Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help!


  • This topic is locked This topic is locked
5 replies to this topic

#1 dar2623

dar2623

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 11 November 2014 - 11:40 PM

Went out of town for a week and came back and roommate tells me he got a virus.  I successfully removed a Trojan.powerliks from my rundll.exe through a walkthrough from Symantec.  Come back two days later and something else has taken over that is much worse.  I cannot download anything due to not having permission.  Cant do a system restore because I don't have permission.  Cant DL the DDS program to post anything here because I do not have permission.  What do I do?  I have malwarebytes running but it isn't picking up anything.  I have Symantec endpoint protection running but it doesn't see anything.  Malwarebytes keeps blocking something:

 

I have many (5-10) ddhloccm.exe *32 running at the same time eating up a lot of memory.  It says its google chrome but I do not have that installed on this PC. 

It is coming from this location: C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx

 

I am running windows 7 home premium.

 

Thank you for the help.


Edited by dar2623, 11 November 2014 - 11:41 PM.


BC AdBot (Login to Remove)

 


#2 dar2623

dar2623
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 November 2014 - 12:09 AM

OK got in as administrator and was able to DL the DDS and ran the reports.  The program I mentioned above that I believe is the infection doesn't seem to be running under the administrator log in.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17344  BrowserJavaVersion: 11.25.2
Run by Administrator at 0:01:57 on 2014-11-12
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8083.5809 [GMT -5:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\LANDesk\Shared Files\residentagent.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files (x86)\LANDesk\LDClient\LocalSch.EXE
C:\Program Files (x86)\LANDesk\LDClient\collector.exe
C:\Program Files (x86)\LANDesk\LDClient\vulscan.exe
C:\Windows\SysWOW64\CBA\pds.exe
C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
C:\PROGRA~2\LANDesk\LDClient\issuser.exe
C:\Program Files (x86)\LANDesk\LDClient\policy.client.invoker.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\LANDesk\LDClient\LDsensors.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\PROGRA~2\LANDesk\LDClient\rcgui.exe
C:\Program Files (x86)\ASUS\APRP\aprp.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
C:\Program Files (x86)\LANDesk\LDClient\softmon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Citrix\ICA Client\WFCRUN32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Symantec Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\IPS\IPSBHO.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{E8B83011-3464-43C3-A152-DA55CB1C909B} : DHCPNameServer = 192.168.0.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} -
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\SEP\0C010FAD\0FAD.105\x64\SymDS64.sys [2013-12-11 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\SEP\0C010FAD\0FAD.105\x64\SymEFA64.sys [2013-12-11 1147480]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20141107.011\BHDrvx64.sys [2014-11-11 1586904]
R1 ccSettings_{2FF4FBED-F03A-4EE2-AC58-C985811A4FBE};Symantec Endpoint Protection 12.1.4013.4013.105 Settings Manager;C:\Windows\System32\drivers\SEP\0C010FAD\0FAD.105\x64\ccSetx64.sys [2013-12-11 169048]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2012-3-19 89536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-12-5 283064]
R1 IDSVia64;IDSVia64;C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20141108.011\IDSviA64.sys [2014-11-11 525016]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\SEP\0C010FAD\0FAD.105\x64\Ironx64.sys [2013-12-11 224856]
R1 SYMNETS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\SEP\0C010FAD\0FAD.105\x64\symnets.sys [2013-12-11 437336]
R2 CBA8;LANDesk® Management Agent;C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe [2013-8-19 158936]
R2 CISMBIOS;CISMBIOS;C:\Windows\System32\drivers\cismbios.sys [2014-4-30 21336]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-9-19 1149760]
R2 LANDesk Policy Invoker;LANDesk Policy Invoker;C:\Program Files (x86)\LANDesk\LDClient\policy.client.invoker.exe [2014-4-30 243200]
R2 LANDesk Targeted Multicast;LANDesk Targeted Multicast;C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe [2014-4-30 179200]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-7 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-7 968504]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-4 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-4 19440960]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-4-6 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-5-4 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-4-7 23552]
R2 SepMasterService;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [2013-12-11 144368]
R2 Softmon;LANDesk® Software Monitoring Service;C:\Program Files (x86)\LANDesk\LDClient\SoftMon.exe [2014-4-30 639464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-7 411968]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-12-13 544840]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-2-21 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-2-21 396776]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-9-10 142640]
R3 ldmirror;ldmirror;C:\Windows\System32\drivers\ldmirror.sys [2014-4-30 5120]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-11-7 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-11-7 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-11-7 63704]
R3 mirrorflt;Mirror Filter Driver for Uninstall;C:\Windows\System32\drivers\mirrorflt.sys [2014-4-30 7168]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-9 20288]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-9-19 38048]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-12-4 726160]
R4 IOMap;IOMap;C:\Windows\System32\drivers\IOMap64.sys [2013-12-4 23680]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2013/12/04 07:16:47;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-12 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-11-7 2151744]
S2 ProcTrigger;LANDesk® Process Trigger Service;C:\Program Files (x86)\LANDesk\LDClient\ProcTriggerSvc.exe [2014-4-30 153816]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 tracksvc;LANDesk® Power Management Track Service;C:\Program Files (x86)\LANDesk\LDClient\tracksvc.exe [2014-4-30 76048]
S3 acsock;acsock;C:\Windows\System32\drivers\acsock64.sys [2012-12-13 112080]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-1-5 49152]
S3 BRDriver64;BRDriver64;C:\ProgramData\BitRaider\BRDriver64.sys [2013-12-19 75048]
S3 BRSptStub;BitRaider Mini-Support Service Stub Loader;C:\ProgramData\BitRaider\BRSptStub.exe [2014-10-15 363208]
S3 BRSptSvc;BitRaider Mini-Support Service;C:\ProgramData\BitRaider\BRSptSvc.exe [2013-12-19 477960]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2013-10-15 520416]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-7 111616]
S3 ldblank;Screen Blanking driver for Remote Control;C:\Windows\System32\drivers\ldblank.sys [2014-4-30 20992]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-6 19456]
S3 SyDvCtrl;SyDvCtrl;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\SyDvCtrl64.sys [2013-12-11 34800]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-11-7 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-12-6 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-12-6 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 XFDriver64;XFDriver64;C:\Program Files (x86)\Xfire2\XFDriver64.sys [2013-12-26 17160]
.
=============== Created Last 30 ================
.
2014-11-12 04:59:50 -------- d-----w- C:\Users\Administrator\AppData\Local\Power2Go
2014-11-12 04:59:24 -------- d-----w- C:\Users\Administrator\AppData\Roaming\ProductData
2014-11-12 04:58:35 -------- d-----w- C:\Users\Administrator\AppData\Local\Symantec
2014-11-12 04:48:26 -------- d-sh--w- C:\Users\Administrator\AppData\Local\EmieUserList
2014-11-12 04:48:26 -------- d-sh--w- C:\Users\Administrator\AppData\Local\EmieSiteList
2014-11-11 21:01:15 17926832 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-11-07 16:49:26 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-07 16:49:06 6584320 ----a-w- C:\Windows\System32\mstscax.dll
2014-11-07 16:49:06 5703168 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-11-07 13:40:40 614728 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-11-07 13:40:09 2558792 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-11-07 13:37:11 935232 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-11-07 13:37:11 6880968 ----a-w- C:\Windows\System32\nvcpl.dll
2014-11-07 13:37:11 61640 ----a-w- C:\Windows\System32\nvshext.dll
2014-11-07 13:37:11 4066553 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-11-07 13:37:11 385352 ----a-w- C:\Windows\System32\nvmctray.dll
2014-11-07 13:37:11 3533632 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-11-07 13:36:45 73872 ----a-w- C:\Windows\System32\OpenCL.dll
2014-11-07 13:36:45 60744 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-11-07 13:07:25 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-07 13:06:53 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-07 13:06:53 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-07 13:06:53 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-07 13:06:53 -------- d-----w- C:\ProgramData\Malwarebytes
2014-11-07 13:06:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-07 11:35:54 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-07 11:34:05 -------- d-----w- C:\ProgramData\Oracle
2014-11-07 11:13:02 -------- d-----w- C:\Program Files (x86)\ESET
2014-11-07 10:52:08 -------- d-sh--w- C:\$RECYCLE.BIN
2014-11-07 10:46:21 98816 ----a-w- C:\Windows\sed.exe
2014-11-07 10:46:21 256000 ----a-w- C:\Windows\PEV.exe
2014-11-07 10:46:21 208896 ----a-w- C:\Windows\MBR.exe
2014-11-07 10:46:01 -------- d-s---w- C:\ComboFix
2014-11-07 10:24:18 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2014-11-07 09:51:10 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-11-07 09:49:26 -------- d-----w- C:\AdwCleaner
2014-11-07 09:32:13 -------- d-----w- C:\FRST
2014-11-07 09:23:54 -------- d-----w- C:\ProgramData\ProductData
2014-11-07 09:23:52 -------- d-----w- C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-11-07 09:23:52 -------- d-----w- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-11-07 09:22:50 -------- d-----w- C:\Program Files (x86)\IObit
2014-11-07 09:22:48 -------- d-----w- C:\ProgramData\IObit
2014-11-07 08:25:12 1876296 ----a-w- C:\Windows\System32\nvdispco6434460.dll
2014-11-07 08:25:12 1539272 ----a-w- C:\Windows\System32\nvdispgenco6434460.dll
2014-11-06 08:03:32 0 ----a-w- C:\Windows\System32\koymjtg.dll
2014-10-15 07:15:21 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
.
==================== Find3M  ====================
.
2014-11-11 21:01:35 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-11 21:01:35 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-10-30 04:53:26 987008 ----a-w- C:\Windows\System32\nvumdshimx.dll
2014-10-10 02:05:59 276480 ----a-w- C:\Windows\System32\generaltel.dll
2014-10-10 02:05:42 507392 ----a-w- C:\Windows\System32\aepdu.dll
2014-10-10 02:00:38 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-10-04 06:42:47 2197680 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-10-04 06:42:47 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-10-04 06:41:43 2800296 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-10-04 06:41:43 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-09-29 00:58:48 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-09-27 00:15:42 281152 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-09-27 00:15:42 281152 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-09-27 00:15:36 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-18 02:00:42 3241472 ----a-w- C:\Windows\System32\msi.dll
2014-09-18 01:32:52 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-09-17 04:51:20 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2014-09-17 04:51:20 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2014-09-17 04:51:20 1538880 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2014-09-13 23:48:03 1876296 ----a-w- C:\Windows\System32\nvdispco6434411.dll
2014-09-13 23:48:03 1539272 ----a-w- C:\Windows\System32\nvdispgenco6434411.dll
2014-09-13 01:58:18 77312 ----a-w- C:\Windows\System32\packager.dll
2014-09-13 01:40:05 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2014-09-11 04:35:44 1463808 ----a-w- C:\Windows\System32\lsasrv.dll
2014-09-11 04:35:39 463872 ----a-w- C:\Windows\System32\certcli.dll
2014-09-11 04:06:12 342528 ----a-w- C:\Windows\SysWow64\certcli.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-04 19:14:38 38048 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-09-04 19:14:38 34976 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-09-04 19:14:38 32416 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-08-29 02:07:13 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-19 03:11:28 693176 ----a-w- C:\Windows\System32\winload.efi
2014-08-19 03:10:10 616352 ----a-w- C:\Windows\System32\winresume.efi
2014-08-19 03:08:04 503808 ----a-w- C:\Windows\System32\srcore.dll
2014-08-19 03:08:04 50176 ----a-w- C:\Windows\System32\srclient.dll
2014-08-19 03:08:03 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2014-08-19 03:07:51 58880 ----a-w- C:\Windows\System32\appidapi.dll
2014-08-19 03:07:51 32256 ----a-w- C:\Windows\System32\appidsvc.dll
2014-08-19 03:07:33 296960 ----a-w- C:\Windows\System32\rstrui.exe
2014-08-19 03:07:11 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2014-08-19 03:07:11 146944 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2014-08-19 02:41:39 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2014-08-19 02:41:22 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2014-08-19 02:06:56 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
.
============= FINISH:  0:04:20.88 ===============

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/4/2013 9:37:03 AM
System Uptime: 11/11/2014 11:57:35 PM (1 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. |  | SABERTOOTH 990FX R2.0
Processor: AMD FX™-8350 Eight-Core Processor            | Socket 942 | 4013/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 178.562 GiB free.
D: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
3DMark
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader X (10.1.3)
Asmedia ASM104x USB 3.0 Host Controller Driver
Asmedia ASM106x SATA Host Controller Driver
ASUS Product Register Program
Battlefield 2
BitRaider Streaming Client
BitRaider Web Client
Cisco AnyConnect Secure Mobility Client
Cisco AnyConnect Secure Mobility Client
Citrix online plug-in
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (PNA)
Citrix online plug-in (SSON)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Command and Conquer Red Alert 3 - Uprising
Company of Heroes 2
Counter-Strike Nexon: Zombies
DAEMON Tools Lite
DayZ
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ESET Online Scanner v3
Fallen Earth
Futuremark SystemInfo
Java 8 Update 25
Java Auto Updater
LANDesk Advance Agent
LANDesk® Common Base Agent 8
LG Burning Tool
LG CyberLink BD Advisor
LG CyberLink Blu-ray Disc Suite
LG CyberLink MediaEspresso
LG CyberLink MediaShow
LG CyberLink PowerDVD
LG CyberLink PowerProducer
LG CyberLink YouCam
LG Tool Kit
Malwarebytes Anti-Malware version 2.0.3.1025
March of War
Medieval II: Total War
Microsoft .NET Framework 4.5.1
Microsoft ASP.NET MVC 4 Runtime
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 4.0 Refresh
Napoleon: Total War
Neverwinter
NVIDIA 3D Vision Controller Driver 344.46
NVIDIA 3D Vision Driver 344.60
NVIDIA Control Panel 344.60
NVIDIA GeForce Experience 2.1.3
NVIDIA GeForce Experience Service
NVIDIA Graphics Driver 344.60
NVIDIA HD Audio Driver 1.3.32.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.14.0702
NVIDIA ShadowPlay 16.13.56
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 16.13.56
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.25
PAYDAY 2
PlanetSide 2
Project Reality: BF2
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
RealUpgrade 1.1
Rockstar Games Social Club
Rust
Samsung_MonSetup
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SHIELD Streaming
SHIELD Wireless Controller Driver
Sid Meier's Civilization V
SimCity
Skype™ 6.16
Star Wars The Old Republic
Star Wars: The Old Republic
Steam
Symantec Endpoint Protection
TeraCopy 2.3
The Sims™ 3 ???? ???????
Tom Clancy's Ghost Recon Phantoms - NA
Total War ROME II
Total War: SHOGUN 2
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
UpdateService
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player
WinRAR 5.01 (64-bit)
WinZip 16.5
Wise Registry Cleaner 7.91
World of Guns: Gun Disassembly
Xfire 2.0
Xfire Codec (remove only)
.
==== Event Viewer Messages From Past Week ========
.
11/9/2014 7:53:25 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
11/9/2014 5:20:12 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Human Interface Device Access service to connect.
11/9/2014 5:20:12 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Desktop Window Manager Session Manager service to connect.
11/9/2014 5:20:12 AM, Error: Service Control Manager [7001]  - The Remote Procedure Call (RPC) service depends on the RPC Endpoint Mapper service which failed to start because of the following error:  The service has not been started.
11/9/2014 5:20:12 AM, Error: Service Control Manager [7001]  - The Distributed Link Tracking Client service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:20:12 AM, Error: Service Control Manager [7000]  - The Human Interface Device Access service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:20:12 AM, Error: Service Control Manager [7000]  - The Desktop Window Manager Session Manager service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:19:19 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the DNS Client service to connect.
11/9/2014 5:19:19 AM, Error: Service Control Manager [7001]  - The Telephony service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:19:19 AM, Error: Service Control Manager [7000]  - The DNS Client service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:19:16 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the RPC Endpoint Mapper service, but this action failed with the following error:  An instance of the service is already running.
11/9/2014 5:19:14 AM, Error: Service Control Manager [7001]  - The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:19:14 AM, Error: Service Control Manager [7001]  - The Base Filtering Engine service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:19:12 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Audio Endpoint Builder service to connect.
11/9/2014 5:19:12 AM, Error: Service Control Manager [7001]  - The Program Compatibility Assistant Service service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:19:12 AM, Error: Service Control Manager [7000]  - The Windows Audio Endpoint Builder service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:19:08 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Diagnostic Policy Service service to connect.
11/9/2014 5:19:08 AM, Error: Service Control Manager [7001]  - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:19:08 AM, Error: Service Control Manager [7000]  - The Diagnostic Policy Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:19:06 AM, Error: Service Control Manager [7001]  - The Group Policy Client service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:18:53 AM, Error: Service Control Manager [7001]  - The Cryptographic Services service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:18:19 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Workstation service to connect.
11/9/2014 5:18:19 AM, Error: Service Control Manager [7000]  - The Workstation service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:18:18 AM, Error: Service Control Manager [7034]  - The LANDesk® Software Monitoring Service service terminated unexpectedly.  It has done this 1 time(s).
11/9/2014 5:18:12 AM, Error: Service Control Manager [7034]  - The Diagnostic System Host service terminated unexpectedly.  It has done this 1 time(s).
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7001]  - The Network Connections service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:17:48 AM, Error: BROWSER [8007]  - The browser was unable to update the service status bits.  The data is the error.
11/9/2014 5:17:22 AM, Error: Service Control Manager [7031]  - The SSDP Discovery service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
11/9/2014 5:17:22 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the SSDP Discovery service to connect.
11/9/2014 5:17:22 AM, Error: Service Control Manager [7000]  - The SSDP Discovery service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7031]  - The Workstation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7031]  - The Telephony service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7031]  - The Network Location Awareness service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7031]  - The DNS Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7031]  - The Cryptographic Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7001]  - The Remote Procedure Call (RPC) service depends on the RPC Endpoint Mapper service which failed to start because of the following error:  The service has returned a service-specific error code.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:17:16 AM, Error: Service Control Manager [7031]  - The RPC Endpoint Mapper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:16 AM, Error: Service Control Manager [7031]  - The Remote Procedure Call (RPC) service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
11/9/2014 5:17:14 AM, Error: Service Control Manager [7031]  - The IPsec Policy Agent service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:11 AM, Error: Service Control Manager [7034]  - The Windows Image Acquisition (WIA) service terminated unexpectedly.  It has done this 1 time(s).
11/9/2014 5:17:08 AM, Error: Service Control Manager [7031]  - The Windows Firewall service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:08 AM, Error: Service Control Manager [7031]  - The Diagnostic Policy Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:08 AM, Error: Service Control Manager [7031]  - The Base Filtering Engine service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:06 AM, Error: Service Control Manager [7031]  - The Group Policy Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/7/2014 8:23:43 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user DorkStationAlph\Dork Station Alpha SID (S-1-5-21-3078656010-3260076242-355532602-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/7/2014 7:42:29 AM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 252.
11/7/2014 5:22:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070103: nVidia - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - NVIDIA GeForce GTX 760.
11/7/2014 5:21:14 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800706be: nVidia - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - NVIDIA GeForce GTX 760.
11/7/2014 5:02:34 AM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
11/7/2014 4:54:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800706ba: nVidia - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - NVIDIA GeForce GTX 760.
11/7/2014 4:40:33 AM, Error: Service Control Manager [7034]  - The AdvancedSystemCareAntivirus service terminated unexpectedly.  It has done this 1 time(s).
11/7/2014 4:36:19 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Symantec Management Client service to connect.
11/7/2014 4:36:19 AM, Error: Service Control Manager [7000]  - The Symantec Management Client service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/7/2014 4:24:10 AM, Error: Service Control Manager [7030]  - The Advanced SystemCare Service 7 service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
11/7/2014 4:06:38 AM, Error: Service Control Manager [7034]  - The LANDesk Targeted Multicast service terminated unexpectedly.  It has done this 1 time(s).
11/7/2014 4:06:02 AM, Error: Service Control Manager [7034]  - The RealPlayer Cloud Service service terminated unexpectedly.  It has done this 1 time(s).
11/7/2014 4:05:22 AM, Error: Service Control Manager [7034]  - The Intel PDS service terminated unexpectedly.  It has done this 1 time(s).
11/7/2014 4:00:20 AM, Error: Service Control Manager [7034]  - The RealPlayer Update Service service terminated unexpectedly.  It has done this 1 time(s).
11/7/2014 3:09:57 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
11/6/2014 4:15:27 AM, Error: volsnap [25]  - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
11/11/2014 9:34:17 PM, Error: Service Control Manager [7034]  - The PnkBstrA service terminated unexpectedly.  It has done this 1 time(s).
11/11/2014 9:31:20 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.
11/11/2014 9:31:20 PM, Error: Service Control Manager [7000]  - The MBAMService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/11/2014 4:44:21 AM, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {76D0CB12-7604-4048-B83C-1005C7DDC503}. The error: "5" Happened while starting this command: C:\Windows\SysWOW64\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}
11/11/2014 2:59:11 AM, Error: Schannel [36888]  - The following fatal alert was generated: 10. The internal error state is 10.
11/11/2014 11:59:22 PM, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
11/11/2014 11:48:13 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/11/2014 11:48:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/11/2014 11:48:05 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/11/2014 11:47:59 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/11/2014 11:47:56 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  BHDrvx64 ccSettings_{2FF4FBED-F03A-4EE2-AC58-C985811A4FBE} ctxusbm discache eeCtrl IDSVia64 spldr SRTSP SRTSPX SymIRON SYMNETS SysPlant Wanarpv6
11/11/2014 11:47:56 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
11/11/2014 11:17:04 PM, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. The error: "5" Happened while starting this command: C:\Windows\SysWOW64\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
11/11/2014 11:07:42 PM, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {06622D85-6856-4460-8DE1-A81921B41C4B}. The error: "5" Happened while starting this command: C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
11/11/2014 10:20:31 PM, Error: Service Control Manager [7038]  - The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/11/2014 10:20:31 PM, Error: Service Control Manager [7001]  - The Windows Driver Foundation - User-mode Driver Framework service depends on the Plug and Play service which failed to start because of the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Portable Device Enumerator Service service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Plug and Play service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The IPsec Policy Agent service failed to start due to the following error:  The service did not start due to a logon failure.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Human Interface Device Access service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Diagnostic System Host service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Computer Browser service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Application Experience service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:30 PM, Error: Service Control Manager [7038]  - The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/11/2014 10:20:30 PM, Error: Service Control Manager [7038]  - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/11/2014 10:20:30 PM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not start due to a logon failure.
11/11/2014 10:20:30 PM, Error: Service Control Manager [7000]  - The Symantec Management Client service failed to start due to the following error:  The pipe has been ended.
11/11/2014 10:20:30 PM, Error: Service Control Manager [7000]  - The Network List Service service failed to start due to the following error:  The service did not start due to a logon failure.
11/11/2014 10:18:12 PM, Error: Service Control Manager [7038]  - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/11/2014 10:18:12 PM, Error: Service Control Manager [7001]  - The Windows Driver Foundation - User-mode Driver Framework service depends on the Plug and Play service which failed to start because of the following error:  The service has not been started.
11/11/2014 10:18:12 PM, Error: Service Control Manager [7000]  - The Diagnostic Service Host service failed to start due to the following error:  The service did not start due to a logon failure.
11/11/2014 10:17:56 PM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-2147467243.
11/11/2014 10:17:56 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1069" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/11/2014 10:17:10 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
11/11/2014 10:17:10 PM, Error: Service Control Manager [7000]  - The MBAMScheduler service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/11/2014 10:14:50 PM, Error: Service Control Manager [7038]  - The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:  The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/11/2014 10:14:50 PM, Error: Service Control Manager [7000]  - The Windows Driver Foundation - User-mode Driver Framework service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:14:50 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1069" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/11/2014 10:13:00 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
11/11/2014 10:13:00 PM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/10/2014 8:14:18 PM, Error: Schannel [36887]  - The following fatal alert was received: 40.
.
==== End Of File ===========================

 


Edited by dar2623, 12 November 2014 - 01:06 AM.


#3 dar2623

dar2623
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 November 2014 - 11:33 AM

I ran rogue killer last night and removed another power.liks infection from the registry. The program doesn't appear to load when I log in as admin, but does as soon as I switch to my normal user login. On my normal user login I cannot download any of the programs this site recommends due to not having access. Contact administrator. I also cannot remove any programs.
Turned my computer on this morning to run some more scans and apparently it updated windows - I don't believe it was windows updating.... It did some registry updates.. I don't know..

Edited by dar2623, 12 November 2014 - 11:58 AM.


#4 dar2623

dar2623
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 November 2014 - 12:24 PM

I thought I would rerun DDS for you.  I logged into my normal user and all the malicious programs seem to be running.  I switched to my admin login to show all the programs running.  Still cant dl dds on my normal profile or any sort of removal program.  So here you go. 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 11.25.2
Run by Administrator at 12:17:50 on 2014-11-12
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8083.4784 [GMT -5:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/4/2013 9:37:03 AM
System Uptime: 11/12/2014 12:12:09 PM (0 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. |  | SABERTOOTH 990FX R2.0
Processor: AMD FX™-8350 Eight-Core Processor            | Socket 942 | 4013/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 178.015 GiB free.
D: is CDROM ()
F: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
3DMark
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader X (10.1.3)
Asmedia ASM104x USB 3.0 Host Controller Driver
Asmedia ASM106x SATA Host Controller Driver
ASUS Product Register Program
Battlefield 2
BitRaider Streaming Client
BitRaider Web Client
Cisco AnyConnect Secure Mobility Client
Cisco AnyConnect Secure Mobility Client
Citrix online plug-in
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (PNA)
Citrix online plug-in (SSON)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Command and Conquer Red Alert 3 - Uprising
Company of Heroes 2
Counter-Strike Nexon: Zombies
DAEMON Tools Lite
DayZ
Definition Update for Microsoft Office 2010 (KB2899521) 32-Bit Edition
ESET Online Scanner v3
Fallen Earth
Futuremark SystemInfo
Java 8 Update 25
Java Auto Updater
LANDesk Advance Agent
LANDesk® Common Base Agent 8
LG Burning Tool
LG CyberLink BD Advisor
LG CyberLink Blu-ray Disc Suite
LG CyberLink MediaEspresso
LG CyberLink MediaShow
LG CyberLink PowerDVD
LG CyberLink PowerProducer
LG CyberLink YouCam
LG Tool Kit
Malwarebytes Anti-Malware version 2.0.3.1025
March of War
Medieval II: Total War
Microsoft .NET Framework 4.5.1
Microsoft ASP.NET MVC 4 Runtime
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 4.0 Refresh
Napoleon: Total War
Neverwinter
NVIDIA 3D Vision Controller Driver 344.46
NVIDIA 3D Vision Driver 344.60
NVIDIA Control Panel 344.60
NVIDIA GeForce Experience 2.1.3
NVIDIA GeForce Experience Service
NVIDIA Graphics Driver 344.60
NVIDIA HD Audio Driver 1.3.32.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.14.0702
NVIDIA ShadowPlay 16.13.56
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 16.13.56
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.25
PAYDAY 2
PlanetSide 2
Project Reality: BF2
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
RealUpgrade 1.1
Rockstar Games Social Club
Rust
Samsung_MonSetup
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SHIELD Streaming
SHIELD Wireless Controller Driver
Sid Meier's Civilization V
SimCity
Skype™ 6.16
Star Wars The Old Republic
Star Wars: The Old Republic
Steam
Symantec Endpoint Protection
TeraCopy 2.3
The Sims™ 3 ???? ???????
Tom Clancy's Ghost Recon Phantoms - NA
Total War ROME II
Total War: SHOGUN 2
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2889935) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2878251) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
UpdateService
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player
WinRAR 5.01 (64-bit)
WinZip 16.5
Wise Registry Cleaner 7.91
World of Guns: Gun Disassembly
Xfire 2.0
Xfire Codec (remove only)
.
==== Event Viewer Messages From Past Week ========
.
11/9/2014 7:53:25 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
11/9/2014 5:20:12 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Human Interface Device Access service to connect.
11/9/2014 5:20:12 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Desktop Window Manager Session Manager service to connect.
11/9/2014 5:20:12 AM, Error: Service Control Manager [7001]  - The Remote Procedure Call (RPC) service depends on the RPC Endpoint Mapper service which failed to start because of the following error:  The service has not been started.
11/9/2014 5:20:12 AM, Error: Service Control Manager [7001]  - The Distributed Link Tracking Client service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:20:12 AM, Error: Service Control Manager [7000]  - The Human Interface Device Access service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:20:12 AM, Error: Service Control Manager [7000]  - The Desktop Window Manager Session Manager service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:19:19 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the DNS Client service to connect.
11/9/2014 5:19:19 AM, Error: Service Control Manager [7001]  - The Telephony service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:19:19 AM, Error: Service Control Manager [7000]  - The DNS Client service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:19:16 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the RPC Endpoint Mapper service, but this action failed with the following error:  An instance of the service is already running.
11/9/2014 5:19:14 AM, Error: Service Control Manager [7001]  - The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:19:14 AM, Error: Service Control Manager [7001]  - The Base Filtering Engine service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:19:12 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Audio Endpoint Builder service to connect.
11/9/2014 5:19:12 AM, Error: Service Control Manager [7001]  - The Program Compatibility Assistant Service service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:19:12 AM, Error: Service Control Manager [7000]  - The Windows Audio Endpoint Builder service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:19:08 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Diagnostic Policy Service service to connect.
11/9/2014 5:19:08 AM, Error: Service Control Manager [7001]  - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:19:08 AM, Error: Service Control Manager [7000]  - The Diagnostic Policy Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:19:06 AM, Error: Service Control Manager [7001]  - The Group Policy Client service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:18:53 AM, Error: Service Control Manager [7001]  - The Cryptographic Services service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:18:19 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Workstation service to connect.
11/9/2014 5:18:19 AM, Error: Service Control Manager [7000]  - The Workstation service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7034]  - The Diagnostic System Host service terminated unexpectedly.  It has done this 1 time(s).
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:18:12 AM, Error: Service Control Manager [7001]  - The Network Connections service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:17:48 AM, Error: BROWSER [8007]  - The browser was unable to update the service status bits.  The data is the error.
11/9/2014 5:17:22 AM, Error: Service Control Manager [7031]  - The SSDP Discovery service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
11/9/2014 5:17:22 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the SSDP Discovery service to connect.
11/9/2014 5:17:22 AM, Error: Service Control Manager [7000]  - The SSDP Discovery service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7031]  - The Workstation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7031]  - The Telephony service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7031]  - The Network Location Awareness service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7031]  - The DNS Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7031]  - The Cryptographic Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7001]  - The Remote Procedure Call (RPC) service depends on the RPC Endpoint Mapper service which failed to start because of the following error:  The service has returned a service-specific error code.
11/9/2014 5:17:19 AM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:  The dependency service or group failed to start.
11/9/2014 5:17:16 AM, Error: Service Control Manager [7031]  - The RPC Endpoint Mapper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:16 AM, Error: Service Control Manager [7031]  - The Remote Procedure Call (RPC) service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
11/9/2014 5:17:14 AM, Error: Service Control Manager [7031]  - The IPsec Policy Agent service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:11 AM, Error: Service Control Manager [7034]  - The Windows Image Acquisition (WIA) service terminated unexpectedly.  It has done this 1 time(s).
11/9/2014 5:17:08 AM, Error: Service Control Manager [7031]  - The Windows Firewall service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:08 AM, Error: Service Control Manager [7031]  - The Diagnostic Policy Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:08 AM, Error: Service Control Manager [7031]  - The Base Filtering Engine service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/9/2014 5:17:06 AM, Error: Service Control Manager [7031]  - The Group Policy Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/7/2014 8:23:43 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user DorkStationAlph\Dork Station Alpha SID (S-1-5-21-3078656010-3260076242-355532602-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/7/2014 7:42:29 AM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 252.
11/7/2014 5:22:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070103: nVidia - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - NVIDIA GeForce GTX 760.
11/7/2014 5:21:14 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800706be: nVidia - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - NVIDIA GeForce GTX 760.
11/7/2014 5:02:34 AM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
11/7/2014 4:54:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800706ba: nVidia - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - NVIDIA GeForce GTX 760.
11/7/2014 4:40:33 AM, Error: Service Control Manager [7034]  - The AdvancedSystemCareAntivirus service terminated unexpectedly.  It has done this 1 time(s).
11/7/2014 4:36:19 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Symantec Management Client service to connect.
11/7/2014 4:36:19 AM, Error: Service Control Manager [7000]  - The Symantec Management Client service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/7/2014 4:24:10 AM, Error: Service Control Manager [7030]  - The Advanced SystemCare Service 7 service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
11/7/2014 3:09:57 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
11/6/2014 4:15:27 AM, Error: volsnap [25]  - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
11/12/2014 12:13:50 PM, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 12:05:07 AM, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. The error: "5" Happened while starting this command: C:\Windows\SysWOW64\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
11/12/2014 11:38:55 AM, Error: Service Control Manager [7031]  - The Microsoft .NET Framework NGEN v4.0.30319_X86 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/12/2014 11:38:55 AM, Error: Service Control Manager [7031]  - The Cisco AnyConnect Secure Mobility Agent service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
11/12/2014 11:38:35 AM, Error: Application Popup [1060]  - \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/12/2014 11:07:44 AM, Error: Service Control Manager [7034]  - The LANDesk® Software Monitoring Service service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:43 AM, Error: Service Control Manager [7034]  - The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:42 AM, Error: Service Control Manager [7034]  - The RealPlayer Update Service service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:42 AM, Error: Service Control Manager [7034]  - The RealPlayer Cloud Service service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:42 AM, Error: Service Control Manager [7034]  - The RealNetworks Downloader Resolver Service service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:41 AM, Error: Service Control Manager [7034]  - The PnkBstrA service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:41 AM, Error: Service Control Manager [7034]  - The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:41 AM, Error: Service Control Manager [7034]  - The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:39 AM, Error: Service Control Manager [7034]  - The MBAMScheduler service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:39 AM, Error: Service Control Manager [7034]  - The LANDesk Targeted Multicast service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:38 AM, Error: Service Control Manager [7034]  - The LANDesk Remote Control Service service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:38 AM, Error: Service Control Manager [7034]  - The LANDesk Policy Invoker service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:38 AM, Error: Service Control Manager [7034]  - The Intel PDS service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:37 AM, Error: Service Control Manager [7034]  - The LANDesk® Management Agent service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:37 AM, Error: Service Control Manager [7034]  - The Intel Local Scheduler Service service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:37 AM, Error: Service Control Manager [7034]  - The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:07:29 AM, Error: Service Control Manager [7034]  - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly.  It has done this 1 time(s).
11/12/2014 11:04:27 AM, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {FCC74B77-EC3E-4DD8-A80B-008A702075A9}. The error: "5" Happened while starting this command: C:\Windows\SysWOW64\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9}
11/12/2014 11:04:02 AM, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {06622D85-6856-4460-8DE1-A81921B41C4B}. The error: "5" Happened while starting this command: C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
11/11/2014 9:31:20 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.
11/11/2014 9:31:20 PM, Error: Service Control Manager [7000]  - The MBAMService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/11/2014 4:44:21 AM, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {76D0CB12-7604-4048-B83C-1005C7DDC503}. The error: "5" Happened while starting this command: C:\Windows\SysWOW64\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}
11/11/2014 2:59:11 AM, Error: Schannel [36888]  - The following fatal alert was generated: 10. The internal error state is 10.
11/11/2014 11:48:13 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/11/2014 11:48:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/11/2014 11:48:05 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/11/2014 11:47:59 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/11/2014 11:47:56 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  BHDrvx64 ccSettings_{2FF4FBED-F03A-4EE2-AC58-C985811A4FBE} ctxusbm discache eeCtrl IDSVia64 spldr SRTSP SRTSPX SymIRON SYMNETS SysPlant Wanarpv6
11/11/2014 11:47:56 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7038]  - The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/11/2014 10:20:31 PM, Error: Service Control Manager [7001]  - The Windows Driver Foundation - User-mode Driver Framework service depends on the Plug and Play service which failed to start because of the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Portable Device Enumerator Service service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Plug and Play service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The IPsec Policy Agent service failed to start due to the following error:  The service did not start due to a logon failure.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Human Interface Device Access service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Diagnostic System Host service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Computer Browser service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:31 PM, Error: Service Control Manager [7000]  - The Application Experience service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:20:30 PM, Error: Service Control Manager [7038]  - The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/11/2014 10:20:30 PM, Error: Service Control Manager [7038]  - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/11/2014 10:20:30 PM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not start due to a logon failure.
11/11/2014 10:20:30 PM, Error: Service Control Manager [7000]  - The Symantec Management Client service failed to start due to the following error:  The pipe has been ended.
11/11/2014 10:20:30 PM, Error: Service Control Manager [7000]  - The Network List Service service failed to start due to the following error:  The service did not start due to a logon failure.
11/11/2014 10:18:12 PM, Error: Service Control Manager [7038]  - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/11/2014 10:18:12 PM, Error: Service Control Manager [7001]  - The Windows Driver Foundation - User-mode Driver Framework service depends on the Plug and Play service which failed to start because of the following error:  The service has not been started.
11/11/2014 10:18:12 PM, Error: Service Control Manager [7000]  - The Diagnostic Service Host service failed to start due to the following error:  The service did not start due to a logon failure.
11/11/2014 10:17:56 PM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-2147467243.
11/11/2014 10:17:56 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1069" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/11/2014 10:17:10 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
11/11/2014 10:17:10 PM, Error: Service Control Manager [7000]  - The MBAMScheduler service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/11/2014 10:14:50 PM, Error: Service Control Manager [7038]  - The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:  The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/11/2014 10:14:50 PM, Error: Service Control Manager [7000]  - The Windows Driver Foundation - User-mode Driver Framework service failed to start due to the following error:  A system shutdown is in progress.
11/11/2014 10:14:50 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1069" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/11/2014 10:13:00 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
11/11/2014 10:13:00 PM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/10/2014 8:14:18 PM, Error: Schannel [36887]  - The following fatal alert was received: 40.
.
==== End Of File ===========================

.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\LANDesk\Shared Files\residentagent.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files (x86)\LANDesk\LDClient\LocalSch.EXE
C:\Program Files (x86)\LANDesk\LDClient\collector.exe
C:\Program Files (x86)\LANDesk\LDClient\vulscan.exe
C:\Windows\SysWOW64\CBA\pds.exe
C:\PROGRA~2\LANDesk\LDClient\issuser.exe
C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
C:\Program Files (x86)\LANDesk\LDClient\policy.client.invoker.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
C:\Program Files (x86)\LANDesk\LDClient\softmon.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Dork Station Alpha\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Dork Station Alpha\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Windows\System32\regsvr32.exe
C:\Windows\SysWOW64\regsvr32.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Citrix\ICA Client\WFCRUN32.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\CyberLink\Power2Go\TaskScheduler.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx\ddhloccm.exe
C:\Windows\system32\sppsvc.exe
C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx\ddhloccm.exe
C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx\ddhloccm.exe
C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx\ddhloccm.exe
C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx\ddhloccm.exe
C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx\ddhloccm.exe
C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx\ddhloccm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\PROGRA~2\LANDesk\LDClient\rcgui.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
C:\Program Files (x86)\Citrix\ICA Client\WFCRUN32.EXE
C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx\ddhloccm.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx\ddhloccm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx\ddhloccm.exe
C:\Program Files (x86)\ASUS\APRP\aprp.exe
C:\Users\Dork Station Alpha\AppData\LocalLow\Adobe\Nczmcoxc\Scrldfexkzdx\ddhloccm.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Symantec Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\IPS\IPSBHO.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{E8B83011-3464-43C3-A152-DA55CB1C909B} : DHCPNameServer = 192.168.0.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} -
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\SEP\0C010FAD\0FAD.105\x64\SymDS64.sys [2013-12-11 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\SEP\0C010FAD\0FAD.105\x64\SymEFA64.sys [2013-12-11 1147480]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20141107.011\BHDrvx64.sys [2014-11-11 1586904]
R1 ccSettings_{2FF4FBED-F03A-4EE2-AC58-C985811A4FBE};Symantec Endpoint Protection 12.1.4013.4013.105 Settings Manager;C:\Windows\System32\drivers\SEP\0C010FAD\0FAD.105\x64\ccSetx64.sys [2013-12-11 169048]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2012-3-19 89536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-12-5 283064]
R1 IDSVia64;IDSVia64;C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20141111.011\IDSviA64.sys [2014-11-12 525016]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\SEP\0C010FAD\0FAD.105\x64\Ironx64.sys [2013-12-11 224856]
R1 SYMNETS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\SEP\0C010FAD\0FAD.105\x64\symnets.sys [2013-12-11 437336]
R2 CBA8;LANDesk® Management Agent;C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe [2013-8-19 158936]
R2 CISMBIOS;CISMBIOS;C:\Windows\System32\drivers\cismbios.sys [2014-4-30 21336]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-12 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-9-19 1149760]
R2 LANDesk Policy Invoker;LANDesk Policy Invoker;C:\Program Files (x86)\LANDesk\LDClient\policy.client.invoker.exe [2014-4-30 243200]
R2 LANDesk Targeted Multicast;LANDesk Targeted Multicast;C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe [2014-4-30 179200]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-7 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-7 968504]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-4 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-4 19440960]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-4-6 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-5-4 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-4-7 23552]
R2 SepMasterService;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [2013-12-11 144368]
R2 Softmon;LANDesk® Software Monitoring Service;C:\Program Files (x86)\LANDesk\LDClient\SoftMon.exe [2014-4-30 639464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-7 411968]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-12-13 544840]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-2-21 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-2-21 396776]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-9-10 142640]
R3 ldmirror;ldmirror;C:\Windows\System32\drivers\ldmirror.sys [2014-4-30 5120]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-11-7 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-11-7 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-11-7 63704]
R3 mirrorflt;Mirror Filter Driver for Uninstall;C:\Windows\System32\drivers\mirrorflt.sys [2014-4-30 7168]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-9 20288]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-9-19 38048]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-12-4 726160]
R4 IOMap;IOMap;C:\Windows\System32\drivers\IOMap64.sys [2013-12-4 23680]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2013/12/04 07:16:47;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-11-7 2151744]
S2 ProcTrigger;LANDesk® Process Trigger Service;C:\Program Files (x86)\LANDesk\LDClient\ProcTriggerSvc.exe [2014-4-30 153816]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 tracksvc;LANDesk® Power Management Track Service;C:\Program Files (x86)\LANDesk\LDClient\tracksvc.exe [2014-4-30 76048]
S3 acsock;acsock;C:\Windows\System32\drivers\acsock64.sys [2012-12-13 112080]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-1-5 49152]
S3 BRDriver64;BRDriver64;C:\ProgramData\BitRaider\BRDriver64.sys [2013-12-19 75048]
S3 BRSptStub;BitRaider Mini-Support Service Stub Loader;C:\ProgramData\BitRaider\BRSptStub.exe [2014-10-15 363208]
S3 BRSptSvc;BitRaider Mini-Support Service;C:\ProgramData\BitRaider\BRSptSvc.exe [2013-12-19 477960]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2013-10-15 520416]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 ldblank;Screen Blanking driver for Remote Control;C:\Windows\System32\drivers\ldblank.sys [2014-4-30 20992]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-6 19456]
S3 SyDvCtrl;SyDvCtrl;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\SyDvCtrl64.sys [2013-12-11 34800]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-11-7 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-12-6 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-12-6 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 XFDriver64;XFDriver64;C:\Program Files (x86)\Xfire2\XFDriver64.sys [2013-12-26 17160]
.
=============== Created Last 30 ================
.
2014-11-12 16:28:45 -------- d-sh--w- C:\Users\Administrator\AppData\Local\EmieBrowserModeList
2014-11-12 06:17:47 34808 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2014-11-12 06:17:44 -------- d-----w- C:\ProgramData\RogueKiller
2014-11-12 05:07:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-11-12 05:07:59 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-11-12 05:07:59 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-11-12 05:07:57 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-11-12 05:07:57 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-11-12 05:07:55 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-11-12 05:07:55 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-11-12 04:59:50 -------- d-----w- C:\Users\Administrator\AppData\Local\Power2Go
2014-11-12 04:59:24 -------- d-----w- C:\Users\Administrator\AppData\Roaming\ProductData
2014-11-12 04:58:35 -------- d-----w- C:\Users\Administrator\AppData\Local\Symantec
2014-11-12 04:48:26 -------- d-sh--w- C:\Users\Administrator\AppData\Local\EmieUserList
2014-11-12 04:48:26 -------- d-sh--w- C:\Users\Administrator\AppData\Local\EmieSiteList
2014-11-11 21:01:15 17926832 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-11-07 16:49:06 6584320 ----a-w- C:\Windows\System32\mstscax.dll
2014-11-07 16:49:06 5703168 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-11-07 13:40:40 614728 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-11-07 13:40:09 2558792 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-11-07 13:37:11 935232 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-11-07 13:37:11 6880968 ----a-w- C:\Windows\System32\nvcpl.dll
2014-11-07 13:37:11 61640 ----a-w- C:\Windows\System32\nvshext.dll
2014-11-07 13:37:11 4066553 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-11-07 13:37:11 385352 ----a-w- C:\Windows\System32\nvmctray.dll
2014-11-07 13:37:11 3533632 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-11-07 13:36:45 73872 ----a-w- C:\Windows\System32\OpenCL.dll
2014-11-07 13:36:45 60744 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-11-07 13:07:25 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-07 13:06:53 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-07 13:06:53 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-07 13:06:53 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-07 13:06:53 -------- d-----w- C:\ProgramData\Malwarebytes
2014-11-07 13:06:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-07 11:35:54 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-07 11:34:05 -------- d-----w- C:\ProgramData\Oracle
2014-11-07 11:13:02 -------- d-----w- C:\Program Files (x86)\ESET
2014-11-07 10:52:08 -------- d-sh--w- C:\$RECYCLE.BIN
2014-11-07 10:46:21 98816 ----a-w- C:\Windows\sed.exe
2014-11-07 10:46:21 256000 ----a-w- C:\Windows\PEV.exe
2014-11-07 10:46:21 208896 ----a-w- C:\Windows\MBR.exe
2014-11-07 10:46:01 -------- d-s---w- C:\ComboFix
2014-11-07 10:24:18 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2014-11-07 09:51:10 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-11-07 09:49:26 -------- d-----w- C:\AdwCleaner
2014-11-07 09:32:13 -------- d-----w- C:\FRST
2014-11-07 09:23:54 -------- d-----w- C:\ProgramData\ProductData
2014-11-07 09:23:52 -------- d-----w- C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-11-07 09:23:52 -------- d-----w- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-11-07 09:22:50 -------- d-----w- C:\Program Files (x86)\IObit
2014-11-07 09:22:48 -------- d-----w- C:\ProgramData\IObit
2014-11-07 08:25:12 1876296 ----a-w- C:\Windows\System32\nvdispco6434460.dll
2014-11-07 08:25:12 1539272 ----a-w- C:\Windows\System32\nvdispgenco6434460.dll
2014-11-06 08:03:32 0 ----a-w- C:\Windows\System32\koymjtg.dll
2014-10-16 07:09:54 3528440 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Csi.dll
2014-10-16 07:07:46 5085936 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll
2014-10-15 07:15:21 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
.
==================== Find3M  ====================
.
2014-11-11 21:01:35 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-11 21:01:35 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-05 17:56:54 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-05 17:56:36 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-05 17:52:22 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-10-14 02:20:39 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:16:37 341504 ----a-w- C:\Windows\System32\schannel.dll
2014-10-14 02:16:33 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-10-14 02:16:30 729600 ----a-w- C:\Windows\System32\kerberos.dll
2014-10-14 02:16:30 1463808 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:16:24 463872 ----a-w- C:\Windows\System32\certcli.dll
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:02 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:11:08 686592 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:01 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-10-14 01:50:01 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:49:58 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-10-14 01:49:53 551424 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-10-14 01:49:45 342528 ----a-w- C:\Windows\SysWow64\certcli.dll
2014-10-14 01:48:55 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:46:48 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:45:17 686592 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-04 06:42:47 2197680 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-10-04 06:42:47 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-10-04 06:41:43 2800296 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-10-04 06:41:43 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-09-27 00:15:42 281152 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-09-27 00:15:42 281152 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-09-27 00:15:36 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-17 04:51:20 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2014-09-17 04:51:20 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2014-09-17 04:51:20 1538880 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2014-09-13 23:48:03 1876296 ----a-w- C:\Windows\System32\nvdispco6434411.dll
2014-09-13 23:48:03 1539272 ----a-w- C:\Windows\System32\nvdispgenco6434411.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-04 19:14:38 38048 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-09-04 19:14:38 34976 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-09-04 19:14:38 32416 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-08-29 02:07:13 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-21 06:43:26 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-08-21 06:40:32 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-08-21 06:26:21 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-08-21 06:23:10 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-08-19 03:11:28 693176 ----a-w- C:\Windows\System32\winload.efi
2014-08-19 03:10:10 616352 ----a-w- C:\Windows\System32\winresume.efi
2014-08-19 03:08:04 503808 ----a-w- C:\Windows\System32\srcore.dll
2014-08-19 03:08:04 50176 ----a-w- C:\Windows\System32\srclient.dll
2014-08-19 03:08:03 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2014-08-19 03:07:51 58880 ----a-w- C:\Windows\System32\appidapi.dll
2014-08-19 03:07:51 32256 ----a-w- C:\Windows\System32\appidsvc.dll
2014-08-19 03:07:33 296960 ----a-w- C:\Windows\System32\rstrui.exe
2014-08-19 03:07:11 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2014-08-19 03:07:11 146944 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2014-08-19 02:41:39 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2014-08-19 02:41:22 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2014-08-19 02:06:56 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
.
============= FINISH: 12:20:11.34 ===============
 



#5 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:30 AM

Posted 16 November 2014 - 11:45 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/555795 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#6 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:30 AM

Posted 21 November 2014 - 11:50 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users