Cannot get mail (error ox800ccc92) and Malware pop up message:Malicious Website

Started by SellieS, October 25, 2014, 03:18:31 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages 1 2 3 4 ... 8
User actions

SellieS

#15
October 27, 2014, 08:30:40 PM
C,
I meant and looked in Notepad.

I cannot get into Google.  I had trouble with navigating it is new to me.    I finally was able to paste your link and Combofix started.. You direction said Cut. And I stopped bc I thought I was ahead of the process when the log ran.

This probably caused havoc with Google. 

When I do logs they generally go to Downloads which i can't find NOW.....

SHOULD I REBOOT?

I also need to stop as I am must leave.  The alternative direction is confusing.  Save what target?

I will return to this tomorrow.  Or later tonight I can try getting Google back.  Do you have any suggestion?



SellieS

#16
October 27, 2014, 08:31:29 PM
Also I am writing to you from my iPad....

Corrine

#17
October 27, 2014, 11:42:39 PM
No, Diana, moving ComboFix to your desktop would not have anything to do with going to Google (https://www.google.com). 

When you use Internet Explorer and want to save a file to a specific location on your computer, right-clicking the download link provides the option to "Save target as".  By doing tyhis, it is allowing you save ComboFix to your Desktop.  I don't use (refuse to use) Google Chrome.  If that is what you are using as a browser, Right-click on the same blue box reading "Download Now @Bleeping Computer).

Your Downloads folder should be located in your user profile at C:\Users\Diana\Downloads just as you should be able to find your desktop at C:\Users\Diana\Desktop however, it appears that your Libraries are very messed up and your Desktop is located at c:\users\Diana\Contacts\Desktop


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

SellieS

#18
October 28, 2014, 09:19:39 AM
the attachment shows where I go into Google (not Google Chrome) and put the address at the top and use the arrow on the right to move it to the internet.  This is the only way I get to internet. I did that and the message I snipped for you came up.

I am so aware that my library is messed up.  It seems impossible to continue working this way.  When I right click I do not have the choice to "save target as"

From this point I don't know what options I have. I can try the second suggestion.  It is clear I don't have experience and some definitions are not familiar.  How can we communicate when things are not where they are supposed to be. Where are we in fixing this problem. Have we removed the malware? Is there a better solution to handling these files. Many say they are empty.  I can't merge my pictures with pictures because I am told the destination file is the same as the source and so they sit.  If I get pics out of documents and into pictures, it still never ends. Duplicates.  Corrine, you can't possibly solve this or want to.  I know you are frustrated.    I introduced the problem to the computer site forum maybe 2 years ago when I got the computer back from a troubleshooter and tried to restore it to another date.  I could not see the depth of the problems from the troubleshooter. I will work on this tomorrow afternoon and try to do whatever you say.   

Corrine

#19
October 28, 2014, 02:42:08 PM
Diana, dear, you cannot find files on your computer with Google.  Google is a search engine for locating information on the Internet, not on your computer.  Please do the following:

  • Right-Click Start.  It looks like this:

  • Click "Open Windows Explorer"
  • Paste the following in the top of the Windows Explorer window:  c:\users\Diana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3E1X9F88
  • Look in that folder for ComboFix.exe
  • Right-click ComboFix.exe and select cut
  • With Windows Explorer still open, on the left side of that window, look for either c:\users\Diana\Contacts\Desktop or c:\users\Diana\Contacts\Desktop.  Please pay close attention to the location name.
  • Right-click that folder and select paste.
ComboFix will now be on the Desktop.  Note:  If you did not find ComboiFix, stop and let me know.

If ComboFix is on your desktop, please do the following:

Custom CFScript

Note: The following instructions were created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


  • Please open Notepad (Click Start, type notepad in the Open field.  When Notepad appears at the top of the search box, click it to open.  Copy/Paste all of the text present inside the code box below:

Code Select

File::
c:\windows\system32\jrvwjhb.dll
c:\windows\system32\izglmsk.dll


  • Save this as CFScript.txt and place it on your desktop.  Diana Note:  In Notepad, click File > Save as and be sure to save the file in the same place as ComboFix.  This will be either c:\users\Diana\Contacts\Desktop or c:\users\Diana\Contacts\Desktop. 
  • Close any open browsers.
  • Close/disable all antivirus and anti-malware programs so they do not interfere with the running of ComboFix.





  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exeDiana Note:  You need to have the folder open where you have both ComboFix.txt and ComboFix.exe.  The location should be either c:\users\Diana\Contacts\Desktop or c:\users\Diana\Contacts\Desktop.  If you don't know where that is, again right-click Start as you did before and select "Open Windows Explorer".  Paste the location where you saved the files in the top of the window.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

SellieS

#20
October 30, 2014, 12:43:44 AM
Corrine: I know I won't find my files in Google. How low I have fallen for the world to see.  However, Your patience is amazing.  thank you
I am going to start this soon.  I have to.

Corrine

#21
October 30, 2014, 02:02:06 AM
I think you were just having a bad day the other day, Diana. 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

SellieS

#22
October 30, 2014, 03:48:31 AM
thank you....but

I have been able to find ComboFix but not ComboFix.exe...I put ComboFix on my desktop and opened it for you to see there is not c:\users\Diana\contacts\desktop

I went into IE/tools/Internet options/settings/view files and found Windows Temporary Internet Files.  See attachment.

When I got that far I did a manual search for 3EIX9F88 and found the last attachment with that number. 
In my own files I have no Temporary Internet Files. I have something called Temp. which is not the same.








SellieS

#23
October 30, 2014, 04:18:02 AM
I see only one attachment.  That is the 2nd to the last. the last shows the results of a search 3E1X9F88.

I will send the others I captured again. I sent 3 and one or more may be duplicates.  I can't tell what you have.

I am done for tonight.  Thanks for your support. 

Diana.....

SellieS

#24
October 30, 2014, 10:08:41 PM


I lost my message to you and my mind before that.  I want to stop working on this.  That's the good news.
I am asking that we deconstruct this mess and I start with Windows 8.

My questions to you are
Can I save the hardware?

Since there is no way to back up what I have, how can I get out doc, pics, videos - whatever is possible?

The computer is still
infected.  I had a hard time getting into google.  I don't use google chrome but it is on here now and I am possibly using it so it sez.  I have had trouble with it and would have taken it off.

I will await your suggestions.  I rather do this than lose the friendship I have with you.

SellieS

#25
October 30, 2014, 10:17:19 PM
Also, if you want to do an autopsy on this to see how I got to this mess, please do.  It would be a worst case scenario for students to pick at.

Corrine

#26
October 30, 2014, 10:43:15 PM
Ok, Diana.  Let's see where things stand.  Can you post fresh DDS logs for me to look at?  It will show software (good and bad) as well as some recent System Restore points.  In case you can't find DDS, I'll give you the information to download a new copy. 

Download DDS.scr by sUBs from here and save it to your desktop.
  • Double-click dds.scr to run.
  • Shortly after two logs will appear, DDS.txt & Attach.txt
  • The logs will automatically be saved to your desktop
  • Copy the contents of both logs & post in your next reply


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

SellieS

#27
October 30, 2014, 11:19:59 PM
oK....I will do this later this evening......Thanks, Corrine

Corrine

#28
October 31, 2014, 12:30:02 AM
You're welcome, Diana.  I'll most likely look at the logs tomorrow -- after I've had sufficient coffee!  That said, when you mentioned Windows 8 in your earlier post, are you thinking about updating this computer to Windows 8?  If so, what have you seen about Windows 8 (actually, currently Windows 8.1 Update)? 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

SellieS

#29
October 31, 2014, 04:57:29 AM

Have I kept you up nights with this nightmare project?  It does look like a bunch of monkeys were let loose on the computer. I admire your fortitude to keep on going. No, I don't drink while I work.

Are you wondering if I think I  could/would put Win 8 on this computer?  I said Windows 8 because in order to start over I would have to find a copy of Win 7 and I believe they don't exist. My copy at birth is not on the computer.  I have no backup anymore. Microsoft is infected and my old Outlook mail is not working, but I believe the mail may might be a relatively minor problem/misunderstanding. Just flip over all the cards and reveal our mystery guest.

My fingers touch the keys and things get worse. It is difficult to get to your site today.  This computer is not old.  I kept my last one 13 years. Would love to remodel and not prepared to buy another but I think I will have to.  I have an iPad and iPhone that need a computer. You tell me. I would like to know what the initial problem was.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17344
Run by Diana at 0:23:27 on 2014-10-31
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6031.2419 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\AsHookDevice.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Windows\System32\vds.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\explorer.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
svchost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\explorer.exe
svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/?gws_rd=ssl
uProxyOverride = <-loopback>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe -expressboot
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe"
mRun: [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe"
mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Diana\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxf.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{59695647-A96B-44F9-B00A-07A63E9F4A60} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Diana\AppData\Roaming\Mozilla\Firefox\Profiles\tom6abi5.default\
.
============= SERVICES / DRIVERS ===============
.
R0 EUBAKUP;EUBAKUP;C:\Windows\System32\drivers\eubakup.sys [2012-3-21 57480]
R0 EUBKMON;EUBKMON;C:\Windows\System32\drivers\EUBKMON.sys [2012-3-21 48264]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R1 EUDSKACS;EUDSKACS;C:\Windows\System32\drivers\eudskacs.sys [2012-3-21 19592]
R1 EUFDDISK;EUFDDISK;C:\Windows\System32\drivers\EuFdDisk.sys [2012-3-21 189576]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2010-8-2 203392]
R2 EaseUS Agent;EaseUS Agent;C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2012-3-21 61064]
R2 Guard Agent;Guard Agent;C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2012-3-21 23176]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2014-1-3 14624]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-6-27 1326176]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-6-27 681056]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-8-2 2314240]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-8-2 56344]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-2 271872]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2011-12-16 17976]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-8-7 1871160]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-8-7 968504]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2012-5-10 35840]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-8-2 61280]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-8-6 704864]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-10-14 111616]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-8-7 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-8-7 63704]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr28x.sys [2009-6-10 620544]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 125584]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-5-2 19456]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-6-10 31800]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-5-2 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-9 1255736]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\System32\WScript.exe "%1" %* [UserChoice]
.
=============== Created Last 30 ================
.
2014-10-30 20:14:18   11627712   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0D6AE7F5-1B4C-4E7E-92CF-B84FB6952662}\mpengine.dll
2014-10-29 20:14:42   11627712   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-10-28 08:07:14   --------   d-sh--w-   C:\$RECYCLE.BIN
2014-10-27 05:32:14   98816   ----a-w-   C:\Windows\sed.exe
2014-10-27 05:32:14   256000   ----a-w-   C:\Windows\PEV.exe
2014-10-27 05:32:14   208896   ----a-w-   C:\Windows\MBR.exe
2014-10-19 02:48:53   0   ----a-w-   C:\Windows\System32\jrvwjhb.dll
2014-10-19 02:48:51   81408   ----a-w-   C:\Windows\System32\izglmsk.dll
2014-10-17 17:32:10   --------   d-----w-   C:\Program Files\iPod
2014-10-17 17:32:09   --------   d-----w-   C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-17 17:32:09   --------   d-----w-   C:\Program Files\iTunes
2014-10-17 17:32:09   --------   d-----w-   C:\Program Files (x86)\iTunes
2014-10-15 00:34:18   3198976   ----a-w-   C:\Windows\System32\win32k.sys
2014-10-15 00:34:16   1943696   ----a-w-   C:\Windows\System32\dfshim.dll
2014-10-15 00:34:16   156824   ----a-w-   C:\Windows\SysWow64\mscorier.dll
2014-10-15 00:34:16   156312   ----a-w-   C:\Windows\System32\mscorier.dll
2014-10-15 00:34:16   1131664   ----a-w-   C:\Windows\SysWow64\dfshim.dll
2014-10-15 00:34:15   81560   ----a-w-   C:\Windows\SysWow64\mscories.dll
2014-10-15 00:34:15   73880   ----a-w-   C:\Windows\System32\mscories.dll
2014-10-15 00:34:01   842240   ----a-w-   C:\Windows\System32\blackbox.dll
2014-10-15 00:34:01   744960   ----a-w-   C:\Windows\SysWow64\blackbox.dll
2014-10-15 00:34:01   1202176   ----a-w-   C:\Windows\System32\drmv2clt.dll
2014-10-15 00:34:00   988160   ----a-w-   C:\Windows\SysWow64\drmv2clt.dll
2014-10-15 00:32:52   6584320   ----a-w-   C:\Windows\System32\mstscax.dll
2014-10-15 00:32:51   77312   ----a-w-   C:\Windows\System32\packager.dll
2014-10-15 00:32:51   67072   ----a-w-   C:\Windows\SysWow64\packager.dll
2014-10-15 00:32:51   5703168   ----a-w-   C:\Windows\SysWow64\mstscax.dll
2014-10-03 00:33:49   536576   ----a-w-   C:\Windows\SysWow64\sqlite3.dll
2014-10-01 11:36:08   371712   ----a-w-   C:\Windows\System32\qdvd.dll
2014-10-01 11:36:07   519680   ----a-w-   C:\Windows\SysWow64\qdvd.dll
2014-10-01 09:06:23   1188440   ------w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{19CA32E7-689E-43A0-B530-05C6A00CD695}\gapaengine.dll
.
==================== Find3M  ====================
.
2014-10-30 11:25:26   275080   ------w-   C:\Windows\System32\MpSigStub.exe
2014-10-26 19:38:03   129752   ----a-w-   C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-10 02:05:59   276480   ----a-w-   C:\Windows\System32\generaltel.dll
2014-10-10 02:05:42   507392   ----a-w-   C:\Windows\System32\aepdu.dll
2014-10-10 02:00:38   424448   ----a-w-   C:\Windows\System32\aeinv.dll
2014-10-01 15:11:26   63704   ----a-w-   C:\Windows\System32\drivers\mwac.sys
2014-10-01 15:11:16   93400   ----a-w-   C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-01 15:11:12   25816   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2014-09-25 22:32:04   2017280   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2014-09-25 22:31:02   2108416   ----a-w-   C:\Windows\System32\inetcpl.cpl
2014-09-24 18:26:29   71344   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 18:26:29   701104   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-19 01:56:02   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2014-09-19 01:55:49   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2014-09-19 01:40:43   66048   ----a-w-   C:\Windows\System32\iesetup.dll
2014-09-19 01:40:03   547328   ----a-w-   C:\Windows\System32\vbscript.dll
2014-09-19 01:39:58   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2014-09-19 01:38:27   83968   ----a-w-   C:\Windows\System32\MshtmlDac.dll
2014-09-19 01:36:57   5829632   ----a-w-   C:\Windows\System32\jscript9.dll
2014-09-19 01:26:00   139264   ----a-w-   C:\Windows\System32\ieUnatt.exe
2014-09-19 01:25:49   111616   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2014-09-19 01:25:12   4201472   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2014-09-19 01:25:09   758272   ----a-w-   C:\Windows\System32\jscript9diag.dll
2014-09-19 01:18:02   940032   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-19 01:14:57   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2014-09-19 01:06:47   72704   ----a-w-   C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-09-19 01:02:07   454656   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2014-09-19 01:01:47   61952   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2014-09-19 01:01:03   51200   ----a-w-   C:\Windows\SysWow64\ieetwproxystub.dll
2014-09-19 00:59:40   61952   ----a-w-   C:\Windows\SysWow64\MshtmlDac.dll
2014-09-19 00:50:16   112128   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2014-09-19 00:49:31   597504   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2014-09-19 00:40:12   1249280   ----a-w-   C:\Windows\System32\mshtmlmedia.dll
2014-09-19 00:36:23   60416   ----a-w-   C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-09-19 00:33:18   2309632   ----a-w-   C:\Windows\System32\wininet.dll
2014-09-19 00:18:55   1068032   ----a-w-   C:\Windows\SysWow64\mshtmlmedia.dll
2014-09-18 23:59:11   1810944   ----a-w-   C:\Windows\SysWow64\wininet.dll
2014-09-18 02:00:42   3241472   ----a-w-   C:\Windows\System32\msi.dll
2014-09-18 01:32:52   2363904   ----a-w-   C:\Windows\SysWow64\msi.dll
2014-09-09 22:11:04   2048   ----a-w-   C:\Windows\System32\tzres.dll
2014-09-09 21:47:10   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
2014-09-04 05:23:20   424448   ----a-w-   C:\Windows\System32\rastls.dll
2014-09-04 05:04:15   372736   ----a-w-   C:\Windows\SysWow64\rastls.dll
2014-08-29 02:07:13   3179520   ----a-w-   C:\Windows\System32\rdpcorets.dll
2014-08-23 02:07:00   404480   ----a-w-   C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55   311808   ----a-w-   C:\Windows\SysWow64\gdi32.dll
2014-08-19 03:11:28   693176   ----a-w-   C:\Windows\System32\winload.efi
2014-08-19 03:10:10   616352   ----a-w-   C:\Windows\System32\winresume.efi
2014-08-19 03:08:04   503808   ----a-w-   C:\Windows\System32\srcore.dll
2014-08-19 03:08:04   50176   ----a-w-   C:\Windows\System32\srclient.dll
2014-08-19 03:08:03   63488   ----a-w-   C:\Windows\System32\setbcdlocale.dll
2014-08-19 03:07:51   58880   ----a-w-   C:\Windows\System32\appidapi.dll
2014-08-19 03:07:51   32256   ----a-w-   C:\Windows\System32\appidsvc.dll
2014-08-19 03:07:33   296960   ----a-w-   C:\Windows\System32\rstrui.exe
2014-08-19 03:07:11   17920   ----a-w-   C:\Windows\System32\appidcertstorecheck.exe
2014-08-19 03:07:11   146944   ----a-w-   C:\Windows\System32\appidpolicyconverter.exe
2014-08-19 02:41:39   43008   ----a-w-   C:\Windows\SysWow64\srclient.dll
2014-08-19 02:41:22   50688   ----a-w-   C:\Windows\SysWow64\appidapi.dll
2014-08-19 02:06:56   61440   ----a-w-   C:\Windows\System32\drivers\appid.sys
.
============= FINISH:  0:23:49.72 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 6/5/2011 12:20:07 PM
System Uptime: 10/25/2014 4:02:40 PM (128 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | CM5675
Processor: Intel(R) Core(TM) i5 CPU         650  @ 3.20GHz | LGA1156 | 3201/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 917 GiB total, 838.432 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP630: 10/25/2014 7:25:21 AM - Scheduled Checkpoint
RP631: 10/27/2014 1:32:16 AM - ComboFix created restore point
RP632: 10/28/2014 4:14:24 PM - Windows Update
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.09)
AI Manager
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUS Backup Wizard
ASUS VIBE
ASUSUpdate
Best Buy pc app
Bonjour
Canon iP4500 series
Canon iP4500 series User Registration
Canon My Printer
Canon Utilities Solution Menu
CCleaner
CVE-2014-6352
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler
EaseUS Todo Backup Free 4.0
Epson Copy Utility 3.5
Epson Event Manager
EPSON Perfection V30/V300 Photo Scanner Driver Update
EPSON Scan
EPU-4 Engine
ESET Online Scanner v3
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
iCloud
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
iTunes
Junk Mail filter update
Malwarebytes Anti-Malware version 2.0.3.1025
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Business 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 23.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
QuickTime 7
Realtek Ethernet Controller Driver For Windows Vista and Later
Realtek High Definition Audio Driver
RealUpgrade 1.1
Revo Uninstaller Pro 2.5.8
Safari
Secunia PSI (3.0.0.2004)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SUPERAntiSpyware
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2010 wvaiper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax 2011 wvaiper
TurboTax 2013
TurboTax 2013 WinPerFedFormset
TurboTax 2013 WinPerReleaseEngine
TurboTax 2013 WinPerTaxSupport
TurboTax 2013 wrapper
TurboTax 2013 wvaiper
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinPatrol
.
==== Event Viewer Messages From Past Week ========
.
10/30/2014 6:22:05 AM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 252.
10/27/2014 4:14:01 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.187.580.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.11104.0     Error code: 0x8024402c     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/27/2014 3:12:38 PM, Error: Service Control Manager [7034]  - The EaseUS Agent service terminated unexpectedly.  It has done this 6 time(s).
10/27/2014 1:38:54 AM, Error: Service Control Manager [7030]  - The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
10/27/2014 1:38:22 AM, Error: Application Popup [1060]  - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
10/27/2014 1:37:36 AM, Error: Service Control Manager [7034]  - The EaseUS Agent service terminated unexpectedly.  It has done this 5 time(s).
10/27/2014 1:37:06 AM, Error: Service Control Manager [7034]  - The EaseUS Agent service terminated unexpectedly.  It has done this 4 time(s).
10/27/2014 1:35:17 AM, Error: Service Control Manager [7034]  - The EaseUS Agent service terminated unexpectedly.  It has done this 3 time(s).
10/27/2014 1:34:31 AM, Error: Service Control Manager [7034]  - The EaseUS Agent service terminated unexpectedly.  It has done this 2 time(s).
10/27/2014 1:31:58 AM, Error: Service Control Manager [7034]  - The EaseUS Agent service terminated unexpectedly.  It has done this 1 time(s).
10/25/2014 5:40:57 PM, Error: Schannel [36888]  - The following fatal alert was generated: 10. The internal error state is 10.
10/25/2014 12:32:28 AM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
10/25/2014 11:40:59 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D3DCB472-7261-43CE-924B-0704BD730D5F}  and APPID  {D3DCB472-7261-43CE-924B-0704BD730D5F}  to the user owner-PC\Diana SID (S-1-5-21-2636108111-3271393454-2496197924-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
10/25/2014 11:40:59 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {145B4335-FE2A-4927-A040-7C35AD3180EF}  and APPID  {145B4335-FE2A-4927-A040-7C35AD3180EF}  to the user owner-PC\Diana SID (S-1-5-21-2636108111-3271393454-2496197924-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================

Print
Go Up Pages 1 2 3 4 ... 8
User actions