Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

kryptik.bvve found by ESET


  • Please log in to reply
10 replies to this topic

#1 Dragonlady24

Dragonlady24

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:06:41 AM

Posted 24 April 2014 - 04:56 PM

I went to use my music program yesterday and was forced to update it. I downloaded the update from cnet like i normally would . I got a unwanted program called mobogenie that came with it and without my knowledge. I have removed mobogenie and all of its traces of it but it has left behind kryptik.bvve which corrupted my mp3rocket and i cannot get rid of the virus without removing the program apparently. 

 

update: i uninstalled the first program and scanned  the file after re-downloading. possible false positive because eset didn't find the virus after a clean install of the file.


Edited by Dragonlady24, 24 April 2014 - 10:31 PM.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:41 PM

Posted 25 April 2014 - 04:51 PM

ello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us
  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.
:step2:

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.
:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:06:41 AM

Posted 28 April 2014 - 08:49 PM

im sorry it took me so long to reply. I forgot about this topic.

 

 

 

20:56:59.0738 0x0a88  TDSS rootkit removing tool 3.0.0.33 Apr 24 2014 14:02:50
20:56:59.0738 0x0a88  UEFI system
20:57:04.0224 0x0a88  ============================================================
20:57:04.0224 0x0a88  Current date / time: 2014/04/28 20:57:04.0224
20:57:04.0224 0x0a88  SystemInfo:
20:57:04.0224 0x0a88  
20:57:04.0224 0x0a88  OS Version: 6.2.9200 ServicePack: 0.0
20:57:04.0224 0x0a88  Product type: Workstation
20:57:04.0224 0x0a88  ComputerName: ZEN
20:57:04.0225 0x0a88  UserName: Jody
20:57:04.0225 0x0a88  Windows directory: C:\windows
20:57:04.0225 0x0a88  System windows directory: C:\windows
20:57:04.0225 0x0a88  Running under WOW64
20:57:04.0225 0x0a88  Processor architecture: Intel x64
20:57:04.0225 0x0a88  Number of processors: 4
20:57:04.0225 0x0a88  Page size: 0x1000
20:57:04.0225 0x0a88  Boot type: Normal boot
20:57:04.0225 0x0a88  ============================================================
20:57:05.0053 0x0a88  KLMD registered as C:\windows\system32\drivers\28439446.sys
20:57:05.0370 0x0a88  System UUID: {8389C891-8578-D5FD-3F44-850F03384EFC}
20:57:07.0521 0x0a88  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:57:07.0542 0x0a88  ============================================================
20:57:07.0542 0x0a88  \Device\Harddisk0\DR0:
20:57:07.0542 0x0a88  GPT partitions:
20:57:07.0543 0x0a88  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B2A7E8D9-07AA-4DCE-ADED-4326E6902EFE}, Name: , StartLBA 0x800, BlocksNum 0x1F4000
20:57:07.0543 0x0a88  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6BBEB0AC-BF91-4BEB-B0BE-6A1D2CFC7F8A}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
20:57:07.0543 0x0a88  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {7BFA1598-7A13-4A19-896F-C2623FDC6A91}, Name: , StartLBA 0x276800, BlocksNum 0xFA000
20:57:07.0543 0x0a88  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {7C1B4C4A-FEB8-4E57-A9DF-B87DDB3AF521}, Name: Microsoft reserved partition, StartLBA 0x370800, BlocksNum 0x40000
20:57:07.0543 0x0a88  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8DF35EBA-E88E-4F8B-9E46-1F4449E98FD3}, Name: Basic data partition, StartLBA 0x3B0800, BlocksNum 0x36E52800
20:57:07.0543 0x0a88  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {50AB2C9C-3FB5-43ED-9B58-E6D5F8C8EDD5}, Name: , StartLBA 0x37203000, BlocksNum 0xAF000
20:57:07.0543 0x0a88  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {14ECAB35-47FF-4129-81A5-9AA1E6966EFF}, Name: , StartLBA 0x372B2000, BlocksNum 0x30D4000
20:57:07.0543 0x0a88  MBR partitions:
20:57:07.0543 0x0a88  ============================================================
20:57:07.0584 0x0a88  C: <-> \Device\Harddisk0\DR0\Partition5
20:57:07.0584 0x0a88  ============================================================
20:57:07.0584 0x0a88  Initialize success
20:57:07.0584 0x0a88  ============================================================
20:57:28.0105 0x1144  ============================================================
20:57:28.0105 0x1144  Scan started
20:57:28.0105 0x1144  Mode: Manual; SigCheck; TDLFS; 
20:57:28.0105 0x1144  ============================================================
20:57:28.0105 0x1144  KSN ping started
20:57:30.0647 0x1144  KSN ping finished: true
20:57:30.0905 0x1144  ================ Scan system memory ========================
20:57:30.0905 0x1144  System memory - ok
20:57:30.0907 0x1144  ================ Scan services =============================
20:57:31.0068 0x1144  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
20:57:31.0191 0x1144  1394ohci - ok
20:57:31.0204 0x1144  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\windows\system32\drivers\3ware.sys
20:57:31.0232 0x1144  3ware - ok
20:57:31.0258 0x1144  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\windows\system32\drivers\ACPI.sys
20:57:31.0303 0x1144  ACPI - ok
20:57:31.0316 0x1144  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\windows\system32\Drivers\acpiex.sys
20:57:31.0339 0x1144  acpiex - ok
20:57:31.0364 0x1144  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
20:57:31.0410 0x1144  acpipagr - ok
20:57:31.0419 0x1144  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
20:57:31.0452 0x1144  AcpiPmi - ok
20:57:31.0461 0x1144  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\windows\System32\drivers\acpitime.sys
20:57:31.0493 0x1144  acpitime - ok
20:57:31.0543 0x1144  [ 62B7936F9036DD6ED36E6A7EFA805DC0, C58EA1B46CB3595386C9217A7785F2A436916FB1E0BDC0E4BE484292C55AA455 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:57:31.0558 0x1144  AdobeARMservice - ok
20:57:31.0647 0x1144  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:57:31.0675 0x1144  AdobeFlashPlayerUpdateSvc - ok
20:57:31.0743 0x1144  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
20:57:31.0792 0x1144  adp94xx - ok
20:57:31.0815 0x1144  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\windows\system32\drivers\adpahci.sys
20:57:31.0855 0x1144  adpahci - ok
20:57:31.0872 0x1144  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\windows\system32\drivers\adpu320.sys
20:57:31.0902 0x1144  adpu320 - ok
20:57:31.0934 0x1144  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
20:57:31.0987 0x1144  AeLookupSvc - ok
20:57:32.0038 0x1144  [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD             C:\windows\system32\drivers\afd.sys
20:57:32.0115 0x1144  AFD - ok
20:57:32.0134 0x1144  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\windows\system32\drivers\agp440.sys
20:57:32.0158 0x1144  agp440 - ok
20:57:32.0187 0x1144  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\windows\System32\alg.exe
20:57:32.0252 0x1144  ALG - ok
20:57:32.0285 0x1144  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
20:57:32.0341 0x1144  AllUserInstallAgent - ok
20:57:32.0366 0x1144  [ 9990955369716346B23DA7E546B4C168, 7ED3A18E3BC4FD19EEF0C96B550D4793D457095CD3686833133D7818DB72A7A5 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
20:57:32.0449 0x1144  AMD External Events Utility - ok
20:57:32.0465 0x1144  AMD FUEL Service - ok
20:57:32.0485 0x1144  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\windows\System32\drivers\amdk8.sys
20:57:32.0548 0x1144  AmdK8 - ok
20:57:33.0101 0x1144  [ 26EE858127478C55840B80BA420270F6, 3745D397466E89A840B532890E75BC42FDA09727924613589362B0C315C6E5C7 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
20:57:33.0810 0x1144  amdkmdag - ok
20:57:33.0863 0x1144  [ E7A8A3E227E8A6142C476E46034C3543, D81685D397A80C7EAC7E340A14125B2FE841271CA2A7D21C3C968537654D36B9 ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
20:57:33.0935 0x1144  amdkmdap - ok
20:57:33.0947 0x1144  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
20:57:33.0979 0x1144  AmdPPM - ok
20:57:33.0990 0x1144  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\windows\system32\drivers\amdsata.sys
20:57:34.0013 0x1144  amdsata - ok
20:57:34.0032 0x1144  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
20:57:34.0066 0x1144  amdsbs - ok
20:57:34.0087 0x1144  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\windows\system32\drivers\amdxata.sys
20:57:34.0107 0x1144  amdxata - ok
20:57:34.0118 0x1144  [ 0E6F9683928F99DF16E0E7924E4807D9, D236F8BCC233370E86F6A474F7576601E10AEC5923B9ED168FEF6303228F940E ] amd_sata        C:\windows\system32\drivers\amd_sata.sys
20:57:34.0151 0x1144  amd_sata - ok
20:57:34.0160 0x1144  [ F9254DE6FA0A2782A4810726F2D677EF, C6FBDC24E48EE330D47C5A4726633207EE90B841D2A62900E1B2CDACAC7F2B58 ] amd_xata        C:\windows\system32\drivers\amd_xata.sys
20:57:34.0173 0x1144  amd_xata - ok
20:57:34.0184 0x1144  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\windows\system32\drivers\appid.sys
20:57:34.0242 0x1144  AppID - ok
20:57:34.0269 0x1144  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\windows\System32\appidsvc.dll
20:57:34.0325 0x1144  AppIDSvc - ok
20:57:34.0344 0x1144  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\windows\System32\appinfo.dll
20:57:34.0389 0x1144  Appinfo - ok
20:57:34.0422 0x1144  [ FE62EDC3C804974E6CECB471E1E80EF6, D2C293645BECF1153D94DA41632DBE5852DCA32124B01F047AB5E6887742DA41 ] APXACC          C:\windows\system32\DRIVERS\appexDrv.sys
20:57:34.0446 0x1144  APXACC - ok
20:57:34.0464 0x1144  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\windows\system32\drivers\arc.sys
20:57:34.0490 0x1144  arc - ok
20:57:34.0513 0x1144  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\windows\system32\drivers\arcsas.sys
20:57:34.0538 0x1144  arcsas - ok
20:57:34.0548 0x1144  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
20:57:34.0587 0x1144  AsyncMac - ok
20:57:34.0597 0x1144  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\windows\system32\drivers\atapi.sys
20:57:34.0617 0x1144  atapi - ok
20:57:34.0822 0x1144  [ 221F28472FB210E2D4A7B4488BC798F9, 1AB0224EBA40E3CA1347AAB571FE40D744F1F67851C660F9F25C5FEA1EF155C1 ] athr            C:\windows\system32\DRIVERS\athw8x.sys
20:57:35.0092 0x1144  athr - ok
20:57:35.0110 0x1144  [ 005D1AA28FFAA7FB327842B3CAFF726E, F61DC6DE76699DFED378ED96F87019F6DFAC1697AA86679556700D43581DDE61 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW86.sys
20:57:35.0150 0x1144  AtiHDAudioService - ok
20:57:35.0210 0x1144  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
20:57:35.0292 0x1144  AudioEndpointBuilder - ok
20:57:35.0356 0x1144  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\windows\System32\Audiosrv.dll
20:57:35.0451 0x1144  Audiosrv - ok

