 0x51f1ddfa
Exception code: 0xc0000005
Fault offset: 0x000000000005055a
Faulting process id: 0x1f70
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

System errors:
=============
Error: (02/23/2014 01:28:24 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
lsnfd

Microsoft Office Sessions:
=========================
Error: (02/23/2014 01:25:32 PM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d672ee4SHELL32.dll6.1.7601.1822251f1ddfac0000005000000000005055a1f7001cf30cc24aadda8C:\Windows\explorer.exeC:\Windows\system32\SHELL32.dll4285ed30-9cc0-11e3-a6a4-00248c4a257a

=========================== Installed Programs ============================

µTorrent (Version: 3.3.2.30380)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44)
Adobe Reader XI (11.0.06)  MUI (Version: 11.0.06)
Any Video Converter 5.5.3
Apple Application Support (Version: 2.3.4)
Apple Software Update (Version: 2.1.3.127)
BufferChm (Version: 130.0.331.000)
BurnAware Free 6.9.1
C4400 (Version: 130.0.365.000)
Copy (Version: 130.0.428.000)
CutePDF Writer 3.0 (Version:  3.0)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell System Detect (Version: 5.4.0.4)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
EVGA Precision X 4.0.0 (Version: 4.0.0)
File Type Assistant (Version: 2014.1.24.0)
Free All-In-One Media Player
Google Chrome (Version: 33.0.1750.117)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.5)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Support Solutions Framework (Version: 11.50.0000)
HP Update (Version: 5.005.000.002)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA 3D Vision Controller Driver 314.07 (Version: 314.07)
NVIDIA 3D Vision Driver 314.07 (Version: 314.07)
NVIDIA Control Panel 314.07 (Version: 314.07)
NVIDIA Drivers (Version: 1.6)
NVIDIA Graphics Driver 314.07 (Version: 314.07)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1407)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PowerISO (Version: 4.7)
PS_AIO_03_C4400_Software_Min (Version: 130.0.365.000)
QuickTime (Version: 7.74.80.86)
RealDownloader (Version: 1.7.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5910)
Safe Monitor (Version: 2.6.63)
Scan (Version: 13.0.0.0)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shop for HP Supplies (Version: 13.0)
Skype Click to Call (Version: 7.0.14735.1561)
Skype™ 6.11 (Version: 6.11.102)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Spybot - Search & Destroy (Version: 2.2.25)
Status (Version: 130.0.469.000)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
TurboTax 2013 (Version: 2013.0)
TurboTax 2013 WinPerFedFormset (Version: 013.000.1736)
TurboTax 2013 WinPerReleaseEngine (Version: 013.000.0463)
TurboTax 2013 WinPerTaxSupport (Version: 013.000.0162)
TurboTax 2013 wrapper (Version: 013.000.0135)
UnloadSupport (Version: 11.0.0)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
UpdateService (Version: 1.0.0)
WebReg (Version: 130.0.132.017)
Yahoo! Toolbar

========================= Devices: ================================

Name: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Description: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: lsnfd
Description: lsnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lsnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 8191.22 MB
Available physical RAM: 6424.51 MB
Total Pagefile: 16380.63 MB
Available Pagefile: 14462.64 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.01 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:1862.92 GB) (Free:1807.34 GB) NTFS
3 Drive e: (HHDD 2) (Fixed) (Total:1863.01 GB) (Free:1638.94 GB) NTFS
4 Drive f: () (Removable) (Total:29.27 GB) (Free:29.27 GB) FAT32
8 Drive j: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
9 Drive k: (My Book) (Fixed) (Total:596.02 GB) (Free:273.6 GB) FAT32

========================= Users: ========================================

User accounts for \\MIKE-PC

Administrator            Guest                    mike                    
UpdatusUser             

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

11-02-2014 20:51:38 Windows Update
13-02-2014 09:00:18 Windows Update
16-02-2014 06:00:02 Windows Backup
16-02-2014 09:00:10 Windows Update
17-02-2014 23:13:51 Windows Update
19-02-2014 03:10:58 Removed Skype™ 6.11
19-02-2014 03:31:37 Restore Operation
19-02-2014 03:44:10 Windows Update
23-02-2014 01:49:21 Windows Update
23-02-2014 06:00:00 Windows Backup

**** End of log ****



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,442 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:14 AM

Posted 24 February 2014 - 08:34 AM

http://www.systemlookup.com/Drivers/9889-lsnfd_sys.html

 

Moved topic to Am I Infected forum.

 

Louis



#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,763 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:03:14 AM

Posted 24 February 2014 - 11:12 AM

Please download Malwarebytes Anti-Malware.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  When the installation has finished, make sure you leave both of these checked:
 
    Update Malwarebytes' Anti-Malware
 
    Launch Malwarebytes' Anti-Malware
 
Then click on Finish.
 
3)  MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. 
 
4)  Click on perform Quick Scan, then click on the Scan button.
 
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
 
5)  The scan will now begin, this may take some time to complete so please be patient.
 
6)  When the scan is finished click on Show Results to display all objects found.
 
7)  Click OK to close the message box and continue with the removal process.
 
8)  Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
 
Make sure that every item shown in the results has a check mark in the box next to it, then click on Remove Selected.
 
9)  When removal is completed, a log will open in Notepad.
 
This log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of the log in your next post, then exit MBAM.
 
Important:  If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Reagardless if prompted to restart the computer or not, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
 
Please copy the Malwarebytes log and paste it in your next post.
 
To locate this file right click on the Start orb and choose Open Windows Explorer, then click on C: drive.
 
When the C: drive opens click on the following:  ProgramData, Malwarebytes, Malwarebytes' Anti-Malware, Logs.  
 
If there is more than one log, choose the log with the date that you ran scan that I requested.
 
 
If there are a large number of items found you can go into Settings and click on Scanner Settings to change the setting in Action for potentially unwanted programs (PUP) to Show in results list and check for removal.
 
Malwarebytessettings_zpsb9b50638.png
 
 

Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.
 
 

 
Double click on the download and choose to run the program.
 
A screen similar to the one below will open, click any key to run the program.
 
securitycheck_zpscfb86945.png
 
When the scan is finished there will be a log, copy and then paste your log in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 Mikef1

Mikef1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 24 February 2014 - 07:43 PM

OK did all and still have same results see logs below.  Did restart as instructed.

 

2014/02/24 12:54:51 -0600 MIKE-PC mike MESSAGE Starting protection
2014/02/24 12:54:51 -0600 MIKE-PC mike MESSAGE Protection started successfully
2014/02/24 12:54:51 -0600 MIKE-PC mike MESSAGE Starting IP protection
2014/02/24 12:55:15 -0600 MIKE-PC mike MESSAGE IP Protection started successfully
2014/02/24 12:55:22 -0600 MIKE-PC mike MESSAGE Starting database refresh
2014/02/24 12:55:22 -0600 MIKE-PC mike MESSAGE Stopping IP protection
2014/02/24 12:55:25 -0600 MIKE-PC mike MESSAGE IP Protection stopped successfully
2014/02/24 12:55:29 -0600 MIKE-PC mike MESSAGE Database refreshed successfully
2014/02/24 12:55:29 -0600 MIKE-PC mike MESSAGE Starting IP protection
2014/02/24 12:55:35 -0600 MIKE-PC mike MESSAGE IP Protection started successfully
2014/02/24 13:09:12 -0600 MIKE-PC mike MESSAGE Executing scheduled update:  Daily
2014/02/24 13:09:12 -0600 MIKE-PC mike MESSAGE Database already up-to-date
2014/02/24 14:31:00 -0600 MIKE-PC mike MESSAGE Starting protection
2014/02/24 14:31:00 -0600 MIKE-PC mike MESSAGE Protection started successfully
2014/02/24 14:31:00 -0600 MIKE-PC mike MESSAGE Starting IP protection
2014/02/24 14:31:06 -0600 MIKE-PC mike MESSAGE IP Protection started successfully
2014/02/24 14:37:13 -0600 MIKE-PC (null) MESSAGE Starting protection
2014/02/24 14:37:13 -0600 MIKE-PC (null) MESSAGE Protection started successfully
2014/02/24 14:37:13 -0600 MIKE-PC (null) MESSAGE Starting IP protection
2014/02/24 14:37:19 -0600 MIKE-PC (null) MESSAGE IP Protection started successfully

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.24.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
mike :: MIKE-PC [administrator]

Protection: Enabled

2/24/2014 12:57:55 PM
mbam-log-2014-02-24 (12-57-55).txt

Scan type: Full scan (C:\|E:\|J:\|K:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 481930
Time elapsed: 1 hour(s), 28 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 7
HKCR\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} (PUP.Optional.WebSteroids.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Linksicle (PUP.Optional.Linksicle.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LSNFD (PUP.Optional.Linksicle) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SYSTEM\CurrentControlSet\Services\lsnfd|ImagePath (PUP.Optional.Linksicle) -> Data: system32\drivers\lsnfd.sys -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.FindWide) -> Bad: (http://search.findwide.com/?guid={AC07066C-ACED-46E6-AF6A-BEDFDB11075A}&serpv=22) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 3
C:\Users\mike\AppData\Local\Temp\CT3319614 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\mike\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\mike\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.

Files Detected: 17
C:\Program Files (x86)\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\mike\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\mike\AppData\Local\Temp\HomePageDLL.dll.230076452 (PUP.Optional.Installcore) -> Quarantined and deleted successfully.
C:\Users\mike\AppData\Local\Temp\HomePageDLL.dll.853047818 (PUP.Optional.Installcore) -> Quarantined and deleted successfully.
C:\Users\mike\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Windows\AutoKMS.exe (Riskware.Keygen) -> Quarantined and deleted successfully.
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
K:\Zipped files\dvdburning_1289.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
K:\Zipped files\SkypeSetup.exe (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
K:\Zipped files\Roxio Creator Pro 2011 SP1 Full DVD Final (2010) [ kk ]\Roxio Creator Pro 2011 SP1 Full DVD Final (2010) [ kk ]\4\Version 1 (lena1964)\Roxio11_2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
K:\Zipped files\Roxio Creator Pro 2011 SP1 Full DVD Final (2010) [ kk ]\4\Version 1 (lena1964)\Roxio11_2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
K:\IPTorrents\Google_Earth_Setup.exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
K:\IPTorrents\Google Earth.exe (PUP.Optional.Firseria) -> Quarantined and deleted successfully.
C:\Users\mike\AppData\Local\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\mike\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> Quarantined and deleted successfully.
C:\Users\mike\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\mike\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.

 

 

# AdwCleaner v3.019 - Report created 24/02/2014 at 14:34:35
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : mike - MIKE-PC
# Running from : C:\Users\mike\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Users\mike\AppData\Local\filetypeassistant
Folder Deleted : C:\Users\mike\AppData\Local\genienext
Folder Deleted : C:\Users\mike\AppData\Local\Mobogenie
Folder Deleted : C:\Users\mike\AppData\Roaming\DigitalSites
Folder Deleted : C:\Users\mike\AppData\Roaming\UpdaterEX
Folder Deleted : C:\Users\mike\Documents\Mobogenie
File Deleted : C:\Windows\Tasks\UpdaterEX.job
File Deleted : C:\Windows\System32\Tasks\UpdaterEX

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\mike\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [3823 octets] - [24/02/2014 14:33:25]
AdwCleaner[S0].txt - [3391 octets] - [24/02/2014 14:34:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3451 octets] ##########

 

 

 Results of screen317's Security Check version 0.99.79 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Microsoft Security Essentials  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Java 7 Update 51 
 Adobe Reader XI 
 Google Chrome 32.0.1700.107 
 Google Chrome 33.0.1750.117 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Spybot Teatimer.exe is disabled!
 Malwarebytes' Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 

 

 



#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,763 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:03:14 AM

Posted 25 February 2014 - 12:12 PM

 

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET Online Scan in a new window.
    ESET OnlineScan

  • Click the esetonlinebtn.png button.

  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.

       

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.

       

  • Check "YES, I accept the Terms of Use."

  • Click the Start button.

  • Accept any security warnings from your browser.

  • Under scan settings, check "Scan Archives"and "Remove found threats"

  • Click Advanced settings and select the following:

     

    • Scan potentially unwanted applications

    • Scan for potentially unsafe applications

    • Enable Anti-Stealth technology

       

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

  • When the scan completes, click List Threats

  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

  • Click the Back button.

  • Click the Finish button.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 Mikef1

Mikef1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 26 February 2014 - 11:28 AM

Here is the finished result log


C:\Users\All Users\SafeMonitor\SafeMonitor.exe a variant of MSIL/Adware.PullUpdate.B application
C:\Users\All Users\SafeMonitor\SafeMonitorService.exe a variant of MSIL/Adware.PullUpdate.A application
C:\ProgramData\SafeMonitor\SafeMonitor.exe a variant of MSIL/Adware.PullUpdate.B application cleaned by deleting - quarantined
C:\ProgramData\SafeMonitor\SafeMonitorService.exe a variant of MSIL/Adware.PullUpdate.A application cleaned by deleting - quarantined
C:\Users\mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZ8MLB83\reginout_setup.exe multiple threats cleaned by deleting - quarantined
C:\Users\mike\AppData\Local\Temp\SoftwareUpdateSetup.exe a variant of Win32/InstallCore.JE.gen potentially unwanted application deleted - quarantined
C:\Users\mike\AppData\Local\Temp\nspC34A.tmp\Helper.dll a variant of MSIL/Adware.PullUpdate.A application cleaned by deleting - quarantined
C:\Users\mike\Downloads\7zip-setup.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
E:\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
E:\PDFCreatorSetup.exe a variant of Win32/InstallCore.IU potentially unwanted application deleted - quarantined
E:\Downloads\7zip-setup.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2013-12-16 115834\Backup Files 2013-12-22 000000\Backup files 4.zip a variant of Win32/Toolbar.Widgi potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2013-12-16 115834\Backup Files 2013-12-29 000000\Backup files 1.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2013-12-16 115834\Backup Files 2013-12-29 000000\Backup files 2.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2013-12-16 115834\Backup Files 2013-12-29 000000\Backup files 3.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2013-12-16 115834\Backup Files 2013-12-29 000000\Backup files 4.zip Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-01-05 000000\Backup Files 2014-01-05 000000\Backup files 10.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-01-05 000000\Backup Files 2014-01-05 000000\Backup files 13.zip Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-01-05 000000\Backup Files 2014-01-05 000000\Backup files 6.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-01-05 000000\Backup Files 2014-01-05 000000\Backup files 8.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-01-05 000000\Backup Files 2014-01-12 000000\Backup files 1.zip Win32/Toolbar.Conduit.R potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-01-05 000000\Backup Files 2014-01-26 000000\Backup files 2.zip probably a variant of Win32/InstallIQ.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-01-05 000000\Backup Files 2014-02-02 000003\Backup files 2.zip Win32/BrowseFox.B potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-02-09 000000\Backup Files 2014-02-09 000000\Backup files 10.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-02-09 000000\Backup Files 2014-02-09 000000\Backup files 12.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-02-09 000000\Backup Files 2014-02-09 000000\Backup files 16.zip Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-02-09 000000\Backup Files 2014-02-09 000000\Backup files 7.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-02-09 000000\Backup Files 2014-02-16 000000\Backup files 1.zip a variant of MSIL/Adware.PullUpdate.B application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-02-23 000000\Backup Files 2014-02-23 000000\Backup files 10.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-02-23 000000\Backup Files 2014-02-23 000000\Backup files 12.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-02-23 000000\Backup Files 2014-02-23 000000\Backup files 16.zip Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-02-23 000000\Backup Files 2014-02-23 000000\Backup files 7.zip Win32/NextLive.A potentially unwanted application deleted - quarantined
E:\MIKE-PC\Backup Set 2014-02-23 000000\Backup Files 2014-02-23 000000\Backup files 9.zip a variant of MSIL/Adware.PullUpdate.B application deleted - quarantined
K:\Zipped files\Miro_Installer.exe a variant of Win32/Toolbar.Zugo potentially unwanted application deleted - quarantined
K:\Zipped files\BitTorrent-6.4c.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
K:\Zipped files\mp3rocket.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined
K:\Zipped files\MapsGalaxy.exe Win32/AdInstaller potentially unwanted application deleted - quarantined
K:\Zipped files\FreeAllInOneMediaPlayerZenSetup.exe Win32/MyPCBackup.A potentially unwanted application deleted - quarantined
K:\Zipped files\Microsoft Office 2010\Office 2010 Toolkit.exe a variant of MSIL/HackKMS.A potentially unsafe application deleted - quarantined
K:\Zipped files\Microsoft Office 2010 Professional Plus [theLEAK]\Office_2010_Professional_Plus.iso a variant of MSIL/HackKMS.A potentially unsafe application deleted - quarantined
K:\IPTorrents\SwifturnFreeDVDCopy_installer.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
K:\IPTorrents\yfdvdcopy_installer.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
K:\IPTorrents\FreeAllInOneMediaPlayerSetup.exe Win32/MyPCBackup.A potentially unwanted application deleted - quarantined
K:\IPTorrents\VSO.Software.ConvertXtoDVD.v5.0.0.75.Cracked-F4CG.rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantined
K:\IPTorrents\new downloads\VSO.Software.ConvertXtoDVD.v5.0.0.75.Cracked-F4CG.rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantined
K:\Windows 7 Ultimate (64 Bit)\Other Windows 7 Activation Tools\7Loader 1.6.exe MSIL/HackTool.WinActivator.A potentially unsafe application deleted - quarantined

#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,763 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:03:14 AM

Posted 28 February 2014 - 12:24 PM

Is this a legal copy of Windows?

 

The reason I ask is that you have a lot of hacked programs, one in particular is used for "acquiring" product keys.

 

Be forewarened: when you download from websites which use cracks, keygen, warez and other priated software you can contract and spread some of the worst types of malware infections.
 
In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.
 
I strongly recommend that you remove all cracks and keygens immediately to reduce the risk of infection and reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so they need to be removed.
 
Using these types of programs or the websites visited to get them is very likely how your computer got infected!

 

K:\Zipped files\Miro_Installer.exe a variant of Win32/Toolbar.Zugo potentially unwanted application deleted - quarantined
K:\Zipped files\BitTorrent-6.4c.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
K:\Zipped files\mp3rocket.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined
K:\Zipped files\MapsGalaxy.exe Win32/AdInstaller potentially unwanted application deleted - quarantined
K:\Zipped files\FreeAllInOneMediaPlayerZenSetup.exe Win32/MyPCBackup.A potentially unwanted application deleted - quarantined
K:\Zipped files\Microsoft Office 2010\Office 2010 Toolkit.exe a variant of MSIL/HackKMS.A potentially unsafe application deleted - quarantined
K:\Zipped files\Microsoft Office 2010 Professional Plus [theLEAK]\Office_2010_Professional_Plus.iso a variant of MSIL/HackKMS.A potentially unsafe application deleted - quarantined
K:\IPTorrents\SwifturnFreeDVDCopy_installer.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
K:\IPTorrents\yfdvdcopy_installer.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
K:\IPTorrents\FreeAllInOneMediaPlayerSetup.exe Win32/MyPCBackup.A potentially unwanted application deleted - quarantined
K:\IPTorrents\VSO.Software.ConvertXtoDVD.v5.0.0.75.Cracked-F4CG.rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantined
K:\IPTorrents\new downloads\VSO.Software.ConvertXtoDVD.v5.0.0.75.Cracked-F4CG.rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantined
K:\Windows 7 Ultimate (64 Bit)\Other Windows 7 Activation Tools\7Loader 1.6.exe MSIL/HackTool.WinActivator.A potentially unsafe application deleted - quarantined 


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 Mikef1

Mikef1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 28 February 2014 - 12:39 PM

Should I just reinstall windows with a purchased set. would that most likely fix the system?

What you are saying is that even if quarantined and deleted as mentioned above the trouble is deeper so to speak.

Edited by Mikef1, 28 February 2014 - 12:41 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users