Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Help with removing malaware ?

This is a discussion on Help with removing malaware ? within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. I have windows 10 and last few days I have been getting these pop ups blocking my computer or freezing


Closed Thread
 
Thread Tools Search this Thread
Old 11-12-2016, 09:05 PM   #1
Registered Member
 
Join Date: May 2012
Location: NSW, Australia.
Posts: 43
OS: Vista service pack 2 Avast Pro, and also Malawarebytes premium.



I have windows 10 and last few days I have been getting these pop ups blocking my computer or freezing it .. seems to have started when I answered an Woolworths post at least I think so ..
It says this your computer is blocked please ring this number to unblock it and I cant click it off so go to control , alt and delete and then click google and off it goes , now I removed google chrome and back to explorer and its still doing it so please can you give me any help ..
will paste these two you asked to have done in your forum .. please any help with this problem .. thanking you Lorraine Beard..

Windows 10 Pro .
HP 32 bit op system ..
Avast Premier anti virus..


DDS

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.10586.672
Run by Lorraine at 15:37:48 on 2016-11-13
Microsoft Windows 10 Pro 10.0.10586.0.1252.61.2057.18.3543.1639 [GMT 11:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files\HP\Shared\hpqwmiex.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\System32\fontdrvhost.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Program Files\WindowsApps\Microsoft.BingWeather_4.16.15.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\conhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.live.com/
uLocal Page = %11%\blank.htm
uSearch Bar = hxxp://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
uSearch Page = hxxp://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
BHO: Windows Live Toolbar Helper: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\HPNetworkCheckPlugin.dll
TB: Windows Live Toolbar: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: Windows Live Toolbar: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
uRun: [OneDrive] "c:\users\lorraine\appdata\local\microsoft\onedrive\OneDrive.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
StartupFolder: c:\users\lorraine\appdata\roaming\micros~1\windows\startm~1\programs\startup\sendto~1.lnk - c:\program files\microsoft office\root\office16\ONENOTEM.EXE
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SoftwareSASGeneration = dword:1
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: E&xport to Microsoft Excel - c:\program files\microsoft office\root\office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\microsoft office\root\office16\ONBttnIE.dll/105
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - c:\program files\hewlett-packard\smart print\SmartPrintSetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\root\office16\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\root\office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{301607f6-596d-48b8-997e-59ddfaedcd4f} : DHCPNameServer = 10.0.0.138
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - c:\windows\system32\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - c:\windows\system32\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - c:\windows\system32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\lorraine\appdata\roaming\mozilla\firefox\profiles\ji9m222t.default\
FF - prefs.js: browser.search.defaulturl - hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Avast Search
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.au/
FF - prefs.js: keyword.URL - hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF - plugin: c:\program files\google\update\1.3.31.5\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft office\root\office16\NPSPWRAP.DLL
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_23_0_0_207.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2016-6-13 60424]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2016-6-13 224752]
R0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\drivers\SCMNdisP.sys [2016-6-14 21728]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;c:\windows\system32\drivers\WindowsTrustedRT.sys [2015-10-30 86552]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;c:\windows\system32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 15384]
R0 Wof;Windows Overlay File System Filter Driver;c:\windows\system32\drivers\wof.sys [2015-10-30 173408]
R1 ahcache;Application Compatibility Cache;c:\windows\system32\drivers\ahcache.sys [2016-9-15 183296]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2016-6-13 35096]
R1 aswNetSec;aswNetSec;c:\windows\system32\drivers\aswNetSec.sys [2016-6-13 338936]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-6-13 735488]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-6-13 433768]
R1 FileCrypt;FileCrypt;c:\windows\system32\drivers\filecrypt.sys [2016-5-11 76288]
R1 GpuEnergyDrv;GPU Energy Driver;c:\windows\system32\drivers\gpuenergydrv.sys [2015-10-30 7680]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2016-6-13 92256]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2016-6-13 118664]
R2 avast! Antivirus;Avast Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2016-9-1 197128]
R2 avast! Firewall;Avast Firewall;c:\program files\avast software\avast\afwServ.exe [2016-9-1 223600]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;c:\program files\common files\microsoft shared\clicktorun\OfficeClickToRun.exe [2016-6-13 2288320]
R2 CoreMessagingRegistrar;CoreMessaging;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 37256]
R2 DiagTrack;Connected User Experiences and Telemetry;c:\windows\system32\svchost.exe -k utcsvc [2015-10-30 37256]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files\hewlett-packard\hp support solutions\HPSupportSolutionsFrameworkService.exe [2016-7-4 29728]
R2 storqosflt;Storage QoS Filter Driver;c:\windows\system32\drivers\storqosflt.sys [2015-10-30 62464]
R2 tiledatamodelsvc;Tile Data model server;c:\windows\system32\svchost.exe -k appmodel [2015-10-30 37256]
R2 UserManager;User Manager;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
R3 ClipSVC;Client License Service (ClipSVC);c:\windows\system32\svchost.exe -k wsappx [2015-10-30 37256]
R3 DsSvc;Data Sharing Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
R3 hpqcaslwmiex;HP CASL Framework Service;c:\program files\hp\shared\hpqwmiex.exe [2016-6-3 1031704]
R3 lfsvc;Geolocation Service;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
R3 LicenseManager;Windows License Manager Service;c:\windows\system32\svchost.exe -k LocalService [2015-10-30 37256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2016-9-1 170200]
R3 NcbService;Network Connection Broker;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;c:\windows\system32\drivers\NdisVirtualBus.sys [2015-10-30 15872]
R3 StateRepository;State Repository Service;c:\windows\system32\svchost.exe -k appmodel [2015-10-30 37256]
S2 DoSvc;Delivery Optimization;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S2 MapsBroker;Downloaded Maps Manager;c:\windows\system32\svchost.exe -k NetworkService [2015-10-30 37256]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2016-9-20 324224]
S2 WSWNA3100;WSWNA3100;c:\program files\netgear\wna3100\WifiSvc.exe [2016-6-14 285152]
S3 ADP80XX;ADP80XX;c:\windows\system32\drivers\adp80xx.sys [2015-10-30 1038176]
S3 AJRouter;AllJoyn Router Service;c:\windows\system32\svchost.exe -k LocalService [2015-10-30 37256]
S3 AppReadiness;App Readiness;c:\windows\system32\svchost.exe -k AppReadiness [2015-10-30 37256]
S3 AppXSvc;AppX Deployment Service (AppXSVC);c:\windows\system32\svchost.exe -k wsappx [2015-10-30 37256]
S3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2016-6-13 34008]
S3 bcmfn;bcmfn Service;c:\windows\system32\drivers\bcmfn.sys [2015-10-30 8192]
S3 bcmfn2;bcmfn2 Service;c:\windows\system32\drivers\bcmfn2.sys [2015-10-30 8192]
S3 BthHFSrv;Bluetooth Handsfree Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 37256]
S3 buttonconverter;Service for Portable Device Control devices;c:\windows\system32\drivers\buttonconverter.sys [2015-10-30 26624]
S3 CapImg;HID driver for CapImg touch screen;c:\windows\system32\drivers\capimg.sys [2016-2-24 96768]
S3 DcpSvc;DataCollectionPublishingService;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 DevQueryBroker;DevQuery Background Discovery Broker;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;c:\windows\system32\diagsvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 26112]
S3 DmEnrollmentSvc;Device Management Enrollment Service;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 dmwappushservice;dmwappushsvc;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 embeddedmode;embeddedmode;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 EntAppSvc;Enterprise App Management Service;c:\windows\system32\svchost.exe -k appmodel [2015-10-30 37256]
S3 fcvsc;fcvsc;c:\windows\system32\drivers\fcvsc.sys [2015-10-30 24064]
S3 genericusbfn;Generic USB Function Class;c:\windows\system32\drivers\genericusbfn.sys [2016-11-9 17408]
S3 GPIO;Intel SoC GPIO Controller Driver;c:\windows\system32\drivers\iaiogpio.sys [2015-10-30 22016]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;c:\windows\system32\drivers\hidinterrupt.sys [2015-10-30 38240]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;c:\windows\system32\drivers\iai2c.sys [2015-10-30 66048]
S3 iaioi2c;Intel(R) Atom(TM) Processor I2C Controller Service;c:\windows\system32\drivers\iaioi2c.sys [2015-10-30 61936]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;c:\windows\system32\drivers\iaStorAV.sys [2015-10-30 524632]
S3 icssvc;Windows Mobile Hotspot Service;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 37256]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2015-10-30 107008]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;c:\windows\system32\drivers\intelpep.sys [2015-10-30 40288]
S3 IoQos;IoQos;c:\windows\system32\drivers\ioqos.sys [2015-10-30 23040]
S3 LSI_SAS2i;LSI_SAS2i;c:\windows\system32\drivers\lsi_sas2i.sys [2015-10-30 88928]
S3 LSI_SAS3i;LSI_SAS3i;c:\windows\system32\drivers\lsi_sas3i.sys [2015-10-30 83288]
S3 NetSetupSvc;Network Setup Service;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 NgcCtnrSvc;Microsoft Passport Container;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 37256]
S3 NgcSvc;Microsoft Passport;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 percsas2i;percsas2i;c:\windows\system32\drivers\percsas2i.sys [2015-10-30 51040]
S3 percsas3i;percsas3i;c:\windows\system32\drivers\percsas3i.sys [2015-10-30 51552]
S3 PhoneSvc;Phone Service;c:\windows\system32\svchost.exe -k LocalService [2015-10-30 37256]
S3 RetailDemo;Retail Demo Service;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 SensorDataService;Sensor Data Service;c:\windows\system32\SensorDataService.exe [2016-9-15 900096]
S3 SensorService;Sensor Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 SerCx2;Serial UART Support Library;c:\windows\system32\drivers\SerCx2.sys [2015-10-30 121696]
S3 smphost;Microsoft Storage Spaces SMP;c:\windows\system32\svchost.exe -k smphost [2015-10-30 37256]
S3 SmsRouter;Microsoft Windows SMS Router Service.;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 stornvme;Microsoft Standard NVM Express Driver;c:\windows\system32\drivers\stornvme.sys [2015-10-30 65376]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;c:\windows\system32\drivers\storufs.sys [2015-10-30 27992]
S3 TieringEngineService;Storage Tiers Management;c:\windows\system32\TieringEngineService.exe [2015-10-30 256512]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;c:\windows\system32\drivers\UcmCx.sys [2016-5-11 46080]
S3 UcmUcsi;USB Connector Manager UCSI Client;c:\windows\system32\drivers\UcmUcsi.sys [2015-10-30 33792]
S3 UdeCx;USB Device Emulation Support Library;c:\windows\system32\drivers\Udecx.sys [2015-10-30 32768]
S3 UEFI;Microsoft UEFI Driver;c:\windows\system32\drivers\uefi.sys [2015-10-30 23392]
S3 Ufx01000;USB Function Class Extension;c:\windows\system32\drivers\ufx01000.sys [2016-6-15 203104]
S3 UfxChipidea;USB Chipidea Controller;c:\windows\system32\drivers\UfxChipidea.sys [2015-10-30 74080]
S3 ufxsynopsys;USB Synopsys Controller;c:\windows\system32\drivers\ufxsynopsys.sys [2016-9-15 104800]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;c:\windows\system32\drivers\urschipidea.sys [2015-10-30 21856]
S3 UrsCx01000;USB Role-Switch Support Library;c:\windows\system32\drivers\urscx01000.sys [2015-10-30 42840]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;c:\windows\system32\drivers\urssynopsys.sys [2015-10-30 21856]
S3 UsoSvc;Update Orchestrator Service;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 vhf;Virtual HID Framework (VHF) Driver;c:\windows\system32\drivers\vhf.sys [2015-10-30 24064]
S3 vmicguestinterface;Hyper-V Guest Service Interface;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 vmicvmsession;Hyper-V VM Session Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 WalletService;WalletService;c:\windows\system32\svchost.exe -k appmodel [2015-10-30 37256]
S3 wdiwifi;WDI Driver Framework;c:\windows\system32\drivers\WdiWiFi.sys [2016-4-13 497152]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;c:\windows\system32\drivers\WdNisDrv.sys [2015-10-30 98648]
S3 WdNisSvc;Windows Defender Network Inspection Service;c:\program files\windows defender\NisSrv.exe [2015-10-30 280376]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;c:\windows\system32\svchost.exe -k WepHostSvcGroup [2015-10-30 37256]
S3 workfolderssvc;Work Folders;c:\windows\system32\svchost.exe -k LocalService [2015-10-30 37256]
S3 WpnService;Windows Push Notifications Service;c:\windows\system32\svchost.exe -k wswpnservice [2015-10-30 37256]
S3 XblAuthManager;Xbox Live Auth Manager;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 XblGameSave;Xbox Live Game Save;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 xboxgip;Xbox Game Input Protocol Driver;c:\windows\system32\drivers\xboxgip.sys [2016-3-2 201216]
S3 XboxNetApiSvc;XboxNetApiSvc;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 xinputhid;XINPUT HID Filter Driver;c:\windows\system32\drivers\xinputhid.sys [2016-4-13 18944]
S4 CDPSvc;Connected Device Platform Service;c:\windows\system32\svchost.exe -k LocalService [2015-10-30 37256]
S4 tzautoupdate;Auto Time Zone Updater;c:\windows\system32\svchost.exe -k LocalService [2015-10-30 37256]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: SZBrowser.exe: open="c:\program files\avast software\szbrowser\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2016-11-12 14:20:29 -------- d-----w- c:\program files\CCleaner
2016-11-11 11:55:48 -------- d-----w- C:\AdwCleaner
2016-11-09 1558 -------- d-----w- c:\windows\system32\BestPractices
2016-11-09 09:27:59 712704 ----a-w- c:\windows\system32\RemoteNaturalLanguage.dll
2016-11-09 09:26:59 1536088 ----a-w- c:\windows\system32\crypt32.dll
2016-11-09 09:25:58 616960 ----a-w- c:\windows\system32\winhttp.dll
2016-10-30 22:50:50 96200 ----a-w- c:\program files\mozilla firefox\nssdbm3.dll
2016-10-22 11:48:52 210376 ----a-w- c:\program files\mozilla firefox\sandboxbroker.dll
2016-10-22 11:48:51 970912 ----a-w- c:\program files\mozilla firefox\msvcr120.dll
2016-10-22 11:48:51 455328 ----a-w- c:\program files\mozilla firefox\msvcp120.dll
.
==================== Find3M ====================
.
2016-11-12 13:57:51 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-11-02 13:32:04 316256 ----a-w- c:\windows\system32\atmfd.dll
2016-11-02 13:31:34 546968 ----a-w- c:\windows\system32\fontdrvhost.exe
2016-11-02 12:51:49 37376 ----a-w- c:\windows\system32\atmlib.dll
2016-10-28 21:48:45 828408 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-10-28 21:48:45 176632 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-10-25 08:34:10 875992 ----a-w- c:\windows\system32\winresume.efi
2016-10-25 08:34:09 771120 ----a-w- c:\windows\system32\winresume.exe
2016-10-25 08:32:28 927072 ----a-w- c:\windows\system32\winload.exe
2016-10-25 08:32:26 1561392 ----a-w- c:\windows\system32\KernelBase.dll
2016-10-25 08:32:22 1051584 ----a-w- c:\windows\system32\winload.efi
2016-10-25 08:32:20 845568 ----a-w- c:\windows\system32\MrmCoreR.dll
2016-10-25 08:32:19 34088 ----a-w- c:\windows\system32\wldp.dll
2016-10-25 08:32:17 5793632 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-10-25 08:32:09 101216 ----a-w- c:\windows\system32\drivers\mup.sys
2016-10-25 08:32:01 1862000 ----a-w- c:\windows\system32\CoreUIComponents.dll
2016-10-25 08:30:40 1541792 ----a-w- c:\windows\system32\ntdll.dll
2016-10-25 08:30:38 354144 ----a-w- c:\windows\system32\halmacpi.dll
2016-10-25 08:30:29 281440 ----a-w- c:\windows\system32\drivers\clfs.sys
2016-10-25 08:28:59 545432 ----a-w- c:\windows\system32\CoreMessaging.dll
2016-10-25 08:28:58 553808 ----a-w- c:\windows\system32\ci.dll
2016-10-25 08:28:56 1083648 ----a-w- c:\windows\system32\Taskmgr.exe
2016-10-25 08:15:54 433504 ----a-w- c:\windows\system32\pcasvc.dll
2016-10-25 08:15:32 1194328 ----a-w- c:\windows\system32\diagtrack.dll
2016-10-25 08:14:24 856928 ----a-w- c:\windows\system32\SecConfig.efi
2016-10-25 08:08:55 2885680 ----a-w- c:\windows\system32\WSService.dll
2016-10-25 07:39:36 306840 ----a-w- c:\windows\system32\wlanapi.dll
2016-10-25 07:37:48 980352 ----a-w- c:\windows\system32\mfasfsrcsnk.dll
2016-10-25 07:37:46 882720 ----a-w- c:\windows\system32\mfmp4srcsnk.dll
2016-10-25 07:37:42 895080 ----a-w- c:\windows\system32\mfsrcsnk.dll
2016-10-25 07:37:42 709176 ----a-w- c:\windows\system32\mfsvr.dll
2016-10-25 07:37:19 1349632 ----a-w- c:\windows\system32\winmde.dll
2016-10-25 07:37:17 1334680 ----a-w- c:\windows\system32\wmpmde.dll
2016-10-25 07:31:30 957608 ----a-w- c:\windows\system32\ole32.dll
2016-10-25 07:31:28 1824272 ----a-w- c:\windows\system32\combase.dll
2016-10-25 07:30:45 703840 ----a-w- c:\windows\system32\WWAHost.exe
2016-10-25 07:28:10 1300016 ----a-w- c:\windows\system32\WpcMon.exe
2016-10-25 07:27:39 613120 ----a-w- c:\windows\system32\Windows.Internal.Shell.Broker.dll
2016-10-25 07:27:31 305304 ----a-w- c:\windows\system32\SystemSettingsAdminFlows.exe
2016-10-25 07:27:27 465760 ----a-w- c:\windows\system32\SettingSyncHost.exe
2016-10-25 07:26:30 569752 ----a-w- c:\windows\system32\SHCore.dll
2016-10-25 07:26:27 836752 ----a-w- c:\windows\system32\twinapi.appcore.dll
2016-10-25 07:26:27 5240952 ----a-w- c:\windows\system32\windows.storage.dll
2016-10-25 07:26:26 4074160 ----a-w- c:\windows\explorer.exe
2016-10-25 07:26:19 1355344 ----a-w- c:\windows\system32\propsys.dll
2016-10-25 07:25:33 633192 ----a-w- c:\windows\system32\sppwinob.dll
2016-10-25 07:25:21 1337680 ----a-w- c:\windows\system32\sppobjs.dll
2016-10-25 07:24:26 5598832 ----a-w- c:\windows\system32\sppsvc.exe
2016-10-25 07:23:20 995288 ----a-w- c:\windows\system32\ClipUp.exe
2016-10-25 07:23:00 510872 ----a-w- c:\windows\system32\ClipSVC.dll
2016-10-25 07:22:22 505136 ----a-w- c:\windows\system32\drivers\cng.sys
2016-10-25 07:22:16 268040 ----a-w- c:\windows\system32\wintrust.dll
2016-10-25 07:19:07 295776 ----a-w- c:\windows\system32\msv1_0.dll
2016-10-25 06:58:23 536416 ----a-w- c:\windows\system32\drivers\vhdmp.sys
2016-10-25 06:56:06 2195640 ----a-w- c:\windows\system32\d3d10warp.dll
2016-10-25 06:55:58 1712992 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2016-10-25 06:55:51 484704 ----a-w- c:\windows\system32\drivers\dxgmms2.sys
2016-10-25 06:55:49 336736 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2016-10-25 06:54:31 273760 ----a-w- c:\windows\system32\input.dll
2016-10-25 06:54:29 1522160 ----a-w- c:\windows\system32\WindowsCodecs.dll
2016-10-25 06:53:59 1174008 ----a-w- c:\windows\system32\msctf.dll
2016-10-25 06:39:08 403920 ----a-w- c:\windows\system32\DMRServer.dll
2016-10-25 06:38:37 25952 ----a-w- c:\windows\system32\drivers\usbd.sys
2016-10-25 06:27:45 72192 ----a-w- c:\windows\system32\rdpudd.dll
2016-10-25 06:27:24 74752 ----a-w- c:\windows\system32\MapsCSP.dll
2016-10-25 06:26:27 88576 ----a-w- c:\windows\system32\olepro32.dll
2016-10-25 06:23:27 239616 ----a-w- c:\windows\system32\wcl.dll
2016-10-25 06:21:25 50176 ----a-w- c:\windows\system32\MosHostClient.dll
2016-10-25 06:19:36 17408 ----a-w- c:\windows\system32\drivers\genericusbfn.sys
2016-10-25 06:19:14 572928 ----a-w- c:\windows\system32\WpcWebFilter.dll
2016-10-25 06:18:18 299008 ----a-w- c:\windows\system32\microsoft-windows-system-events.dll
2016-10-25 06:18:08 25600 ----a-w- c:\windows\system32\odbcconf.dll
2016-10-25 06:13:50 37376 ----a-w- c:\windows\system32\musdialoghandlers.dll
2016-10-25 06:12:26 81408 ----a-w- c:\windows\system32\drivers\bowser.sys
2016-10-25 06:11:22 23552 ----a-w- c:\windows\system32\mapsupdatetask.dll
2016-10-25 06:10:05 33792 ----a-w- c:\windows\system32\drivers\BthAvrcpTg.sys
2016-10-25 06:09:36 584704 ----a-w- c:\windows\system32\UIRibbonRes.dll
2016-10-25 06:09:20 65536 ----a-w- c:\windows\system32\wininetlui.dll
2016-10-25 06:08:31 59904 ----a-w- c:\windows\system32\MosStorage.dll
2016-10-25 06:07:45 35328 ----a-w- c:\windows\system32\drivers\scfilter.sys
2016-10-25 0655 87040 ----a-w- c:\windows\system32\MapsBtSvc.dll
2016-10-25 06:05:46 78848 ----a-w- c:\windows\system32\asycfilt.dll
2016-10-25 06:03:37 38912 ----a-w- c:\windows\system32\TpmTasks.dll
2016-10-25 06:03:14 69632 ----a-w- c:\windows\system32\SCardDlg.dll
2016-10-25 06:03:14 64512 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-10-25 06:02:58 38400 ----a-w- c:\windows\system32\HttpsDataSource.dll
2016-10-25 06:02:33 54784 ----a-w- c:\windows\system32\moshost.dll
2016-10-25 06:02:26 68096 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2016-10-25 06:01:41 183296 ----a-w- c:\windows\system32\NPSMDesktopProvider.dll
2016-10-25 06:00:34 115200 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2016-10-25 06:00:23 256512 ----a-w- c:\windows\system32\unimdm.tsp
2016-10-25 06:00:22 177664 ----a-w- c:\windows\system32\hgprint.dll
2016-10-25 06:00:06 102912 ----a-w- c:\windows\system32\NPSM.dll
2016-10-25 05:59:41 205312 ----a-w- c:\windows\system32\oemlicense.dll
2016-10-25 05:58:47 165376 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2016-10-25 05:57:04 267776 ----a-w- c:\windows\system32\usocore.dll
2016-10-25 05:56:53 59904 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2016-10-25 05:56:17 203776 ----a-w- c:\windows\system32\moshostcore.dll
2016-10-25 05:54:08 92160 ----a-w- c:\windows\system32\IdCtrls.dll
2016-10-25 05:54:08 2478592 ----a-w- c:\windows\apppatch\AcGenral.dll
.
============= FINISH: 15:38:55.96 ===============

then the attach one.. .
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 22/05/2016 4:14:26 PM
System Uptime: 11/11/2016 10:59:33 PM (41 hours ago)
.
Motherboard: Hewlett-Packard | | 3031h
Processor: Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz | XU1 PROCESSOR | 3166/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 465 GiB total, 432.13 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}
Description: Standard PS/2 Keyboard
Device ID: ACPI\PNP0303\4&3084B1C&0
Manufacturer: (Standard keyboards)
Name: Standard PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&3084B1C&0
Service: i8042prt
.
Class GUID:
Description: PCI Serial Port
Device ID: PCI\VEN_8086&DEV_2E17&SUBSYS_3034103C&REV_03\3&B1BFB68&0&1B
Manufacturer:
Name: PCI Serial Port
PNP Device ID: PCI\VEN_8086&DEV_2E17&SUBSYS_3034103C&REV_03\3&B1BFB68&0&1B
Service:
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&3084B1C&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&3084B1C&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP33: 27/10/2016 8:33:39 PM - ASU_MSI_TRAN
RP34: 6/11/2016 11:01:44 PM - Scheduled Checkpoint
RP35: 10/11/2016 11:03:13 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 23 NPAPI
Amazon Kindle
Avast Premier
CCleaner
FamilySearch Indexing 3.27.7
HP Customer Experience Enhancements
HP DeskJet 3630 series Basic Device Software
HP DeskJet 3630 series Help
HP Dropbox Plugin
HP Google Drive Plugin
HP Photo Creations
HP Support Assistant
HP Support Solutions Framework
HP Update
IrfanView (remove only)
Legacy 8.0
Microsoft Office 365 - en-us
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Mozilla Firefox 49.0.2 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 45.4.0 (x86 en-US)
NETGEAR WNA3100 wireless USB 2.0 adapter
Office 16 Click-to-Run Extensibility Component
Office 16 Click-to-Run Licensing Component
Office 16 Click-to-Run Localization Component
SafeZone Stable 1.51.2220.62
Skype™ 7.29
Windows Live Toolbar
.
==== Event Viewer Messages From Past Week ========
.
9/11/2016 8:53:20 AM, Error: Service Control Manager [7031] - The User Data Storage_1693e6f4 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/11/2016 8:53:20 AM, Error: Service Control Manager [7031] - The User Data Access_1693e6f4 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/11/2016 8:53:20 AM, Error: Service Control Manager [7031] - The Sync Host_1693e6f4 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/11/2016 8:53:20 AM, Error: Service Control Manager [7031] - The Contact Data_1693e6f4 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/11/2016 1:37:20 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_1434c2c8 service to connect.
9/11/2016 1:37:20 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_1434c2c8 service to connect.
9/11/2016 1:37:10 AM, Error: Service Control Manager [7031] - The User Data Storage_1434c2c8 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/11/2016 1:37:10 AM, Error: Service Control Manager [7031] - The User Data Access_1434c2c8 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/11/2016 1:37:10 AM, Error: Service Control Manager [7031] - The Sync Host_1434c2c8 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/11/2016 1:37:10 AM, Error: Service Control Manager [7031] - The Contact Data_1434c2c8 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/11/2016 2:52:56 PM, Error: Service Control Manager [7031] - The User Data Storage_130d77ba service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/11/2016 2:52:55 PM, Error: Service Control Manager [7023] - The User Data Access_130d77ba service terminated with the following error: Class not registered
8/11/2016 2:52:53 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_130d77ba service to connect.
8/11/2016 2:52:43 PM, Error: Service Control Manager [7031] - The User Data Storage_130d77ba service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/11/2016 2:52:43 PM, Error: Service Control Manager [7031] - The User Data Access_130d77ba service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/11/2016 2:52:43 PM, Error: Service Control Manager [7031] - The Sync Host_130d77ba service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/11/2016 2:52:43 PM, Error: Service Control Manager [7031] - The Contact Data_130d77ba service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/11/2016 12:02:35 AM, Error: Service Control Manager [7031] - The User Data Storage_10e4f38e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/11/2016 12:02:35 AM, Error: Service Control Manager [7031] - The User Data Access_10e4f38e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/11/2016 12:02:35 AM, Error: Service Control Manager [7031] - The Sync Host_10e4f38e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/11/2016 12:02:35 AM, Error: Service Control Manager [7031] - The Contact Data_10e4f38e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/11/2016 8:23:30 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/11/2016 3:48:21 PM, Error: Service Control Manager [7031] - The User Data Storage_f93e926 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/11/2016 3:48:21 PM, Error: Service Control Manager [7031] - The User Data Access_f93e926 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/11/2016 3:48:21 PM, Error: Service Control Manager [7031] - The Sync Host_f93e926 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/11/2016 3:48:21 PM, Error: Service Control Manager [7031] - The Contact Data_f93e926 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/11/2016 12:56:56 AM, Error: Service Control Manager [7031] - The User Data Storage_be9673f service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/11/2016 12:56:56 AM, Error: Service Control Manager [7031] - The User Data Access_be9673f service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/11/2016 12:56:56 AM, Error: Service Control Manager [7031] - The Sync Host_be9673f service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/11/2016 12:56:56 AM, Error: Service Control Manager [7031] - The Contact Data_be9673f service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
6/11/2016 1:44:34 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_965e01e service to connect.
6/11/2016 1:44:34 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_965e01e service to connect.
6/11/2016 1:44:24 AM, Error: Service Control Manager [7031] - The User Data Storage_965e01e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
6/11/2016 1:44:24 AM, Error: Service Control Manager [7031] - The User Data Access_965e01e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
6/11/2016 1:44:24 AM, Error: Service Control Manager [7031] - The Sync Host_965e01e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
6/11/2016 1:44:24 AM, Error: Service Control Manager [7031] - The Contact Data_965e01e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
13/11/2016 2:28:52 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-5KFHTUH\Lorraine SID (S-1-5-21-395152712-2620477987-3300426641-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
13/11/2016 1:27:33 AM, Error: Service Control Manager [7031] - The User Data Storage_b53675 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
13/11/2016 1:27:33 AM, Error: Service Control Manager [7031] - The User Data Access_b53675 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
13/11/2016 1:27:33 AM, Error: Service Control Manager [7031] - The Sync Host_b53675 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
13/11/2016 1:27:33 AM, Error: Service Control Manager [7031] - The Contact Data_b53675 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/11/2016 12:41:33 AM, Error: Service Control Manager [7031] - The User Data Storage_2df17 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/11/2016 12:41:33 AM, Error: Service Control Manager [7031] - The User Data Access_2df17 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/11/2016 12:41:33 AM, Error: Service Control Manager [7031] - The Sync Host_2df17 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/11/2016 12:41:33 AM, Error: Service Control Manager [7031] - The Contact Data_2df17 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/11/2016 11:03:25 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume ??. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x9000000000009. The name of the file is "<unable to determine file name>".
11/11/2016 10:58:57 PM, Error: Service Control Manager [7031] - The User Data Storage_38d4a6d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
11/11/2016 10:58:57 PM, Error: Service Control Manager [7031] - The User Data Access_38d4a6d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
11/11/2016 10:58:57 PM, Error: Service Control Manager [7031] - The Sync Host_38d4a6d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
11/11/2016 10:58:57 PM, Error: Service Control Manager [7031] - The Contact Data_38d4a6d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
11/11/2016 10:58:14 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
11/11/2016 10:57:44 PM, Error: Service Control Manager [7034] - The HP Support Solutions Framework Service service terminated unexpectedly. It has done this 1 time(s).
11/11/2016 10:57:44 PM, Error: Service Control Manager [7034] - The HP CASL Framework Service service terminated unexpectedly. It has done this 1 time(s).
11/11/2016 10:57:44 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/11/2016 10:57:42 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
11/11/2016 10:57:42 PM, Error: Service Control Manager [7031] - The Microsoft Office Click-to-Run Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/11/2016 1:12:37 AM, Error: Service Control Manager [7031] - The User Data Storage_1f46f7c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
11/11/2016 1:12:37 AM, Error: Service Control Manager [7031] - The User Data Access_1f46f7c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
11/11/2016 1:12:37 AM, Error: Service Control Manager [7031] - The Sync Host_1f46f7c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
11/11/2016 1:12:37 AM, Error: Service Control Manager [7031] - The Contact Data_1f46f7c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 7:44:03 AM, Error: Microsoft-Windows-Eventlog [30] - The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.
10/11/2016 5:23:28 PM, Error: Service Control Manager [7031] - The User Data Storage_13f19ee service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 5:23:28 PM, Error: Service Control Manager [7031] - The User Data Access_13f19ee service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 5:23:28 PM, Error: Service Control Manager [7031] - The Sync Host_13f19ee service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 5:23:28 PM, Error: Service Control Manager [7031] - The Contact Data_13f19ee service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 2:05:08 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_4c14b service to connect.
10/11/2016 2:05:08 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_4c14b service to connect.
10/11/2016 2:04:58 AM, Error: Service Control Manager [7031] - The User Data Storage_4c14b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 2:04:58 AM, Error: Service Control Manager [7031] - The User Data Access_4c14b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 2:04:58 AM, Error: Service Control Manager [7031] - The Sync Host_4c14b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 2:04:58 AM, Error: Service Control Manager [7031] - The Contact Data_4c14b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 12:15:41 PM, Error: Service Control Manager [7031] - The User Data Storage_cfd9b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 12:15:41 PM, Error: Service Control Manager [7031] - The User Data Access_cfd9b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 12:15:41 PM, Error: Service Control Manager [7031] - The Sync Host_cfd9b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/11/2016 12:15:41 PM, Error: Service Control Manager [7031] - The Contact Data_cfd9b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
.
==== End Of File ===========================
lorrain is offline  
Sponsored Links
Advertisement
 
Old 11-13-2016, 11:32 PM   #2
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello Lorraine,

My name is Tolga and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Please download to and run all requested tools from your Desktop.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My native language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Now, let's get started, shall we? Please do the below steps

STEP 1


Please download AdwCleaner from here and save it to your desktop.

Click the green 'Download now @bleepingcomputer' button.
Run AdwCleaner and select Scan
Once the Scan is done, select Clean
Once done it will ask to reboot, please allow the reboot.
On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
Please copy/paste the contents of the log in your next reply.

STEP 2

Please download Farbar Recovery Scan Tool and save it to your desktop.

Double-click to run it. When the tool opens click Yes to the disclaimer.
Make sure the Addition.txt button is ticked.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.

=========================================================

Things I need to see in your next post:
  • AdwCleaner[C#].txt
  • FRST.txt
  • Addition.txt
__________________
tekir06 is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
browser static.redirect malaware can't remove?
Hello.. For the last month I have had the annoying problem of having of this redirect virus.. I believe it is malaware stored on my wireless 3g dongle somehow, I use a portugese mobile broadband company.. It started on my laptop, when browsing the internet, 2/3 links i click on redirect...
panoush Virus/Trojan/Spyware Help 1 07-06-2014 09:50 PM
Need help Removing Trojan:Win32/Anomaly.gen!A
Hello! Ive been infected with Trojan:Win32/Anomaly.gen!A detected with Microsoft security essentials, Ive gotta the blue screen of death this morning so I scanned and this appeared. When I was trying to Move the file to Quarantine using MSE it got and error as said below:
Comphateu Virus/Trojan/Spyware Help 1 01-30-2012 02:04 PM
[SOLVED] Java installer won't start
Hello, i've been having this issue for quite some time and have also posted on another tech support forum. Java simply refuses to install. Every time i start the java installer (making sure to download the right version, etc.) the installer won't run -- it starts, then after about 1 second it's...
MickeyXD Windows 7 , Windows Vista Support 5 01-21-2012 05:32 AM
Possible worm/rootkit?
Hi /all- Recently I Have been having alot of slowdowns, lots of hanging programs/crashes, and most annoyingly people on my contact lists are recieving emails from me with ad's and links, that I did not send. ("uncoincedently" started about the time I let my siblings use my rig/user :upset: next...
BHM Resolved HJT Threads 7 02-15-2011 06:01 AM
I installed java but it doesnt work
Ok, so heres the story. I tried running minecraft(a game) and i ge an error saying my JRE is non existent. I try uninstalling and reinstalling from the java site, it didnt work. I have all the administrator priveleges to my computer. I have vista(in case you didnt pick up). So when...
mikemac402 Windows 7 , Windows Vista Support 39 02-10-2011 04:33 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 06:17 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts