Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dropbox, skype, cut and paste woes all at once


  • This topic is locked This topic is locked
12 replies to this topic

#1 zoo55

zoo55

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 24 February 2014 - 10:46 AM

Lenovo A7 touch screen i5 running win7/64, avast antivirus,  About 6 months ago, lost the ability to cut and paste files among directories.   I Googled the problem and found lots of solutions not at all relevant to me.  sigh.  A pain, but sort of livable-with.   Now in the space of 2 days, for no discernable reason all at once Skype wont recognize my webcam and dropbox does not think I am connected to the internet at all.  I have done the standard reinstall / update programs, uninstall/reinstall drivers on Device Manager.  Malwarebytes scan ok.  Dropbox forum helper thought it might be avast antivirus, but I disabled that and still no joy.  Help?  Thanks!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:47 PM

Posted 27 February 2014 - 07:57 PM

Hello zoo, I doubt his is even malware related. But run these so we can be sure.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
     
    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner
    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).

    .
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
  • [/list]
  • [/list]
  • [/list]

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 27 February 2014 - 08:08 PM

Thanks I'll run those. Where should I look for help on this site if no malware?

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:47 PM

Posted 27 February 2014 - 08:36 PM

I would ask in Operating Systems.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 27 February 2014 - 09:07 PM

Ok, thanks.

#6 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 28 February 2014 - 02:35 AM

Problems with 2 of 4 malware scans.  

 

TDSS - nothing found

 

Adware - download and run successfully, but when I clicked on "Clean", the following comes up and no action:  "ERROR:  Subscript used with non-Array variable."  Still, two logs were generated R0 and S0.

 

JRT - run and scan attached

 

ESET - I use Chrome as default, so had to accept to download exe file.  OK, then when  run file get a dialog box that says cant get update - check proxy.  I have no proxy, so stuck.  Then I thought to open IE and try to connect from there.  However, IE would not connect to internet at all!  No amount of fiddling with Internet Options would get IE connected.  THAT is clearly suspicious (to me, anyway) as linked to other symptoms noted.  

 

Thanks.

 

logs:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by DZV (administrator) on 28-02-2014 at 14:57:36
Running from "C:\Users\DZV\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Realtek RTL8188CUS Wireless LAN 802.11n USB Slim Solo = Wireless Network Connection (Hardware not present)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled metric=100 nud=enabled
set subinterface interface=?; subinterface=ethernet_6 mtu=1477
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : LENOVO
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 04-7D-7B-F5-47-06
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f4c6:cbcb:298c:9e22%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, February 27, 2014 9:57:30 PM
   Lease Expires . . . . . . . . . . : Friday, February 28, 2014 3:28:19 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 285506939
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-79-42-6C-04-7D-7B-F5-47-06
   DNS Servers . . . . . . . . . . . : 202.156.1.16
                                       218.186.2.16
                                       218.186.2.6
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{C747F795-FA75-4FE1-83E8-9EDD3D401EEC}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 11:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:4f2:1a84:8ba7:87ae(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::4f2:1a84:8ba7:87ae%17(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dnscache4.maxonline.com.sg
Address:  202.156.1.16
 
Name:    google.com
Addresses:  203.117.36.173
 203.117.36.148
 203.117.36.167
 203.117.36.152
 203.117.36.183
 203.117.36.153
 203.117.36.177
 203.117.36.158
 203.117.36.172
 203.117.36.163
 203.117.36.162
 203.117.36.178
 203.117.36.187
 203.117.36.168
 203.117.36.182
 203.117.36.157
 
 
Pinging google.com [203.117.37.153] with 32 bytes of data:
Reply from 203.117.37.153: bytes=32 time=14ms TTL=56
Reply from 203.117.37.153: bytes=32 time=11ms TTL=56
 
Ping statistics for 203.117.37.153:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 11ms, Maximum = 14ms, Average = 12ms
Server:  dnscache4.maxonline.com.sg
Address:  202.156.1.16
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Request timed out.
Reply from 206.190.36.45: bytes=32 time=224ms TTL=50
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 224ms, Maximum = 224ms, Average = 224ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...04 7d 7b f5 47 06 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.5    200
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.5    356
      192.168.0.5  255.255.255.255         On-link       192.168.0.5    356
    192.168.0.255  255.255.255.255         On-link       192.168.0.5    356
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.5    356
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.5    356
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 17     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 17     58 2001::/32                On-link
 17    306 2001:0:9d38:6abd:4f2:1a84:8ba7:87ae/128
                                    On-link
 13    266 fe80::/64                On-link
 17    306 fe80::/64                On-link
 17    306 fe80::4f2:1a84:8ba7:87ae/128
                                    On-link
 13    266 fe80::f4c6:cbcb:298c:9e22/128
                                    On-link
  1    306 ff00::/8                 On-link
 17    306 ff00::/8                 On-link
 13    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Catalog9 02 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Catalog9 03 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Catalog9 04 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Catalog9 05 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/27/2014 10:00:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/27/2014 09:28:13 PM) (Source: MsiInstaller) (User: LENOVO)
Description: Product: Skype™ 6.11 -- A later version of Skype™ 6.11 is already installed.
 
Error: (02/27/2014 08:22:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/27/2014 08:02:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/27/2014 07:58:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/27/2014 00:24:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/26/2014 11:08:49 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003
 
Error: (02/23/2014 01:47:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/23/2014 01:28:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/23/2014 09:37:05 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (02/27/2014 09:15:29 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (02/27/2014 08:01:56 PM) (Source: Service Control Manager) (User: )
Description: The TeamViewer 9 service failed to start due to the following error: 
%%1053
 
Error: (02/27/2014 08:01:56 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the TeamViewer 9 service to connect.
 
Error: (02/24/2014 08:45:33 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (02/24/2014 03:04:06 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (02/24/2014 03:04:05 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (02/24/2014 11:36:14 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (02/23/2014 09:27:41 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (02/23/2014 10:13:16 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (02/23/2014 10:02:05 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
 
Microsoft Office Sessions:
=========================
Error: (06/14/2013 09:23:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21828 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (06/11/2013 10:49:30 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2928 seconds with 1440 seconds of active time.  This session ended with a crash.
 
Error: (05/03/2013 04:10:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 57 seconds with 0 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-11-23 21:21:19.558
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\rikvm_3A60B698.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-01 22:27:01.547
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\rikvm_3A60B698.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-04-25 08:22:17.548
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\rikvm_3A60B698.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-04-25 08:22:17.502
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\rikvm_3A60B698.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
??????? Windows Live Mesh ActiveX ??(????) (Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (Version: 15.4.5722.2)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
AceMoney
Adobe Flash Player 12 ActiveX (Version: 12.0.0.70)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
AngryBirds (Version: 1.00.1206)
Apple Application Support (Version: 3.0)
Apple Mobile Device Support (Version: 7.1.0.32)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoStudio Paint (Version: 1.6.1.144)
Audacity 2.0.3 (Version: 2.0.3)
avast! Free Antivirus (Version: 9.0.2013)
Bing Maps 3D (Version: 4.0.903.16005)
Blue Coat K9 Web Protection (Version: 4.4.268)
Bonjour (Version: 3.0.0.10)
Canon MP250 series MP Drivers
CCleaner (Version: 3.28)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CopyTrans Suite Remove Only (Version: 2.37)
Curling (Version: 1.22.063010)
CutePDF Writer 3.0 (Version:  3.0)
D3DX10 (Version: 15.4.2368.0902)
Dolby Home Theater v4 (Version: 7.2.7000.7)
Driver & Application Installation (Version: 6.01.1214)
Dropbox (Version: 2.7.38)
EaseUS Partition Master 9.2.1 Home Edition
EasyCleaner (Version: 2.0.6.380)
Epson Customer Research Participation (Version: 1.51.0000)
Epson Event Manager (Version: 3.01.0005)
EPSON L210 Series Printer Uninstall
EPSON Scan
Epson User's Guide L210 Series
Extended Asian Language font pack for Adobe Reader XI (Version: 11.0.0)
Firework (Version: 1.22.063010)
FormatFactory 3.0.1 (Version: 3.0.1)
Free Keylogger Pro
Fruit Ninja (Version: 1.7.4.11)
Funny Cube (Version: 1.22.063010)
Game Portal (Version: 2.50.012.0217)
Google Chrome (Version: 32.0.1700.107)
Google Earth (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.22.5)
GPL Ghostscript (Version: 9.04)
GPL Ghostscript (Version: 9.07)
GPL Ghostscript 8.54
GPL Ghostscript Fonts
Happy Hit (Version: 1.39.063010)
HMA! Pro VPN 2.8.1.10 (Version: 2.8.1.10)
iCloud (Version: 3.1.0.40)
Idea Touch 4.5 (Version: 4.50.012.0307)
ImgBurn (Version: 2.5.8.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Manageability Engine Firmware Recovery Agent (Version: 1.0.0.35132)
Intel® Management Engine Components (Version: 8.0.0.1351)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
Intel® Trusted Connect Service Client (Version: 1.23.216.0)
IrfanView (remove only) (Version: 4.36)
iTunes (Version: 11.1.4.62)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 9.9.5 (64-bit) (Version: 9.9.5)
LAME v3.99.3 (for Windows)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.5.0.3400)
Lenovo BrgVolOSD (Version: 1.1.05)
Lenovo Camera Fun Zone (Version: 1.1.1.6)
Lenovo EBook&QuickNotes (Version: 1.0.3.22)
Lenovo Power2Go (Version: 6.0.6008)
Lenovo PowerDVD10 (Version: 10.0.3711.52)
Lenovo Registration (Version: 1.0.4)
Lenovo Rescue System (Version: 3.0.3609)
Lenovo Screensaver (Version: 1.0.5.120412)
Lenovo Silver Silk Wireless Keyboard (Version: 1.02)
Lenovo VeriTouch  (Version: 2.0.1.21)
Lenovo VeriTouch2.0 (Version: 2.0.1.21)
Lenovo YouCam (Version: 3.1.4910)
LenovoModifyWindowStyle (Version: 1.01.0711)
LenovoUtility version 1.0 (Version: 1.0)
Link Up (Version: 1.23.063010)
LVT (Version: 1.01.0213)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Touch Pack for Windows 7 (Version: 1.0.40517.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
Moffsoft FreeCalc (Version: 1.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MT2OFX V3.5.37
Music Star (Version: 1.44.063010)
MyFreeCodec
NVIDIA Control Panel 307.21 (Version: 307.21)
NVIDIA Graphics Driver 307.21 (Version: 307.21)
NVIDIA HD Audio Driver 1.2.24.0 (Version: 1.2.24.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (Version: 9.11.0621)
NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
OpenAL
PDF Split And Merge Basic (Version: 2.2.2)
PowerCinema (Version: 7.0.6207)
QuickTime (Version: 7.74.80.86)
Rapidboot Advanced (Version: 1.0.5.3)
RealDownloader (Version: 17.0.6)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer Cloud (Version: 17.0.6)
Realtek Ethernet Controller Driver (Version: 7.48.823.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6554)
Realtek PCIE Card Reader (Version: 6.1.7601.29003)
REALTEK Wireless LAN Driver (Version: 1.00.0183)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.95 (Version: 1.95)
Samsung i-Launcher 1.0.1.28 (Version: 1.0.1.28)
Samsung Kies (Version: 2.5.3.13043_14)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)
ScreenRecorder (Version: 4.0.0)
Skype Click to Call (Version: 7.0.14735.1561)
Skype™ 6.14 (Version: 6.14.104)
Snowflake Suite (Version: 1.0)
StartMeeting (Version: 1.3.3178.1001)
StreamTorrent 1.0
TaxACT 2010
TaxACT 2011 - 1040 Edition
TaxACT 2012 - 1040 Edition
TeamViewer 9 (Version: 9.0.26297)
ThemeWallpaper (Version: 1.2.0.120113)
Tixati
Tool Portal (Version: 2.50.012.0222)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
UpdateService (Version: 1.0.0)
VLC Codec Pack 2.0.5 (Version: 2.0.5)
VLC media player 2.1.0 (Version: 2.1.0)
VoiceOver Kit (Version: 1.42.128.0)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series x64 Edition
Windows Media Encoder 9 Series x64 Edition (Version: 10.0.0.3809)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 46%
Total physical RAM: 8155.61 MB
Available physical RAM: 4374.71 MB
Total Pagefile: 16309.39 MB
Available Pagefile: 12310.82 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.21 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows 7) (Fixed) (Total:97.66 GB) (Free:19.69 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:575.71 GB) (Free:434.82 GB) NTFS
4 Drive g: (G Seagate) (Fixed) (Total:1863.01 GB) (Free:413.51 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\LENOVO
 
Administrator            DZV                      Guest                    
UpdatusUser              
 
 
**** End of log ****
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by DZV on Fri 02/28/2014 at 15:05:16.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bandobjectattribute
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.dockingpanel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbarbandobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbardisplaystate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbarmenuform
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\smartbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\smartbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPIP_FF__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPIP_FF__RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPIP_FF__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPIP_FF__RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\DZV\appdata\local\{09A9EF77-4BEB-4965-8DA3-F5F529AE0B1C}
Successfully deleted: [Empty Folder] C:\Users\DZV\appdata\local\{A34EDA39-04CE-4B7B-B552-354D1DE2C449}
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/28/2014 at 15:11:03.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
# AdwCleaner v3.020 - Report created 28/02/2014 at 15:00:29
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : DZV - LENOVO
# Running from : C:\Users\DZV\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk
File Found : C:\Users\DZV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\NCH Software
Folder Found : C:\Users\DZV\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
Folder Found C:\Program Files (x86)\myfree codec
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\NCH Software
Folder Found C:\Program Files (x86)\SimilarSites
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Found C:\ProgramData\NCH Software
Folder Found C:\ProgramData\Partner
Folder Found C:\ProgramData\rvlkl
Folder Found C:\Users\DZV\AppData\Roaming\DefaultTab
Folder Found C:\Users\DZV\AppData\Roaming\NCH Software
Folder Found C:\Users\DZV\AppData\Roaming\SimilarSites
Folder Found C:\Users\DZV\AppData\Roaming\Systweak
 
***** [ Shortcuts ] *****
 
Shortcut Found : C:\Users\DZV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk ( hxxp://feed.snap.do/?publisher=ShoppingHelper&dpid=ShopHelp&co=SG&userid=5e0fe572-5140-f682-5bba-c377598b3668&searchtype=sc&installDate=12/10/2013 )
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\DefaultTab
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\NCH Software
Key Found : HKCU\Software\SmartBar
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\DefaultTab
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\NCH Software
Key Found : [x64] HKCU\Software\SmartBar
Key Found : HKLM\Software\caphyon
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\Software\DefaultTab
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Key Found : HKLM\Software\Myfree Codec
Key Found : HKLM\Software\NCH Software
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\systweak
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=ShoppingHelper&dpid=ShopHelp&co=SG&userid=5e0fe572-5140-f682-5bba-c377598b3668&searchtype=ds&q={searchTerms}&installDate=12/10/2013
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=ShoppingHelper&dpid=ShopHelp&co=SG&userid=5e0fe572-5140-f682-5bba-c377598b3668&searchtype=ds&q={searchTerms}&installDate=12/10/2013
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\DZV\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found : homepage
Found : homepage
 
*************************
 
AdwCleaner[R0].txt - [7496 octets] - [28/02/2014 15:00:29]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7556 octets] ##########
 
 
 
# AdwCleaner v3.020 - Report created 28/02/2014 at 15:02:17
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : DZV - LENOVO
# Running from : C:\Users\DZV\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\rvlkl
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\Program Files (x86)\myfree codec
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Users\DZV\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\DZV\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\DZV\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\DZV\AppData\Roaming\Systweak
Folder Deleted : C:\Users\DZV\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\DZV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
File Deleted : C:\Windows\System32\Tasks\NCH Software
 
***** [ Shortcuts ] *****
 
 
 


#7 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 28 February 2014 - 02:36 AM

Clarify - Mini Toolbox also ran ok and (as you will have seen) log attached.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:47 PM

Posted 28 February 2014 - 11:07 AM

OK, lets use this instead of ESET.
Please run the F-Secure Online Scanner
Follow the Instruction here for installation.
Accept the License Agreement.
Once the ActiveX installs,Click Full System Scan
Once the download completes, the scan will begin automatically.
The scan will take some time to finish, so please be patient.
When the scan completes, click the Automatic cleaning (recommended) button.
Click the Show Report button and Copy&Paste the entire report in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 03 March 2014 - 07:42 AM

Unfortunately, that program does absolutely nothing.  .exe downloads ok, I double-click to run, ok to make changes, then.... nothing at all.  No processes in task manager, only an icon on the task bar that does nothing if I click on it, but hovering over with mouse shows an image that says, "This page cannot be displayed."

 

I also ran health checker.  It launched properly, seemed to run for 1 minute, then just shut down.  nada mas.

 

What shall I try next?



#10 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 03 March 2014 - 07:46 AM

By the way, I did some further checking on the net re the IE problem.  One suggestion was to uncheck Automatically detect Proxy.  Did that, no help.  Re Dropbox, firewall already lets it in/out.  Port 443 apparently needs to be open.  Both firewall and Cisco router say they are not blocking any ports.  However, I ran cports to check and it said almost all ports were blocked, even 80!  Clearly wrong. This is really frustrating.  Thanks for your help.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:47 PM

Posted 03 March 2014 - 10:50 AM

Appears we have to get a deeper look inside as to what is going on.
Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 04 March 2014 - 08:50 AM

all went well, thanks.  I'm posting in the other forum as requested.  

 

Thanks!



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:47 PM

Posted 04 March 2014 - 10:53 AM

You're welcome!
http://www.bleepingcomputer.com/forums/t/526460/dropbox-i-e-do-not-connect;-skype-not-recognize-webcam;-cut-and-paste-not-fncn/#entry3305146
 
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 3 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users