TechSpot

PC plays random audio ads, tried numerous scanners, HELP!

By joseph1981
Jan 2, 2014
  1. My pc recently started playing commercial audio ads, I've run malwarebytes, tdsskiller, spybot, combofix, adwcleaner, roguecleaner, hijackthis, and I still have the random audio. I'm not sure how to proceed from here, really don't want to reinstall windows 7, so if anyone can give me some steps I would greatly appreciate it!
     
  2. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===================================

    Never run Combofix on your own!
     
  3. joseph1981

    joseph1981 TS Rookie Topic Starter

    Here is my malwarebytes log:

    Malwarebytes Anti-Malware (PRO) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2014.01.03.01

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 8.0.7601.17514
    joey :: JOEY-PC [administrator]

    Protection: Disabled

    1/2/2014 11:55:49 PM
    mbam-log-2014-01-02 (23-55-49).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 212262
    Time elapsed: 2 minute(s), 29 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    DDS log files:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.45.2
    Run by joey at 23:59:41 on 2014-01-02
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8155.4452 [GMT -5:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Users\joey\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Windows\system32\sppsvc.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files\AVAST Software\Avast\avastUi.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    StartupFolder: C:\Users\joey\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\joey\AppData\Roaming\Dropbox\bin\Dropbox.exe
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: Interfaces\{05458BD2-4B11-43CE-A13F-6F0D3332ACDA} : NameServer = 209.18.47.61,209.18.47.62
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-1-2 207904]
    R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-11-6 28216]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-11-6 16152]
    R1 AsrAppCharger;AsrAppCharger;C:\Windows\System32\drivers\AsrAppCharger.sys [2013-11-6 17192]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-1-2 1034464]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-11-21 283064]
    R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2013-11-6 16648]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-1-2 78648]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-1-2 50344]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-1-2 1042272]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
    R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2012-2-9 25536]
    R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2012-2-9 25536]
    R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2012-2-9 44992]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-11-6 356120]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-11-6 788760]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-19 25928]
    R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-11-6 32344]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-11-6 565352]
    RUnknown axhqnshm;axhqnshm; [x]
    S0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-1-2 65776]
    S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-1-2 422216]
    S1 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-11-6 647736]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
    S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-19 418376]
    S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-19 701512]
    S2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-1-2 3921880]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-6 1255736]
    S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\drivers\WPRO_41_2001.sys [2013-11-6 34752]
    S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-6 14904]
    S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-19 634632]
    S4 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-11-6 129856]
    S4 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-2-9 133632]
    S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-11-6 166720]
    S4 RadeonPro Support Service;RadeonPro Support Service;C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-12-15 20608]
    S4 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-11-6 365344]
    .
    =============== Created Last 30 ================
    .
    2014-01-03 04:51:22 -------- d-----w- C:\Users\joey\AppData\Roaming\AVAST Software
    2014-01-03 04:50:57 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2014-01-03 04:50:56 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
    2014-01-03 04:50:55 1034464 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2014-01-03 04:50:50 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2014-01-03 04:50:36 43152 ----a-w- C:\Windows\avastSS.scr
    2014-01-03 04:50:14 -------- d-----w- C:\Program Files\AVAST Software
    2014-01-03 04:48:53 -------- d-----w- C:\ProgramData\AVAST Software
    2014-01-03 03:41:56 -------- d-----w- C:\TDSSKiller_Quarantine
    2014-01-03 03:36:06 -------- d-sh--w- C:\$RECYCLE.BIN
    2014-01-03 02:49:56 -------- d-----w- C:\ProgramData\HitmanPro
    2014-01-03 02:45:59 565352 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys.bak
    2014-01-03 02:29:22 -------- d-----w- C:\AdwCleaner
    2014-01-03 02:22:32 98816 ----a-w- C:\Windows\sed.exe
    2014-01-03 02:22:32 256000 ----a-w- C:\Windows\PEV.exe
    2014-01-03 02:22:32 208896 ----a-w- C:\Windows\MBR.exe
    2014-01-03 02:15:45 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2014-01-03 02:15:42 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{31C8C9F7-4C4E-4BB3-9CF0-502E855F65DD}\mpengine.dll
    2014-01-03 02:09:17 388096 ----a-r- C:\Users\joey\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2014-01-03 02:09:17 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2014-01-03 01:34:45 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
    2014-01-03 01:34:44 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2014-01-03 01:34:42 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-01-03 01:01:31 -------- d-----w- C:\Program Files (x86)\AMD AVT
    2014-01-03 00:58:26 -------- d-----w- C:\Program Files\AMD
    2013-12-31 03:10:25 -------- d-----w- C:\Users\joey\AppData\Roaming\.minecraft
    2013-12-31 02:52:48 -------- d-----w- C:\Users\joey\AppData\Roaming\.technic
    2013-12-31 02:51:57 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-12-30 12:46:42 -------- d-----w- C:\Users\joey\AppData\Roaming\ooVoo Details
    2013-12-29 08:08:38 -------- d-----w- C:\Users\joey\AppData\Roaming\NVIDIA
    2013-12-29 07:59:20 -------- d-----w- C:\ProgramData\Oracle
    2013-12-20 00:54:41 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-12-20 00:54:41 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-12-20 00:48:22 -------- d-----w- C:\Users\joey\AppData\Roaming\Malwarebytes
    2013-12-20 00:48:17 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-12-15 18:03:35 -------- d-----w- C:\Users\joey\AppData\Roaming\RadeonPro
    2013-12-15 18:01:43 -------- d-----w- C:\Program Files (x86)\RadeonPro
    2013-12-15 17:37:36 -------- d-----w- C:\Program Files (x86)\Microsoft Application Compatibility Toolkit
    2013-12-15 16:33:31 -------- d-----w- C:\Program Files (x86)\GOG.com
    2013-12-15 14:59:23 -------- d-----w- C:\Program Files\CCleaner
    2013-12-14 17:22:26 -------- d-----w- C:\BOSS
    2013-12-11 12:08:41 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
    2013-12-11 12:08:40 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
    2013-12-11 12:08:40 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
    2013-12-11 12:08:40 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
    2013-12-10 00:07:06 -------- d-----w- C:\Windows\AutoKMS
    2013-12-10 00:06:14 -------- d-----w- C:\ProgramData\Microsoft Toolkit
    2013-12-09 23:56:38 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
    2013-12-09 23:56:17 -------- d-----w- C:\Windows\PCHEALTH
    2013-12-09 23:56:17 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
    2013-12-09 23:54:51 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
    2013-12-09 23:53:44 -------- d-----w- C:\Program Files\Microsoft Analysis Services
    2013-12-09 23:53:44 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
    2013-12-09 23:52:27 -------- d-----w- C:\Users\joey\AppData\Local\Microsoft Help
    2013-12-09 22:58:17 -------- d-----w- C:\Th.Eld3r.Scr0lls.V.Skyr1m.Update.13
    2013-12-08 17:42:19 -------- d-----w- C:\Users\joey\AppData\Local\Skyrim
    2013-12-08 17:41:08 -------- d-----w- C:\Users\joey\AppData\Local\Black_Tree_Gaming
    2013-12-08 17:22:33 -------- d-----w- C:\Program Files\Nexus Mod Manager
    2013-12-07 20:41:07 -------- d-----w- C:\Users\joey\AppData\Roaming\ImTOO
    2013-12-07 20:36:42 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-12-07 02:11:15 -------- d-----w- C:\Users\joey\AppData\Roaming\Xilisoft
    2013-12-06 22:08:46 157736 ----a-w- C:\Windows\System32\amdhcp64.dll
    2013-12-06 22:08:22 142304 ----a-w- C:\Windows\SysWow64\amdhcp32.dll
    2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\atimpc64.dll
    2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
    2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
    2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
    2013-12-06 22:03:46 126336 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
    2013-12-06 22:03:00 115512 ----a-w- C:\Windows\System32\atiu9p64.dll
    2013-12-06 21:59:50 8406024 ----a-w- C:\Windows\SysWow64\atidxx32.dll
    2013-12-06 21:57:20 8927704 ----a-w- C:\Windows\System32\atiumd6a.dll
    2013-12-06 21:56:54 7751920 ----a-w- C:\Windows\System32\atiumd64.dll
    2013-12-06 21:52:14 13207552 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
    2013-12-06 21:49:18 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
    2013-12-06 21:44:26 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
    2013-12-06 21:38:52 230912 ----a-w- C:\Windows\System32\clinfo.exe
    2013-12-06 21:38:34 99840 ----a-w- C:\Windows\System32\OpenVideo64.dll
    2013-12-06 21:38:28 83968 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
    2013-12-06 21:38:22 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
    2013-12-06 21:38:18 73728 ----a-w- C:\Windows\SysWow64\OVDecode.dll
    2013-12-06 21:37:58 29382144 ----a-w- C:\Windows\System32\amdocl64.dll
    2013-12-06 21:35:36 24860160 ----a-w- C:\Windows\SysWow64\amdocl.dll
    2013-12-06 21:33:28 63488 ----a-w- C:\Windows\System32\OpenCL.dll
    2013-12-06 21:33:24 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll
    2013-12-06 21:26:44 129536 ----a-w- C:\Windows\System32\coinst_13.251.dll
    2013-12-06 21:16:40 26352128 ----a-w- C:\Windows\System32\atio6axx.dll
    2013-12-06 21:13:02 368640 ----a-w- C:\Windows\System32\atiapfxx.exe
    2013-12-06 21:12:52 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
    2013-12-06 21:12:50 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
    2013-12-06 21:12:42 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
    2013-12-06 21:12:40 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
    2013-12-06 21:12:26 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
    2013-12-06 21:09:18 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
    2013-12-06 20:58:50 22157824 ----a-w- C:\Windows\SysWow64\atioglxx.dll
    2013-12-06 20:53:18 442368 ----a-w- C:\Windows\System32\atidemgy.dll
    2013-12-06 20:53:10 31232 ----a-w- C:\Windows\System32\atimuixx.dll
    2013-12-06 20:53:04 588288 ----a-w- C:\Windows\System32\atieclxx.exe
    2013-12-06 20:52:10 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
    2013-12-06 20:50:36 190976 ----a-w- C:\Windows\System32\atitmm64.dll
    2013-12-06 20:22:54 96256 ----a-w- C:\Windows\System32\amdave64.dll
    2013-12-06 20:22:48 90112 ----a-w- C:\Windows\SysWow64\amdave32.dll
    2013-12-06 20:22:42 1144320 ----a-w- C:\Windows\System32\atiadlxx.dll
    2013-12-06 20:22:38 89088 ----a-w- C:\Windows\System32\atisamu64.dll
    2013-12-06 20:22:34 80896 ----a-w- C:\Windows\SysWow64\atisamu32.dll
    2013-12-06 20:22:28 825344 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
    2013-12-06 20:22:12 74752 ----a-w- C:\Windows\System32\atig6pxx.dll
    2013-12-06 20:22:08 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
    2013-12-06 20:22:08 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
    2013-12-06 20:22:04 100352 ----a-w- C:\Windows\System32\atig6txx.dll
    2013-12-06 20:21:54 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
    2013-12-06 20:21:44 626176 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
    2013-12-06 20:18:12 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
    .
    ==================== Find3M ====================
    .
    2014-01-03 00:39:42 34752 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys
    2013-12-11 01:17:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-12-11 01:17:09 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-12-06 22:04:10 143304 ----a-w- C:\Windows\System32\atiuxp64.dll
    2013-12-06 22:02:38 98496 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
    2013-12-06 22:01:52 1318552 ----a-w- C:\Windows\System32\aticfx64.dll
    2013-12-06 22:01:04 1100216 ----a-w- C:\Windows\SysWow64\aticfx32.dll
    2013-12-06 22:00:16 9753752 ----a-w- C:\Windows\System32\atidxx64.dll
    2013-12-06 21:59:00 8287008 ----a-w- C:\Windows\SysWow64\atiumdva.dll
    2013-12-06 21:58:10 6630232 ----a-w- C:\Windows\SysWow64\atiumdag.dll
    2013-11-26 17:25:52 267936 ------w- C:\Windows\System32\MpSigStub.exe
    2013-11-21 23:18:27 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
    2013-11-15 15:46:08 0 ----a-w- C:\Windows\ativpsrm.bin
    2013-11-09 04:38:38 200704 ----a-w- C:\Windows\SysWow64\clinfo.exe
    2013-11-07 03:13:05 16648 ----a-w- C:\Windows\System32\drivers\FNETURPX.SYS
    2013-10-08 13:39:10 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe
    2013-10-08 13:39:10 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe
    2013-10-08 13:39:08 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe
    2013-10-08 13:39:08 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe
    .
    ============= FINISH: 0:00:10.41 ===============

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 11/6/2013 12:54:20 PM
    System Uptime: 1/2/2014 11:15:04 PM (1 hours ago)
    .
    Motherboard: ASRock | | Z75 Pro3
    Processor: Intel(R) Core(TM) i5-2550K CPU @ 3.40GHz | CPUSocket | 3401/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 75 GiB total, 4.705 GiB free.
    D: is FIXED (NTFS) - 932 GiB total, 39.313 GiB free.
    E: is FIXED (NTFS) - 932 GiB total, 508.588 GiB free.
    F: is CDROM (UDF)
    G: is Removable
    H: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: msahci
    Device ID: ROOT\LEGACY_MSAHCI\0000
    Manufacturer:
    Name: msahci
    PNP Device ID: ROOT\LEGACY_MSAHCI\0000
    Service: msahci
    .
    ==== System Restore Points ===================
    .
    RP58: 1/2/2014 11:49:45 PM - avast! antivirus system restore point
    .
    ==== Installed Programs ======================
    .
    abgx360 v1.0.6
    Adobe Flash Player 11 ActiveX
    Adobe Reader XI (11.0.05)
    AMD Accelerated Video Transcoding
    AMD APP SDK 2.9
    AMD Catalyst Control Center
    AMD Catalyst Install Manager
    AMD Drag and Drop Transcoding
    AMD Media Foundation Decoders
    AMD Wireless Display v3.0
    ASRock App Charger v1.0.6
    ASRock InstantBoot v1.29
    ASRock RapidStart v1.0.6
    ASRock SmartConnect v1.0.6
    avast! Free Antivirus
    Battlefield 4 Update 2
    Battlefield 4™
    Battlelog Web Plugins
    BitTorrent
    BOSS
    Catalyst Control Center - Branding
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-utility64
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    CCleaner
    CPUID CPU-Z 1.67
    CPUID HWMonitor 1.24
    DAEMON Tools Lite
    DMUninstaller
    Dropbox
    ESN Sonar
    GetFoldersize 2.5.24
    Google Chrome
    Google Update Helper
    HiJackThis
    ImgBurn
    Intel(R) Manageability Engine Firmware Recovery Agent
    Intel(R) Management Engine Components
    Intel(R) Rapid Storage Technology
    Intel(R) Smart Connect Technology 2.0 x64
    Intel(R) USB 3.0 eXtensible Host Controller Driver
    Intel® Trusted Connect Service Client
    iwdfix
    Java 7 Update 45
    Java Auto Updater
    Malwarebytes Anti-Malware version 1.75.0.1300
    Microsoft .NET Framework 4.5
    Microsoft Application Compatibility Toolkit 5.6
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office Office 32-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 32-bit MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
    Microsoft Xbox 360 Accessories 1.2
    Minecraft1.7.2
    MSI Afterburner 2.3.1
    Neverwinter Nights Diamond Edition
    Nexus Mod Manager
    Outlast
    PFPortChecker 1.0.39
    Portforward Static IP Address 1.0.47
    RadeonPro 1.0 (Build 1.1.1.0)
    Realtek Ethernet Controller Driver
    Realtek High Definition Audio Driver
    Sapphire TRIXX
    Shadow Warrior
    Spybot - Search & Destroy
    TechPowerUp GPU-Z
    VLC media player 2.1.2
    WinRAR 5.00 (32-bit)
    XFast LAN v6.61
    XFastUSB
    Xiph.Org Open Codecs 0.85.17777
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/28/2013 8:43:40 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    1/2/2014 9:25:48 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    1/2/2014 7:32:05 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Plug and Play service, but this action failed with the following error: A system shutdown has already been scheduled.
    1/2/2014 7:32:04 PM, Error: Service Control Manager [7031] - The Plug and Play service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
    1/2/2014 7:32:04 PM, Error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
    1/2/2014 5:23:58 PM, Error: Service Control Manager [7034] - The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
    1/2/2014 5:18:56 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the DCOM Server Process Launcher service, but this action failed with the following error: A system shutdown has already been scheduled.
    1/2/2014 5:18:56 PM, Error: Service Control Manager [7031] - The Power service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
    1/2/2014 2:12:24 AM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
    1/2/2014 2:07:12 AM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107.
    1/2/2014 2:07:12 AM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
    1/2/2014 11:21:19 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    1/2/2014 11:17:11 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: iaStorA iaStorV msahci
    1/2/2014 11:17:02 PM, Error: Service Control Manager [7023] - The Power service terminated with the following error: The WMI request could not be completed and should be retried.
    1/2/2014 11:16:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.
    1/2/2014 11:16:48 PM, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/2/2014 11:16:10 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
    1/2/2014 11:16:10 PM, Error: Service Control Manager [7000] - The MBAMScheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/2/2014 11:03:08 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding
    1/2/2014 10:34:33 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    1/2/2014 10:17:42 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024809
    1/2/2014 10:17:42 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024809
    1/2/2014 10:17:27 PM, Error: Service Control Manager [7031] - The Spybot-S&D 2 Updating Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    1/2/2014 10:16:00 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    1/2/2014 10:07:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    1/2/2014 10:07:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    1/2/2014 10:07:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    1/2/2014 10:07:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    1/2/2014 10:07:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    1/2/2014 10:07:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    1/2/2014 10:07:33 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsrAppCharger cFosSpeed DfsC discache iaStorA iaStorV msahci NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf ws2ifsl
    1/2/2014 10:07:32 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    1/2/2014 10:07:32 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    1/2/2014 10:07:32 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    1/2/2014 10:07:32 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    1/2/2014 10:07:32 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    1/2/2014 10:07:32 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    1/2/2014 10:07:32 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    1/2/2014 10:07:32 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    1/2/2014 10:07:32 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    1/2/2014 10:07:32 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    1/2/2014 10:07:32 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    1/1/2014 5:12:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the RadeonPro Support Service service to connect.
    1/1/2014 5:12:14 PM, Error: Service Control Manager [7000] - The RadeonPro Support Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/1/2014 2:43:48 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Power service, but this action failed with the following error: A system shutdown has already been scheduled.
    1/1/2014 1:58:10 AM, Error: Microsoft-Windows-WMPNSS-Service [14338] - A new media server was not initialized because CoCreateInstance(CLSID_UPnPRegistrar) encountered error '0x800706bf'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    1/1/2014 1:57:59 AM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The data is invalid.
    1/1/2014 1:11:11 AM, Error: Service Control Manager [7023] - The Intel(R) Management and Security Application User Notification Service service terminated with the following error: %%-2147221165
    1/1/2014 1:11:05 AM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243
    .
    ==== End Of File ===========================
     
  4. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    [​IMG] Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

    Download Malwarebytes Anti-Rootkit (MBAR) from HERE
    • Unzip downloaded file.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...