Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected w/Double Clicking Virus???


  • This topic is locked This topic is locked
2 replies to this topic

#1 kaptain_gato

kaptain_gato

  • Members
  • 2 posts
  • OFFLINE
  •  

Posted 29 November 2016 - 02:19 AM

First time running a DDS, can someone help me plz

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.17609
Run by Josh Kim at 23:13:10 on 2016-11-28
Microsoft Windows 7 Home Premium   6.1.7601.1.949.82.1033.18.5036.2437 [GMT -8:00]
.
AV: IObit Malware Fighter *Enabled/Updated* {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AV: Bitdefender Antivirus *Disabled/Updated* {3FB17364-4FCC-0FA7-6BBF-973897395371}
SP: Bitdefender Antispyware *Disabled/Updated* {84D09280-69F6-0029-510F-AC4AECBE19CC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: Bitdefender Firewall *Disabled* {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Windows\SysWOW64\nPStarterSVC.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.33\deploy\LoLLauncher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.73\deploy\LoLPatcher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.231\deploy\LolClient.exe
C:\Windows\SysWOW64\npnj5Agent.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
StartupFolder: C:\Users\JOSHKI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\Users\JOSHKI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: {15AECD82-DA7D-4EC5-B57F-ED578D84C3F9} - hxxp://file.daum.net/down/DaumFile.cab
DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} - hxxp://img.kbs.co.kr/AlwaysOn/AlwaysOn.CAB
DPF: {20BBA18F-5BC8-47B5-8FC9-5DFCA8E56A4B} - hxxp://mpi.dacom.net/XMPI/js/LGUplus_XMPI_20110503.cab
DPF: {29BC57E0-018D-46D2-B233-338B779C169C} - hxxp://www.dotongschool.com/DRM/components/WebCubewow.cab
DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} - hxxp://mpi.dacom.net/XPayMPI/XPayMPI.cab
DPF: {51B1D5ED-67DC-43F0-A3F8-8502F1A5E404} - hxxps://supdate.nprotect.net/nprotect2007/lottecom/npstarter_0812151.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {9EE7D86E-EDF7-427C-8E97-5BCF5851DA03} - hxxp://s1.daumcdn.net/svc/original/U0301/cssjs/cartoon/9927/activex/32bit/XDMToonViewer32.cab
DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} - hxxp://kings.nefficient.co.kr/kings/kdfx/kdfx337/kdfense8.cab
DPF: {A4E7A256-17DB-4443-BDA0-E262EF1AD8A8} - hxxp://brmnet.dahnworld.com/mnet2007/web/ImageCut/BRPhoto.cab
DPF: {B0A75875-3622-48BA-B5FF-45AD77AC2D0E} - hxxps://www.bankpay.or.kr/BankPayEFT.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T29L10NSP7EP1-6/webex/ieatgpc1.cab
DPF: {E42F7FEB-DE20-43F4-A342-47F1DA77F667} - hxxps://pgdownload.uplus.co.kr/lguplus/XPayPlugin_3.0.0.1.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
DPF: {FE342FC7-4374-4EBE-86DB-D73AE861F779} - hxxp://ndrive.naver.com/activex/NaverAXGuide.cab
TCP: NameServer = 71.10.216.1 71.10.216.2
TCP: Interfaces\{01F87F9A-0989-4169-A17F-CA87C8783446} : DHCPNameServer = 71.10.216.1 71.10.216.2
TCP: Interfaces\{01F87F9A-0989-4169-A17F-CA87C8783446}\2656C6B696E6E2331636 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{01F87F9A-0989-4169-A17F-CA87C8783446}\348616B627160214274737 : DHCPNameServer = 192.168.2.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{01F87F9A-0989-4169-A17F-CA87C8783446}\6667D23343 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{01F87F9A-0989-4169-A17F-CA87C8783446}\C696E6B6379737 : DHCPNameServer = 71.10.216.1 71.10.216.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype4com - <Clsid value has no data>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: AutorunsDisabled - <orphaned>
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: skype4com - <Clsid value has no data>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Josh Kim\AppData\Roaming\Mozilla\Firefox\Profiles\v8m4bhk4.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
.
---- FIREFOX POLICIES ----
癤?
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2016-7-2 1623536]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2016-7-2 182936]
R0 ignis;ignis Service;C:\Windows\System32\drivers\ignis.sys [2016-7-2 299816]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2016-7-2 119696]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2016-7-2 87912]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-7-3 27552]
R2 AdvancedSystemCareService9;Advanced SystemCare Service 9;C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-8-17 452384]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2016-9-11 106952]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-1-19 77128]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-20 135440]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe [2015-3-28 89840]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-7-3 1600800]
R2 nPStarterSVC;nProtect Starter;C:\Windows\System32\nPStarterSVC.exe --> C:\Windows\System32\nPStarterSVC.exe [?]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2016-9-11 312576]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-9 2656280]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-10-19 195072]
R3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;C:\Windows\System32\drivers\BazisVirtualCDBus.sys [2015-6-2 172376]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-6-9 176096]
R3 DDDriver;DDDriver;C:\Windows\System32\drivers\DDDriver64Dcsa.sys [2015-9-11 32464]
R3 DellProf;DellProf;C:\Windows\System32\drivers\DellProf.sys [2015-5-22 24240]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2012-6-9 212544]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2012-6-9 69184]
R3 IMFFilter;IMFFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-7-3 22208]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2016-9-11 454416]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-5-17 25496]
R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2016-7-3 34848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-7-3 3046688]
S2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [2016-7-2 156016]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-10-19 195072]
S3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2016-7-2 842152]
S3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-18 51712]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-8-29 53760]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-10-10 288768]
S3 HPFXBULKLEDM;HPFXBULKLEDM;C:\Windows\System32\drivers\hppdbulkio.sys [2010-10-3 22040]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-6-9 158976]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-5-17 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-1 340240]
S3 NPFW;NPFW;C:\Windows\System32\NpfwVt64.sys [2013-3-3 135776]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-6-9 95744]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-6-9 212992]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2016-1-13 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-6-9 250984]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-9 565352]
S3 Svk2pl;GigawareX USB to Serial Driver;C:\Windows\System32\drivers\Svk2pl64.sys [2010-4-1 97280]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2016-1-13 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2016-1-13 30208]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-15 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 wrUrlFlt;Webroot UrlFilter;C:\Windows\System32\drivers\wrUrlFlt.sys [2015-4-29 45592]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S4 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
S4 DellDataVault;Dell Data Vault;C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-3-10 2571352]
S4 DellDataVaultWiz;Dell Data Vault Wizard;C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2016-3-10 201816]
S4 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-3-8 166912]
S4 DellUpdate;Dell Update Service;C:\Program Files (x86)\Dell Update\DellUpService.exe [2015-8-27 237272]
S4 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
S4 SupportAssistAgent;Dell SupportAssist Agent;C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2016-4-22 31928]
S4 TeamViewer;TeamViewer 11;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-8-17 7248144]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
ShellExec: Hwp.exe: open=C:\Program Files (x86)\HncViewer\HwpViewer70\HwpView.exe "%1"
.
=============== Created Last 30 ================
.
2016-11-29 07:04:40 -------- d-----w- C:\Program Files\CCleaner
2016-11-28 10:14:34 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C36322AE-BD5D-447E-A238-A2902B14784C}\offreg.4688.dll
2016-11-28 10:12:27 11781064 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-11-28 10:12:18 11781064 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C36322AE-BD5D-447E-A238-A2902B14784C}\mpengine.dll
2016-11-26 04:12:26 -------- d-----w- C:\Users\Josh Kim\AppData\Roaming\Frontier Developments
2016-11-26 03:57:23 -------- d-----w- C:\Users\Josh Kim\AppData\Roaming\Launchpad
2016-11-26 03:52:26 -------- d-----w- C:\Users\Josh Kim\AppData\Local\Frontier Developments
2016-11-18 11:41:09 -------- d-----w- C:\Users\Josh Kim\AppData\Local\CEF
2016-11-18 11:00:32 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-11-18 10:55:58 64896 ----a-w- C:\Windows\System32\drivers\mwac.sys
2016-11-18 10:55:58 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys
2016-11-18 10:55:58 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2016-11-18 10:55:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-18 10:39:35 1017792 --shatr- C:\Windows\SysWow64\ActionCenterForms.dll
2016-11-18 05:29:05 -------- d-----w- C:\Users\Josh Kim\AppData\Roaming\ifonebox
2016-11-18 05:28:31 -------- d-----w- C:\Program Files (x86)\Common Files\aunhelper
2016-11-18 05:28:26 -------- d-----w- C:\Program Files (x86)\Auntec
2016-11-13 04:57:53 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-07 02:12:10 -------- d-----w- C:\Users\Josh Kim\AppData\Local\Apps
2016-11-07 02:12:06 -------- d-----w- C:\Users\Josh Kim\AppData\Local\Deployment
2016-11-07 02:10:06 -------- d-----w- C:\Windows\IObit
.
==================== Find3M  ====================
.
2016-11-18 11:39:20 796352 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-11-18 11:39:20 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-10-27 00:29:06 485032 ------w- C:\Windows\System32\MpSigStub.exe
2016-10-26 04:55:04 106798 ----a-w- C:\ProgramData\1477457018.bdinstall.bin
2016-10-26 04:42:49 106273 ----a-w- C:\ProgramData\1477456922.bdinstall.bin
2016-09-11 22:24:48 1588 ----a-w- C:\ProgramData\1473632688.bdinstall.bin
2016-09-11 18:05:06 454416 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2016-09-11 17:58:52 72520720 ----a-w- C:\Windows\System32\RCORES64.dat
2016-09-11 17:58:46 2895104 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2015-12-19 00:26:30 12964920 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
.
============= FINISH: 23:14:47.52 ===============
 
and then the attach is:
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 6/14/2012 10:09:19 PM
System Uptime: 11/28/2016 3:09:04 AM (20 hours ago)
.
Motherboard: Dell Inc. |  | 05TM8C
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz | CPU | 1575/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 679 GiB total, 553.089 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Adapter
Device ID: USB\VID_8086&PID_0189\6&2CB255BD&0&5
Manufacturer: Intel Corporation
Name: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Adapter
PNP Device ID: USB\VID_8086&PID_0189\6&2CB255BD&0&5
Service: BTHUSB
.
Class GUID: 
Description: Photosmart C4500 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: 
Name: Photosmart C4500 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service: 
.
Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMPLDS_DVD+-RW_DS-8A8SH___________________KD11____\4&2E08842A&0&0.1.0
Manufacturer: (Standard CD-ROM drives)
Name: CD-ROM Drive
PNP Device ID: IDE\CDROMPLDS_DVD+-RW_DS-8A8SH___________________KD11____\4&2E08842A&0&0.1.0
Service: cdrom
.
==== System Restore Points ===================
.
RP410: 11/25/2016 7:53:15 PM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
RP411: 11/25/2016 7:55:06 PM - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
RP412: 11/25/2016 7:55:53 PM - Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
RP413: 11/25/2016 7:56:39 PM - Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
RP414: 11/25/2016 8:01:09 PM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
RP415: 11/25/2016 8:01:34 PM - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
RP416: 11/25/2016 8:02:07 PM - Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
RP417: 11/25/2016 8:02:39 PM - Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
RP418: 11/26/2016 2:59:03 PM - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
RP419: 11/26/2016 3:00:34 PM - Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
RP420: 11/26/2016 4:30:51 PM - Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
RP421: 11/26/2016 4:40:47 PM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
RP422: 11/28/2016 2:11:47 AM - Windows Update
RP423: 11/28/2016 11:09:29 PM - before cclceaner
.
==== Installed Programs ======================
.
¼iCI ½ºÆ®¸®Æ®, 11¹ø°¡ μμ±¸¸ðA½ ¾ÆAIAU
64 Bit HP CIO Components Installer
Accidental Damage Services Agreement
Adobe AIR
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 23 ActiveX
Adobe Flash Player 23 NPAPI
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader X (10.1.10) MUI
Adobe Refresh Manager
Adobe Stock Photos 1.0
Advanced Audio FX Engine
Advanced SystemCare 9
Apple Mobile Device Support
Apple Software Update
Apple 응용 프로그램 지원(32비트)
Apple 응용 프로그램 지원(64비트)
Auracom 3.32
Auslogics Disk Defrag
Banctec Service Agreement
Blio
Bonjour
BufferChm
C4500
CCleaner
Cisco Connect
Cisco WebEx Meetings
Complete Care Business Service Agreement
Consumer In-Home Service Agreement
Copy
CoreAAC Audio Decoder (remove only)
Cozi
Curse
D3DX10
Definition Update for Microsoft Office 2010 (KB3115247) 64-Bit Edition
Dell Data Vault
Dell DataSafe Online
Dell Digital Delivery
Dell Edoc Viewer
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell SupportAssist
Dell SupportAssistAgent
Dell Touchpad
Dell Update
Dell VideoStage 
Dell Webcam Central
Destinations
DeviceDiscovery
Discord
Driver Booster 3.4
eBay
Epson FAX Utility
EPSON Scan
EPSON WorkForce 845 Series Printer Uninstall
EpsonNet Print
FormatFactory 2.96
GOM Player
Google Chrome
Google Update Helper
GPBaseService2
HP Customer Participation Program 13.0
HP FWUpdateEDO2
HP FWUpdateEDO3
HP Imaging Device Functions 13.0
HP LaserJet Professional CP1520 Series
HP Officejet 4620 series Basic Device Software
HP Officejet 4620 series Help
HP Officejet 4620 series Product Improvement Study
HP Officejet 6500 E710a-f Basic Device Software
HP Officejet 6500 E710a-f Help
HP Officejet 6500 E710a-f Product Improvement Study
HP Officejet Pro 8600 Basic Device Software
HP Officejet Pro 8600 Help
HP Officejet Pro 8600 Product Improvement Study
HP Photo Creations
HP Photosmart 5510 series Basic Device Software
HP Photosmart 7520 series Basic Device Software
HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4
HP Photosmart Essential 3.5
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Support Solutions Framework
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
I.R.I.S. OCR
iCloud
Intel PROSet Wireless
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® PROSet/Wireless WiFi Software
Intel® Turbo Boost Technology Monitor 2.0
Intel® WiDi
Intel® Wireless Display
IObit Malware Fighter 4
IObit Uninstaller
iTunes
Junk Mail filter update
K-Defense R6 - 키보드보안 (ActiveX)
League of Legends
Malwarebytes Anti-Malware version 2.2.1.1043
MarketResearch
Mesh Runtime
Microsoft .NET Framework 4.6.1
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Office Excel MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Standard 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Mozilla Firefox 49.0.2 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network64
nProtect Netizen SVC (remove only)
Picasa 3
PlayReady PC Runtime x86
Pluto TV version 0.2.0
Premium Service Agreement
PS_AIO_04_C4500_Software_Min
QualxServ Service Agreement
Quickset64
Realtek High Definition Audio Driver
ROBLOX Player
ROBLOX Studio
Scan
Security Update for Microsoft .NET Framework 4.6.1 (KB3122661)
Security Update for Microsoft .NET Framework 4.6.1 (KB3127233)
Security Update for Microsoft .NET Framework 4.6.1 (KB3136000)
Security Update for Microsoft .NET Framework 4.6.1 (KB3136000v2)
Security Update for Microsoft .NET Framework 4.6.1 (KB3142037)
Security Update for Microsoft .NET Framework 4.6.1 (KB3143693)
Security Update for Microsoft Access 2010 (KB3101544) 64-Bit Edition
Security Update for Microsoft Excel 2010 (KB3114888) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB3114414) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB3054984) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB3085528) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB3085560) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB3101520) 64-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2817478) 64-Bit Edition
Security Update for Microsoft Visio 2010 (KB3114402) 64-Bit Edition
Security Update for Microsoft Word 2010 (KB2965313) 64-Bit Edition
Security Update for Microsoft Word 2010 (KB3115123) 64-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Shop for HP Supplies
SmartWebPrinting
Software Updater
SolutionCenter
Status
TeamViewer 11
Toolbox
TrayApp
UnloadSupport
Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2999508) 64-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589318) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597089) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2881030) 64-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 64-Bit Edition
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition
Update for Microsoft Office 2010 (KB3054873) 64-Bit Edition
Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition
Update for Microsoft Office 2010 (KB3055042) 64-Bit Edition
Update for Microsoft Office 2010 (KB3055047) 64-Bit Edition
Update for Microsoft Office 2010 (KB3114555) 64-Bit Edition
Update for Microsoft Office 2010 (KB3114750) 64-Bit Edition
Update for Microsoft Office 2010 (KB3114989) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB3114410) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2760779) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB3114756) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB3115127) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2880517) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB3114867) 64-Bit Edition
Update for Microsoft Project 2010 (KB3115001) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition
WebReg
WinCDEmu
Window Alarm
Window Fortune
Window SysCheck
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (32-bit)
Youtube Downloader HD v. 2.9.9.14
Youtube to MP3 Converter v. 1.4
Zinio Reader 4
μTorrent
곰브릿지
곰오디오
네이버 ActiveX 가이드
알집 8.61
알툴즈 업데이트
한글과컴퓨터 한글 뷰어 2007
.
==== Event Viewer Messages From Past Week ========
.
11/27/2016 7:56:19 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
11/27/2016 11:07:34 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/27/2016 11:06:47 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  cdrom
11/24/2016 1:17:46 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
11/23/2016 9:58:06 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
11/23/2016 9:58:06 AM, Error: Service Control Manager [7000]  - The HP Support Solutions Framework Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/23/2016 3:09:03 PM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 38-48-4C-04-FD-43. Network operations on this system may be disrupted as a result.
.
==== End Of File ===========================
 
 


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:36 PM

Posted 30 November 2016 - 11:28 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Temporarily disable your AV program so it does not interfere.
Info on how to disable your security applications How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides.

Download Zoek tool from here

When the download appears, save to the Desktop.
On the Desktop, right-click the Zoek.exe file and select: Run as Administrator
(Give it a few seconds to appear.)

Next, copy/paste the entire script inside the code box below to the input field of Zoek:
createsrpoint;
autoclean;
emptyclsid;
emptyffcache;
FFdefaults;
emptyiecache;
iedefaults;
emptychrcache;
CHRdefaults;
emptyalltemp;
emptyfolderscheck;delete
ipconfig /flushdns;b
Now...
Close any open Browsers.
Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please attach the zoek-results.log in your reply.
===

Also, please provide an update on how the computer is behaving after running the above script.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:36 PM

Posted 06 December 2016 - 07:53 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users