Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Update will not run


  • Please log in to reply
33 replies to this topic

#1 Blackstar57

Blackstar57

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:30 PM

Posted 04 May 2015 - 07:27 AM

I have an ASUS laptop here that was passed to me to try to get running for a friend's Mother. She originally couldn't log on but I got that fixed.  There were a lot of adware and spyware files on this thing. 4 tool bars. 2 anti viruses neither one current.

 

 Cleaned up everything with AVG free and Malware Bytes. Running well now but can't run win update. Try to update and I get the log on window but with red bar and red x. Click the update button and I get pop-up...Windows update cannot currently check for updates because the service is not running. you may need to restart the computer.

 

Restart does not fix. Checked services and update service IS running.

 

Any suggestions?

 

Glenn


Edited by hamluis, 04 May 2015 - 10:44 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:30 PM

Posted 04 May 2015 - 12:45 PM

Hi there,

Let's make sure that the machine is clean before we attempt repairs.

MiniToolbox by Farbar

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

===

Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

===

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.
  • Click on Scan to be taken to the scan options. If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.
  • Click on the Full Scan button to start the scan.
  • When the scan is completed click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop, and attach it to your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
Regards,
Alex

#3 Blackstar57

Blackstar57
  • Topic Starter

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:30 PM

Posted 04 May 2015 - 01:07 PM

Mini tool text

 

MiniToolBox by Farbar  Version: 14-04-2015
Ran by Bev (administrator) on 04-05-2015 at 14:47:26
Running from "C:\Users\Bev\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: K54C Manufacturer: ASUSTeK Computer Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15310 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection 2 (Connected)
Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : asus
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : eastlink.ca

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . : eastlink.ca
   Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) #2
   Physical Address. . . . . . . . . : 54-04-A6-4D-09-32
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::519c:986e:d80c:738e%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 24.222.239.95(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Lease Obtained. . . . . . . . . . : May-04-15 9:13:44 AM
   Lease Expires . . . . . . . . . . : May-06-15 9:13:46 AM
   Default Gateway . . . . . . . . . : 24.222.236.1
   DHCP Server . . . . . . . . . . . : 24.222.150.150
   DHCPv6 IAID . . . . . . . . . . . : 341050534
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-82-63-30-54-04-A6-1F-87-61
   DNS Servers . . . . . . . . . . . : 24.222.0.94
                                       24.222.0.95
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : E4-D5-3D-AF-99-3D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.eastlink.ca:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : eastlink.ca
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1c4b:4e4:e721:10a0(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1c4b:4e4:e721:10a0%16(Preferred)
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{C6621452-D486-4CBD-B838-7D13625F1F65}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Connection-specific DNS Suffix  . : eastlink.ca
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:18de:ef5f::18de:ef5f(Preferred)
   Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
                                       2002:c058:6301::1
   DNS Servers . . . . . . . . . . . : 24.222.0.94
                                       24.222.0.95
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cns01.eastlink.ca
Address:  24.222.0.94

Name:    google.com
Addresses:  2607:f8b0:4006:80e::200e
   24.222.46.241
   24.222.46.242
   24.222.46.247
   24.222.46.243
   24.222.46.248
   24.222.46.244
   24.222.46.240
   24.222.46.250
   24.222.46.246
   24.222.46.251
   24.222.46.249
   24.222.46.245

Pinging google.com [24.222.46.244] with 32 bytes of data:
Reply from 24.222.46.244: bytes=32 time=13ms TTL=60
Reply from 24.222.46.244: bytes=32 time=9ms TTL=60

Ping statistics for 24.222.46.244:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 13ms, Average = 11ms
Server:  cns01.eastlink.ca
Address:  24.222.0.94

Name:    yahoo.com
Addresses:  98.139.183.24
   98.138.253.109
   206.190.36.45

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=77ms TTL=49
Reply from 98.138.253.109: bytes=32 time=82ms TTL=49

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 77ms, Maximum = 82ms, Average = 79ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...54 04 a6 4d 09 32 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) #2
 12...e4 d5 3d af 99 3d ......Atheros AR9285 Wireless Network Adapter
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     24.222.236.1    24.222.239.95     20
     24.222.236.0    255.255.252.0         On-link     24.222.239.95    276
    24.222.239.95  255.255.255.255         On-link     24.222.239.95    276
   24.222.239.255  255.255.255.255         On-link     24.222.239.95    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     24.222.239.95    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     24.222.239.95    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14   1056 ::/0                     2002:c058:6301::c058:6301
 14   1057 ::/0                     2002:c058:6301::1
  1    306 ::1/128                  On-link
 16     58 2001::/32                On-link
 16    306 2001:0:9d38:6ab8:1c4b:4e4:e721:10a0/128
                                    On-link
 14   1025 2002::/16                On-link
 14    281 2002:18de:ef5f::18de:ef5f/128
                                    On-link
 13    276 fe80::/64                On-link
 16    306 fe80::/64                On-link
 16    306 fe80::1c4b:4e4:e721:10a0/128
                                    On-link
 13    276 fe80::519c:986e:d80c:738e/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    306 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/04/2015 09:12:54 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (05/04/2015 09:04:40 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed

Error: (05/04/2015 09:04:10 AM) (Source: CVHSVC) (User: )
Description: Information only.
Too many failures while downloading ranges: 2

Error: (05/02/2015 09:16:43 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed

Error: (05/02/2015 09:16:12 PM) (Source: CVHSVC) (User: )
Description: Information only.
Too many failures while downloading ranges: 2

Error: (05/02/2015 09:00:50 PM) (Source: Microsoft-Windows-LoadPerf) (User: asus)
Description: Unloading the performance counter strings for service MSDTC Bridge 4.0.0.0 (MSDTC Bridge 4.0.0.0) failed. The first DWORD in the Data section contains the error code.

Error: (05/02/2015 09:00:50 PM) (Source: Microsoft-Windows-LoadPerf) (User: asus)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/02/2015 09:00:50 PM) (Source: Microsoft-Windows-LoadPerf) (User: asus)
Description: Unloading the performance counter strings for service MSDTC Bridge 4.0.0.0 (MSDTC Bridge 4.0.0.0) failed. The first DWORD in the Data section contains the error code.

Error: (05/02/2015 09:00:50 PM) (Source: Microsoft-Windows-LoadPerf) (User: asus)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/02/2015 09:00:48 PM) (Source: Microsoft-Windows-LoadPerf) (User: asus)
Description: Unloading the performance counter strings for service SMSvcHost 4.0.0.0 (SMSvcHost 4.0.0.0) failed. The first DWORD in the Data section contains the error code.

System errors:
=============
Error: (05/02/2015 07:09:50 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS Client initialization failed. Last error: 0x80080005

Error: (05/02/2015 07:09:49 PM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/02/2015 06:55:24 PM) (Source: DCOM) (User: )
Description: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}

Error: (05/01/2015 09:34:08 PM) (Source: Service Control Manager) (User: )
Description: The SASDIFSV service failed to start due to the following error:
%%183

Error: (05/01/2015 09:33:40 PM) (Source: Service Control Manager) (User: )
Description: The SASDIFSV service failed to start due to the following error:
%%183

Error: (05/01/2015 09:30:54 PM) (Source: Service Control Manager) (User: )
Description: The SASDIFSV service failed to start due to the following error:
%%183

Error: (05/01/2015 08:57:36 PM) (Source: DCOM) (User: )
Description: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}

Error: (05/01/2015 07:41:40 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/01/2015 07:40:47 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.

Error: (04/30/2015 10:12:23 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated unexpectedly.  It has done this 1 time(s).

Microsoft Office Sessions:
=========================
Error: (05/04/2015 09:12:54 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (05/04/2015 09:04:40 AM) (Source: CVHSVC)(User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (05/04/2015 09:04:10 AM) (Source: CVHSVC)(User: )
Description: Too many failures while downloading ranges: 2

Error: (05/02/2015 09:16:43 PM) (Source: CVHSVC)(User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (05/02/2015 09:16:12 PM) (Source: CVHSVC)(User: )
Description: Too many failures while downloading ranges: 2

Error: (05/02/2015 09:00:50 PM) (Source: Microsoft-Windows-LoadPerf)(User: asus)
Description: MSDTC Bridge 4.0.0.0MSDTC Bridge 4.0.0.08F20300004D070000

Error: (05/02/2015 09:00:50 PM) (Source: Microsoft-Windows-LoadPerf)(User: asus)
Description: Performance1637070000000000000000000009030000

Error: (05/02/2015 09:00:50 PM) (Source: Microsoft-Windows-LoadPerf)(User: asus)
Description: MSDTC Bridge 4.0.0.0MSDTC Bridge 4.0.0.08F20300004D070000

Error: (05/02/2015 09:00:50 PM) (Source: Microsoft-Windows-LoadPerf)(User: asus)
Description: Performance1637070000000000000000000009030000

Error: (05/02/2015 09:00:48 PM) (Source: Microsoft-Windows-LoadPerf)(User: asus)
Description: SMSvcHost 4.0.0.0SMSvcHost 4.0.0.08F20300004D070000

 

=========================== Installed Programs ============================
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.4.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0015 - ASUS)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5941 - AVG Technologies)
AVG 2015 (Version: 15.0.4339 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5941 - AVG Technologies) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E581F27C-B798-42D8-9BD1-0A469A2C97AE}) (Version:  - Microsoft)
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.165 - Google Inc.) Hidden
Intel® Chipset Device Software (Version: 10.0.26 - Intel Corporation) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.26 - Intel® Corporation) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Kobo (HKLM-x32\...\Kobo) (Version: 3.2.3 - Kobo Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6410 - Realtek Semiconductor Corp.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1150 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D7D96A96-F61F-48AD-B2DC-4F4B6938D2AB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2B7EA7DF-B822-4C58-B90A-961B6BAF454B}) (Version:  - Microsoft)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 4000.13 MB
Available physical RAM: 2228.48 MB
Total Pagefile: 7998.43 MB
Available Pagefile: 6050.34 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.98 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:125.03 GB) (Free:80.98 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:148.06 GB) (Free:147.92 GB) NTFS

========================= Users: ========================================

User accounts for \\ASUS

Administrator            Bev                      Guest                   

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

01-05-2015 22:45:21 Removed AVG 2013
01-05-2015 22:47:05 Removed AVG 2015
01-05-2015 22:52:17 Installed AVG 2015
01-05-2015 22:52:54 Installed AVG 2015
02-05-2015 02:32:47 Language Pack Removal
02-05-2015 19:18:24 Removed ASUS FancyStart
02-05-2015 23:55:22 Intel® Driver Update Utility

**** End of log ****



#4 Blackstar57

Blackstar57
  • Topic Starter

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:30 PM

Posted 04 May 2015 - 01:08 PM

Security check

 

 Results of screen317's Security Check version 1.001 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
AVG AntiVirus Free Edition 2015  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File 
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Reader XI 
 Google Chrome 30.0.1599.101 Google Chrome out of date! 
````````Process Check: objlist.exe by Laurent```````` 
 AVG avgwdsvc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````
 



#5 Blackstar57

Blackstar57
  • Topic Starter

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:30 PM

Posted 04 May 2015 - 10:40 PM

Emisoft scan

 

Emsisoft Emergency Kit - Version 9.0
Last update: 5/4/2015 11:57:14 PM
User account: asus\Bev

Scan settings:

Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\, D:\, Q:\

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 5/4/2015 11:57:51 PM
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B0441A0E-A49A-4E16-AFC1-74ECCED1921F}  detected: Application.AdTool (A)
Key: HKEY_USERS\S-1-5-21-2521594267-3202800159-1630477103-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B0441A0E-A49A-4E16-AFC1-74ECCED1921F}  detected: Application.AdTool (A)
C:\Program Files (x86)\Conduit  detected: Application.AppInstall (A)
C:\Users\Bev\AppData\Local\Conduit  detected: Application.AppInstall (A)
C:\ProgramData\partner  detected: Application.AppInstall (A)
C:\Users\Bev\AppData\Local\iac  detected: Application.AppInstall (A)
C:\Program Files (x86)\mypc backup  detected: Application.AppInstall (A)
C:\Users\Bev\AppData\LocalLow\PriceGong  detected: Application.AdExt (A)
Key: HKEY_USERS\S-1-5-21-2521594267-3202800159-1630477103-1000\SOFTWARE\CONDUIT  detected: Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\CONDUIT  detected: Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\BINGBAR_RASMANCS  detected: Application.Win32.InstallExt (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}  detected: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}  detected: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}  detected: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}  detected: Application.AdReg (A)
Value: HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN -> SEARCHPROTECT  detected: Application.AdStart (A)
Value: HKEY_USERS\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN -> SEARCHPROTECT  detected: Application.AdStart (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SYSTWEAK  detected: Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\WISECONVERT_B  detected: Application.InstallAd (A)
Key: HKEY_USERS\S-1-5-21-2521594267-3202800159-1630477103-1000\SOFTWARE\APPDATALOW\SOFTWARE\PRICEGONG  detected: Application.AdExt (A)
Key: HKEY_USERS\S-1-5-21-2521594267-3202800159-1630477103-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\DOMSTORAGE\SUPERFISH.COM  detected: Application.AdFish (A)
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll  detected: Application.Win32.WebToolbar (A)
C:\Users\Bev\AppData\Local\Temp\nsb6FA6.exe  detected: Application.Win32.InstallAd (A)

Scanned 188202
Found 23

Scan end: 5/5/2015 12:36:14 AM
Scan time: 0:38:23

C:\Users\Bev\AppData\Local\Temp\nsb6FA6.exe Quarantined Application.Win32.InstallAd (A)
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll Quarantined Application.Win32.WebToolbar (A)
Key: HKEY_USERS\S-1-5-21-2521594267-3202800159-1630477103-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\DOMSTORAGE\SUPERFISH.COM Quarantined Application.AdFish (A)
Key: HKEY_USERS\S-1-5-21-2521594267-3202800159-1630477103-1000\SOFTWARE\APPDATALOW\SOFTWARE\PRICEGONG Quarantined Application.AdExt (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\WISECONVERT_B Quarantined Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SYSTWEAK Quarantined Application.InstallAd (A)
Value: HKEY_USERS\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN -> SEARCHPROTECT Quarantined Application.AdStart (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Quarantined Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Quarantined Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Quarantined Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Quarantined Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\BINGBAR_RASMANCS Quarantined Application.Win32.InstallExt (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\CONDUIT Quarantined Application.InstallAd (A)
Key: HKEY_USERS\S-1-5-21-2521594267-3202800159-1630477103-1000\SOFTWARE\CONDUIT Quarantined Application.InstallAd (A)
C:\Users\Bev\AppData\LocalLow\PriceGong Quarantined Application.AdExt (A)
C:\Program Files (x86)\mypc backup Quarantined Application.AppInstall (A)
C:\Users\Bev\AppData\Local\iac Quarantined Application.AppInstall (A)
C:\ProgramData\partner Quarantined Application.AppInstall (A)
C:\Users\Bev\AppData\Local\Conduit Quarantined Application.AppInstall (A)
C:\Program Files (x86)\Conduit Quarantined Application.AppInstall (A)
Key: HKEY_USERS\S-1-5-21-2521594267-3202800159-1630477103-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B0441A0E-A49A-4E16-AFC1-74ECCED1921F} Quarantined Application.AdTool (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B0441A0E-A49A-4E16-AFC1-74ECCED1921F} Quarantined Application.AdTool (A)

Quarantined 22



#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:30 PM

Posted 05 May 2015 - 02:16 AM

Hi there,

Please uninstall SUPERAntiSpyware - it is no longer recommended due to declining performance.

That's a lot of traces... please run the following tools to clean them out.

AdwCleaner - Scan & Clean

Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
===

Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
===

Malwarebytes Anti-Malware

Download Malwarebytes Anti-Malware from here.

Double click on the file mbam-setup-2.x.x.xxxx.exe to install the application. (x.x.xxxx is the version)
  • Follow the prompt. At the end place a checkmark in Launch Malwarebytes Anti-Malware, then choose Finish.
  • When MBAM opens it will says Your database is out of date. Choose Fix Now.
  • Click on the Scan tab at the top of the window, choose Threat Scan, then Scan Now.
  • If you receive a message that updates are available, choose Update Now button (the scan will start after updates are completed).
  • Please be patient as the scan will take some time.
  • If MBAM detected threats, choose Quarantine for all items, then click Apply Actions.
  • While still on the Scan tab, choose View detailed log. In the window that opens, click the Export button, choose Text file (*.txt) and save the log to your Desktop.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Please post the logs from AdwCleaner, JRT and MBAM in your next replies - if they are too long, split them into multiple posts.

Regards,
Alex

#7 Blackstar57

Blackstar57
  • Topic Starter

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:30 PM

Posted 05 May 2015 - 08:39 AM

Adwcleaner scan

 

# AdwCleaner v4.203 - Logfile created 05/05/2015 at 10:36:51
# Updated 30/04/2015 by Xplode
# Database : 2015-05-02.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Bev - ASUS
# Running from : C:\Users\Bev\Desktop\adwcleaner_4.203.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Google Chrome v42.0.2311.135

*************************

AdwCleaner[R0].txt - [2679 bytes] - [05/05/2015 10:24:54]
AdwCleaner[R1].txt - [667 bytes] - [05/05/2015 10:36:51]
AdwCleaner[S0].txt - [2745 bytes] - [05/05/2015 10:27:18]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [784 bytes] ##########



#8 Blackstar57

Blackstar57
  • Topic Starter

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:30 PM

Posted 05 May 2015 - 08:46 AM

JRT scan

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.7 (04.30.2015:1)
OS: Windows 7 Home Premium x64
Ran by Bev on 05/05/2015 at 10:41:18.88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Tasks

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/05/2015 at 10:43:50.90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#9 Blackstar57

Blackstar57
  • Topic Starter

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:30 PM

Posted 05 May 2015 - 09:17 AM

mbam

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 05/05/2015
Scan Time: 10:51:08 AM
Logfile: mbam.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.03.09.05
Rootkit Database: v2015.04.21.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Bev

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 384379
Time Elapsed: 17 min, 46 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.WiseConvert.A, C:\Users\Bev\AppData\Local\Temp\WiseConvert_B2, Quarantined, [76039ca799f151e5b0f0236e45be28d8],

Files: 3
PUP.Optional.ClientConnect, C:\Users\Bev\AppData\Local\Temp\WiseConvert_B2\nss83D.tbWis0.dll, Quarantined, [1f5ab291a2e82214c6e002c8e41d5aa6],
PUP.Optional.ClientConnect, C:\Users\Bev\AppData\Local\Temp\WiseConvert_B2\tbWis0.dll, Quarantined, [5326f64d7614e551683e8644ff0219e7],
PUP.Optional.WiseConvert.A, C:\Users\Bev\AppData\Local\Temp\WiseConvert_B2\toolbar.cfg, Quarantined, [76039ca799f151e5b0f0236e45be28d8],

Physical Sectors: 0
(No malicious items detected)

(end)


That's everything I think. Thank you for your time Alex.

 

Glenn



#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:30 PM

Posted 05 May 2015 - 09:57 AM

Looks good... Time for a final scan, then it's repair time.

This scan is long, so be patient.

ESET Online Scanner

You will need to use Internet Explorer for this scan.
  • Hold down Ctrl and click here to open ESET Online Scanner in a new window.
  • Click the ESET Online Scanner button.
  • Put a checkmark in "YES, I accept the Terms of Use."
  • Click Start.
  • Accept any security warnings from your browser.
  • Under Scan settings, put a checkmark in Scan Archives.
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Scan.
  • ESET Online Scanner will automatically update and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats.
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Regards,
Alex

#11 Blackstar57

Blackstar57
  • Topic Starter

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:30 PM

Posted 05 May 2015 - 12:15 PM

Did the Eset scan and found 2 threats that were deleted. Click on export to text file but it won't let me save it to my desk top.



#12 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:30 PM

Posted 05 May 2015 - 12:16 PM

Hi there,

Can you try saving it somewhere else (i.e. My Documents)?

Regards,
Alex

#13 Blackstar57

Blackstar57
  • Topic Starter

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:30 PM

Posted 05 May 2015 - 12:17 PM

One threat looks like an adw cleaner quarantine file, the other is a temp internet file. both deleted.



#14 Blackstar57

Blackstar57
  • Topic Starter

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:30 PM

Posted 05 May 2015 - 12:20 PM

Tried that. In the file name box it says *txt.

save as box says text files . Like there's nothing to save??


C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir a variant of Win64/Systweak.A potentially unwanted application deleted - quarantined
C:\Users\Bev\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3CDZQH06\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi a variant of Win32/PriceGong.A potentially unwanted application deleted - quarantined

Copied to clipboard



#15 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:30 PM

Posted 05 May 2015 - 12:23 PM

That should do it. Sorry for the inconvenience.

Please follow the instructions below to repair your Windows installation.

Tweaking.com - Windows Repair All-In-One

- Download Windows Repair All-In-One from here.

- Extract tweaking.com_windows_repair_aio.zip to a folder on your Desktop.

- Disable all your antivirus and antimalware software - see how to do that here.
- Right click on QfBzvq1.png and select Run as Administrator (XP users just double click) to start Windows Repair All-In-One.
(Windows Vista/7/8 users: Accept UAC warning if it is enabled.)

- A window will appear. Click Step 2.
2f8o60N.png

- Click the Open Pre-Scan button, then click Start Scan. Wait for Windows Repair to finish scanning.

- Depending on which error Windows Repair found, click Repair Reparse Point or Repair Environment Variable accordingly. When the button changes to "Done!", click the close button to return to Windows Repair.

- Go to Step 3, then click Check in the See If Check Disk Is Needed.

- If Windows Repair stated that errors are found, click Open Check Disk At Next Boot. Choose (/R) Fixes errors on the disk also locate bad sectors and recovers readable information, then click Add To Next Boot. Reboot the computer to let Windows check the disk.
Ymy7crZ.png

- Go to Step 4, then click Do It.
zDtdN75.png

- Go to Step 5. Under System Restore click Create.
f7lEe1N.png

- Go to Repairs and click Open Repairs. Leave all checkmarks as they are, then click Start Repairs.
PGv2vtD.png

- By default Windows Repair All-In-One will create a Log folder in its folder on the Desktop. Please post the contents of the log in your next reply (if it's too long, split it into multiple posts).

Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users