Edited by Dragonlady24, 28 April 2014 - 09:04 PM.


#4 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:06:41 AM

Posted 28 April 2014 - 09:09 PM

my computer is a Lenovo with 4 gb ram, windows 8 64 bit home edition. 



#5 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:06:41 AM

Posted 28 April 2014 - 09:21 PM

# AdwCleaner v3.205 - Report created 28/04/2014 at 21:18:08
# Updated 28/04/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Jody - ZEN
# Running from : C:\Users\Jody\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found : C:\Users\Jody\AppData\Local\Pokki
Folder Found : C:\Users\Public\Pokki
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Found : HKCU\Software\Classes\Directory\shell\pokki
Key Found : HKCU\Software\Classes\Drive\shell\pokki
Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Found : HKCU\Software\Pokki
Key Found : [x64] HKCU\Software\Pokki
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
 
*************************
 
AdwCleaner[R2].txt - [1632 octets] - [24/04/2014 15:15:10]
AdwCleaner[R3].txt - [1188 octets] - [28/04/2014 21:18:08]
AdwCleaner[S1].txt - [1768 octets] - [24/04/2014 15:17:31]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1308 octets] ##########
 info you will need to know. Pokki is my start menu and cannot be removed or my computer will not work. I have tried it in the past and i believe adwcleaner is reading it as a false positive.


#6 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:06:41 AM

Posted 28 April 2014 - 09:23 PM

Farbar Service Scanner Version: 25-02-2014
Ran by Jody (administrator) on 28-04-2014 at 21:22:21
Running from "C:\Users\Jody\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2013-12-14 14:17] - [2013-09-03 22:11] - 0576512 ____A (Microsoft Corporation) 7C0E0EDF18D6CC565D7BFBB451709FA5
 
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2014-04-15 19:39] - [2014-01-26 22:42] - 2232664 ____A (Microsoft Corporation) B23882881EFD9404B62993906BC38709
 
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2013-12-27 16:22] - [2013-10-31 00:56] - 0915968 ____A (Microsoft Corporation) 9DE3341BD4E14BC5FADFCAD3019F2D0D
 
C:\Windows\System32\bfe.dll
[2013-12-14 14:16] - [2013-10-10 04:20] - 0723968 ____A (Microsoft Corporation) 53AA55632B94622F2DC3695E86EF9363
 
C:\Windows\System32\drivers\mpsdrv.sys
[2013-12-27 16:22] - [2013-10-30 22:42] - 0074752 ____A (Microsoft Corporation) 4CCBBD4944777CA100B9A6C2F149A46F
 
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2013-12-14 14:17] - [2013-10-08 17:27] - 3279872 ____A (Microsoft Corporation) 311E5E1976E0BD9110A88B93158055D5
 
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2014-03-13 10:36] - [2013-10-24 17:34] - 1571328 ____A (Microsoft Corporation) 8077537B1600AF493E7EE1A7A5C90799
 
C:\Program Files\Windows Defender\MsMpEng.exe
[2014-03-13 10:36] - [2013-10-25 02:34] - 0016048 ____A (Microsoft Corporation) 0BB1CEE3514CE93A0A4E6376A9038EFF
 
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#7 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:06:41 AM

Posted 28 April 2014 - 09:29 PM

has been removed.


Edited by Dragonlady24, 29 April 2014 - 05:04 PM.


#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:41 PM

Posted 29 April 2014 - 04:02 PM

Hi

 

Please do the following next:

 

:step1:

 

The TDSSkiller log you posted is incomplete. Please copy the full contents and include it in your next reply.

 

 

:step2:

 

You have posted the FSS log twice, and forgot to include the Minitoolbox log (result.txt). Please include this in your next reply.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:06:41 AM

Posted 29 April 2014 - 05:01 PM

that is all there was in the log for tdss. Please close this topic. the problem has been solved. 



#10 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:06:41 AM

Posted 29 April 2014 - 05:04 PM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Jody (administrator) on 29-04-2014 at 17:03:03
Running from "C:\Users\Jody\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
RangeMax Wireless-N USB Adapter WN111v2 = Wi-Fi 2 (Connected)
Qualcomm Atheros AR9485 Wireless Network Adapter = Wi-Fi (Media disconnected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : zen
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wi-Fi 2:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : RangeMax Wireless-N USB Adapter WN111v2
   Physical Address. . . . . . . . . : 00-26-F2-A6-40-14
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8ba:41a3:dc37:1980%19(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, April 29, 2014 4:54:30 PM
   Lease Expires . . . . . . . . . . : Wednesday, April 30, 2014 4:54:30 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 620766962
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-BF-36-F8-74-27-EA-C8-76-74
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 1E-85-56-85-E7-29
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 74-27-EA-C8-76-74
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485 Wireless Network Adapter
   Physical Address. . . . . . . . . : BC-85-56-85-E7-29
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{7D0D2C61-1B1B-46C4-8F41-73DA85022C4A}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3cfe:3b38:3f57:fefb(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3cfe:3b38:3f57:fefb%18(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4009:800::1007
 173.194.46.65
 173.194.46.67
 173.194.46.71
 173.194.46.66
 173.194.46.78
 173.194.46.68
 173.194.46.69
 173.194.46.72
 173.194.46.64
 173.194.46.73
 173.194.46.70
 
 
Pinging google.com [74.125.225.67] with 32 bytes of data:
Reply from 74.125.225.67: bytes=32 time=33ms TTL=45
Reply from 74.125.225.67: bytes=32 time=32ms TTL=45
 
Ping statistics for 74.125.225.67:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 32ms, Maximum = 33ms, Average = 32ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=63ms TTL=40
Reply from 98.139.183.24: bytes=32 time=63ms TTL=40
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 63ms, Maximum = 63ms, Average = 63ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 19...00 26 f2 a6 40 14 ......RangeMax Wireless-N USB Adapter WN111v2
 14...1e 85 56 85 e7 29 ......Microsoft Wi-Fi Direct Virtual Adapter
 13...74 27 ea c8 76 74 ......Realtek PCIe FE Family Controller
 12...bc 85 56 85 e7 29 ......Qualcomm Atheros AR9485 Wireless Network Adapter
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.4     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.4    281
      192.168.1.4  255.255.255.255         On-link       192.168.1.4    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.4    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.4    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.4    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 18    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 18    306 2001::/32                On-link
 18    306 2001:0:5ef5:79fd:3cfe:3b38:3f57:fefb/128
                                    On-link
 19    281 fe80::/64                On-link
 18    306 fe80::/64                On-link
 19    281 fe80::8ba:41a3:dc37:1980/128
                                    On-link
 18    306 fe80::3cfe:3b38:3f57:fefb/128
                                    On-link
  1    306 ff00::/8                 On-link
 18    306 ff00::/8                 On-link
 19    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/28/2014 09:16:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (04/28/2014 08:57:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: tdsskiller.exe, version: 3.0.0.33, time stamp: 0x5358e167
Faulting module name: tdsskiller.exe, version: 3.0.0.33, time stamp: 0x5358e167
Exception code: 0x40000015
Fault offset: 0x0013c6af
Faulting process id: 0xaa8
Faulting application start time: 0xtdsskiller.exe0
Faulting application path: tdsskiller.exe1
Faulting module path: tdsskiller.exe2
Report Id: tdsskiller.exe3
Faulting package full name: tdsskiller.exe4
Faulting package-relative application ID: tdsskiller.exe5
 
Error: (04/26/2014 08:02:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (04/26/2014 08:00:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (04/24/2014 06:12:54 PM) (Source: Application Hang) (User: )
Description: The program Skype.exe version 6.14.0.104 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1174
 
Start Time: 01cf60099a979c8f
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
 
Report Id: f610a434-cc05-11e3-bf01-7427eac87674
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (04/24/2014 05:05:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: java.exe, version: 7.0.510.13, time stamp: 0x52b26621
Faulting module name: jvm.dll, version: 24.51.0.3, time stamp: 0x52b27d88
Exception code: 0xc000041d
Fault offset: 0x000cc12b
Faulting process id: 0xa08
Faulting application start time: 0xjava.exe0
Faulting application path: java.exe1
Faulting module path: java.exe2
Report Id: java.exe3
Faulting package full name: java.exe4
Faulting package-relative application ID: java.exe5
 
Error: (04/24/2014 05:05:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: java.exe, version: 7.0.510.13, time stamp: 0x52b26621
Faulting module name: jvm.dll, version: 24.51.0.3, time stamp: 0x52b27d88
Exception code: 0xc0000005
Fault offset: 0x000cc12b
Faulting process id: 0xa08
Faulting application start time: 0xjava.exe0
Faulting application path: java.exe1
Faulting module path: java.exe2
Report Id: java.exe3
Faulting package full name: java.exe4
Faulting package-relative application ID: java.exe5
 
 
System errors:
=============
Error: (04/28/2014 01:32:45 PM) (Source: DCOM) (User: zen)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}zenJodyS-1-5-21-960929560-112923415-1782281474-1002LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/26/2014 02:29:01 PM) (Source: DCOM) (User: zen)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}zenJodyS-1-5-21-960929560-112923415-1782281474-1002LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/26/2014 02:29:00 PM) (Source: DCOM) (User: zen)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}zenJodyS-1-5-21-960929560-112923415-1782281474-1002LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/24/2014 03:29:44 PM) (Source: Service Control Manager) (User: )
Description: The JME Keyboard Driver service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (04/28/2014 09:16:34 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Jody\Downloads\esetsmartinstaller_enu.exe
 
Error: (04/28/2014 08:57:35 PM) (Source: Application Error)(User: )
Description: tdsskiller.exe3.0.0.335358e167tdsskiller.exe3.0.0.335358e167400000150013c6afaa801cf634e4e2aa705C:\Users\Jody\Downloads\tdsskiller.exeC:\Users\Jody\Downloads\tdsskiller.exea1ff03d7-cf41-11e3-bf04-7427eac87674
 
Error: (04/26/2014 08:02:56 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (04/26/2014 08:00:46 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (04/24/2014 06:12:54 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.14.0.104117401cf60099a979c8f4294967295C:\Program Files (x86)\Skype\Phone\Skype.exef610a434-cc05-11e3-bf01-7427eac87674
 
Error: (04/24/2014 05:05:04 PM) (Source: Application Error)(User: )
Description: java.exe7.0.510.1352b26621jvm.dll24.51.0.352b27d88c000041d000cc12ba0801cf600935b2483dC:\Program Files (x86)\Java\jre7\bin\java.exeC:\Program Files (x86)\Java\jre7\bin\client\jvm.dll7c9dea36-cbfc-11e3-bf01-7427eac87674
 
Error: (04/24/2014 05:05:03 PM) (Source: Application Error)(User: )
Description: java.exe7.0.510.1352b26621jvm.dll24.51.0.352b27d88c0000005000cc12ba0801cf600935b2483dC:\Program Files (x86)\Java\jre7\bin\java.exeC:\Program Files (x86)\Java\jre7\bin\client\jvm.dll7bf04b63-cbfc-11e3-bf01-7427eac87674
 
 
=========================== Installed Programs ============================
 
Adobe AIR (Version: 13.0.0.83)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 12.0 (Version: 12.0.7.148)
AMD Accelerated Video Transcoding (Version: 12.10.100.30418)
AMD APP SDK Runtime (Version: 10.0.1124.2)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Fuel (Version: 2013.0418.1206.19803)
AMD Quick Stream (Version: 3.4.4.0)
AMD VISION Engine Control Center (Version: 2013.0418.1206.19803)
CameraHelperMsi (Version: 13.51.815.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center InstallProxy (Version: 2013.0418.1206.19803)
Catalyst Control Center Localization All (Version: 2013.0418.1206.19803)
Catalyst Control Center Profiles Desktop (Version: 2013.0418.1206.19803)
CCC Help Chinese Standard (Version: 2013.0418.1205.19803)
CCC Help Chinese Traditional (Version: 2013.0418.1205.19803)
CCC Help Czech (Version: 2013.0418.1205.19803)
CCC Help Danish (Version: 2013.0418.1205.19803)
CCC Help Dutch (Version: 2013.0418.1205.19803)
CCC Help English (Version: 2013.0418.1205.19803)
CCC Help Finnish (Version: 2013.0418.1205.19803)
CCC Help French (Version: 2013.0418.1205.19803)
CCC Help German (Version: 2013.0418.1205.19803)
CCC Help Greek (Version: 2013.0418.1205.19803)
CCC Help Hungarian (Version: 2013.0418.1205.19803)
CCC Help Italian (Version: 2013.0418.1205.19803)
CCC Help Japanese (Version: 2013.0418.1205.19803)
CCC Help Korean (Version: 2013.0418.1205.19803)
CCC Help Norwegian (Version: 2013.0418.1205.19803)
CCC Help Polish (Version: 2013.0418.1205.19803)
CCC Help Portuguese (Version: 2013.0418.1205.19803)
CCC Help Russian (Version: 2013.0418.1205.19803)
CCC Help Spanish (Version: 2013.0418.1205.19803)
CCC Help Swedish (Version: 2013.0418.1205.19803)
CCC Help Thai (Version: 2013.0418.1205.19803)
CCC Help Turkish (Version: 2013.0418.1205.19803)
ccc-utility64 (Version: 2013.0418.1206.19803)
CCleaner (Version: 4.09)
Comodo Dragon (Version: 33.0.0.0)
CoS Arkadia Micro-client Launcher (Version: 2.0.0.0)
CyberLink PhotoDirector 3 (Version: 3.0.1.4107)
CyberLink PowerDirector 10 (Version: 10.0.0.2810)
D3DX10 (Version: 15.4.2368.0902)
Driver & Application Installation (Version: 6.12.0911)
Dropbox (Version: 2.6.2)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
Intel AppUp(SM) center (Version: 3.6.1.33057.10)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 16.4.3508.0205)
Lenovo Assistant (Version: 2.0.0.29)
Lenovo Blacksilk USB Keyboard Driver (Version: V1.4.11.0608)
Lenovo Photos (Version: 4.8.5)
Lenovo Power2Go (Version: 6.0.7408)
Lenovo PowerDVD10 (Version: 10.0.5108.52)
Lenovo Rescue System (Version: 4.0.0.1511)
Lenovo Solution Center (Version: 2.0.013.00)
Lenovo_Wireless_Driver (Version: 10.00.209)
Logitech Webcam Software (Version: 2.80)
LVT (Version: 5.00.0914)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.51.827.0)
LWS Help_main (Version: 13.51.828.0)
LWS Launcher (Version: 13.51.828.0)
LWS Motion Detection (Version: 13.51.815.0)
LWS Pictures And Video (Version: 13.51.815.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Webcam Software (Version: 13.51.815.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (Version: 15.0.4454.1510)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Movie Maker (Version: 16.4.3508.0205)
MP3 Rocket (Version: 6.4.7)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Photo Gallery (Version: 16.4.3508.0205)
Pokki (Version: 0.267.1.208)
Realtek Ethernet Controller Driver (Version: 8.7.1025.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6864)
Realtek USB 2.0 Card Reader (Version: 6.1.8400.39030)
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701)
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 6.14 (Version: 6.14.104)
Spotify (Version: 0.9.8.296.g91f68827)
SugarSync Manager (Version: 1.9.61.90905)
swMSM (Version: 12.0.0.1)
Unity Web Player (Version: )
Windows Live Communications Platform (Version: 16.4.3508.0205)
Windows Live Essentials (Version: 16.4.3508.0205)
Windows Live Installer (Version: 16.4.3508.0205)
Windows Live Mail (Version: 16.4.3508.0205)
Windows Live Messenger (Version: 16.4.3508.0205)
Windows Live MIME IFilter (Version: 16.4.3508.0205)
Windows Live Photo Common (Version: 16.4.3508.0205)
Windows Live PIMT Platform (Version: 16.4.3508.0205)
Windows Live SOXE (Version: 16.4.3508.0205)
Windows Live SOXE Definitions (Version: 16.4.3508.0205)
Windows Live UX Platform (Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205)
Windows Live Writer (Version: 16.4.3508.0205)
Windows Live Writer Resources (Version: 16.4.3508.0205)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 44%
Total physical RAM: 3503.02 MB
Available physical RAM: 1954.53 MB
Total Pagefile: 7087.02 MB
Available Pagefile: 5178.11 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.14 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows8_OS) (Fixed) (Total:439.16 GB) (Free:388.05 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ZEN
 
Administrator            Guest                    Jody                     
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
10-04-2014 18:55:44 Windows Update
16-04-2014 01:59:11 Windows Update
24-04-2014 22:28:11 Windows Update
29-04-2014 01:11:59 Windows Update
 
**** End of log ****


#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:41 PM

Posted 29 April 2014 - 05:06 PM

that is all there was in the log for tdss. Please close this topic. the problem has been solved. 

Ok thanks for letting us know :)


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users