Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible malware/issue with MSE


  • This topic is locked This topic is locked
17 replies to this topic

#1 needinghelpplease

needinghelpplease

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 26 August 2014 - 07:07 PM

Hello,  I have been to this forum once before with outstanding help from gringo and am asking for help once again.  I have an asus u56e running windows 7 and am having issues installing windows updates and updating Microsoft Security Essentials.  I have tried a system restore (may have been a bad idea (??)) but that didn't resolve my issues.  I have tried to uninstall Microsoft Security Essentials but it won't uninstall.  I have also tried to use REVO uninstaller but MSE won't show up under existing programs.  I have tried to use Revo in "hunter" mode but when I hover over the MSE shortcut it actually shows a file path for another program such as adobe or asus recovery.  I appreciate any help that can be offered and will not try anything else until I hear further instruction from the experts.  I also apologize if I have posted this in the wrong section/forum.



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:09 PM

Posted 26 August 2014 - 08:11 PM

Hello and Welcome back.

Please read all directions and ask (or leave them) if you are not sure. These are mostly minor ..........

 

In Am I Infected we will try a few scans and use methods that are not too deep, as they are the job of gringo and the crew there.

 

Try to download any programs to Desktop, and Copy and Paste your answers (attach will not work in this area).

If you do have problems with any program, please tell us or just move on.

 

First - To find if there is any security programs installed.

Download Screen317 Security Check   and save it to your Desktop.
 * Double-click SecurityCheck.exe
 * Follow the onscreen instructions inside of the black box.
 * A Notepad document should open automatically called checkup.txt
 * Please post the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do

If you have a problem, please move on.

 

 

Next - To double check programs, and find errors.

Please download MiniToolBox to desktop to run it.
 Checkmark the following boxes:
 * List content of Hosts
 * Flush DNS
 * Report IE Proxy Settings
 * Reset IE Proxy Settings
 * Report FF Proxy Settings
 * Reset FF Proxy Settings
 * List last 10 Event Viewer log
 * List Installed Programs
 * List Users, Partitions and Memory size
 Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 Click Go and Copy / Paste the result. (result.txt)

 

 

Next - Minor clean-out tools for you.

Please download and run RKill by Grinler.

  • A black DOS box will appear for a short time and then disappear.
  • This is normal and indicates the tool ran successfully.
  • At most the tool will usually run for at about 2 minutes

Please Copy and Paste the log back here.

 
Do not reboot your computer until you complete the next step.

 

 NOW :

  • Download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
     * Vista / Windows 7 / 8 users right-click and select Run As Administrator.
  • Click on the Scan button (only once)
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button only once for accuracy.
  • A report (AdwCleaner[R0].txt) will open in Notepad for your review.
  • Check the listed removals and see if you are OK with them.
  • If you have questions, post the Report log back here.

 Next

  • Click on the Clean button only once for accuracy
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
  • After rebooting, a log report (AdwCleaner[S0].txt) will open automatically.
    Copy and Paste the contents of that log in your next reply.

Note: With most Adware / Junkware / PUPs it is strongly recommended to deal with it like a legitimate program and uninstall from Programs and Features or Add/Remove Programs in the Control Panel. In many cases, using the uninstaller of the adware not only removes the adware more effectively, but it also restores any changed configuration. After uninstallation, then you can run specialized tools like AdwCleaner and JRT to fix any remaining entries they may find.

 

 

 

Next -

Please download Junkware Removal Tool to your desktop.
* Temporarily Disable your Antivirus now to avoid potential conflicts if MSE is active.
* Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
* The tool will open and start scanning your system.
* Please be patient as this can take a while to complete depending on your system's specifications.
* On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
* Post the contents of JRT.txt into your next message.


Next - A better search for infections.

Run ESET Online Scanner. First is for Internet Explorer users and later for other users

  • Hold down Control (Ctrl) and click on This Link to open ESET OnlineScan in a new window.
  • Click the Esetonline button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu. to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives and Remove Threats"
  • Click Advanced settings and select the following:
    Scan potentially unwanted applications
     Scan for potentially unsafe applications
     Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

 

Thank You -

When you post a few logs, please tell us if there is any changes -



#3 needinghelpplease

needinghelpplease
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 26 August 2014 - 09:19 PM

Thank you so much for your response....I have tried the first two programs with no luck. Neither program will open.  I have tried to run as administrator but that doesn't help.  I didn't know if I should continue down the list or try to run in safe mode, so I have just halted until I receive additional orders.  Thanks again.



#4 needinghelpplease

needinghelpplease
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 26 August 2014 - 09:43 PM

I guess I should also mention that I am unable to uninstall other Microsoft programs such as word/word starter.  I didn't know if that would of help.  Thanks again



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:09 PM

Posted 26 August 2014 - 09:44 PM

I do know that Screen317 Security Check has a few problems (being updated) but MiniToolBox is from another writer and is "fairly" basic.

 

Try for MiniToolBox again, and only tick  * List last 10 Event Viewer log and  * List Installed Programs if it downloads.

 

If nothing, run RKill as above and post that log. Will also run in Safe Mode (if needed)

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/

iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

 

Please Copy and Paste the log back here.

 

 

Thanks -



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:09 PM

Posted 26 August 2014 - 10:18 PM

Just post back if you have a total of Nothing ( zero )

 

From there at least we have some idea.

 

Are you on the Problem Computer now ??



#7 needinghelpplease

needinghelpplease
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 26 August 2014 - 10:22 PM

Ok, I was able to run security check and minitoolbox in safe mode but can't get rkill to finish running (still running after 10 minutes).  Here are the logs

 

Security check

 

 Results of screen317's Security Check version 0.99.87 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
Microsoft Security Essentials  
  (On Access scanning disabled!)
 Error obtaining update status for antivirus! 
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Java 7 Update 55 
 Java version out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
 Google Chrome 34.0.1847.137 
 Google Chrome 35.0.1916.114 
 Google Chrome 36.0.1985.125 
 Google Chrome 36.0.1985.143 
````````Process Check: objlist.exe by Laurent```````` 
 Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

 

Log from MiniToolBox

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Kevin (administrator) on 26-08-2014 at 21:56:49
Running from "C:\Users\Kevin\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

#       ::1             localhost

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/26/2014 09:14:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: obexsrv.exe, version: 1.1.0.51, time stamp: 0x4d6e5ab8
Faulting module name: obexsrv.exe, version: 1.1.0.51, time stamp: 0x4d6e5ab8
Exception code: 0xc0000005
Fault offset: 0x0001aade
Faulting process id: 0x9b8
Faulting application start time: 0xobexsrv.exe0
Faulting application path: obexsrv.exe1
Faulting module path: obexsrv.exe2
Report Id: obexsrv.exe3

Error: (08/26/2014 09:11:08 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.17041 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 758

Start Time: 01cfc1893a9d50b9

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (08/26/2014 07:41:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3307

Error: (08/26/2014 07:41:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3307

Error: (08/26/2014 07:41:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/26/2014 07:10:50 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=13:app=Microsoft Word Starter 2010 9014006604090000:tid=1130:usr=Kevin}
The client was unable to connect to an Application Virtualization Server (rc 16001E0A-000001D1)

Error: (08/26/2014 07:10:50 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=13:app=Microsoft Word Starter 2010 9014006604090000:tid=1130:usr=Kevin}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7122.5000.sft' (rc 16001E0A-000001D1, original rc 16001E0A-000001D1).

Error: (08/26/2014 07:10:41 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=Microsoft Word Starter 2010 9014006604090000:tid=1F08:usr=Kevin}
The client was unable to connect to an Application Virtualization Server (rc 16001E0A-000001D1)

Error: (08/26/2014 07:10:41 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=Microsoft Word Starter 2010 9014006604090000:tid=1F08:usr=Kevin}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7122.5000.sft' (rc 16001E0A-000001D1, original rc 16001E0A-000001D1).

Error: (08/26/2014 06:54:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: obexsrv.exe, version: 1.1.0.51, time stamp: 0x4d6e5ab8
Faulting module name: obexsrv.exe, version: 1.1.0.51, time stamp: 0x4d6e5ab8
Exception code: 0xc0000005
Fault offset: 0x0001aade
Faulting process id: 0x9cc
Faulting application start time: 0xobexsrv.exe0
Faulting application path: obexsrv.exe1
Faulting module path: obexsrv.exe2
Report Id: obexsrv.exe3

System errors:
=============
Error: (08/26/2014 09:56:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/26/2014 09:56:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/26/2014 09:56:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/26/2014 09:56:19 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/26/2014 09:56:19 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/26/2014 09:56:19 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/26/2014 09:56:17 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (08/26/2014 09:56:16 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (08/26/2014 09:56:15 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/26/2014 09:56:15 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (08/26/2014 09:14:59 PM) (Source: Application Error)(User: )
Description: obexsrv.exe1.1.0.514d6e5ab8obexsrv.exe1.1.0.514d6e5ab8c00000050001aade9b801cfc19ca4e2e7b1C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exef17f94dc-2d8f-11e4-935b-ac72891eae7d

Error: (08/26/2014 09:11:08 PM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.1704175801cfc1893a9d50b90C:\Program Files\Internet Explorer\iexplore.exe

Error: (08/26/2014 07:41:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3307

Error: (08/26/2014 07:41:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3307

Error: (08/26/2014 07:41:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/26/2014 07:10:50 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=13:app=Microsoft Word Starter 2010 9014006604090000:tid=1130:usr=Kevin}
16001E0A-000001D1

Error: (08/26/2014 07:10:50 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=13:app=Microsoft Word Starter 2010 9014006604090000:tid=1130:usr=Kevin}
http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7122.5000.sft16001E0A-000001D116001E0A-000001D1

Error: (08/26/2014 07:10:41 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=Microsoft Word Starter 2010 9014006604090000:tid=1F08:usr=Kevin}
16001E0A-000001D1

Error: (08/26/2014 07:10:41 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=Microsoft Word Starter 2010 9014006604090000:tid=1F08:usr=Kevin}
http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7122.5000.sft16001E0A-000001D116001E0A-000001D1

Error: (08/26/2014 06:54:27 PM) (Source: Application Error)(User: )
Description: obexsrv.exe1.1.0.514d6e5ab8obexsrv.exe1.1.0.514d6e5ab8c00000050001aade9cc01cfc188ffa3e82fC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe4ffea768-2d7c-11e4-900b-ac72891eae7d

CodeIntegrity Errors:
===================================
  Date: 2013-01-03 18:45:50.525
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-03 18:45:50.479
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-03 18:45:50.432
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-03 18:45:50.401
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-02 22:17:34.007
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-02 22:17:33.960
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-02 22:17:33.929
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-02 22:17:33.867
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-02 13:22:17.344
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-02 13:22:17.297
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASPCA Reminder by We-Care.com v4.1.21.1 (HKLM-x32\...\{A6558E2A-FAF9-4570-AA49-6328D0354517}) (Version: 4.1.21.1 - We-Care.com)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.14 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.22 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0007 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{AECA3622-E634-4A55-A696-70A511CBE06E}) (Version: 2.0.3 - AsusTek Computer Inc.)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
AsusScr_U46_ENG (HKLM-x32\...\AsusScr_U46_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 8.0.5.3_WHQL (HKLM\...\Elantech) (Version: 8.0.5.3 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.0.185 - SurfRight B.V.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{424E8E17-A7B7-45B5-8C79-D58F04D9D920}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Help (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510 series Product Improvement Study (HKLM\...\{1AE1848C-D592-4222-8048-AEE1694D2959}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
Intel PROSet Wireless (Version:  - ) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (HKLM\...\{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}) (Version: 1.1.0.0157 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
Office Depot PC Support Agent (HKLM-x32\...\Office Depot PC Support Agent) (Version: 64.0.7.5 - Support.com, Inc.)
Radialpoint Security Advisor 2.5.15 (x32 Version: 2.5.15 - Radialpoint SafeCare Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.8 - ASUS)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ???? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windstream Diagnostic Tools 3.0.21 (x32 Version: 3.0.21 - Windstream) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
??????? Windows Live Mesh ActiveX ??(????) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
??????? Windows Live Mesh ActiveX ??? (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

========================= Memory info: ===================================

Percentage of memory in use: 17%
Total physical RAM: 8097.14 MB
Available physical RAM: 6684.48 MB
Total Pagefile: 16192.45 MB
Available Pagefile: 14793.57 MB
Total Virtual: 4095.88 MB
Available Virtual: 3988.69 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:217.25 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:394.18 GB) (Free:394.08 GB) NTFS

========================= Users: ========================================

User accounts for \\KEVIN-PC

Administrator            Guest                    Kevin                   

**** End of log ****



#8 needinghelpplease

needinghelpplease
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 26 August 2014 - 10:23 PM

I am on the computer that is giving me issues.  I have internet access, but it just doesn't seem quite right.  I also keep having a pop-up while browsing about updating Microsoft word 2010



#9 needinghelpplease

needinghelpplease
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 26 August 2014 - 10:36 PM

Also, thanks again for helping me with these issues.



#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:09 PM

Posted 26 August 2014 - 10:46 PM

Hi -

Also, thanks again for helping me with these issues.

Never a problem -

 

Yes. I can see an old version of Malwarebytes Anti-Malware version 1.75.0. (now 2.0.0.2 or similar) plus HitmanPro 3.7 (I do not know versions)

Also the M.S.E. is still there and trying to take over.

 

I will fix MBAM later if we get that far ...............

 

Did you try and install another Antivirus (except for Hitman Pro) ??

 

Try a basic but good Temp File Cleaner

 

Please download Temp File Cleaner by Old Timer
Usage Instructions :

1. Download TFC from the download link above and save the file on your desktop.
2 . Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
3 . Double-click on the TFC icon.
4 . When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
5 . When done, press OK > Exit, and reboot your computer and finish the cleanup



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:09 PM

Posted 26 August 2014 - 10:52 PM

Next -

 

Try this tool ... http://www.bleepingcomputer.com/download/windows-repair-all-in-one/ . This tool makes numerous mini-fixes that can improve connectivity.

 

I am just hoping that we can get Rkill to run, as it will fix and show quite a bit.



#12 needinghelpplease

needinghelpplease
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 26 August 2014 - 10:53 PM

The computer originally had McAfee av protection when purchased.  TFC won't open when I double click icon



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:09 PM

Posted 26 August 2014 - 10:57 PM

Right click on it and select "Run as Administrator".



#14 needinghelpplease

needinghelpplease
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 26 August 2014 - 10:59 PM

It unfortunately won't open even when I try to run as administrator.  Would it work in safe mode or sm w/ networking?



#15 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:09 PM

Posted 26 August 2014 - 11:03 PM

My first idea - Delete it and Re-install it, as long as you get the download, and not just a short-cut.

 

The computer is giving you heck today -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users