Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

(x86)\user extensions\client.exe is not a valid win32 application


  • Please log in to reply
4 replies to this topic

#1 sugarwaffles

sugarwaffles

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mahopac, NY
  • Local time:04:16 AM

Posted 02 August 2015 - 11:29 AM

I am getting this error message every time I reboot my computer.

 

Also, since my factory restore I cannot turn System Restore on.

 

Any thoughts?

 

Thanks to anyone that can help me.



BC AdBot (Login to Remove)

 


m

#2 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:16 AM

Posted 02 August 2015 - 11:34 AM

Hello,
 
please download MiniToolBox by Farbar and save it to your desktop.
 
Run tool as Administrator and make sure that these options are checked :
 
  • Flush DNS
  • Reset IE Proxy Settings
  • Reset FF Proxy Settings
  • List Installed Programs
  • List last 10 Event Viewer Errors
 
Post log here .

Edited by Firehouse, 02 August 2015 - 11:34 AM.


#3 sugarwaffles

sugarwaffles
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mahopac, NY
  • Local time:04:16 AM

Posted 02 August 2015 - 11:54 AM

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by Debbie (administrator) on 02-08-2015 at 12:54:29
Running from "C:\Users\Debbie\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Inspiron 660 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

"Reset FF Proxy Settings": Firefox Proxy settings were reset.


========================= Event log errors: ===============================

Application errors:
==================
Error: (08/02/2015 12:52:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2015 08:21:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2015 04:54:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2422.0,language="*",type="win32",version="45.0.2422.0"1".
Dependent Assembly 45.0.2422.0,language="*",type="win32",version="45.0.2422.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/01/2015 04:46:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2422.0,language="*",type="win32",version="45.0.2422.0"1".
Dependent Assembly 45.0.2422.0,language="*",type="win32",version="45.0.2422.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/31/2015 06:06:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2015 04:50:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2422.0,language="*",type="win32",version="45.0.2422.0"1".
Dependent Assembly 45.0.2422.0,language="*",type="win32",version="45.0.2422.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/30/2015 07:21:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2015 03:10:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2422.0,language="*",type="win32",version="45.0.2422.0"1".
Dependent Assembly 45.0.2422.0,language="*",type="win32",version="45.0.2422.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/30/2015 12:44:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2422.0,language="*",type="win32",version="45.0.2422.0"1".
Dependent Assembly 45.0.2422.0,language="*",type="win32",version="45.0.2422.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/29/2015 09:33:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/02/2015 12:51:59 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/02/2015 12:50:43 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (08/02/2015 09:26:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.

Error: (08/02/2015 08:21:10 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/02/2015 08:19:51 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (07/31/2015 06:06:14 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/31/2015 06:05:00 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (07/30/2015 07:20:47 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/30/2015 07:19:32 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (07/29/2015 10:07:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.203.638.0).


Microsoft Office Sessions:
=========================
Error: (08/02/2015 12:52:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2015 08:21:47 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2015 04:54:31 AM) (Source: SideBySide)(User: )
Description: 45.0.2422.0,language="*",type="win32",version="45.0.2422.0"c:\users\debbie\appdata\local\chromium\application\chrome.exe

Error: (08/01/2015 04:46:26 AM) (Source: SideBySide)(User: )
Description: 45.0.2422.0,language="*",type="win32",version="45.0.2422.0"c:\users\debbie\appdata\local\chromium\application\chrome.exe

Error: (07/31/2015 06:06:58 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2015 04:50:08 AM) (Source: SideBySide)(User: )
Description: 45.0.2422.0,language="*",type="win32",version="45.0.2422.0"c:\users\debbie\appdata\local\chromium\application\chrome.exe

Error: (07/30/2015 07:21:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2015 03:10:33 AM) (Source: SideBySide)(User: )
Description: 45.0.2422.0,language="*",type="win32",version="45.0.2422.0"c:\users\debbie\appdata\local\chromium\application\chrome.exe

Error: (07/30/2015 12:44:50 AM) (Source: SideBySide)(User: )
Description: 45.0.2422.0,language="*",type="win32",version="45.0.2422.0"c:\users\debbie\appdata\local\chromium\application\chrome.exe

Error: (07/29/2015 09:33:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 2 Deluxe (HKLM-x32\...\WT089409) (Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
Blackhawk Striker 2 (HKLM-x32\...\WT089410) (Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (HKLM-x32\...\WT089443) (Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (HKLM-x32\...\WT089411) (Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT089412) (Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (HKLM-x32\...\WT089413) (Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.8.0 - Conexant)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{9DDFE322-6BA0-4F90-8689-D98382492371}) (Version: 2.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell Support Center (HKLM\...\{0090A87C-3E0E-43D4-AA71-A71B06563A4A}) (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell VideoStage  (HKLM-x32\...\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT089414) (Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (HKLM-x32\...\WT089415) (Version: 2.2.0.95 - WildTangent) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{25175695-4B20-4298-9F34-C2C57CD277B3}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON NX620 Series Printer Uninstall (HKLM\...\EPSON NX620 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)
Escape Whisper Valley ™ (HKLM-x32\...\WT089434) (Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (HKLM-x32\...\WT089450) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT089418) (Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Fury (HKLM-x32\...\WT089499) (Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (HKLM-x32\...\WT089444) (Version: 2.2.0.95 - WildTangent) Hidden
GeniusBox 2.0 (HKLM-x32\...\GeniusBox) (Version: 2.0 - GeniusBox 2.0)
Google Photos Backup (HKCU\...\Google Photos Backup) (Version: 1.1.0.239 - Google, Inc.)
High-Definition Video Playback (HKLM-x32\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.3.10000.0.0 - Nero AG) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 14.5.2 - iolo technologies, LLC)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Jewel Quest (HKLM-x32\...\WT089420) (Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (HKLM-x32\...\WT089422) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Luxor (HKLM-x32\...\WT089507) (Version: 2.2.0.95 - WildTangent) Hidden
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 14.0.1076 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.356 - McAfee, Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
Namco All-Stars PAC-MAN (HKLM-x32\...\WT089440) (Version: 2.2.0.95 - WildTangent) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Penguins! (HKLM-x32\...\WT089445) (Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WT089452) (Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WT089426) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT089508) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT089433) (Version: 2.2.0.95 - WildTangent) Hidden
Samantha Swift (HKLM-x32\...\WT089503) (Version: 2.2.0.95 - WildTangent) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc) Hidden
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SyncUP (HKLM-x32\...\{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}) (Version: 1.12.11500.11.105 - Nero AG) Hidden
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16500 - Nero AG)
TrustedID IDMonitor Identity Protection (HKLM-x32\...\{0E74474A-1CDF-4249-A507-CE8C1DCEC8BC}) (Version: 1.1.0 - TrustedID Inc)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089430) (Version: 2.2.0.95 - WildTangent) Hidden
Wedding Dash - Ready, Aim, Love! (HKLM-x32\...\WT089446) (Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Dell Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell) (Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zuma Deluxe (HKLM-x32\...\WT089448) (Version: 2.2.0.95 - WildTangent) Hidden

**** End of log ****
 



#4 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:16 AM

Posted 02 August 2015 - 11:58 AM

Scan with Malwarebytes AntiRootkit
 
Please download MBAR and save it to your desktop.
 
Run tool as Administrator, tool will extract itself, and then launch.
 
Click Next to accept terms and conditions, and click Update to obtain latest definitions.
 
If malware is found click on Cleanup button , but make sure that Create restore point option is checked before proceeding !
 
Program will ask you to restart, allow it to do so.
 
Note: If you're experiencing internet connection issues or other anomalies after running MBAR and removal of rootkits, it is recommended to run fixdamage.exe located inside mbar folder. Run it as Administrator and press Y if asks you do you want to continue.
 
Step 2
 
Scan with Malwarebytes AntiMalware
 
Download Malwarebytes and install it on your system (Run setup as Administrator).
 
At the end of installation, uncheck "Enable free trial of Malwarebytes Premium", then click Finish.
 
Make sure you have latest definitions by clicking on Update Now,then under Scan choose Threat Scan.
 
After scanning is done, click on Remove if malware is found,tool will ask for restart , allow it to do so.
 
Attach MBAM log here (you can find it in History > Application Logs).
 
Step 3
 
Scan with Dr.Web Cure It !
 
Download Dr.Web Cure It ! and save it to your desktop.
 
Run the tool as Administrator,accept license agreement by putting a checkmark on it, and click Scan.
 
Scan may take a while so be patient !
 
If there's malware found, click on Neutralize button, if program asks for restart, allow it to do so.


#5 sugarwaffles

sugarwaffles
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mahopac, NY
  • Local time:04:16 AM

Posted 02 August 2015 - 06:29 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/2/2015
Scan Time: 6:26 PM
Logfile:
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.08.02.04
Rootkit Database: v2015.07.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Debbie

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 357546
Time Elapsed: 10 min, 0 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
PUP.Optional.GeniusBox.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GeniusBox, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E4C66AED-9038-4DC4-9EB3-BD964620E89F}, Quarantined, [5fad887c890285b17f1beeb6b54ff20e],
PUP.Optional.GeniusBox.C, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\GeniusBox, Delete-on-Reboot, [3fcd5aaa167593a319dab65af60d2fd1],
PUP.Optional.GeniusBox.C, HKLM\SOFTWARE\WOW6432NODE\GeniusBox, Quarantined, [e5273ec69af159ddd9da4d51fb0939c7],

Registry Values: 6
PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E4C66AED-9038-4DC4-9EB3-BD964620E89F}|URL, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tighta14_15_30&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCzy0C0FtD0AtBzy0F0AzztN0D0Tzu0StCtAtDtBtN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAyE0A0F0B0Azy0EtGyCtD0E0CtG0ByE0CyEtGtByB0E0BtGyByEzy0AtBzzzz0C0FtCtDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0B0EyEzztAyD0DtGtByBtAyCtGyEyC0E0FtG0AyC0DyCtGzz0F0AtCyDtAtB0CyDzytAtB2QtN0A0LzuyE&cr=546856579&ir=, Quarantined, [5fad887c890285b17f1beeb6b54ff20e]
PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E4C66AED-9038-4DC4-9EB3-BD964620E89F}|TopResultURLFallback, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tighta14_15_30&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCzy0C0FtD0AtBzy0F0AzztN0D0Tzu0StCtAtDtBtN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAyE0A0F0B0Azy0EtGyCtD0E0CtG0ByE0CyEtGtByB0E0BtGyByEzy0AtBzzzz0C0FtCtDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0B0EyEzztAyD0DtGtByBtAyCtGyEyC0E0FtG0AyC0DyCtGzz0F0AtCyDtAtB0CyDzytAtB2QtN0A0LzuyE&cr=546856579&ir=, Quarantined, [1eeeb84ce9a257df47534a5a16ee966a]
PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E4C66AED-9038-4DC4-9EB3-BD964620E89F}|FaviconPath, C:\Users\Debbie\AppData\LocalLow\Microsoft\Internet Explorer\Services\Tny_Cassiopesa.ico, Quarantined, [cb41947091faae885842782ce32148b8]
PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E4C66AED-9038-4DC4-9EB3-BD964620E89F}, Cassiopesa, Quarantined, [55b79c68692212245e3c4d5753b19967]
PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E4C66AED-9038-4DC4-9EB3-BD964620E89F}|DisplayName, Cassiopesa, Quarantined, [47c529db7714a096f6a49c0833d1ca36]
PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\Tny_Cassiopesa\\, Quarantined, [04086d97cac1a393581b1190ef156a96]

Registry Data: 0
(No malicious items detected)

Folders: 3
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Resources, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.ProPCCleaner.A, C:\Users\Debbie\Documents\ProPCCleaner, Quarantined, [25e753b14c3f50e69256e329c53ecf31],

Files: 32
PUP.Optional.Installcore, C:\Users\Debbie\Downloads\Setup(1).exe, Quarantined, [7795d33132597eb8695bf08aea1be020],
PUP.Optional.GeniusBox.C, C:\WINDOWS\System32\Tasks\GeniusBox, Quarantined, [1fed5ea64a41082ee6cbbbe32cd814ec],
PUP.Optional.Cassiopesa.C, C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\iikqzqa2.default\searchplugins\cassiopesa.xml, Quarantined, [9b710ff50c7fd2644fb5e2bd55af39c7],
PUP.Optional.Cassiopesa.C, C:\Users\Debbie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Cassiopesa.lnk, Quarantined, [0dfff0144d3eaf87a4623f60877dee12],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\client.exe.config, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\certmanager.exe, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Client.exe, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\cl_865ec87b-69ee-410c-98cd-3a415c8040a9.txt, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\makecert.exe, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\settings.config, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\System.Data.SQLite.dll, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Tasks.exe, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\tasks.exe.config, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\TrustedRoot.cer, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\ts_865ec87b-69ee-410c-98cd-3a415c8040a9.txt, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Uninstall.exe, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\uninstall.exe.config, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\un_865ec87b-69ee-410c-98cd-3a415c8040a9.txt, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Updater.exe, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\updater.exe.config, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\up_865ec87b-69ee-410c-98cd-3a415c8040a9.txt, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Resources\certutil.exe, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Resources\libnspr4.dll, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Resources\libplc4.dll, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Resources\libplds4.dll, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Resources\nss3.dll, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Resources\smime3.dll, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.GeniusBox.C, C:\Program Files (x86)\user extensions\Resources\softokn3.dll, Quarantined, [ac60a65e8a01e650cb3dd4cbea1a1be5],
PUP.Optional.Cassiopesa.A, C:\Users\Debbie\AppData\Local\Chromium\Application\Cassiopesa.ico, Quarantined, [97759272414a71c5ff6d841b7094e917],
PUP.Optional.ProPCCleaner.A, C:\Users\Debbie\Documents\ProPCCleaner\log.txt, Quarantined, [25e753b14c3f50e69256e329c53ecf31],
PUP.Optional.ProPCCleaner.A, C:\Users\Debbie\Documents\ProPCCleaner\logerror.txt, Quarantined, [25e753b14c3f50e69256e329c53ecf31],
PUP.Optional.Cassiopesa.A, C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cyeryna3.default-1415752203019\prefs.js, Good: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Bad: (browser.startup.homepage", "http://www.cassiopessa), Replaced,[59b30df7b4d7bd799b820e7423e2cc34]

Physical Sectors: 0
(No malicious items detected)


(end)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users