Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help required - possible (likely) malware problem(s)

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help required - possible (likely) malware problem(s)

Unread postby donpablo » April 23rd, 2013, 11:13 am

Hi, and thanks in advance for any help you all may be able to provide, I have read many success stories on this website recently and hope that I too may soon have a nice clean system.

After a recent motherboard change due to the failure of the previous contender (posssibly caused by malware or some such ?) Installed new motherboard with no issues other than the onboard ethernet controller would not work at all, attempts to update driver etc failed with an error code very similar to that listed below. Basically thereafter I have been noticing alot of little problems and error codes when using windows update or oem security software generally with an error code such as 0x8007042c or some similar variant of this error.

After some cursory research and some probably inept attempts made by myself to clean up the computer I am now concerned there may be a root kit or some other nasties present?

here are my logs as requested. I look forward to your response..

Log 1
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16537
Run by ace at 0:53:34 on 2013-04-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3326.1406 [GMT 10:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\Splashtop\Splashtop Connect\BackService.exe
C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Freecorder\FLVSrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\prevhost.exe
C:\PROGRA~1\MIF5BA~1\Office12\WINWORD.EXE
C:\Windows\system32\prevhost.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcrobatInfo.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Mozilla Firefox\crashreporter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: Splashtop Connect SearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - c:\program files\splashtop\splashtop connect ie\AddressBarSearch.dll
mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\tbFree.dll
BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: Splashtop Connect VisualBookmark: {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - c:\program files\splashtop\splashtop connect ie\STC.dll
BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\tbFree.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Freecorder Toolbar: {1392B8D2-5C05-419F-A8F6-B9F15A596612} - c:\program files\freecorder\tbFree.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\tbFree.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [ZyngaGamesAgent] "c:\program files\splashtop\splashtop connect\ZyngaGamesAgent.exe"
mRun: [STCAgent] "c:\program files\splashtop\splashtop connect ie\STCAgent.exe"
mRun: [SecurDisc] c:\program files\nero\nero8\incd\NBHGui.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [InCD] c:\program files\nero\nero8\incd\InCD.exe
mRun: [Freecorder FLV Service] "c:\program files\freecorder\FLVSrvc.exe" /run
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRunOnce: [GrpConv] grpconv -o
mRunOnce: [*WerKernelReporting] c:\windows\system32\WerFault.exe -k -rq
mRunOnce: [Z1] cmd /c "c:\users\arborwize\desktop\poostinks\mbar\POOSTINK.exe" /cleanup /s
dRunOnce: [SPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\imaget~1.lnk - c:\program files\sony corporation\image transfer\SonyTray.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} - hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{2A1DB284-1DCF-40F8-B5D1-F0A280D985D7} : DHCPNameServer = 61.9.211.1 61.9.211.33 192.168.1.1
TCP: Interfaces\{2A1DB284-1DCF-40F8-B5D1-F0A280D985D7}\94E60297F65727021437370226964736865637 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{2A1DB284-1DCF-40F8-B5D1-F0A280D985D7}\96E60297F6572702163737022696473686563712 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{2C9F6791-AAA1-4CE4-8DF3-532142484BF5} : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{3F2A7B4E-5418-4740-8C40-A83B50E70DF2} : DHCPNameServer = 10.4.81.103 10.4.182.20
TCP: Interfaces\{5047C5B3-65B1-4A10-8569-929B537975A6} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{F7D1FE64-2514-4E01-8F6E-019C396EBEB1} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{F7D1FE64-2514-4E01-8F6E-019C396EBEB1}\2656E64656272E08993702960586F6E656 : DHCPNameServer = 10.4.81.103 10.4.182.20
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\ace\appdata\roaming\mozilla\firefox\profiles\22zihrp6.default\
FF - component: c:\program files\splashtop\splashtop connect for firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}\components\libstutils.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - ExtSQL: 2013-03-29 03:12; {91c612bf-2a7a-48b8-8c8c-6de28589b7a0}; c:\program files\splashtop\splashtop connect for firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
FF - ExtSQL: 2013-03-29 03:12; {91c612bf-2a7a-48b8-8c8c-6de28589b7a1}; c:\program files\splashtop\splashtop connect for firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
FF - ExtSQL: 2013-03-29 03:12; {d9284e50-81fc-11da-a72b-0800200c9a66}; c:\program files\splashtop\splashtop connect for firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
FF - ExtSQL: !HIDDEN! 2010-01-02 16:59; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R0 sonypvl2;sonypvl2;c:\windows\system32\drivers\sonypvl2.sys [2012-10-19 19478]
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2013-3-27 18544]
R1 sonypvf2;sonypvf2;c:\windows\system32\drivers\sonypvf2.sys [2012-10-19 635012]
R1 sonypvt2;sonypvt2;c:\windows\system32\drivers\sonypvt2.sys [2012-10-19 431236]
R2 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2013-3-27 68136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 ekrn;ESET Service;"c:\program files\eset\eset smart security\ekrn.exe" --> c:\program files\eset\eset smart security\ekrn.exe [?]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x86.sys [2009-6-25 47104]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2013-3-29 24944]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys [2013-4-11 30616]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432]
S3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-6-11 545792]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 100328]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-3-29 14848]
S3 rt61x86;RT61 Extensible Wireless Driver;c:\windows\system32\drivers\netr61.sys [2010-4-7 376160]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-3-29 49664]
S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-7-14 20480]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-04-23 01:31:51 6906960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{442b8329-b0e9-431b-9083-760d68d634f2}\mpengine.dll
2013-04-19 00:40:36 6906960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-04-11 04:35:42 30616 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2013-04-10 17:33:11 -------- d-----w- c:\programdata\HitmanPro
2013-04-10 15:30:36 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 15:30:36 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 15:30:35 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 15:30:35 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 14:53:12 1212264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 14:47:31 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 13:37:00 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-07 15:03:53 -------- d-----w- C:\TDSSKiller_Quarantine
2013-04-03 22:31:52 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2013-04-02 08:33:26 -------- d-----w- c:\program files\Microsoft Security Client
2013-03-29 16:42:35 7108640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{219292b2-1245-4755-a377-0e250caae26b}\mpengine.dll
2013-03-29 06:15:45 -------- d-----w- c:\programdata\APN
2013-03-28 15:58:21 17488 ----a-w- c:\windows\gdrv.sys
2013-03-28 15:02:47 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2013-03-28 14:58:20 6271872 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-28 14:58:20 20542752 ----a-w- c:\windows\system32\nvoglv32.dll
2013-03-28 14:58:19 8952608 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-03-28 14:58:19 892704 ----a-w- c:\windows\system32\nvdispgenco3231422.dll
2013-03-28 14:58:19 1012512 ----a-w- c:\windows\system32\nvdispco3231422.dll
2013-03-28 14:58:18 7959000 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-28 14:58:18 2728736 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-28 14:58:18 1995552 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-28 14:58:18 15042928 ----a-w- c:\windows\system32\nvd3dum.dll
2013-03-28 14:58:17 17560352 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-28 14:35:30 -------- d-----w- c:\windows\GBD
2013-03-28 14:34:41 -------- d-----w- c:\users\ace\appdata\roaming\Splashtop
2013-03-28 04:05:33 2557728 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-28 04:03:29 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-03-28 04:01:48 311296 ----a-w- c:\windows\system32\CNMLMA7.DLL
2013-03-28 03:58:37 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-28 03:39:17 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-03-28 03:38:16 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-03-28 03:38:16 247808 ----a-w- c:\windows\system32\schannel.dll
2013-03-28 03:38:16 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-03-28 03:38:16 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-03-28 03:34:25 -------- d-----w- c:\program files\Microsoft
2013-03-27 23:46:14 -------- d-----w- c:\programdata\Malwarebytes
2013-03-27 15:10:40 57812 ----a-w- c:\windows\system32\epfwdata.bin
2013-03-27 14:31:35 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-27 14:09:06 -------- d-----w- c:\users\ace\appdata\roaming\SparkTrust
2013-03-27 14:09:06 -------- d-----w- c:\users\ace\appdata\roaming\DriverCure
2013-03-27 14:08:51 -------- d-----w- c:\program files\common files\SparkTrust
2013-03-27 14:08:46 -------- d-----w- c:\programdata\SparkTrust
2013-03-27 14:08:46 -------- d-----w- c:\program files\SparkTrust
2013-03-27 14:05:57 -------- d-----w- c:\users\ace\appdata\roaming\Nico Mak Computing
2013-03-27 14:05:55 17224 ----a-w- c:\windows\system32\roboot.exe
2013-03-27 14:05:53 -------- d-----w- c:\program files\WinZip Registry Optimizer
2013-03-27 05:36:10 73728 ----a-w- c:\windows\system32\ISUSPM.cpl
2013-03-27 05:36:09 385024 ----a-w- c:\program files\common files\installshield\updateservice\_ispmres.dll
2013-03-27 05:36:09 221184 ----a-w- c:\program files\common files\installshield\updateservice\ISUSPM.exe
2013-03-27 05:34:54 -------- d-----w- c:\program files\AMD
2013-03-27 05:26:19 -------- d-----w- c:\programdata\Splashtop
2013-03-27 05:24:37 31272 ----a-w- c:\windows\system32\AppleChargerSrv.exe
2013-03-27 05:24:37 18544 ----a-w- c:\windows\system32\drivers\AppleCharger.sys
2013-03-27 05:21:39 -------- d--h--w- c:\programdata\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2013-03-27 05:21:16 -------- d-----w- c:\program files\Splashtop
2013-03-27 05:20:22 -------- d-----w- c:\program files\Gigabyte
2013-03-27 05:19:25 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2013-03-27 05:19:25 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2013-03-27 05:19:25 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2013-03-27 05:19:25 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2013-03-27 05:19:25 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2013-03-27 05:19:25 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2013-03-27 05:19:25 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2013-03-25 02:32:14 -------- d-----w- c:\users\ace\appdata\roaming\Tific
.
==================== Find3M ====================
.
2013-04-02 10:33:22 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-28 03:58:37 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-15 05:46:27 2539128 ----a-w- c:\windows\system32\nvapi.dll
2013-03-15 05:46:27 13088000 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-03-15 02:59:30 4119328 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 02:59:30 3014432 ----a-w- c:\windows\system32\nvsvc.dll
2013-03-15 02:59:27 634144 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 02:59:26 62752 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 02:59:26 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 11:07:52 559904 ----a-w- c:\windows\system32\nvStreaming.exe
2013-03-13 08:19:17 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-13 08:19:17 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-25 13:22:36 1017120 ----a-w- c:\windows\system32\nvdispco32.dll
2013-02-25 13:22:32 892704 ----a-w- c:\windows\system32\nvdispgenco32.dll
2013-02-21 10:30:16 1766912 ----a-w- c:\windows\system32\wininet.dll
2013-02-21 10:29:39 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-02-21 10:29:37 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-02-21 10:29:37 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-02-19 12:01:03 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-19 11:10:53 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-02-12 04:48:31 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
.
============= FINISH: 0:55:33.91 ===============


