Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tuvaro/ www-search.net redirect in Chrome


  • Please log in to reply
12 replies to this topic

#1 biffgunderson

biffgunderson

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 12 August 2014 - 07:52 AM

I'm having an issue similar to this thread:

http://www.bleepingcomputer.com/forums/t/528423/tuvaro-www-searchnet-redirect-in-chrome-ff-ie/

 

Some free software I downloaded sneaked in some adware/malware/junkware/whatever-the-right term-is that causes all my browsers to go to "www-search.net/search/..." upon open of a new tab or launch of the browser. After my uninstallation efforts the program no longer appears to exist (isn't in the add/remove programs list anymore), but its most annoying feature remains.

 

Things I have tried:

(1) Removing the program causing the redirect via "Control Panel\Programs\Programs and Features"

(2) Downloading Revo Uninstaller pro and removing the program

(3) Shutting down all browsers, detecting via Malware Bytes anti-Malware, quarantining all infected items, restarting CPU.

(4) Downloading Revo Uninstaller pro and removing the program

(5) Uninstalling Google Chrome

(6) Downloading "sc-cleaner.exe" from this website and removing infected shortcuts.

(7) Various combinations of 1-7.

 

I have gotten to the point where running "sc-cleaner.exe" turns up 0 results and running Malware Bytes turns up 0 infected items. Then upon opening Internet Explorer my browser goes to my desired home page (Google.com). However, when I right-click on IE in the task bar to open a new Window, the new window redirects to the aforementioned "www-search.net/search/...", at which point all the infected items seem to come back (i.e., shortcut cleaner starts picking up results again & Malware starts turning up infected items again.

 

HELP PLEASE!


Edited by hamluis, 12 August 2014 - 09:01 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 12 August 2014 - 09:55 AM

Hi biffgunderson and :welcome:

May be Malwarebytes is not enough.Paste the log here where detection was.

How to open the log:
Open MalwareBytes Anti-Malware and then click on History
On the left column, select Application Logs. Select the most recent log among the list, it is usually the one on the top (or sort by date) and open it.
Go to the bottom left corner to Export and select Text File (*.txt)
Save it to the desktop

 

The log of sc-cleaner is on the desktop.

 

Download Screen317 Security Check HERE and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do so

Please download MiniToolBox HERE to your desktop to run it.
Checkmark the following boxes:
* List content of Hosts
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (do NOT change any settings here)
* List Users, Partitions and Memory size
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and Copy / Paste the result. (result.txt)

 

Please download Farbar Service Scanner (FSS) HERE and run it on the computer with the issue.

    Make sure the following options are checked:
        Internet Services
        Windows Firewall
        System Restore
        Security Center/Action Center
        Windows Update
        Windows Defender
        Other Services
    Press "Scan".
    It will create a log (FSS.txt) in the same directory the tool is run.
    Please copy and paste the log to your reply.

 

Thank you!



#3 biffgunderson

biffgunderson
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 12 August 2014 - 10:15 AM

Ok, here they are:

 

sc-cleaner.txt:

 

Shortcut Cleaner 1.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 http://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 7 Enterprise Service Pack 1
Program started at: 08/12/2014 10:05:51 AM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\jared.doom\AppData\Roaming\Microsoft\Windows\Start Menu\

  * Shortcut Cleaned: C:\Users\jared.doom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www-search.net/?s=E8Ayobryu02482,c7f16f18-2324-4b2e-8d20-1e42f8f39b5c,&pi=1

  * Shortcut Cleaned: C:\Users\jared.doom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www-search.net/?s=E8Ayobryu02482,c7f16f18-2324-4b2e-8d20-1e42f8f39b5c,&pi=1

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\jared.doom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

  * Shortcut Cleaned: C:\Users\jared.doom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www-search.net/?s=E8Ayobryu02482,c7f16f18-2324-4b2e-8d20-1e42f8f39b5c,&pi=1

Searching C:\Users\Public\Desktop\

Searching C:\Users\jared.doom\Desktop


3 bad shortcuts found.

Program finished at: 08/12/2014 10:05:52 AM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

 

 

malware log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/12/2014
Scan Time: 10:02:27 AM
Logfile: malware log 2014-08-12.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.12.05
Rootkit Database: v2014.08.04.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: jared.doom

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 393220
Time Elapsed: 2 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.SearchNet, HKU\S-1-5-21-2660683129-3636505375-3381148637-50977-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}, , [40759b2a9be0b482ed5e0e595aa87090],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

SecurityCheck log:

 

Results of screen317's Security Check version 0.99.86 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
System Center Endpoint Protection  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 65 
 Adobe Flash Player 14.0.0.145 
 Adobe Reader XI 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 9%
````````````````````End of Log``````````````````````

 

MiniToolBox log:

 

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by jared.doom (administrator) on 12-08-2014 at 10:12:36
Running from "C:\Users\jared.doom\Desktop"
Microsoft Windows 7 Enterprise  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/12/2014 07:25:43 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/12/2014 07:22:28 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {703a02c1-73b1-4be1-9a19-2361da07cf2c}

Error: (08/12/2014 07:14:08 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/12/2014 07:01:45 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/12/2014 06:27:48 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {bdea4257-b065-44bf-9faf-e53c0339f099}

Error: (08/12/2014 06:24:14 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/11/2014 09:59:52 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {598dbbfd-25d9-425a-8844-b71de8829f98}

Error: (08/11/2014 09:55:17 PM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/11/2014 09:47:38 PM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/11/2014 10:01:37 AM) (Source: dwmrcs) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10049
System Message: The requested address is not valid in its context.

 (srv 64 bit)


System errors:
=============
Error: (08/12/2014 07:25:38 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Error: (08/12/2014 07:25:36 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ROOT_MILLIMAN due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.

 

ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (08/12/2014 07:14:02 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Error: (08/12/2014 07:14:01 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ROOT_MILLIMAN due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.

 

ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (08/12/2014 07:01:40 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Error: (08/12/2014 07:01:38 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ROOT_MILLIMAN due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.

 

ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (08/12/2014 06:24:08 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Error: (08/12/2014 06:24:06 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ROOT_MILLIMAN due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.

 

ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (08/11/2014 09:55:00 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Error: (08/11/2014 09:54:58 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ROOT_MILLIMAN due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.

 

ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.


Microsoft Office Sessions:
=========================
Error: (08/12/2014 07:25:43 AM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2014 07:22:28 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {703a02c1-73b1-4be1-9a19-2361da07cf2c}

Error: (08/12/2014 07:14:08 AM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2014 07:01:45 AM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2014 06:27:48 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {bdea4257-b065-44bf-9faf-e53c0339f099}

Error: (08/12/2014 06:24:14 AM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2014 09:59:52 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {598dbbfd-25d9-425a-8844-b71de8829f98}

Error: (08/11/2014 09:55:17 PM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2014 09:47:38 PM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2014 10:01:37 AM) (Source: dwmrcs)(User: )
Description: DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10049
System Message: The requested address is not valid in its context.

 (srv 64 bit)


CodeIntegrity Errors:
===================================
  Date: 2014-08-04 21:33:44.511
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Configuration Manager Client (Version: 5.00.7804.1000 - Microsoft Corporation) Hidden
DameWare Development Mirror Driver 64 Uninstall (HKLM\...\DamewareMirror) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{043645C8-48EC-458F-B9BD-9C8F15CEF6F7}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version:  - Microsoft)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
harmon.ie (HKLM\...\{3D41CA14-5F62-4451-B6DE-3F36CEAAB5E4}) (Version: 4.1.4108 - harmon.ie)
HP Photosmart Plus B209a-m All-in-One Driver 14.0 Rel. 6 (HKLM\...\{B2DAB009-8236-48A0-AD7F-E940F5AB1578}) (Version: 14.0 - HP)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.28 - SunplusIT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 19.0 - Intel)
Intel® PRO/Wireless Driver (Version: 16.06.2000.0671 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.06.0000.0280 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 8.0.3.30597 - Juniper Networks)
Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 8.0.3.44471 - Juniper Networks)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Terminal Services Client (HKCU\...\Juniper_Term_Services) (Version: 8.0.3.30597 - Juniper Networks)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.05.0009 - Lenovo)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DirectAccess Connectivity Assistant (HKLM-x32\...\{FA94B45B-B0FB-490E-A17D-33CE102F229F}) (Version: 1.5.10100 - Microsoft Corporation)
Microsoft Endpoint Protection Management Components (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Forefront Endpoint Protection 2010 Server Management (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Policy Platform (Version: 1.2.3602.0 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Milliman Outlook Ribbon Bar (HKLM\...\{2DDB63F2-72DD-4A89-9A2E-E8F2A371D920}) (Version: 1.2.0 - EMC Consulting)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.33.00 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.64.2 - Lenovo Group Limited)
PS_AIO_06_B209a-m_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 2.5.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.9 - VS Revo Group, Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
System Center Endpoint Protection (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
TextPad 7 (HKLM-x32\...\{9F53AC20-2D32-4341-9DA1-29DD40E2199E}) (Version: 7.0.9 - Helios)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.12.60 - )
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.11 - Lenovo)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{17815BC8-062D-49BE-B40C-B54149C85CE3}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9F71CF8-8310-4EFC-869F-47BC0FEE269D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{324703B5-6765-489D-9B9B-B082D34F882E}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{1BABB09A-AB4C-427F-B23C-76A278737988}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Windows Firewall Configuration Provider (HKLM\...\{109A5A16-E09E-4B82-A784-D1780F1190D6}) (Version: 1.2.3412.0 - Microsoft Corporation)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )

========================= Devices: ================================

Name: HP LaserJet Professional P1102w
Description: HP LaserJet Professional P1102w
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet Professional P1102w
Description: HP LaserJet Professional P1102w
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P3010 Series
Description: HP LaserJet P3010 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P3010 Series
Description: HP LaserJet P3010 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P3010 Series
Description: HP LaserJet P3010 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet 600 M603
Description: HP LaserJet 600 M603
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P3010 Series
Description: HP LaserJet P3010 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet 600 M603
Description: HP LaserJet 600 M603
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet 600 M603
Description: HP LaserJet 600 M603
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P3010 Series
Description: HP LaserJet P3010 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P3010 Series
Description: HP LaserJet P3010 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet 600 M603
Description: HP LaserJet 600 M603
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet 600 M603
Description: HP LaserJet 600 M603
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P3010 Series
Description: HP LaserJet P3010 Series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet 600 M603
Description: HP LaserJet 600 M603
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P4515
Description: HP LaserJet P4515
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet 400 color M451nw
Description: HP LaserJet 400 color M451nw
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P3010 Series
Description: HP LaserJet P3010 Series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 16068.91 MB
Available physical RAM: 12917.14 MB
Total Pagefile: 32136 MB
Available Pagefile: 28655.07 MB
Total Virtual: 4095.88 MB
Available Virtual: 3980.42 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:238.13 GB) (Free:151.07 GB) NTFS

========================= Users: ========================================

User accounts for \\MILWH-T540P-JJD

Administrator            Guest                   


**** End of log ****

 

FSS Log:

 

Farbar Service Scanner Version: 21-07-2014
Ran by jared.doom (administrator) on 12-08-2014 at 10:14:40
Running from "C:\Users\jared.doom\Desktop"
Microsoft Windows 7 Enterprise  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 



#4 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 12 August 2014 - 01:02 PM

Please download AdwCleaner by Xplode HERE onto your desktop.

    Close all open programs and internet browsers.
    Double click on AdwCleaner.exe to run the tool.
    Click on Scan.
    After the scan is complete click on "Clean"
    Confirm each time with Ok.
    Your computer will be rebooted automatically. A text file will open after the restart.
    Please post the content of that logfile with your next answer.
    You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool HERE to your desktop.

    Shut down your protection software now to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    Post the contents of JRT.txt into your next message.

 

Start AdwCleaner and click Uninstall and will disappear.

 

Download Delfix HERE to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

    Activate UAC (optional; some users prefer to keep it off)
    Remove disinfection tools
    Create registry backup
    Purge System Restore
    Reset system settings


Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

 

Download HitmanPro x64 HERE from onto your desktop.

Double-click on the file named HitmanPro.exe.It will be updated.When the program starts you will be presented with the start screen.Click on the Next button.Accept to store a copy of the program to your computer and click Next and it will start to scan.
When it has finished it will display a list of all the malware that the program found.Below next to button buy now is option Save log.Save it to your desktop and paste it here.

 

Do you have any other problems.

Also reinstall DirectX 11http://www.microsoft.com/en-us/download/details.aspx?id=8109

 

I think there must be more components from Nvidia.Install latest driver according your videocard.

http://www.nvidia.com/Download/index.aspx

 

Thank you!



#5 Grimmskld

Grimmskld

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mass
  • Local time:12:31 AM

Posted 12 August 2014 - 01:11 PM

Did the advice fix the issue?



#6 biffgunderson

biffgunderson
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 12 August 2014 - 09:25 PM

AdwCleaner log;

# AdwCleaner v3.304 - Report created 12/08/2014 at 20:53:20

# Updated 08/08/2014 by Xplode

# Operating System : Windows 7 Enterprise Service Pack 1 (64 bits)

# Username : jared.doom - MILWH-T540P-JJD

# Running from : C:\Users\jared.doom\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

Service Deleted : SMUpd

Service Deleted : SMUpdd

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\SearchModule

Folder Deleted : C:\Users\Public\Documents\Goobzo

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

Shortcut Disinfected : C:\Users\jared.doom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

Shortcut Disinfected : C:\Users\jared.doom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

Shortcut Disinfected : C:\Users\jared.doom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

 

***** [ Registry ] *****

 

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Key Deleted : HKCU\Software\Goobzo

Key Deleted : HKLM\Software\Goobzo

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.17028

 

 

-\\ Google Chrome v

 

*************************

 

AdwCleaner[R0].txt - [1930 octets] - [12/08/2014 20:47:32]

AdwCleaner[S0].txt - [1467 octets] - [12/08/2014 20:53:20]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1527 octets] ##########

Junkware Removal Tool log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Enterprise x64

Ran by jared.doom on Tue 08/12/2014 at 20:57:44.34

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 08/12/2014 at 21:01:19.66

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

HitmanPro x64 log:

HitmanPro 3.7.9.221
www.hitmanpro.com
 
   Computer name . . . . : MILWH-T540P-JJD
   Windows . . . . . . . : 6.1.1.7601.X64/8
   User name . . . . . . : ROOT_MILLIMAN\jared.doom
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2014-08-12 21:06:18
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 0s
   Disk access mode  . . : Direct disk access (FsdHigh)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 1
   Traces  . . . . . . . : 1
 
   Objects scanned . . . : 1,327,625
   Files scanned . . . . : 16,226
   Remnants scanned  . . : 175,047 files / 1,136,352 keys
 
Malware _____________________________________________________________________
 
   C:\Users\jared.doom\AppData\Local\Temp\SAINST\updater.exe
      Size . . . . . . . : 727,040 bytes
      Age  . . . . . . . : 2.3 days (2014-08-10 14:46:05)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : D2473D2E0026D7ACDBD743075015D8F3C40B6B3F740088DF71298679AD75C4A0
      Product  . . . . . : Update Helper
      Publisher  . . . . : Goobzo
      Description  . . . : Update Helper
      Version  . . . . . : 1.1.0.0
      Copyright  . . . . : Copyright (C) 2014
      LanguageID . . . . : 1033
    > Bitdefender  . . . : Gen:Trojan.Heur.TP.Su0@bqNBY0li
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
         -60.3s C:\Users\jared.doom\AppData\Local\Temp\dlm771B.tmp\
         -60.2s C:\Users\jared.doom\AppData\Local\Temp\dlm771B.tmp\dlmGryRgt.png
         -60.2s C:\Users\jared.doom\AppData\Local\Temp\dlm771B.tmp\dlmGryTop.png
         -60.2s C:\Users\jared.doom\AppData\Local\Temp\dlm771B.tmp\dlmbg.png
         -60.2s C:\Users\jared.doom\AppData\Local\Temp\dlm771B.tmp\dlmGryLft.png
         -60.2s C:\Users\jared.doom\AppData\Local\Temp\dlm771B.tmp\dlmDlLogo.png
         -60.2s C:\Users\jared.doom\AppData\Local\Temp\dlm771B.tmp\checkmark.png
         -60.1s C:\Users\jared.doom\AppData\Local\Temp\dlm771B.tmp\MKT-3439_banner_CNET_v4_1.jpg
         -60.1s C:\Users\jared.doom\AppData\Local\Temp\dlm771B.tmp\1x1.gif
         -60.1s C:\Users\jared.doom\AppData\Local\Temp\dlm771B.tmp\dlmGryBtm.png
         -60.1s C:\Users\jared.doom\AppData\Local\Temp\dlm771B.tmp\iconimg_35279.png
         -40.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{2385AED0-10B4-49E2-A7BF-4BBE52F47F3F}
         -40.0s C:\Users\jared.doom\AppData\Local\Temp\914076999250\
         -40.0s C:\Users\jared.doom\AppData\Local\Temp\91407699925\
         -39.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\26\74EA6D21F8C75052.dat
         -39.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{90D4E6ED-4771-41A3-AAFD-8A2C7F67067A}
         -25.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{BCC47E28-26F0-487B-85B8-B41679E6BFEE}
         -25.4s C:\Users\jared.doom\AppData\Local\Temp\Install_18916\
         -25.4s C:\Users\jared.doom\AppData\Local\CrashRpt\UnsentCrashReports\YTDi 1.0.0.1_1.0.0.1\
         -25.4s C:\Users\jared.doom\AppData\Local\CrashRpt\UnsentCrashReports\
         -25.4s C:\Users\jared.doom\AppData\Local\CrashRpt\
         -25.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{2F151767-8520-49B3-9BBD-FB8957467D0B}
         -25.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{2F151767-8520-49B3-9BBD-FB8957467D0B}
         -24.7s C:\Users\jared.doom\AppData\Local\Temp\Install_18916\yta.exe
         -24.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\02\70CD53D1419EC986.dat
         -24.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\02\70CD53D1419EC986.dat
         -24.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\02\70CD53D1419EC986.dat
         -20.1s C:\Users\jared.doom\AppData\Local\Temp\91407699925\1_Offer_450.exe
         -20.1s C:\Users\jared.doom\AppData\Local\Temp\91407699925\1_Offer_450.exe
         -20.1s C:\Users\jared.doom\AppData\Local\Temp\91407699925\1_Offer_450.exe
         -16.6s C:\Users\jared.doom\AppData\Local\Temp\91407699925\1_Offer_19.exe
         -9.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{58F97B98-04E7-495D-B5C1-35A2E9444577}
         -9.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038BD4D7-8465-4723-B16D-44C627D90DD9}
         -9.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038BD4D7-8465-4723-B16D-44C627D90DD9}
         -7.8s C:\Users\jared.doom\AppData\Local\Temp\unelevate.exe
         -7.8s C:\Users\jared.doom\AppData\Local\Temp\TemplateHtml.html
         -7.8s C:\Users\jared.doom\AppData\Local\Temp\About YouTube Accelerator.url
         -7.8s C:\Users\jared.doom\AppData\Local\Temp\SAINST\
         -7.8s C:\Users\jared.doom\AppData\Local\Temp\SAINST\SA.CAB
         -7.7s C:\Users\jared.doom\AppData\Local\Temp\SAINST\engine.dll
         -7.7s C:\Users\jared.doom\AppData\Local\Temp\SAINST\YouTubeAccelerator.exe
         -6.0s C:\Program Files\Common Files\Goobzo\
         -6.0s C:\Program Files\Common Files\Goobzo\
         -6.0s C:\Program Files\Common Files\Goobzo\GBUpdate\
         -6.0s C:\Program Files\Common Files\Goobzo\GBUpdate\resourceToolCommandLine.exe
         -6.0s C:\Program Files\Common Files\Goobzo\GBUpdate\sma.exe
         -6.0s C:\Program Files\Common Files\Goobzo\GBUpdate\smci64.dll
         -6.0s C:\Program Files\Common Files\Goobzo\GBUpdate\smei64.dll
         -6.0s C:\Program Files\Common Files\Goobzo\GBUpdate\smfi64.dll
         -6.0s C:\Program Files\Common Files\Goobzo\GBUpdate\smfi64.dll
         -5.9s C:\Program Files\Common Files\Goobzo\GBUpdate\smi64.exe
         -5.9s C:\Program Files\Common Files\Goobzo\GBUpdate\smoi64.dll
         -5.9s C:\Program Files\Common Files\Goobzo\GBUpdate\smri64.dll
         -5.9s C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe
         -5.9s C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys
         -5.9s C:\Program Files\Common Files\Goobzo\GBUpdate\smci32.dll
         -5.8s C:\Program Files\Common Files\Goobzo\GBUpdate\smei32.dll
         -5.8s C:\Program Files\Common Files\Goobzo\GBUpdate\smfi32.dll
         -5.8s C:\Users\jared.doom\AppData\Local\Temp\SAINST\helper.dll
         -5.8s C:\Users\jared.doom\AppData\Local\Temp\SAINST\OK.gif
         -5.8s C:\Users\jared.doom\AppData\Local\Temp\SAINST\Cancel.gif
         -5.8s C:\Users\jared.doom\AppData\Local\Temp\SAINST\comtest.gif
         -5.8s C:\Program Files\Common Files\Goobzo\GBUpdate\smi32.exe
         -5.8s C:\Users\jared.doom\AppData\Local\Temp\SAINST\progbar.gif
         -5.8s C:\Users\jared.doom\AppData\Local\Temp\SAINST\AniGIF.ocx
         -5.8s C:\Users\jared.doom\AppData\Local\Temp\SAINST\YouTubeAcceleratorService.exe
         -5.7s C:\Program Files\Common Files\Goobzo\GBUpdate\smoi32.dll
         -5.7s C:\Program Files\Common Files\Goobzo\GBUpdate\smri32.dll
         -5.7s C:\Program Files\Common Files\Goobzo\GBUpdate\SBIEBrowserHelperObject.dll
         -5.7s C:\Program Files\Common Files\Goobzo\GBUpdate\SMUninstall.exe
         -5.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B52CD8EE-2675-48FC-87B4-B9C1256B03E6}
         -4.8s C:\Windows\System32\Tasks\SMW_UpdateTask_Time_333339393035313139332d782d233257574a5a4145502a
         -4.7s C:\Users\jared.doom\AppData\Local\Temp\Web504B.tmp
         -4.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\92\D0F856876D23BFDC.dat
         -4.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\92\
         -4.5s C:\Users\jared.doom\AppData\Local\Temp\Web5117.tmp
         -4.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{992984CC-400E-4584-B15F-3799E29DC878}
         -4.3s C:\Users\jared.doom\AppData\Local\Temp\SAINST\sporder.Dll
         -4.3s C:\Users\jared.doom\AppData\Local\Temp\SAINST\ipc.dll
         -4.3s C:\Users\jared.doom\AppData\Local\Temp\SAINST\lspinst.exe
         -2.9s C:\Users\jared.doom\AppData\Local\Temp\SAINST\testlsp.exe
         -1.5s C:\Users\jared.doom\AppData\Local\Temp\SAINST\xmldb.dll
         -1.5s C:\Users\jared.doom\AppData\Local\Temp\SAINST\Res.dll
         -1.5s C:\Users\jared.doom\AppData\Local\Temp\SAINST\ytalsp.dll
         -1.5s C:\Users\jared.doom\AppData\Local\Temp\SAINST\unelevate.exe
         -1.4s C:\Users\jared.doom\AppData\Local\Temp\SAINST\blank.html
         -1.4s C:\Users\jared.doom\AppData\Local\Temp\SAINST\lspinst2.exe
         -1.2s C:\Windows\Temp\Web5DF1.tmp
         -1.1s C:\Windows\Temp\Web5E70.tmp
         -1.0s C:\Windows\Temp\vup.tmp
         -0.3s C:\Program Files\Common Files\Goobzo\GBUpdate\smp.exe
         -0.0s C:\Users\jared.doom\AppData\Local\Temp\SAINST\varemove_page1.mht
         -0.0s C:\Users\jared.doom\AppData\Local\Temp\SAINST\varemove_page2.mht
         -0.0s C:\Users\jared.doom\AppData\Local\Temp\SAINST\YTAuninstall.mht
          0.0s C:\Users\jared.doom\AppData\Local\Temp\SAINST\updater.exe
          0.1s C:\Users\jared.doom\AppData\Local\Temp\SAINST\ytauninstall.exe
          0.8s C:\Users\jared.doom\AppData\Local\Temp\SAINST\YTAHelperSetup.exe
          0.8s C:\Users\jared.doom\AppData\Local\Temp\SAINST\YTAHelperSetup.exe
          1.0s C:\Program Files\Common Files\Goobzo\GBUpdate\Search.lnk
          1.0s C:\Program Files\Common Files\Goobzo\GBUpdate\Search.lnk
          1.1s C:\Users\jared.doom\AppData\Local\Temp\SAINST\YTAHUninstall.exe
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VADEU.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAENG.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAESM.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAFAR.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAFIL.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAFRA.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAIDN.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAITA.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAJPN.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAJPN.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VANLD.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAPOL.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAPTB.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VAROM.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VASRB.LNG
          1.2s C:\Users\jared.doom\AppData\Local\Temp\LocalesU\VATRK.LNG
          1.5s C:\Windows\System32\Tasks\Smp
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LangPackU.cab
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VADEU.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAENG.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAESM.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAFAR.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAFIL.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAFRA.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAFRA.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAIDN.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAIDN.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAIDN.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAITA.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAJPN.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VANLD.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAPOL.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAPTB.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VAROM.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VASRB.LNG
         11.2s C:\Users\jared.doom\AppData\Local\Temp\SAINST\LocalesU\VATRK.LNG
         11.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{206CA4B1-A32D-49A6-B92E-5BEDF05C12F6}
         12.8s C:\ProgramData\TEMP\
         13.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B63EFAE2-2C5B-4305-A561-CBBCD8E2CD65}
         16.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\57\88AB85124A43D901.dat
         16.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\57\
         17.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{19156045-9535-456A-835A-740F404013CE}
 
 
 

 

 

 

Thanks. I am going to reinstall directX 11, maybe going to download the nvidia driver.

 

Although HitmanPro says it identified a trojan, it appears the problem I created this post for was resolved. I opened IE multiple times without the browser going to Nuvaro search as the default. I also re-installed Chrome and opened it a few times, in a few different ways, and the Nuvaro search site did not come up as default. Thanks for your help! However I’m a bit concerned that HitmanPro says it found a dangerous item and I’m not able to remove it without buying the product. Any ideas for that?



#7 biffgunderson

biffgunderson
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 12 August 2014 - 09:30 PM

Also, looks like the Trojan HitmanPro identified was also from these Goozbo bleeps who created the original problem, so I suppose it's pretty likely that it stemmed from the same download. I do not feel comfortable not being able to remove this. I re-scanned with Malware bytes but it was unable to identify the issue that HitmanPro identified. I fear my original problem, or something worse, will come back around again given how much of a pain it was to fix the original issue. Any ideas aside from purchasing HitmanPro?



#8 biffgunderson

biffgunderson
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 14 August 2014 - 06:05 AM

Update: My issue is not resolved. Tuvaro www-search re-direct is back. Please help.



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:31 PM

Posted 14 August 2014 - 06:24 AM

Update: My issue is not resolved. Tuvaro www-search re-direct is back. Please help.

What browser(s) are affected by Tuvaro ??



#10 biffgunderson

biffgunderson
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 14 August 2014 - 06:36 AM

Both Chrome and Internet Explorer. I don't have Firefox but I imagine it would infect Firefox too if I had it. Seems like the issue was resolved except for 1 file HitmanPro identified as a Trojan. Since I could not take any action to remove that file without upgrading from the trial version of HitmanPro, I didn't. "C:\Users\jared.doom\AppData\Local\Temp\SAINST\updater.exe" was the file, as described in the log above. 



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:31 PM

Posted 14 August 2014 - 06:49 AM

Please note that Tuvaro as you describe is not an "infection" in the true meaning.

 

This is a Home Page Hijack program from somewhere that you visit, and can be simply fixed by resetting your home page.

If you had it fixed and it has "returned", then you have visited a program or site that contains Tuvaro.

 

Are you able to re-set your Home Page in I.E. and Chrome, or do you need directions on how to do it ??

 

“www-search.net” by Tuvaro
www-search.net is a browser hijacker, which is promoted via other free downloads that you install, and once installed it will change your browser homepage and default search engine to www-search.net.

This in itself is not considered malicious as there are many legitimate programs that change these settings as well.

 

From your Malwarebytes log - Registry Keys: 1 PUP.Optional.SearchNet, (this is Tuvaro) ..........

The only identified item is a Potentially Unwanted Program and nothing more.


Edited by noknojon, 14 August 2014 - 07:06 AM.


#12 biffgunderson

biffgunderson
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 14 August 2014 - 08:34 AM

Thanks. I'm aware of how to re-set homepages in browsers. Both browsers revert to my previously set homepages after "sc-cleaner.exe" is removed, so manually resetting the home page was not necessary. I'm aware this crap was snuck into a free download I installed, and I was aware before the installation completed, and my attempt to cancel installation was too late (in a series of 8 user agreements it took 2-3 before I understood my mistake). If Tuvaro doesn't fit the definition of a true "infection", why does HitmanPro identify it as a trojan (review the log above)?

 

The issue again seems resolved, for now, after the following actions:

(1) I manually deleted the directory HitmanPro identified and re-ran the process suggested above again. 

 

(2) I restarted.

(3) I opened Chrome, which went to my previously set homepages, none of which have anything to do with "www-search.net".

(4) Immediately after, I opened IE, when went to "www-search.net". I opened a second Chrome window, which went to "www-search.net" (this behavior fit your description of a home page hijack program, but I don't understand why my initial opening of Chrome wouldn't have done the same).

(5) I re-ran "sc-cleaner.exe", then re-scanned the CPU with MalwareBytes & HitmanPro, which turned up no results (HitmanPro reported some cookies, and I deleted all of them, but it didn't identify them as potentially dangerous items). 

(6) I re-started

 

Haven't seen the problem since. 



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:31 PM

Posted 14 August 2014 - 05:56 PM

Please read This Wiki explaination of your problem, and the related items / terms.

 

None are actually Trojans but are named as such by some Antimalware Programs for ease of description only.

They are in fact a Potentially Unwanted Program and nothing more.

 

> Bitdefender  . . . : Gen:Trojan.Heur.TP.Su0@bqNBY0li
This marked item is a previous problem in "quarantine" from a scan by Bitdefender, not a new one.................
 

I’m a bit concerned that HitmanPro says it found a dangerous item and I’m not able to remove it without buying the product. Any ideas for that?

You only used a Free Sample Version of Hitman Pro (like Malwarebytes Anti-Malware Free).
Now you can Delete it -

 

Thank you - Good Bye-


Edited by noknojon, 14 August 2014 - 06:17 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users