Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Possible Infected, Please help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Possible Infected, Please help

Unread postby auto1671 » June 7th, 2014, 12:54 pm

Hi, after trying all different methods to try and check for and install Windows updates I am now posting here to see if any infection is stopping this process. Also my computer browser does not seem to be going as fast as it normally does. The DDS logs are as follows:

DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.55.2
Run by Jack at 17:48:32 on 2014-06-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6058.3982 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\S Agent\CommonAgent.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Workrave\lib\Workrave.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Workrave\lib\WorkraveHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://duckduckgo.com/
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
uRun: [Workrave] C:\Program Files (x86)\Workrave\lib\workrave.exe
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 172.16.1.1 8.8.8.8
TCP: Interfaces\{1FBE5756-A064-4A5D-B964-3A9BDE9F1787} : DHCPNameServer = 172.16.1.1 8.8.8.8
TCP: Interfaces\{1FBE5756-A064-4A5D-B964-3A9BDE9F1787}\6796277696E6D65646961633639393032313 : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\ro63cwxv.default\
FF - prefs.js: browser.startup.homepage - hxxps://encrypted.google.com/webhp?tab= ... d=0CAUQ1S4
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2013-9-17 62136]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2013-9-17 239320]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2013-9-17 44120]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\Windows\System32\drivers\SABI.sys [2014-5-9 13824]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-10 144152]
R2 bckd;bckd;C:\Windows\System32\drivers\bckd.sys [2014-1-24 126168]
R2 bckwfs;Blue Coat K9 Web Protection;C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2014-1-24 2647256]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-9-12 1337752]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-5-17 1809720]
R2 MsDepSvc;Web Deployment Agent Service;C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2014-5-5 88720]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-12-6 1229528]
R2 SWUpdateService;SW Update Service;C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [2014-4-4 3020632]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-6-2 5024576]
R3 dfmirage;dfmirage;C:\Windows\System32\drivers\dfmirage.sys [2008-3-5 36432]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-5-17 25928]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-12-6 18456]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-5-14 425064]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2014-1-17 202600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-5-17 860472]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-6 662232]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-5-9 111616]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-5-17 63704]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-5-9 1255736]
.
=============== Created Last 30 ================
.
2014-06-07 16:29:50 -------- d-----w- C:\Windows\System32\catroot2
2014-06-07 16:17:20 -------- d-----w- C:\Windows\SysWow64\wbem\Performance
2014-06-07 16:07:21 -------- d-----w- C:\RegBackup
2014-06-07 15:16:28 -------- d-----w- C:\Users\Jack\AppData\Roaming\Malwarebytes
2014-06-07 15:15:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-07 15:01:18 -------- d-----w- C:\Program Files (x86)\Tweaking.com
2014-06-07 14:38:41 -------- d-----w- C:\ProgramData\RogueKiller
2014-06-07 13:11:40 -------- d-----w- C:\Program Files\CCleaner
2014-06-07 09:36:48 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{505F6272-8087-4098-ACB7-066D16C8B3EB}\mpengine.dll
2014-06-01 23:11:23 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-05-28 23:53:22 -------- d-----w- C:\Users\Jack\AppData\Local\My_First_Game1
2014-05-28 20:56:38 -------- d-----w- C:\Users\Jack\AppData\Local\GameMaker-Studio
2014-05-28 19:58:04 -------- d-----w- C:\Users\Jack\AppData\Local\GameMaker8.1
2014-05-28 19:57:55 -------- d-----w- C:\Users\Jack\AppData\Local\YoYo_Games_Ltd
2014-05-28 19:57:31 -------- d-----w- C:\Users\Jack\GameMaker 8.1
2014-05-28 17:40:04 -------- d-----w- C:\Users\Jack\AppData\Roaming\NuGet
2014-05-28 17:35:10 560128 ----a-w- C:\ProgramData\Microsoft\WDExpress\12.0\1033\ResourceCache.dll
2014-05-28 17:25:27 -------- d-----w- C:\Program Files (x86)\Windows Kits
2014-05-28 17:24:10 -------- d-----w- C:\Program Files (x86)\Microsoft Help Viewer
2014-05-28 17:22:29 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2014-05-28 17:22:18 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-05-28 17:13:32 -------- d-----w- C:\Windows\SysWow64\1033
2014-05-28 17:06:04 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-05-28 17:05:47 -------- d-----w- C:\Windows\System32\1033
2014-05-28 17:05:25 -------- d-----w- C:\Program Files\Microsoft Visual Studio 12.0
2014-05-28 16:54:21 -------- d-----w- C:\ProgramData\Package Cache
2014-05-27 22:06:11 -------- d-----w- C:\Users\Jack\AppData\Local\Unity
2014-05-27 21:32:35 -------- d-----w- C:\ProgramData\MySQL
2014-05-27 21:32:35 -------- d-----w- C:\Program Files\MySQL
2014-05-27 21:25:29 -------- d-----w- C:\Users\Jack\AppData\Roaming\Microsoft Corporation
2014-05-27 21:24:29 -------- d-----w- C:\Program Files (x86)\MySQL
2014-05-27 21:23:43 -------- d-----w- C:\Program Files\IIS
2014-05-27 21:23:43 -------- d-----w- C:\Program Files (x86)\IIS
2014-05-27 21:23:13 -------- d-----w- C:\Program Files (x86)\IIS Express
2014-05-27 21:22:46 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2014-05-27 21:22:45 -------- d-----w- C:\Program Files\Microsoft SQL Server
2014-05-27 21:22:41 -------- d-----w- C:\Program Files\runphp
2014-05-27 21:21:31 -------- d-----w- C:\Program Files\Microsoft
2014-05-27 21:18:10 -------- d-----w- C:\Users\Jack\sitebuilder
2014-05-27 21:11:11 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-27 21:08:48 -------- d-----w- C:\ProgramData\Oracle
2014-05-27 20:52:34 -------- d-----w- C:\Program Files (x86)\Common Files\Enterbrain
2014-05-26 16:28:46 31232 ----a-w- C:\Windows\System32\drivers\tap0901.sys
2014-05-26 16:28:45 -------- d-----w- C:\Program Files\SecurityKISS Tunnel
2014-05-26 01:03:53 -------- d-----w- C:\Users\Jack\AppData\Local\Skype
2014-05-26 01:03:25 -------- d-----r- C:\Program Files (x86)\Skype
2014-05-20 23:59:56 -------- d-----w- C:\Users\Jack\AppData\Local\Google
2014-05-18 18:08:09 -------- d-----w- C:\Users\Jack\AppData\Roaming\OpenOffice
2014-05-18 14:36:08 -------- d-----w- C:\Program Files (x86)\OpenOffice 4
2014-05-18 14:01:16 -------- d-----w- C:\Program Files (x86)\Password Corral v4.0
2014-05-18 13:34:12 -------- d-----w- C:\Program Files (x86)\KeyNote
2014-05-18 13:24:54 -------- d-----w- C:\Program Files\Blue Coat K9 Web Protection
2014-05-17 15:14:49 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-17 15:14:49 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-17 15:14:49 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-17 15:14:48 -------- d-----w- C:\ProgramData\Malwarebytes
2014-05-17 15:14:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-16 20:43:29 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2014-05-16 00:11:19 -------- d-----w- C:\Users\Jack\AppData\Local\Microsoft Games
2014-05-15 22:18:47 -------- d-----w- C:\Users\Jack\AppData\Local\Diagnostics
2014-05-14 19:53:06 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-05-14 19:53:06 425064 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2014-05-14 19:53:06 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2014-05-14 15:43:49 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-14 15:43:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-14 14:20:30 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-14 14:20:30 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-14 14:20:01 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-14 14:20:01 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-05-14 14:20:00 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-14 14:20:00 455168 ----a-w- C:\Windows\System32\winlogon.exe
2014-05-14 14:20:00 3969984 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2014-05-14 14:20:00 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2014-05-14 14:20:00 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-14 14:20:00 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-13 13:40:39 -------- d-----w- C:\Program Files (x86)\Realtek
2014-05-13 13:37:52 -------- d-----w- C:\LAN Driver_8.4.907.2012
2014-05-11 13:59:04 -------- d-----w- C:\Users\Jack\AppData\Roaming\abelhadigital.com
2014-05-11 13:59:04 -------- d-----w- C:\ProgramData\abelhadigital.com
2014-05-11 13:58:57 -------- d-----w- C:\Program Files (x86)\HostsMan
2014-05-11 13:19:53 -------- d-----w- C:\Program Files (x86)\Everything
2014-05-11 12:47:51 -------- d-----w- C:\Users\Jack\AppData\Local\WindowsUpdate
2014-05-11 12:45:52 -------- d-----w- C:\Users\Jack\AppData\Local\Secunia PSI
2014-05-11 12:45:43 -------- d-----w- C:\Program Files (x86)\Secunia
2014-05-11 00:00:11 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-09 22:55:54 -------- d-----r- C:\Sandbox
2014-05-09 22:54:35 -------- d-----w- C:\Program Files\Sandboxie
2014-05-09 21:15:05 -------- d-----w- C:\Users\Jack\AppData\Local\Samsung
2014-05-09 21:11:03 -------- d-----w- C:\Program Files\Samsung
2014-05-09 21:10:36 -------- d-----w- C:\ProgramData\Samsung
2014-05-09 21:10:07 2871808 ----a-w- C:\Windows\explorer.exe
2014-05-09 21:10:07 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2014-05-09 21:10:05 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2014-05-09 21:10:05 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2014-05-09 21:09:57 96768 ----a-w- C:\Windows\System32\fsutil.exe
2014-05-09 21:09:57 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2014-05-09 21:09:57 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2014-05-09 21:09:57 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2014-05-09 21:09:57 2565632 ----a-w- C:\Windows\System32\esent.dll
2014-05-09 21:09:57 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2014-05-09 21:09:57 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2014-05-09 21:09:57 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2014-05-09 21:09:57 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2014-05-09 21:09:51 67072 ----a-w- C:\Windows\splwow64.exe
2014-05-09 21:09:51 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2014-05-09 20:57:58 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2014-05-09 20:51:13 -------- d-----w- C:\Users\Jack\AppData\Roaming\Samsung
2014-05-09 20:42:23 13824 ----a-w- C:\Windows\System32\drivers\SABI.sys
2014-05-09 20:42:14 -------- d-----w- C:\Program Files (x86)\Samsung
2014-05-09 20:30:19 -------- d-----w- C:\Users\Jack\AppData\Local\ElevatedDiagnostics
2014-05-09 20:24:45 -------- d-----w- C:\Users\Jack\AppData\Roaming\Workrave
2014-05-09 20:24:34 -------- d-----w- C:\Program Files (x86)\Workrave
2014-05-09 20:16:44 -------- d-----w- C:\Users\Jack\AppData\Roaming\WinPatrol
2014-05-09 20:16:39 -------- d-----w- C:\ProgramData\InstallMate
2014-05-09 20:16:39 -------- d-----w- C:\Program Files (x86)\BillP Studios
2014-05-09 20:14:14 -------- d-----w- C:\Users\Jack\AppData\Roaming\SUPERAntiSpyware.com
2014-05-09 20:13:49 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2014-05-09 20:13:49 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-05-09 20:11:44 -------- d-----w- C:\ProgramData\Licenses
2014-05-09 20:11:41 129872 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2014-05-09 20:11:41 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-05-09 20:11:40 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2014-05-09 19:58:52 -------- d-----w- C:\Users\Jack\AppData\Local\Macromedia
2014-05-09 19:34:47 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-09 19:34:47 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-09 19:33:15 -------- d-----w- C:\Users\Jack\AppData\Local\Adobe
2014-05-09 19:28:36 -------- d-----w- C:\Users\Jack\AppData\Local\Programs
2014-05-09 19:06:56 -------- d-----w- C:\Program Files (x86)\AzTools
2014-05-09 18:58:07 46704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-05-09 18:48:32 -------- d-----w- C:\Windows\SysWow64\Wat
2014-05-09 18:48:32 -------- d-----w- C:\Windows\System32\Wat
2014-05-09 18:43:31 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-05-09 18:43:31 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-05-09 18:43:27 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-05-09 18:43:27 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-05-09 18:43:27 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-05-09 18:43:27 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-05-09 18:31:41 -------- d-s---w- C:\Windows\System32\CompatTel
2014-05-09 18:26:29 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-05-09 18:26:29 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-05-09 18:07:05 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-05-09 18:07:05 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-05-09 18:07:04 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-05-09 18:07:03 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-05-09 17:58:53 -------- d-----w- C:\Windows\Migration
2014-05-09 17:41:14 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-05-09 17:29:36 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2014-05-09 17:22:54 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-05-09 17:12:01 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-05-09 17:12:01 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-05-09 17:12:00 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2014-05-09 17:12:00 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2014-05-09 17:11:58 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2014-05-09 17:11:57 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2014-05-09 17:11:57 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2014-05-09 16:38:20 -------- d-----w- C:\Windows\System32\MRT
2014-05-09 16:35:17 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2014-05-09 16:35:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2014-05-09 16:35:16 5120 ----a-w- C:\Windows\System32\wmi.dll
2014-05-09 16:23:59 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2014-05-09 16:21:28 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2014-05-09 16:21:28 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2014-05-09 16:18:57 395776 ----a-w- C:\Windows\System32\webio.dll
2014-05-09 16:17:57 209920 ----a-w- C:\Windows\System32\profsvc.dll
2014-05-09 16:17:55 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2014-05-09 16:17:55 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2014-05-09 16:17:55 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2014-05-09 16:15:47 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2014-05-09 16:14:44 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2014-05-09 16:13:49 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2014-05-09 16:12:57 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-05-09 16:11:56 3717632 ----a-w- C:\Windows\System32\mstscax.dll
2014-05-09 16:10:57 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-05-09 16:09:28 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-05-09 16:06:56 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2014-05-09 16:06:55 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-05-09 16:06:55 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2014-05-09 16:06:55 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-05-09 16:06:54 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2014-05-09 16:05:51 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2014-05-09 16:05:51 1192448 ----a-w- C:\Windows\System32\certutil.exe
2014-05-09 16:05:49 52224 ----a-w- C:\Windows\System32\certenc.dll
2014-05-09 16:05:49 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2014-05-09 15:54:12 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2014-05-09 15:54:11 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2014-05-09 15:54:11 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2014-05-09 15:54:11 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2014-05-09 15:54:11 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2014-05-09 15:54:11 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2014-05-09 15:54:11 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2014-05-09 15:54:10 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll
2014-05-09 15:54:10 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll
2014-05-09 15:54:10 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2014-05-09 15:54:10 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2014-05-09 15:54:10 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll
2014-05-09 15:54:10 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2014-05-09 15:45:24 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-05-09 15:45:24 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-05-09 15:44:28 503808 ----a-w- C:\Windows\System32\srcore.dll
2014-05-09 15:44:28 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2014-05-09 15:44:24 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2014-05-09 15:44:23 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2014-05-09 15:42:54 723456 ----a-w- C:\Windows\System32\EncDec.dll
2014-05-09 15:42:53 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2014-05-09 15:42:45 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-05-09 15:42:45 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-05-09 15:42:45 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-05-09 15:42:45 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-05-09 15:42:45 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-05-09 15:36:10 -------- d-sh--w- C:\Users\Jack\AppData\Local\EmieUserList
2014-05-09 15:36:10 -------- d-sh--w- C:\Users\Jack\AppData\Local\EmieSiteList
2014-05-09 14:47:57 859648 ----a-w- C:\Windows\System32\tdh.dll
2014-05-09 14:47:55 878080 ----a-w- C:\Windows\System32\advapi32.dll
2014-05-09 14:47:55 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2014-05-09 14:47:53 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2014-05-09 14:47:53 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2014-05-09 14:47:53 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2014-05-09 14:46:53 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-05-09 14:46:52 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-05-09 14:46:51 327168 ----a-w- C:\Windows\System32\mswsock.dll
2014-05-09 14:46:51 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2014-05-09 14:46:06 68608 ----a-w- C:\Windows\System32\taskhost.exe
2014-05-09 14:37:33 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2014-05-09 14:37:33 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2014-05-09 14:32:39 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2014-05-09 14:29:34 77312 ----a-w- C:\Windows\System32\packager.dll
2014-05-09 14:29:34 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2014-05-09 14:10:58 -------- d-----w- C:\Users\Jack\AppData\Roaming\ESET
2014-05-09 14:10:58 -------- d-----w- C:\Users\Jack\AppData\Local\ESET
2014-05-09 14:07:43 -------- d-----w- C:\Program Files\ESET
2014-05-09 14:07:15 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2014-05-09 14:07:15 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2014-05-09 14:07:15 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2014-05-09 13:58:30 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2014-05-09 13:58:18 99840 ----a-w- C:\Windows\System32\wudriver.dll
2014-05-09 13:58:01 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-05-09 13:58:01 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2014-05-09 13:51:50 -------- d-----w- C:\Program Files (x86)\Cisco
2014-05-09 13:50:31 -------- d-sh--w- C:\Windows\Installer
2014-05-09 13:50:05 1014784 ----a-w- C:\Windows\System32\BCMLogon.dll
2014-05-09 05:21:53 -------- d-----w- C:\Windows\Panther
2014-05-09 05:21:20 -------- d-----w- C:\Windows\System32\OEM
.
==================== Find3M ====================
.
2014-05-09 14:41:45 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-01 00:50:20 219816 ----a-w- C:\Windows\SysWow64\VSPerf120.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-03-31 08:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 17:49:00.43 ===============

And The Attached DDS:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 09/05/2014 14:45:14
System Uptime: 07/06/2014 17:28:37 (0 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | RV420/RV520/RV720/E3530/S3530/E3420/E3520
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz | CPU | 2100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 693 GiB total, 655.645 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP43: 03/06/2014 16:50:59 - Revo Uninstaller's restore point - Microsoft Visual Studio Express 2013 for Windows Desktop - ENU
RP44: 03/06/2014 16:52:00 - Microsoft Visual Studio Express 2013 for Windows Desktop - ENU
RP45: 03/06/2014 17:05:30 - Revo Uninstaller's restore point - Microsoft WebMatrix 3
RP46: 03/06/2014 17:05:46 - Removed Microsoft WebMatrix 3
RP47: 03/06/2014 17:08:02 - Removed Entity Framework Tools for Visual Studio 2013
RP48: 03/06/2014 17:14:20 - Removed IIS 8.0 Express
RP49: 03/06/2014 17:19:35 - Revo Uninstaller's restore point - Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
RP50: 03/06/2014 17:19:49 - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
RP51: 03/06/2014 17:21:17 - Revo Uninstaller's restore point - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
RP52: 03/06/2014 17:21:31 - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
RP53: 03/06/2014 17:23:16 - Revo Uninstaller's restore point - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
RP54: 03/06/2014 17:23:30 - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
RP55: 03/06/2014 21:15:57 - Windows Update
RP56: 04/06/2014 08:33:39 - Windows Update
RP57: 07/06/2014 10:29:33 - Windows Update
RP58: 07/06/2014 14:08:05 - Revo Uninstaller's restore point - CleanUp!
RP59: 07/06/2014 17:06:52 - Tweaking.com - Windows Repair
.
==== Installed Programs ======================
.
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.07)
Blue Coat K9 Web Protection
Blueline 1.1.1
Broadcom Wireless Utility
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
ESET Smart Security
Everything 1.2.1.371
Google Chrome
Google Update Helper
HostsMan 4.3.100
Intel(R) Processor Graphics
Java 7 Update 55
Java Auto Updater
KeyNote 1.6.5
Malwarebytes Anti-Malware version 1.75.0.1300
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5 Multi-Targeting Pack
Microsoft .NET Framework 4.5 SDK
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU)
Microsoft .NET Framework 4.5.1 SDK
Microsoft Help Viewer 2.1
Microsoft SQL Server 2012 Command Line Utilities
Microsoft SQL Server 2012 Data-Tier App Framework
Microsoft SQL Server 2012 Data-Tier App Framework (x64)
Microsoft SQL Server 2012 Express LocalDB
Microsoft SQL Server 2012 Management Objects
Microsoft SQL Server 2012 Management Objects (x64)
Microsoft SQL Server 2012 Native Client
Microsoft SQL Server 2012 T-SQL Language Service
Microsoft SQL Server 2012 Transact-SQL ScriptDom
Microsoft SQL Server Compact 4.0 SP1 x64 ENU
Microsoft SQL Server Data Tools - enu (12.0.30919.1)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1)
Microsoft System CLR Types for SQL Server 2012
Microsoft System CLR Types for SQL Server 2012 (x64)
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Web Deploy 3.5
Microsoft Web Platform Installer 5.0
Mozilla Firefox 29.0.1 (x86 en-US)
Mozilla Maintenance Service
MySQL Connector Net 6.5.4
MySQL Server 5.1
OpenOffice 4.1.0
Password Corral v4.0
Prerequisites for SSDT
Realtek Ethernet Controller Driver
Revo Uninstaller 1.95
RPG MAKER VX Ace RTP
S Agent
S Service
Samsung Support Center 1.0
Samsung Update Plus
Sandboxie 4.08 (64-bit)
Secunia PSI (3.0.0.9016)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
SecurityKISS Tunnel v0.3.0
Skype Click to Call
Skype™ 6.16
SpywareBlaster 5.0
SUPERAntiSpyware
SW Update
TeamViewer 9
Tweaking.com - Windows Repair (All in One)
Update for (KB2504637)
WinPatrol
Workrave 1.10
.
==== Event Viewer Messages From Past Week ========
.
31/05/2014 13:52:15, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
07/06/2014 17:27:05, Error: Service Control Manager [7030] - The Tweaking Run As System Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
07/06/2014 17:15:02, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Security with the following error: Access is denied.
07/06/2014 14:18:42, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
07/06/2014 10:34:01, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.175.1478.0).
.
==== End Of File ===========================

Kind regards
auto1671
Active Member
 
Posts: 10
Joined: June 7th, 2014, 12:02 pm
Advertisement
Register to Remove

Re: Possible Infected, Please help

Unread postby Gary R » June 11th, 2014, 10:53 am

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 22071
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Possible Infected, Please help

Unread postby Gary R » June 11th, 2014, 11:03 am

There's no obvious signs of malware on the DDS logs you've posted, so lets have a look and see if there's any other reason why your updates may not be installing.

First ...

Please download Farbar Service Scanner ... by Farbar and save it to your Desktop.
  • Double click FSS.exe to run it. (Vista - W7 users: Please right click on FSS.exe and select Run As Administrator).
  • Select the following options ....
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press the Scan button.
  • When finished, a text file named FSS.txt will be created on your desktop.
  • Copy/Paste the contents in your reply please.
User avatar
Gary R
Administrator
Administrator
 
Posts: 22071
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Possible Infected, Please help

Unread postby auto1671 » June 11th, 2014, 3:55 pm

hi, here is the farbar log:

Farbar Service Scanner Version: 10-06-2014
Ran by Jack (administrator) on 11-06-2014 at 20:14:16
Running from "C:\Users\Jack\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
auto1671
Active Member
 
Posts: 10
Joined: June 7th, 2014, 12:02 pm

Re: Possible Infected, Please help

Unread postby Gary R » June 11th, 2014, 5:27 pm

Well your FSS scan shows that all the necessary files and Registry settings needed for Windows to update are in place, so the reasons for your updates failing do not appear to be caused by any actual "damage" to your Operating System.

So the next thing to look for is to see if there's anything blocking the updates from installing.

You have a number of "security" programs installed, and these are the programs most likely to "interfere" in that way if they're not configured correctly.

ESET Smart Security
HostsMan 4.3.100
Malwarebytes Anti-Malware version 1.75.0.1300
Malwarebytes Anti-Malware version 2.0.2.1012
Sandboxie 4.08 (64-bit)
SecurityKISS Tunnel v0.3.0
SpywareBlaster 5.0
SUPERAntiSpyware
WinPatrol
Blue Coat K9 Web Protection

You do not need 2 versions of Malwarebytes Anti-Malware installed. Since the new version of Malwarebytes should have overwritten your old version, the fact that we can still see the old version would tend to suggest that the new version may not have installed correctly. If the time of its install corresponds with the time you started having your update problems, I would suggest that this is a possible cause of your problems.

Uninstall both versions of Malwarebytes, then reboot your computer to complete the uninstall. (you can re-install the latest version of MBAM when we're finished)

Once that's done you can try seeing whether you can update Windows.

If you still can't update, then what I suggest you do is to temporarily disable the other programs listed, and then try updating Windows again. Quite whether this is possible or not I don't know, since I'm not familiar with all the programs you have installed. You may have to uninstall some of them to disable them.

Let me know if this resolves your problems.
User avatar
Gary R
Administrator
Administrator
 
Posts: 22071
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Possible Infected, Please help

Unread postby auto1671 » June 13th, 2014, 9:13 pm

hi, sorry about the late reply. For some reason that I do not know updates are now working again. However I will still uninstall malwarebytes and then reinstall again after re-boot. I ended up trying to install another version of malwarebytes when I experienced this problem.
auto1671
Active Member
 
Posts: 10
Joined: June 7th, 2014, 12:02 pm

Re: Possible Infected, Please help

Unread postby Gary R » June 14th, 2014, 1:24 am

Updates for Windows can be capricious at times, and it's not unusual for problems to occur, or for them to resolve themselves.

The number of processes and connections involved in downloading and installing an update is fairly large, and a minor malfunction in any of them will cause them to fail.

The important thing is that you do not appear to be infected, and that your updates are installing again.

As you problems now appear to be resolved, I'll close this topic, and wish you safe surfing.

Gary R

THIS TOPIC IS NOW CLOSED
User avatar
Gary R
Administrator
Administrator
 
Posts: 22071
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 39 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware