Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Since Norton antivirus !!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Since Norton antivirus !!!

Unread postby OWLZAT » August 13th, 2014, 7:50 am

Hi guys as the post says I have lost most of the Microsoft office 2010 functions, attempted to down new office and its a bit temperamental originally had AVG protection on system now have Norton antivirus and more and more adware seems to continue to come on the system and the following diagnostic by your systems seems to have seen the following.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 05/09/2010 19:44:01
System Uptime: 13/08/2014 10:05:15 (2 hours ago)
.
Motherboard: FOXCONN | | 2AAF
Processor: AMD Athlon(tm) II X2 215 Processor | CPU 1 | 783/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 289 GiB total, 227.249 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 0.866 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP467: 09/08/2014 09:12:24 - avast! antivirus system restore point
RP468: 09/08/2014 14:35:11 - Installed SpyHunter
RP469: 09/08/2014 15:19:32 - Removed SpyHunter
RP470: 09/08/2014 15:37:09 - Windows Backup
RP471: 09/08/2014 16:42:47 - Restore Operation
RP472: 10/08/2014 19:00:17 - Windows Backup
RP473: 10/08/2014 19:21:54 - Windows Update
RP474: 10/08/2014 20:46:42 - Restore Operation
RP475: 10/08/2014 21:21:05 - Windows Backup
RP476: 10/08/2014 22:09:24 - Windows Update
RP477: 11/08/2014 17:58:35 - Windows Backup
RP478: 12/08/2014 03:00:14 - Windows Update
.
==== Image File Execution Options =============
.
IFEO: bitguard.exe - tasklist.exe
IFEO: bprotect.exe - tasklist.exe
IFEO: browsemngr.exe - tasklist.exe
IFEO: browserdefender.exe - tasklist.exe
IFEO: browsermngr.exe - tasklist.exe
IFEO: browserprotect.exe - tasklist.exe
IFEO: bundlesweetimsetup.exe - tasklist.exe
IFEO: delta babylon.exe - tasklist.exe
IFEO: delta tb.exe - tasklist.exe
IFEO: delta2.exe - tasklist.exe
IFEO: deltainstaller.exe - tasklist.exe
IFEO: deltasetup.exe - tasklist.exe
IFEO: deltatb.exe - tasklist.exe
IFEO: deltatb_2501-c733154b.exe - tasklist.exe
IFEO: iminentsetup.exe - tasklist.exe
IFEO: rjatydimofu.exe - tasklist.exe
IFEO: sweetimsetup.exe - tasklist.exe
IFEO: tbdelta.exetoolbar783881609.exe - tasklist.exe
x64-IFEO: bitguard.exe - tasklist.exe
x64-IFEO: bprotect.exe - tasklist.exe
x64-IFEO: browsemngr.exe - tasklist.exe
x64-IFEO: browserdefender.exe - tasklist.exe
x64-IFEO: browsermngr.exe - tasklist.exe
x64-IFEO: browserprotect.exe - tasklist.exe
x64-IFEO: bundlesweetimsetup.exe - tasklist.exe
x64-IFEO: delta babylon.exe - tasklist.exe
x64-IFEO: delta tb.exe - tasklist.exe
x64-IFEO: delta2.exe - tasklist.exe
x64-IFEO: deltainstaller.exe - tasklist.exe
x64-IFEO: deltasetup.exe - tasklist.exe
x64-IFEO: deltatb.exe - tasklist.exe
x64-IFEO: deltatb_2501-c733154b.exe - tasklist.exe
x64-IFEO: iminentsetup.exe - tasklist.exe
x64-IFEO: rjatydimofu.exe - tasklist.exe
x64-IFEO: sweetimsetup.exe - tasklist.exe
x64-IFEO: tbdelta.exetoolbar783881609.exe - tasklist.exe
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Adobe Flash Player 14 ActiveX
Adobe Reader X (10.1.10)
ccc-utility64
Compatibility Pack for the 2007 Office system
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Distributed Computing Experiment
EPSON Scan
EPSON Stylus SX200 Series Printer Uninstall
EPSON Stylus SX200_SX400_TX200_TX400 Manual
Google Update Helper
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Software Update for Web Folders (English) 14
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Norton Internet Security
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
SparkTrust Driver Updater v3.1
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Language Selector
Windows Live Mail
Windows Live MIME IFilter
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Phone app for desktop
.
==== Event Viewer Messages From Past Week ========
.
13/08/2014 09:01:51, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: StarOpen
13/08/2014 09:01:47, Error: Service Control Manager [7000] - The Update SecretSauce service failed to start due to the following error: The system cannot find the file specified.
13/08/2014 09:01:47, Error: Service Control Manager [7000] - The Update GrabRez service failed to start due to the following error: The system cannot find the file specified.
13/08/2014 09:01:46, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GS-Supporter service to connect.
13/08/2014 09:01:02, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/08/2014 20:29:37, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{27E48C71-C848-4DA3-9A20-DDCAA6A9A792} because another computer on the network has the same name. The server could not start.
12/08/2014 20:29:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/08/2014 16:31:07, Error: Service Control Manager [7034] - The Easybits Services for Windows service terminated unexpectedly. It has done this 1 time(s).
12/08/2014 16:30:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
11/08/2014 22:06:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MCLIENT service.
10/08/2014 22:20:22, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress.
10/08/2014 21:31:57, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
10/08/2014 21:31:57, Error: atikmdag [43029] - Display is not active
10/08/2014 21:08:50, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
10/08/2014 21:05:40, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 StarOpen
10/08/2014 21:04:48, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
10/08/2014 19:52:05, Error: Service Control Manager [7031] - The Update Deal Keeper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
09/08/2014 17:32:44, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
09/08/2014 16:48:59, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Support Assistant Service service.
08/08/2014 21:43:36, Error: Service Control Manager [7038] - The NlaSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
08/08/2014 21:43:36, Error: Service Control Manager [7000] - The Program Compatibility Assistant Service service failed to start due to the following error: A system shutdown is in progress.
08/08/2014 21:43:36, Error: Service Control Manager [7000] - The Norton Management service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:36, Error: Service Control Manager [7000] - The Norton Internet Security service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:36, Error: Service Control Manager [7000] - The Network Location Awareness service failed to start due to the following error: The service did not start due to a logon failure.
08/08/2014 21:43:30, Error: Service Control Manager [7000] - The IKE and AuthIP IPsec Keying Modules service failed to start due to the following error: A system shutdown is in progress.
08/08/2014 21:43:30, Error: Service Control Manager [7000] - The HP Quick Synchronization Service service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:30, Error: Service Control Manager [7000] - The EPSON V5 Service4(01) service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:30, Error: Service Control Manager [7000] - The EPSON V3 Service4(01) service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:30, Error: Service Control Manager [7000] - The Easybits Services for Windows service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:26, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
08/08/2014 21:40:06, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
08/08/2014 20:36:58, Error: Service Control Manager [7000] - The kbtshzsy service failed to start due to the following error: The system cannot find the file specified.
06/08/2014 11:50:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
.
==== End Of File ===========================
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 05/09/2010 19:44:01
System Uptime: 13/08/2014 10:05:15 (2 hours ago)
.
Motherboard: FOXCONN | | 2AAF
Processor: AMD Athlon(tm) II X2 215 Processor | CPU 1 | 783/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 289 GiB total, 227.249 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 0.866 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP467: 09/08/2014 09:12:24 - avast! antivirus system restore point
RP468: 09/08/2014 14:35:11 - Installed SpyHunter
RP469: 09/08/2014 15:19:32 - Removed SpyHunter
RP470: 09/08/2014 15:37:09 - Windows Backup
RP471: 09/08/2014 16:42:47 - Restore Operation
RP472: 10/08/2014 19:00:17 - Windows Backup
RP473: 10/08/2014 19:21:54 - Windows Update
RP474: 10/08/2014 20:46:42 - Restore Operation
RP475: 10/08/2014 21:21:05 - Windows Backup
RP476: 10/08/2014 22:09:24 - Windows Update
RP477: 11/08/2014 17:58:35 - Windows Backup
RP478: 12/08/2014 03:00:14 - Windows Update
.
==== Image File Execution Options =============
.
IFEO: bitguard.exe - tasklist.exe
IFEO: bprotect.exe - tasklist.exe
IFEO: browsemngr.exe - tasklist.exe
IFEO: browserdefender.exe - tasklist.exe
IFEO: browsermngr.exe - tasklist.exe
IFEO: browserprotect.exe - tasklist.exe
IFEO: bundlesweetimsetup.exe - tasklist.exe
IFEO: delta babylon.exe - tasklist.exe
IFEO: delta tb.exe - tasklist.exe
IFEO: delta2.exe - tasklist.exe
IFEO: deltainstaller.exe - tasklist.exe
IFEO: deltasetup.exe - tasklist.exe
IFEO: deltatb.exe - tasklist.exe
IFEO: deltatb_2501-c733154b.exe - tasklist.exe
IFEO: iminentsetup.exe - tasklist.exe
IFEO: rjatydimofu.exe - tasklist.exe
IFEO: sweetimsetup.exe - tasklist.exe
IFEO: tbdelta.exetoolbar783881609.exe - tasklist.exe
x64-IFEO: bitguard.exe - tasklist.exe
x64-IFEO: bprotect.exe - tasklist.exe
x64-IFEO: browsemngr.exe - tasklist.exe
x64-IFEO: browserdefender.exe - tasklist.exe
x64-IFEO: browsermngr.exe - tasklist.exe
x64-IFEO: browserprotect.exe - tasklist.exe
x64-IFEO: bundlesweetimsetup.exe - tasklist.exe
x64-IFEO: delta babylon.exe - tasklist.exe
x64-IFEO: delta tb.exe - tasklist.exe
x64-IFEO: delta2.exe - tasklist.exe
x64-IFEO: deltainstaller.exe - tasklist.exe
x64-IFEO: deltasetup.exe - tasklist.exe
x64-IFEO: deltatb.exe - tasklist.exe
x64-IFEO: deltatb_2501-c733154b.exe - tasklist.exe
x64-IFEO: iminentsetup.exe - tasklist.exe
x64-IFEO: rjatydimofu.exe - tasklist.exe
x64-IFEO: sweetimsetup.exe - tasklist.exe
x64-IFEO: tbdelta.exetoolbar783881609.exe - tasklist.exe
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Adobe Flash Player 14 ActiveX
Adobe Reader X (10.1.10)
ccc-utility64
Compatibility Pack for the 2007 Office system
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Distributed Computing Experiment
EPSON Scan
EPSON Stylus SX200 Series Printer Uninstall
EPSON Stylus SX200_SX400_TX200_TX400 Manual
Google Update Helper
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Software Update for Web Folders (English) 14
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Norton Internet Security
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
SparkTrust Driver Updater v3.1
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Language Selector
Windows Live Mail
Windows Live MIME IFilter
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Phone app for desktop
.
==== Event Viewer Messages From Past Week ========
.
13/08/2014 09:01:51, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: StarOpen
13/08/2014 09:01:47, Error: Service Control Manager [7000] - The Update SecretSauce service failed to start due to the following error: The system cannot find the file specified.
13/08/2014 09:01:47, Error: Service Control Manager [7000] - The Update GrabRez service failed to start due to the following error: The system cannot find the file specified.
13/08/2014 09:01:46, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GS-Supporter service to connect.
13/08/2014 09:01:02, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/08/2014 20:29:37, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{27E48C71-C848-4DA3-9A20-DDCAA6A9A792} because another computer on the network has the same name. The server could not start.
12/08/2014 20:29:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/08/2014 16:31:07, Error: Service Control Manager [7034] - The Easybits Services for Windows service terminated unexpectedly. It has done this 1 time(s).
12/08/2014 16:30:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
11/08/2014 22:06:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MCLIENT service.
10/08/2014 22:20:22, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress.
10/08/2014 21:31:57, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
10/08/2014 21:31:57, Error: atikmdag [43029] - Display is not active
10/08/2014 21:08:50, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
10/08/2014 21:05:40, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 StarOpen
10/08/2014 21:04:48, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
10/08/2014 19:52:05, Error: Service Control Manager [7031] - The Update Deal Keeper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
09/08/2014 17:32:44, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
09/08/2014 16:48:59, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Support Assistant Service service.
08/08/2014 21:43:36, Error: Service Control Manager [7038] - The NlaSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
08/08/2014 21:43:36, Error: Service Control Manager [7000] - The Program Compatibility Assistant Service service failed to start due to the following error: A system shutdown is in progress.
08/08/2014 21:43:36, Error: Service Control Manager [7000] - The Norton Management service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:36, Error: Service Control Manager [7000] - The Norton Internet Security service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:36, Error: Service Control Manager [7000] - The Network Location Awareness service failed to start due to the following error: The service did not start due to a logon failure.
08/08/2014 21:43:30, Error: Service Control Manager [7000] - The IKE and AuthIP IPsec Keying Modules service failed to start due to the following error: A system shutdown is in progress.
08/08/2014 21:43:30, Error: Service Control Manager [7000] - The HP Quick Synchronization Service service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:30, Error: Service Control Manager [7000] - The EPSON V5 Service4(01) service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:30, Error: Service Control Manager [7000] - The EPSON V3 Service4(01) service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:30, Error: Service Control Manager [7000] - The Easybits Services for Windows service failed to start due to the following error: The pipe has been ended.
08/08/2014 21:43:26, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
08/08/2014 21:40:06, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
08/08/2014 20:36:58, Error: Service Control Manager [7000] - The kbtshzsy service failed to start due to the following error: The system cannot find the file specified.
06/08/2014 11:50:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
.
==== End Of File ===========================
]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-8-10 56832]
S3 TuneConvertAudio;TuneConvertAudio;C:\Windows\System32\drivers\TuneConvertAudio.sys [2012-8-11 34088]
S3 usbrndis6;USB RNDIS6 Adapter;C:\Windows\System32\drivers\usb80236.sys [2013-3-26 19968]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2012-8-10 29288]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2012-8-10 29288]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys [2012-8-10 29288]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys [2012-8-10 29288]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys [2012-8-10 29288]
.
=============== Created Last 30 ================
.
2014-08-12 16:22:50 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{537859F6-B7CB-4035-857A-883A75612932}\mpengine.dll
2014-08-11 17:38:26 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-08-11 17:38:25 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-08-11 17:38:18 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-08-11 17:38:17 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-08-10 21:13:18 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2014-08-10 21:13:17 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2014-08-10 21:13:17 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2014-08-10 21:13:17 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2014-08-10 20:43:39 -------- d-----w- C:\Users\Richard\AppData\Roaming\Nico Mak Computing
2014-08-10 20:33:12 -------- d-----w- C:\ProgramData\Configuration
2014-08-10 20:12:17 875736 ----a-w- C:\Windows\System32\drivers\NISx64\1505000.013\srtsp64.sys
2014-08-10 20:12:17 493656 ----a-r- C:\Windows\System32\drivers\NISx64\1505000.013\symds64.sys
2014-08-10 20:12:17 36952 ----a-r- C:\Windows\System32\drivers\NISx64\1505000.013\srtspx64.sys
2014-08-10 20:12:17 264280 ----a-r- C:\Windows\System32\drivers\NISx64\1505000.013\ironx64.sys
2014-08-10 20:12:17 23568 ----a-r- C:\Windows\System32\drivers\NISx64\1505000.013\symelam.sys
2014-08-10 20:12:17 1148120 ----a-w- C:\Windows\System32\drivers\NISx64\1505000.013\symefa64.sys
2014-08-10 20:12:16 162392 ----a-r- C:\Windows\System32\drivers\NISx64\1505000.013\ccsetx64.sys
2014-08-10 19:28:12 782 ----a-w- C:\ProgramData\1407698886.3276.bin
2014-08-10 19:28:10 2058 ----a-w- C:\ProgramData\1407698886.4736.bin
2014-08-10 19:28:06 44545 ----a-w- C:\ProgramData\1407698886.5236.bin
2014-08-10 19:28:05 -------- d-----w- C:\ProgramData\IePluginServices
2014-08-10 19:27:37 -------- d-----w- C:\Program Files (x86)\SupTab
2014-08-10 19:26:50 44180 ----a-w- C:\ProgramData\1407698716.bdinstall.bin
2014-08-10 19:25:15 -------- d-----w- C:\Users\Richard\AppData\Roaming\QuickScan
2014-08-10 18:44:29 -------- d-----w- C:\Users\Richard\AppData\Roaming\WSE_Astromenda
2014-08-10 17:55:39 -------- d-----w- C:\Program Files (x86)\TotalSystemCare
2014-08-09 17:04:31 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-08-09 17:04:26 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-09 16:30:45 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-08-09 16:30:45 366592 ----a-w- C:\Windows\System32\qdvd.dll
2014-08-09 16:27:41 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-08-09 16:27:41 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-08-09 16:13:24 593112 ----a-w- C:\Windows\System32\drivers\NISx64\1505000.013\symnets.sys
2014-08-09 16:12:47 -------- d-----w- C:\Windows\System32\drivers\NISx64\1505000.013
2014-08-09 14:58:18 -------- d-----w- C:\ProgramData\Malwarebytes
2014-08-09 14:58:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-09 13:36:24 -------- d-----w- C:\Program Files\Enigma Software Group
2014-08-08 19:36:57 -------- d-----w- C:\ProgramData\AVAST Software
2014-08-08 19:34:41 -------- d-----w- C:\Program Files (x86)\GReatSaVVe4U
2014-08-06 12:46:29 -------- d-----w- C:\ProgramData\GReatSaVVe4U
2014-08-01 19:10:26 -------- d-----w- C:\Users\Richard\AppData\Local\Adobe
2014-07-31 12:40:59 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-07-31 12:40:43 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-07-31 12:40:43 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-07-31 12:39:48 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-07-31 12:39:48 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-07-31 12:39:48 198600 ----a-w- C:\Windows\System32\wuwebv.dll
2014-07-31 12:39:48 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2014-07-28 12:31:43 -------- d-----w- C:\Program Files (x86)\Windows Phone
2014-07-28 12:29:49 -------- d-----w- C:\ProgramData\Applications
2014-07-20 12:41:03 -------- d-----w- C:\Users\Richard\AppData\Local\{5B9DB4C0-07C7-47A8-8B42-3BA283C4C5D2}
.
==================== Find3M ====================
.
2014-08-05 08:20:00 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-08-01 17:46:16 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-01 17:46:16 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-30 02:09:33 519168 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-30 02:04:49 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-19 01:06:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38 5721088 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-06-18 22:52:18 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59 1791488 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-18 01:10:36 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 12:34:42.12 ===============
OWLZAT
Active Member
 
Posts: 1
Joined: August 13th, 2014, 7:28 am
Advertisement
Register to Remove

Re: Since Norton antivirus !!!

Unread postby Gary R » August 13th, 2014, 12:42 pm

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21866
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Since Norton antivirus !!!

Unread postby Gary R » August 13th, 2014, 12:52 pm

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Infected? Virus, malware, adware, ransomware, oh my!" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi Owlzat

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

As an added safety precaution, before we start removing anything, I'd like you to make a backup of your Registry, which we can restore to if necessary.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Please observe these rules while we work:
  • Do not edit your logs in any way whatsoever.
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Windows 7, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


Before we start removing your infection I need you to run some additional scans for me ....

First

Please download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan.
  • A logfile will automatically open after the scan has finished.
  • Close the adwCleaner window, click ok to the prompt.
  • Please post the contents of that logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[R1].txt.

AT THIS POINT, DO NOT ATTEMPT TO CLEAN ANYTHING THAT MAY BE FOUND

Next

  • Download FRST64 to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.

Next

Please run a Search for me using FRST

  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to the disclaimer.
    • Copy/Paste or Type the following line into the Search: box.
    Fun4IM;Bandoo;Searchnu;Searchqu;iLivid;whitesmoke;datamngr;kelkoopartners;trolltech;babylon;conduit

    • Press the Search Registry button.
    • When finished searching a log will open on your Desktop ... Search.txt
    • Please post it in your next reply.

Summary of the logs I need from you in your next post:
  • AdwCleaner[R0].txt
  • FRST.txt
  • Addition.txt
  • Search.txt


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21866
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Since Norton antivirus !!!

Unread postby Gary R » August 18th, 2014, 1:37 am

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21866
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 26 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware