Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 8.1 & Microsoft Word 2013


  • Please log in to reply
32 replies to this topic

#1 dhb1966

dhb1966

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 04 November 2014 - 02:09 PM

I have been using Microsoft word 2013 for a while with no problems. Now it wont open. It says: We;re sorry but Word has run into an error that is preventing it from working correctly.Word will need to be closed as a result. Would you like us to repair now? Ok Ive clicked repair...nothing happens. Ive even called Microsoft and they say I have malware on my computer which is causing this. I ran Malwarebytes and found nothing. I ran Malwarebytes Anti Root-Kit and found nothing. Also since this has been happening I can not update my computer to Windows 8.1.  Microsoft told me they could fix my computer for $150.00. Anyone have any ideas besides paying the $150.00? Thanks in advance.


Edited by hamluis, 04 November 2014 - 03:24 PM.
Moved from Win 8 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:06 AM

Posted 04 November 2014 - 05:47 PM

Hi dhb1966 and :welcome:

 

icon1348768721.jpgDownload Screen317 Security Check HERE and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do so

icon1337954655.pngPlease download MiniToolBox HERE to your desktop to run it.
Checkmark the following boxes:
* List content of Hosts
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (do NOT change any settings here)
* List Users, Partitions and Memory size
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and Copy / Paste the result. (result.txt)

icon1337952077.pngPlease download Farbar Service Scanner (FSS) HERE and run it on the computer with the issue.

    Make sure the following options are checked:
        Internet Services
        Windows Firewall
        System Restore
        Security Center/Action Center
        Windows Update
        Windows Defender
        Other Services
    Press "Scan".
    It will create a log (FSS.txt) in the same directory the tool is run.
    Please copy and paste the log to your reply.
 

icon1337347931.pngPlease download RKill by Grinler HERE and save it to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
    Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
    If nothing happens or if the tool does not run, please let me know in your next reply.
    A log pops up at the end of the run. This log file is located at C:\rkill.log.
    Please post the log in your next reply.
 

Thank you!



#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,279 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:06 PM

Posted 05 November 2014 - 06:50 AM

FYI...

If you have ABBYY FineReader installed and receive one of the following errors while either starting or using an Office program:
* Microsoft Excel 2013 has stopped working
* Microsoft Outlook 2013 has stopped working
* Microsoft Word 2013 has stopped working
* Microsoft PowerPoint 2013 has stopped working
* Microsoft Publisher 2013 has stopped working

Office programs may crash with the FineReader add-in installed
ABBYY FineReader 9.0 Sprint might cause MS Office 2013 applications to work improperly
Fix: ABBYY FineReader Add-in causing Office Programs to crash
Fix: Microsoft Office 2013 Word & Excel crashing
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 dhb1966

dhb1966
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 06 November 2014 - 11:47 AM

Thanks everyone. My son figured out what was going on with my computer and fixed it. I do have an issue with my other laptop. I have something called Laflurla on it. Can someone help me with this please? Thanks for all you guys do :-)



#5 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:06 AM

Posted 06 November 2014 - 01:41 PM

Go to the laptop and post the results from these instruments.

 

Thank you!



#6 dhb1966

dhb1966
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 06 November 2014 - 02:39 PM

 Results of screen317's Security Check version 0.99.89  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Java 7 Update 51  
 Java version out of Date! 
 Adobe Flash Player 15.0.0.152  
 Mozilla Firefox 28.0 Firefox out of Date!  
 Google Chrome 38.0.2125.111  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 ESET ESET Online Scanner OnlineScannerApp.exe  
 ESET ESET Online Scanner OnlineCmdLineScanner.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Windows Defender MsMpEng.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
_________________________________________________________
 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by spot (administrator) on 06-11-2014 at 14:23:41
Running from "C:\Users\spot\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (11/06/2014 00:52:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (11/06/2014 00:52:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (11/06/2014 00:52:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (11/06/2014 00:52:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (11/06/2014 09:56:39 AM) (Source: Application Hang) (User: )
Description: The program Map.exe version 1.6.1821.2624 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 14b4
 
Start Time: 01cff9d14293b492
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.BingMaps_1.6.1821.2624_x64__8wekyb3d8bbwe\Map.exe
 
Report Id: 19a53bab-65c5-11e4-be98-78e3b58206eb
 
Faulting package full name: Microsoft.BingMaps_1.6.1821.2624_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: AppexMaps
 
Error: (11/06/2014 09:56:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: brock)
Description: Package Microsoft.BingMaps_1.6.1821.2624_x64__8wekyb3d8bbwe was terminated because it took too long to suspend.
 
Error: (11/06/2014 09:56:13 AM) (Source: Application Hang) (User: )
Description: The program LiveComm.exe version 16.4.4396.311 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 16c8
 
Start Time: 01cff9d129800487
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 83c3eb3f-65c4-11e4-be98-78e3b58206eb
 
Faulting package full name: microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: Microsoft.WindowsLive.ModernPhotos
 
Error: (11/06/2014 09:52:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: brock)
Description: Package microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe was terminated because it took too long to suspend.
 
Error: (11/06/2014 09:51:24 AM) (Source: Application Hang) (User: )
Description: The program wwahost.exe version 6.2.9200.16420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: e3c
 
Start Time: 01cff9d0cbed1c16
 
Termination Time: 0
 
Application Path: C:\Windows\system32\wwahost.exe
 
Report Id: 452664f9-65c4-11e4-be98-78e3b58206eb
 
Faulting package full name: microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: Microsoft.WindowsLive.ModernPhotos
 
Error: (11/06/2014 09:40:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: brock)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (11/06/2014 02:04:46 PM) (Source: Microsoft-Windows-DriverFrameworks-UserMode) (User: NT AUTHORITY)
Description: The driver package installation has failed.  The final status was 258.
 
Error: (11/06/2014 00:41:57 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:39:02 PM on ‎11/‎6/‎2014 was unexpected.
 
Error: (11/06/2014 11:37:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007041d: Windows Update Setup Handler.
 
Error: (11/06/2014 10:13:28 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
 
Error: (11/05/2014 09:23:46 AM) (Source: Service Control Manager) (User: )
Description: The Software Protection service failed to start due to the following error: 
%%1053
 
Error: (11/05/2014 09:23:46 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
 
Error: (11/05/2014 09:21:23 AM) (Source: Service Control Manager) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with the following service-specific error: 
%%0
 
Error: (11/05/2014 09:19:08 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (11/05/2014 09:18:17 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (11/05/2014 09:18:10 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
 
Microsoft Office Sessions:
=========================
Error: (11/06/2014 00:52:55 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\spot\Downloads\esetsmartinstaller_enu.exe
 
Error: (11/06/2014 00:52:36 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\spot\Downloads\esetsmartinstaller_enu.exe
 
Error: (11/06/2014 00:52:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\spot\Downloads\esetsmartinstaller_enu.exe
 
Error: (11/06/2014 00:52:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\spot\Downloads\esetsmartinstaller_enu.exe
 
Error: (11/06/2014 09:56:39 AM) (Source: Application Hang)(User: )
Description: Map.exe1.6.1821.262414b401cff9d14293b4924294967295C:\Program Files\WindowsApps\Microsoft.BingMaps_1.6.1821.2624_x64__8wekyb3d8bbwe\Map.exe19a53bab-65c5-11e4-be98-78e3b58206ebMicrosoft.BingMaps_1.6.1821.2624_x64__8wekyb3d8bbweAppexMaps
 
Error: (11/06/2014 09:56:29 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: brock)
Description: Microsoft.BingMaps_1.6.1821.2624_x64__8wekyb3d8bbwe
 
Error: (11/06/2014 09:56:13 AM) (Source: Application Hang)(User: )
Description: LiveComm.exe16.4.4396.31116c801cff9d1298004874294967295C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe\LiveComm.exe83c3eb3f-65c4-11e4-be98-78e3b58206ebmicrosoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbweMicrosoft.WindowsLive.ModernPhotos
 
Error: (11/06/2014 09:52:23 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: brock)
Description: microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe
 
Error: (11/06/2014 09:51:24 AM) (Source: Application Hang)(User: )
Description: wwahost.exe6.2.9200.16420e3c01cff9d0cbed1c160C:\Windows\system32\wwahost.exe452664f9-65c4-11e4-be98-78e3b58206ebmicrosoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbweMicrosoft.WindowsLive.ModernPhotos
 
Error: (11/06/2014 09:40:57 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: brock)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142
 
 
 
=========================== Installed Programs ============================
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{63ADEC24-A374-80A8-E89B-BE401C787F75}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{AE986BF5-B6E3-4F8D-B412-A3DD90DF5146}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Minecraft (HKLM-x32\...\Minecraft) (Version: ${VERSION} - )
Minecraft Packages (HKCU\...\Minecraft Packages) (Version:  - )
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
========================= Memory info: ===================================
 
Percentage of memory in use: 72%
Total physical RAM: 1634.26 MB
Available physical RAM: 450.35 MB
Total Pagefile: 3729.71 MB
Available Pagefile: 1866.15 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.57 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:273.93 GB) (Free:224.8 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:23.39 GB) (Free:2.82 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\BROCK
 
Administrator            Guest                    spot                     
 
 
**** End of log ****
_________________________________________________________________
 
Farbar Service Scanner Version: 21-07-2014
Ran by spot (administrator) on 06-11-2014 at 14:25:46
Running from "C:\Users\spot\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
___________________________________________________
 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 11/06/2014 02:32:28 PM in x64 mode.
Windows Version: Windows 8 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 11/06/2014 02:38:24 PM
Execution time: 0 hours(s), 5 minute(s), and 56 seconds(s)
 


#7 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:06 AM

Posted 06 November 2014 - 04:16 PM

Itibiti RTC This I don`t know what is it.
 

I have something called Laflurla on it

 

Where?



#8 dhb1966

dhb1966
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 07 November 2014 - 10:55 AM

It was showing up yesterday. Im not sure what happened to it. Ive been doing a lot of cleaning on this laptop. 



#9 dhb1966

dhb1966
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 07 November 2014 - 11:53 AM

Malwarebytes just finished a daily scan and came up with this:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 11/7/2014
Scan Time: 10:56:23 AM
Logfile: mal.txt
Administrator: Yes
 
Version: 2.00.3.1025
Malware Database: v2014.11.07.03
Rootkit Database: v2014.11.01.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8
CPU: x64
File System: NTFS
User: spot
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352076
Time Elapsed: 54 min, 11 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.Laflurla.A, HKU\S-1-5-21-1530668129-3960517205-278503001-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B4A89CD3-C5F5-49C4-ABCF-5F26D636476F}, , [707fc5732f4d75c1a004b735c53ddc24], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 2
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab, , [ce213602ceae3600fe1872b922e1f20e], 
 
Files: 12
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\addon.ico, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.cfg, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabStart.exe, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabStart64.exe, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabUninstaller.exe, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabWrap.dll, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabWrap64.dll, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DT.ico, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DTChk.exe, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DTReg.exe, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\searchhere.ico, , [ce213602ceae3600fe1872b922e1f20e], 
PUP.Optional.DefaultTab.A, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\uninstalldt.exe, , [ce213602ceae3600fe1872b922e1f20e], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Edited by dhb1966, 07 November 2014 - 11:55 AM.


#10 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:06 AM

Posted 07 November 2014 - 02:10 PM

I was asking on the desktop or in browsers.

Ok!

 

icon1349013334.jpgPlease download AdwCleaner by XplodeHERE onto your desktop.

    Close all open programs and internet browsers.
    Double click on AdwCleaner.exe to run the tool.
    Click on Scan.
    After the scan is complete click on "Clean"
    Confirm each time with Ok.
    Your computer will be rebooted automatically. A text file will open after the restart.
    Please post the content of that logfile with your next answer.
    You can find the logfile at C:\AdwCleaner[S1].txt as well.

icon1351185104.pngPlease download Junkware Removal Tool HERE to your desktop.

    Shut down your protection software now to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    Post the contents of JRT.txt into your next message.

icon1356707420.jpgDownload Malwarebytes' Anti-Malware Free HERE to your desktop.
    - Do not accept the Free Trial Version at this time -
    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform Thread scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.
How to open the log:
Open MalwareBytes Anti-Malware and then click on History
On the left column, select Application Logs. Select the most recent log among the list, it is usually the one on the top (or sort by date) and open it.
Go to the bottom left corner to Export and select Text File (*.txt)
Save it to the desktop

    Be sure to restart the computer if requested.

esetsmartinstaller_enu.pngPlease download the ESET Online Scanner HERE and save it to your Desktop.
Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
    Start esetsmartinstaller_enu.exe with administartor privileges.
    Select the option Yes, I accept the Terms of Use and click on Start.
    Make sure that the option Remove found threats is checked, and the option Scan archives is checked.
    Now click on Advanced Settings and select the following:
        Scan for potentially unwanted applications
        Scan for potentially unsafe applications
        Enable Anti-Stealth Technology
    Click on Start. The virus signature database will begin to download. This may take some time.
    When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
    When completed select Uninstall application on close if you so wish
    Now click on Finish
The path to the log file is "C:\Program Files\ESET\EsetOnlineScanner\log.txt" (on 64-bit systems this directory will be "C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt")

Note: Do not forget to re-enable your antivirus application after running the above scan!
 

Thank you!



#11 dhb1966

dhb1966
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 08 November 2014 - 12:40 AM

# AdwCleaner v3.311 - Report created 07/11/2014 at 17:13:19
# Updated 30/09/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : spot - BROCK
# Running from : C:\Users\spot\Downloads\adwcleaner_3.311.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
 
-\\ Mozilla Firefox v28.0 (en-US)
 
[ File : C:\Users\spot\AppData\Roaming\Mozilla\Firefox\Profiles\ftmlley2.default\prefs.js ]
 
 
[ File : C:\Users\spot\AppData\Roaming\Mozilla\Firefox\Profiles\l44745ak.default-1415192739812\prefs.js ]
 
 
-\\ Google Chrome v38.0.2125.111
 
[ File : C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [13844 octets] - [03/11/2014 14:55:29]
AdwCleaner[R1].txt - [11899 octets] - [04/11/2014 17:25:54]
AdwCleaner[R2].txt - [1463 octets] - [07/11/2014 17:00:36]
AdwCleaner[S0].txt - [11894 octets] - [04/11/2014 17:34:19]
AdwCleaner[S1].txt - [1388 octets] - [07/11/2014 17:13:19]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1448 octets] ##########
_____________________________________________________________________
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.6 (11.05.2014:1)
OS: Windows 8 x64
Ran by spot on Fri 11/07/2014 at 17:25:37.50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Windows\wininit.ini"
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 11/07/2014 at 17:34:33.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_____________________________________________________________________
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 11/7/2014
Scan Time: 5:35:43 PM
Logfile: mal1.txt
Administrator: Yes
 
Version: 2.00.3.1025
Malware Database: v2014.11.07.06
Rootkit Database: v2014.11.01.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8
CPU: x64
File System: NTFS
User: spot
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352431
Time Elapsed: 1 hr, 18 min, 15 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
__________________________________________________________
 
Im going to have to redo the Eset scan because I can not find the log file. 


#12 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:06 AM

Posted 08 November 2014 - 10:00 AM

I will try ESET Scan to see where the log is.So now is clean according Malwarebytes.

Next Steps after ESET is over.

 

Downloaddelfix.pngDelfix by Xplode HERE to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

    Activate UAC (optional; some users prefer to keep it off)
    Remove disinfection tools
    Create registry backup
    Reset system settings


Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

icon1365009334.jpgDownload HitmanPro x64 HERE onto your desktop.

Double-click on the file named HitmanPro.exe.It will be updated.When the program starts you will be presented with the start screen.Click on the Next button.Accept to store a copy of the program to your computer and click Next and it will start to scan.
When it has finished it will display a list of all the malware that the program found.Below next to button buy now is option Save log.Save it to your desktop and paste it here.

 

Thank you!



#13 dhb1966

dhb1966
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 09 November 2014 - 02:43 PM

HitmanPro 3.7.9.232
www.hitmanpro.com
 
   Computer name . . . . : BROCK
   Windows . . . . . . . : 6.2.0.9200.X64/2
   User name . . . . . . : brock\spot
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (26 days left)
 
   Scan date . . . . . . : 2014-11-09 14:30:58
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 9m 2s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 18
 
   Objects scanned . . . : 1,840,883
   Files scanned . . . . : 24,081
   Remnants scanned  . . : 447,053 files / 1,369,749 keys
 
Cookies _____________________________________________________________________
 
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.servebom.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:oracle.112.2o7.net
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\spot\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
 
 


#14 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:06 AM

Posted 09 November 2014 - 02:47 PM

So nothing.Delete Cookies.May need activate trial version and use for 30 days if you want.

How is your laptop?

 

Thank you!



#15 dhb1966

dhb1966
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 09 November 2014 - 02:49 PM

Its a little slow but a whole lot better than it was! Thank you :-)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users