Log 2

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume4
Install Date: 2/01/2010 7:04:53 PM
System Uptime: 23/04/2013 8:49:03 AM (16 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | G41M-Combo
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz | Socket 775 | 2333/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 259.979 GiB free.
D: is CDROM (CDFS)
E: is FIXED (FAT32) - 10 GiB total, 0.125 GiB free.
F: is FIXED (NTFS) - 145 GiB total, 49.819 GiB free.
G: is FIXED (FAT32) - 4 GiB total, 0.573 GiB free.
H: is CDROM ()
I: is Removable
J: is Removable
K: is Removable
L: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_1969&DEV_1083&SUBSYS_E0001458&REV_C0\4&15E70C52&0&00E1
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_1969&DEV_1083&SUBSYS_E0001458&REV_C0\4&15E70C52&0&00E1
Service:
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: Terminal Server Keyboard Driver
Device ID: ROOT\RDP_KBD\0000
Manufacturer: (Standard system devices)
Name: Terminal Server Keyboard Driver
PNP Device ID: ROOT\RDP_KBD\0000
Service: TermDD
.
==== System Restore Points ===================
.
RP311: 8/04/2013 2:00:01 AM - Automatic creation
RP312: 9/04/2013 2:00:02 AM - Automatic creation
RP313: 10/04/2013 2:00:03 AM - Automatic creation
RP316: 11/04/2013 2:49:21 AM - Automatic creation
RP319: 12/04/2013 2:00:00 AM - Automatic creation
RP321: 13/04/2013 2:00:00 AM - Automatic creation
RP323: 14/04/2013 2:00:01 AM - Automatic creation
RP326: 16/04/2013 2:00:00 AM - Automatic creation
RP327: 17/04/2013 2:00:01 AM - Automatic creation
RP329: 18/04/2013 2:00:00 AM - Automatic creation
RP330: 19/04/2013 2:00:00 AM - Automatic creation
RP331: 23/04/2013 9:21:26 AM - Automatic creation
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe Acrobat 9 Pro
Adobe Acrobat 9.5.4 - CPSID_83708
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe After Effects CS3 Template Projects & Footage
Adobe After Effects CS3 Third Party Content
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Contribute CS3
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Flash CS3
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Setup
Adobe Shockwave Player 11.5
Adobe SING CS3
Adobe Soundbooth CS3
Adobe Soundbooth CS3 Codecs
Adobe Soundbooth CS3 Scores
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BigPond Broadband ADSL
Bonjour
Continuum 0.40
DMIView B8.0717.01
Easy NearMap Downloader 3.0
Easy Tune 6 B11.0728.1
EasySaver B9.0904.1
Freecorder 4.01 Application
Freecorder Toolbar
GearDrvs
Google Chrome
Google Earth
Google Update Helper
honestech VHS to DVD 3.0 Deluxe
HyperTiles
Image Transfer
ImageMixer for Sony
iTunes
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.0
Microsoft IntelliType Pro 8.0
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 (x86)
Microsoft Sync Framework Services v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
MicroStaff WINASPI
Mozilla Firefox 19.0.2 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MYOB BusinessBasics v1
Nero 8 Essentials
neroxml
NVIDIA 3D Vision Controller Driver 314.22
NVIDIA 3D Vision Driver 314.22
NVIDIA Control Panel 314.22
NVIDIA Display Control Panel
NVIDIA Graphics Driver 314.22
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.12.12
NVIDIA Update Components
OGA Notifier 2.0.0048.0
ON_OFF Charge B11.0110.1
PDF Settings
QuickTime
Realtek High Definition Audio Driver
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Smart Recovery B10.0324.1 (x86)
Sony DVD Handycam USB Driver
SparkTrust PC Cleaner Plus
Splashtop Connect for Firefox
Splashtop Connect IE
SyncToy 2.0 (x86)
TurboCAD 2D Training Guide
TurboCAD Professional 15
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB2.0 VIDBOX NW03
VCRedistSetup
Windows Live ID Sign-in Assistant
.
==== Event Viewer Messages From Past Week ========
.
24/04/2013 12:54:05 AM, Error: Service Control Manager [7023] - The Base Filtering Engine service terminated with the following error: Access is denied.
24/04/2013 12:54:05 AM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.
24/04/2013 12:41:26 AM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}. The error: "2" Happened while starting this command: C:\Windows\system32\igfxsrvc.exe -Embedding
23/04/2013 8:53:31 AM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
23/04/2013 8:53:31 AM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: The system cannot find the file specified.
23/04/2013 8:53:31 AM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The system cannot find the file specified.
23/04/2013 8:53:11 AM, Error: WMPNetworkSvc [14353] - A media delivery engine with ID '0' was not initialized due to error '0x800700b7' when adding the URL 'http://+:10243/WMPNSSv4/3504433559/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
23/04/2013 8:53:11 AM, Error: WMPNetworkSvc [14349] - A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x800700b7'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
23/04/2013 8:51:16 AM, Error: Service Control Manager [7023] - The Diagnostic System Host service terminated with the following error: The requested control is not valid for this service.
23/04/2013 8:51:16 AM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.
23/04/2013 8:51:16 AM, Error: Service Control Manager [7001] - The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.
23/04/2013 8:51:16 AM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.
23/04/2013 8:51:15 AM, Error: Service Control Manager [7000] - The ESET Service service failed to start due to the following error: The system cannot find the file specified.
23/04/2013 8:51:15 AM, Error: Service Control Manager [7000] - The Diagnostic Policy Service service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.
23/04/2013 11:32:45 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.149.350.0).
23/04/2013 11:32:43 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007042c Error description: The dependency service or group failed to start.
23/04/2013 11:32:39 AM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.
23/04/2013 11:32:39 AM, Error: Service Control Manager [7001] - The Microsoft Network Inspection service depends on the Microsoft Network Inspection System service which failed to start because of the following error: The dependency service or group failed to start.
23/04/2013 11:32:39 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\NETWORK SERVICE Error Code: 0x8007042c Error description: The dependency service or group failed to start.
23/04/2013 11:32:39 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
23/04/2013 11:32:32 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.149.350.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9402.0 Error code: 0x80070643 Error description: Fatal error during installation.
23/04/2013 11:32:24 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start.
23/04/2013 11:32:24 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
19/04/2013 10:41:05 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007042c Error description: The dependency service or group failed to start.
19/04/2013 10:41:04 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.149.94.0).
19/04/2013 10:41:00 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\NETWORK SERVICE Error Code: 0x8007042c Error description: The dependency service or group failed to start.
19/04/2013 10:41:00 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
19/04/2013 10:40:53 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.149.94.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9402.0 Error code: 0x80070643 Error description: Fatal error during installation.
19/04/2013 10:40:48 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start.
19/04/2013 10:40:48 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
18/04/2013 7:37:07 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
18/04/2013 7:37:00 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.2000.0 Update Source: Microsoft Malware Protection Center Update Stage: Download Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80072ee2 Error description: The operation timed out
18/04/2013 7:37:00 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.2000.0 Update Source: Microsoft Malware Protection Center Update Stage: Download Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80072ee2 Error description: The operation timed out
18/04/2013 7:35:55 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.2000.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
18/04/2013 7:35:55 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.2000.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
17/04/2013 11:59:58 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007042c Error description: The dependency service or group failed to start.
17/04/2013 11:59:54 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\NETWORK SERVICE Error Code: 0x8007042c Error description: The dependency service or group failed to start.
17/04/2013 11:59:54 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
17/04/2013 11:59:16 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1983.0).
17/04/2013 11:59:03 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.1983.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80070643 Error description: Fatal error during installation.
17/04/2013 11:58:55 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start.
17/04/2013 11:58:55 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
.
==== End Of File ===========================

Thanks again, Looking forward to your help on this one

.:don:.
donpablo
Active Member
 
Posts: 3
Joined: April 23rd, 2013, 10:49 am
Advertisement
Register to Remove

Re: Help required - possible (likely) malware problem(s)

Unread postby pgmigg » April 23rd, 2013, 12:14 pm

Hello donpablo,

Welcome to the forum! :)

My nickname is pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Help required - possible (likely) malware problem(s)

Unread postby donpablo » April 23rd, 2013, 3:10 pm

Thanks for your prompt response.

I have backed up all vital data to another location.

how are we to proceed from here ?

.:don:.
donpablo
Active Member
 
Posts: 3
Joined: April 23rd, 2013, 10:49 am

Re: Help required - possible (likely) malware problem(s)

Unread postby pgmigg » April 23rd, 2013, 3:34 pm

Hello donpablo,

Step 1.
License issue with Microsoft Office Enterprise 2007
The Microsoft Office Enterprise 2007 is not sold to individual home computer users and hence is not generally legal on a home computer.

Per our policy concerning illegally licensed software, I can offer you no further assistance as long as you have Microsoft Office Enterprise 2007 installed.

I strongly recommend that you uninstall Microsoft Office Enterprise 2007 however that choice is up to you.
  • If you choose NOT to remove this program, please indicate that in your next reply and ignore the remaining steps.
  • If you choose to remove this program then perform the following steps:
    1. Click on Start, then click the Start Search box on the Start Menu.
    2. Copy and paste the value below without the word Code: into the open text entry box:
      Code: Select all
       appwiz.cpl 
      and press Enter - the Unistall or change a program list will be opened.
    3. Right-click the MS Office Enterprise 2007 entry, choose Uninstall/Change and give permission to Continue.
  • Reboot (restart) your computer.

Then,
Please tell me, is this computer used for business purposes or connected to any business network?
I need to know it - so I can provide the proper instructions.

Step 2.
Run CKScanner
  1. Please download CKScanner from here
  2. Important: - Save it to your Desktop.
  3. Right-click CKScanner.exe and select "Run as administrator...", then click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Step 3.
MGA Diagnostics
I need you to run a tool which will aid in determining what additional steps we'll need to perform.
  1. Please download this tool from Microsoft and save it to your Desktop.
  2. Right click on MGADiag.exe and select Run As Administrator to run it.
  3. Click "Run" again and then click "Continue".
  4. The program will run. It takes a while to finish the diagnosis, please be patient.
  5. Once done, click on Copy.
  6. Open Notepad and paste the contents in. Save this file and post it in your next reply.

Step 4.
Run CodeCheck Scan
  1. Please download codecheck from here to your Desktop.
  2. Make sure that codecheck.exe is on the your Desktop before running the application!
  3. Right-click on codecheck.exe and select "Run as administrator..." to run it.
  4. After a very short time a codecheck.txt icon will appear on your Desktop
  5. Double-click on the codecheck.txt icon on your Desktop and copy/paste the contents in your next reply.

Please include in your next reply:
  1. Your decision about Microsoft Office Enterprise 2007.
  2. Answer for my question related to type of using of your computer.
  3. Do you have any problems executing the instructions?
  4. Contents of a log created by CKFiles.txt
  5. Contents of a log created by MGADiag.exe
  6. Contents of the codecheck.txt log file
  7. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Help required - possible (likely) malware problem(s)

Unread postby donpablo » April 23rd, 2013, 9:57 pm

pgmigg wrote:Hello donpablo,

Step 1.
License issue with Microsoft Office Enterprise 2007
The Microsoft Office Enterprise 2007 is not sold to individual home computer users and hence is not generally legal on a home computer.

Per our policy concerning illegally licensed software, I can offer you no further assistance as long as you have Microsoft Office Enterprise 2007 installed.

I strongly recommend that you uninstall Microsoft Office Enterprise 2007 however that choice is up to you.

If you choose NOT to remove this program, please indicate that in your next reply and ignore the remaining steps.
If you choose to remove this program then perform the following steps:
Click on Start, then click the Start Search box on the Start Menu.
Copy and paste the value below without the word Code: into the open text entry box:
Code:
appwiz.cpl
and press Enter - the Unistall or change a program list will be opened.
Right-click the MS Office Enterprise 2007 entry, choose Uninstall/Change and give permission to Continue.
Reboot (restart) your computer.


I apologize If I may be drifting away from the poing and possibly slightly off topic somewhat here though, however, here goes;.. early in the development of my (very small soul trader) business I started out on this very PC, and While I had a bought and installed my personal & i must stress, entirely legitimate store bought copy of and subsequent installation of office 2007.

While searching for tips and updates to that software package shortly thereafter I did download and install a "trial version" of office enterprise, that to my newbish eye and skill set at the time did not particularly impress when compared to my original installation of my purchased product, strangely I dont ever recall being required to register the product at any stage ?

Would you suggest this could have potentially been the start of my problems ? with the 'enterprise software unloading some malicious software into my system at that time ? and hiding behind my legitimate product id and registration key ?

Subsequent to this by no more than a couple of months I invested in a more substantial and secure info tech solution to meet the growing requirements of my business and clients needs, including a deidicated server and a bunch of other expensive important sounding parts, software and so fourth, and in so doing relinquishing this machine to my personal (@ at home) desktop.

With that being the case, is the above steps indicated by yourself still reqiured to proceed ? (I dont mean to question your methods in anyway and if you say it needs to go, then so be it. Just confirm the above instructions are still required and I shall action at my earliest opportunity.

one question, if I remove the enterprise product, will my originally installed office installation remain ? or is there a method that can enable such an outcome to prevail ?


pgmigg wrote:Then,Please tell me, is this computer used for business purposes or connected to any business network?
I need to know it - so I can provide the proper instructions.


No the computer is not used in any official or any business capacity and has not been since early 2008.
donpablo
Active Member
 
Posts: 3
Joined: April 23rd, 2013, 10:49 am

Re: Help required - possible (likely) malware problem(s)

Unread postby pgmigg » April 24th, 2013, 12:00 am

Hello donpablo,
I apologize If I may be drifting away from the poing and possibly slightly off topic somewhat here though, however, here goes;.. early in the development of my (very small soul trader) business I started out on this very PC, and While I had a bought and installed my personal & i must stress, entirely legitimate store bought copy of and subsequent installation of office 2007.

one question, if I remove the enterprise product, will my originally installed office installation remain ? or is there a method that can enable such an outcome to prevail ?
No - you will need the fresh installation. If you have "entirely legitimate store bought copy of and subsequent installation of office 2007" you can easily remove Enterprise Edition and then install your legal version...
While searching for tips and updates to that software package shortly thereafter I did download and install a "trial version" of office enterprise, that to my newbish eye and skill set at the time did not particularly impress when compared to my original installation of my purchased product, strangely I dont ever recall being required to register the product at any stage ?

Would you suggest this could have potentially been the start of my problems ? with the 'enterprise software unloading some malicious software into my system at that time ? and hiding behind my legitimate product id and registration key ?

Subsequent to this by no more than a couple of months I invested in a more substantial and secure info tech solution to meet the growing requirements of my business and clients needs, including a deidicated server and a bunch of other expensive important sounding parts, software and so fourth, and in so doing relinquishing this machine to my personal (@ at home) desktop.

With that being the case, is the above steps indicated by yourself still reqiured to proceed ? (I dont mean to question your methods in anyway and if you say it needs to go, then so be it. Just confirm the above instructions are still required and I shall action at my earliest opportunity.
Here is no place for discussion or fair trade about described issue!
I will begin to answer your questions only after you make your selection and follow instructions from my previous post which I slightly change and repeat:

Step 1.
License issue with Microsoft Office Enterprise 2007
The Microsoft Office Enterprise 2007 is not sold to individual home computer users and hence is not generally legal on a home computer.

Per our policy concerning illegally licensed software, I can offer you no further assistance as long as you have Microsoft Office Enterprise 2007 installed.

I strongly recommend that you uninstall Microsoft Office Enterprise 2007 however that choice is up to you.
  • If you choose NOT to remove this program, please indicate that in your next reply and ignore the remaining steps.
  • If you choose to remove this program then perform the following steps:
    1. Click on Start, then click the Start Search box on the Start Menu.
    2. Copy and paste the value below without the word Code: into the open text entry box:
      Code: Select all
       appwiz.cpl 
      and press Enter - the Unistall or change a program list will be opened.
    3. Right-click the MS Office Enterprise 2007 entry, choose Uninstall/Change and give permission to Continue.
  • Reboot (restart) your computer.

Step 2.
Run CKScanner
  1. Please download CKScanner from here
  2. Important: - Save it to your Desktop.
  3. Right-click CKScanner.exe and select "Run as administrator...", then click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Step 3.
MGA Diagnostics
I need you to run a tool which will aid in determining what additional steps we'll need to perform.
  1. Please download this tool from Microsoft and save it to your Desktop.
  2. Right click on MGADiag.exe and select Run As Administrator to run it.
  3. Click "Run" again and then click "Continue".
  4. The program will run. It takes a while to finish the diagnosis, please be patient.
  5. Once done, click on Copy.
  6. Open Notepad and paste the contents in. Save this file and post it in your next reply.

Step 4.
Run CodeCheck Scan
  1. Please download codecheck from here to your Desktop.
  2. Make sure that codecheck.exe is on the your Desktop before running the application!
  3. Right-click on codecheck.exe and select "Run as administrator..." to run it.
  4. After a very short time a codecheck.txt icon will appear on your Desktop
  5. Double-click on the codecheck.txt icon on your Desktop and copy/paste the contents in your next reply.

Please include in your next reply:
  1. Your decision about Microsoft Office Enterprise 2007.
  2. Do you have any problems executing the instructions?
  3. Contents of a log created by CKFiles.txt
  4. Contents of a log created by MGADiag.exe
  5. Contents of the codecheck.txt log file
  6. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Help required - possible (likely) malware problem(s)

Unread postby deltalima » April 29th, 2013, 3:00 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 47 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware