1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

somethings wrong!

Discussion in 'Web & Email' started by Florenda, Dec 30, 2014.

Thread Status:
Not open for further replies.
Advertisement
  1. Florenda

    Florenda Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    36
    Im not very good on computers so i will try to do my best and discribe what is going on. Something has a hold on my computer and internet connection now for about a month now. most of my internet activity is facebook and just general surfing the web. i can not download ANYTHING it kills the download after connection is made. it took my 30 hours to download Baidu Antivirus and it still found nothing, when i play my game on facebook (pearls peril) it takes 20 minutes to load the program after refeshing 4 times. i have had my internet company out here to the house 5 times in 2 months and 4 times a week tech support escalating tickets so you are my last hope. someone told me i have the edge-chat.facebook.com virus which is something new going on. I have seen this url pop up with different numbers in front of the name (0-edge-chat.facebook.com...numbers i have see personally are 2, 4, 5, 6)


    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz, Intel64 Family 6 Model 42 Stepping 7
    Processor Count: 2
    RAM: 3988 Mb
    Graphics Card: Intel(R) HD Graphics, 1802 Mb
    Hard Drives: C: Total - 595370 MB, Free - 532382 MB;
    Motherboard: TOSHIBA, Portable PC
    Antivirus: Panda Cloud Antivirus, Disabled


    also I have tried to uninstall Panda over 2000 times and cant get rid of it, my current antivirus is Baidu and my current browser is White Hat Aviator. can you please help? If i have posted in the wrong thread can you please move it to the right one....Thank You!:)
     
  2. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    55,763
    First Name:
    Derek
    try using a normal browser like IE, firefox or chrome
    using white hat will really slow you down & it won't work on Facebook etc because it blocks adverts & cookies and FB won't work properly unless you allow everything
     
  3. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    55,763
    First Name:
    Derek
  4. Florenda

    Florenda Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    36
    i had chrome and firefox but i cant access them because what ever is on my computer has control of them i had to go to a friends house and jump drive many browsers and that one was able to install.
     
  5. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    55,763
    First Name:
    Derek
    If you have 2 antiviruses that will really slow you down
    once you have used the panda uninstaller
    then do this & we can hopefully see if we can spot any obvious problems there

    Download to Desktop: DDS by sUBs from one of the below locations

    http://download.bleepingcomputer.com/sUBs/dds.com
    http://download.bleepingcomputer.com/sUBs/dds.exe

    double click DDS to run it
    Make sure there is a check mark in DDS txt
    place a check mark in the attach.txt box and then press start

    Do not select any other options unless specifically told to

    When complete, DDS.txt will openand attach.txt will be minimized on your taskbar, click on it to open it

    Save both reports to your desktop.
    DDS.txt
    Attach.txt

    post the contents of both logs back here.
     
  6. Florenda

    Florenda Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    36
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.17173 BrowserJavaVersion: 10.25.2
    Run by Florenda Richards at 22:42:17 on 2014-12-31
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3989.2469 [GMT -5:00]
    .
    AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
    AV: Baidu Antivirus *Enabled/Updated* {10616E6C-0E20-8594-D377-A7D03F6128A6}
    SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Baidu Antivirus *Enabled/Updated* {AB008F88-281A-8A1A-E9C7-9CA244E6621B}
    FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavSvc.exe
    C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavhm.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
    C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe
    C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files (x86)\baidu\Spark\sparkservice.exe
    C:\windows\system32\TODDSrv.exe
    C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\TOSHIBA\TECO\TecoService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
    C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\windows\system32\wuauclt.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Secunia\PSI\sua.exe
    C:\windows\System32\svchost.exe -k WerSvcGroup
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uProxyOverride = <local>;192.168.*.*
    mWinlogon: Userinit = userinit.exe
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    mRun: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
    mRun: [Baidu Antivirus] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
    mRun: [Baidu Bsr] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavAdvTools\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe" -run
    dRunOnce: [panda4_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_0dn" /f
    dRunOnce: [panda4_0dn_XP] reg.exe delete "HKCU\Software\panda4_0dn" /f
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    TCP: NameServer = 192.168.254.254
    TCP: Interfaces\{1654F0B9-11B0-43E8-84CE-A6B2BBB51336} : DHCPNameServer = 192.168.254.254
    TCP: Interfaces\{1654F0B9-11B0-43E8-84CE-A6B2BBB51336}\65562796A7F6E6D2D496649653531303C4D203643423 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{1654F0B9-11B0-43E8-84CE-A6B2BBB51336}\7594E4F543933626 : DHCPNameServer = 192.168.254.254
    TCP: Interfaces\{1654F0B9-11B0-43E8-84CE-A6B2BBB51336}\7594E4F593534356 : DHCPNameServer = 192.168.254.254
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Florenda Richards\AppData\Roaming\Mozilla\Firefox\Profiles\ejjhxt0x.default\
    FF - prefs.js: browser.search.selectedEngine -
    FF - prefs.js: browser.startup.homepage - about:home
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll
    FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
    FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\windows\SysWOW64\npmproxy.dll
    .
    ---- FIREFOX POLICIES ----
    user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.blocklist.enabled', false);user_pref('security.mixed_content.block_active_content', false);
    ============= SERVICES / DRIVERS ===============
    .
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-1-5 16152]
    R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384]
    R1 Bfilter;Baidu Antivirus Minifilter Driver;C:\windows\System32\drivers\Bfilter.sys [2014-12-29 59712]
    R1 Bfmon;Baidu FS Monitor Driver;C:\windows\System32\drivers\Bfmon.sys [2014-12-29 38208]
    R1 Bnbase;Bnbase;C:\windows\System32\drivers\bnbasex64.sys [2014-12-29 66720]
    R1 Bndef;Baidu NetDefense;C:\windows\System32\drivers\bndef64.sys [2014-12-29 481696]
    R1 Bprotect;Baidu Protect;C:\windows\System32\drivers\Bprotect.sys [2014-12-29 164096]
    R1 NNSALPC;NNSALPC;C:\windows\System32\drivers\NNSAlpc.sys [2013-5-29 91368]
    R1 NNSHTTP;NNSHTTP;C:\windows\System32\drivers\NNSHttp.sys [2013-5-29 122088]
    R1 NNSHTTPS;NNSHTTPS;C:\windows\System32\drivers\NNSHttps.sys [2013-5-29 109288]
    R1 NNSIDS;NNSIDS;C:\windows\System32\drivers\NNSIds.sys [2013-5-29 114920]
    R1 NNSPICC;NNSPICC;C:\windows\System32\drivers\NNSpicc.sys [2013-5-29 95464]
    R1 NNSPOP3;NNSPOP3;C:\windows\System32\drivers\NNSPop3.sys [2013-5-29 119016]
    R1 NNSPROT;NNSPROT;C:\windows\System32\drivers\NNSProt.sys [2013-5-29 305896]
    R1 NNSPRV;NNSPRV;C:\windows\System32\drivers\NNSPrv.sys [2013-5-29 118504]
    R1 NNSSMTP;NNSSMTP;C:\windows\System32\drivers\NNSSmtp.sys [2013-5-29 114920]
    R1 NNSSTRM;NNSSTRM;C:\windows\System32\drivers\NNSStrm.sys [2013-5-29 246504]
    R1 NNSTLSC;NNSTLSC;C:\windows\System32\drivers\NNStlsc.sys [2013-5-29 106216]
    R1 PSINKNC;PSINKNC;C:\windows\System32\drivers\PSINKNC.sys [2013-5-28 205544]
    R2 BavSvc;Baidu Antivirus Service;C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavSvc.exe [2014-12-29 2290592]
    R2 BHipsSvc;Baidu Hips Service;C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe [2014-12-29 402584]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-7-11 128280]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-7-11 161560]
    R2 NanoServiceMain;Panda Cloud Antivirus Service;C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2013-5-28 140768]
    R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe [2012-7-11 135608]
    R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe [2012-7-11 126392]
    R2 PSINAflt;PSINAflt;C:\windows\System32\drivers\PSINAflt.sys [2013-5-28 168680]
    R2 PSINFile;PSINFile;C:\windows\System32\drivers\PSINFile.sys [2013-5-28 122088]
    R2 PSINProc;PSINProc;C:\windows\System32\drivers\PSINProc.sys [2013-5-28 124648]
    R2 PSINProt;PSINProt;C:\windows\System32\drivers\PSINProt.sys [2013-5-29 137448]
    R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2014-11-28 765144]
    R2 SparkSvc;Baidu Spark Service;C:\Program Files (x86)\baidu\Spark\sparkservice.exe [2014-12-29 84160]
    R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\TECO\TecoService.exe [2011-11-24 294848]
    R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-11 363800]
    R3 BNmon;(BNmon);C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Bnmon64.sys [2014-12-29 59200]
    R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2012-7-11 9216]
    R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
    R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2012-1-16 103536]
    R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-7-11 38096]
    R3 PSI;PSI;C:\windows\System32\drivers\psi_mf_amd64.sys [2014-11-28 18456]
    R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2012-7-11 313448]
    R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2012-7-11 1145448]
    R3 SmbDrv;SmbDrv;C:\windows\System32\drivers\Smb_driver.sys [2011-12-22 21264]
    R4 bsrbc;Baidu Antivirus BootClean Driver;C:\windows\System32\drivers\bsrbc64.sys [2014-12-31 65856]
    S2 PSUAService;Panda Product Service;C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [2013-5-28 37344]
    S2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2014-11-28 1363160]
    S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe" --> C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [?]
    S3 BdSandbox;Baidu BdSandbox Driver;C:\windows\System32\drivers\BdSandbox.sys [2014-12-29 201536]
    S3 BdSandboxSrv;Baidu BdSandbox Virtual Service;C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdSandboxSrv64.exe --> C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdSandboxSrv64.exe [?]
    S3 BsrSvc;Baidu System Repair Tool Service;C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavadvtools\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe [2014-12-9 3147112]
    S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-1-5 355096]
    S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-1-5 786200]
    S3 PSINReg;PSINReg;C:\windows\System32\drivers\PSINReg.sys [2013-5-28 105704]
    S3 PSKMAD;PSKMAD;C:\windows\System32\drivers\PSKMAD.sys [2013-10-9 47632]
    S3 SparkUpdater;Baidu Spark Updater;C:\Program Files (x86)\baidu\SparkUpdate\Sparkupdate.exe [2014-12-29 1359040]
    S3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2012-7-11 57216]
    S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-11-25 138152]
    S3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2011-12-14 833976]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-12-9 1255736]
    S4 NNSPIHSW;NNSPIHSW;C:\windows\System32\drivers\NNSPihsw.sys [2013-5-29 69864]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2015-01-01 03:25:08 65856 ----a-w- C:\windows\System32\drivers\bsrbc64.sys
    2015-01-01 03:19:16 -------- d-----w- C:\ProgramData\BsrSvc_exe
    2015-01-01 01:44:19 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
    2015-01-01 01:44:19 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    2015-01-01 01:44:19 12625920 ----a-w- C:\windows\System32\wmploc.DLL
    2015-01-01 01:44:18 12625408 ----a-w- C:\windows\SysWow64\wmploc.DLL
    2015-01-01 01:35:22 -------- d-----w- C:\windows\Migration
    2015-01-01 00:57:09 55808 ----a-w- C:\windows\System32\rrinstaller.exe
    2015-01-01 00:57:09 50176 ----a-w- C:\windows\SysWow64\rrinstaller.exe
    2015-01-01 00:57:09 3209728 ----a-w- C:\windows\SysWow64\mf.dll
    2015-01-01 00:57:09 24576 ----a-w- C:\windows\System32\mfpmp.exe
    2015-01-01 00:57:09 23040 ----a-w- C:\windows\SysWow64\mfpmp.exe
    2015-01-01 00:57:09 206848 ----a-w- C:\windows\System32\mfps.dll
    2015-01-01 00:57:09 2048 ----a-w- C:\windows\SysWow64\mferror.dll
    2015-01-01 00:57:09 2048 ----a-w- C:\windows\System32\mferror.dll
    2015-01-01 00:57:09 103424 ----a-w- C:\windows\SysWow64\mfps.dll
    2015-01-01 00:57:08 4121600 ----a-w- C:\windows\System32\mf.dll
    2015-01-01 00:48:02 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2015-01-01 00:47:54 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D52314F8-EC70-4DF6-84DD-3C7CF1C29F00}\mpengine.dll
    2015-01-01 00:46:49 2777088 ----a-w- C:\windows\System32\msmpeg2vdec.dll
    2015-01-01 00:46:49 2285056 ----a-w- C:\windows\SysWow64\msmpeg2vdec.dll
    2015-01-01 00:42:37 99480 ----a-w- C:\windows\SysWow64\infocardapi.dll
    2015-01-01 00:42:37 619672 ----a-w- C:\windows\SysWow64\icardagt.exe
    2015-01-01 00:42:37 171160 ----a-w- C:\windows\System32\infocardapi.dll
    2015-01-01 00:42:37 1389208 ----a-w- C:\windows\System32\icardagt.exe
    2015-01-01 00:42:35 8856 ----a-w- C:\windows\SysWow64\icardres.dll
    2015-01-01 00:42:35 8856 ----a-w- C:\windows\System32\icardres.dll
    2015-01-01 00:42:10 35480 ----a-w- C:\windows\SysWow64\TsWpfWrp.exe
    2015-01-01 00:42:10 35480 ----a-w- C:\windows\System32\TsWpfWrp.exe
    2014-12-31 23:06:29 728064 ----a-w- C:\windows\System32\kerberos.dll
    2014-12-31 23:05:47 2565120 ----a-w- C:\windows\System32\d3d10warp.dll
    2014-12-31 23:03:42 461312 ----a-w- C:\windows\System32\scavengeui.dll
    2014-12-31 23:03:37 259584 ----a-w- C:\windows\System32\WebClnt.dll
    2014-12-31 23:03:36 81920 ----a-w- C:\windows\SysWow64\davclnt.dll
    2014-12-31 23:03:36 205824 ----a-w- C:\windows\SysWow64\WebClnt.dll
    2014-12-31 23:03:36 140800 ----a-w- C:\windows\System32\drivers\mrxdav.sys
    2014-12-31 23:03:36 102400 ----a-w- C:\windows\System32\davclnt.dll
    2014-12-31 23:03:33 793600 ----a-w- C:\windows\SysWow64\TSWorkspace.dll
    2014-12-31 23:03:33 1031168 ----a-w- C:\windows\System32\TSWorkspace.dll
    2014-12-31 23:02:26 27584 ----a-w- C:\windows\System32\drivers\Diskdump.sys
    2014-12-31 23:02:26 274880 ----a-w- C:\windows\System32\drivers\msiscsi.sys
    2014-12-31 23:02:26 2048 ----a-w- C:\windows\SysWow64\iologmsg.dll
    2014-12-31 23:02:26 2048 ----a-w- C:\windows\System32\iologmsg.dll
    2014-12-31 23:02:26 190912 ----a-w- C:\windows\System32\drivers\storport.sys
    2014-12-31 23:02:16 2048 ----a-w- C:\windows\SysWow64\tzres.dll
    2014-12-31 23:02:16 2048 ----a-w- C:\windows\System32\tzres.dll
    2014-12-31 22:58:13 41472 ----a-w- C:\windows\System32\lpk.dll
    2014-12-31 22:57:18 165888 ----a-w- C:\windows\System32\charmap.exe
    2014-12-31 22:57:18 155136 ----a-w- C:\windows\SysWow64\charmap.exe
    2014-12-31 22:29:32 2620928 ----a-w- C:\windows\System32\wucltux.dll
    2014-12-31 22:29:13 97792 ----a-w- C:\windows\System32\wudriver.dll
    2014-12-31 22:29:13 92672 ----a-w- C:\windows\SysWow64\wudriver.dll
    2014-12-31 22:28:52 36864 ----a-w- C:\windows\System32\wuapp.exe
    2014-12-31 22:28:52 33792 ----a-w- C:\windows\SysWow64\wuapp.exe
    2014-12-31 22:28:52 198600 ----a-w- C:\windows\System32\wuwebv.dll
    2014-12-31 22:28:52 179656 ----a-w- C:\windows\SysWow64\wuwebv.dll
    2014-12-31 22:22:29 -------- d-----w- C:\Users\Florenda Richards\AppData\Local\WindowsUpdate
    2014-12-31 22:14:49 -------- d-----w- C:\Users\Florenda Richards\AppData\Local\Secunia PSI
    2014-12-31 22:14:42 -------- d-----w- C:\Program Files (x86)\Secunia
    2014-12-31 21:28:13 -------- d-----w- C:\SMCLpav
    2014-12-31 01:39:57 -------- d-----w- C:\ProgramData\F-Secure
    2014-12-31 00:56:10 -------- d-----w- C:\MGADiagToolOutput
    2014-12-29 21:26:55 -------- d-----w- C:\Users\Florenda Richards\AppData\Roaming\Baidu
    2014-12-29 21:26:54 -------- d-----w- C:\Program Files (x86)\baidu
    2014-12-29 19:43:24 -------- d-----w- C:\Users\Florenda Richards\AppData\Local\MiniService
    2014-12-29 19:05:06 -------- d-----w- C:\ProgramData\BavSvc_exe
    2014-12-29 19:04:50 201536 ----a-w- C:\windows\System32\drivers\BdSandbox.sys
    2014-12-29 19:04:49 481696 ----a-w- C:\windows\System32\drivers\bndef64.sys
    2014-12-29 19:04:45 66720 ----a-w- C:\windows\System32\drivers\bnbasex64.sys
    2014-12-29 19:04:45 164096 ----a-w- C:\windows\System32\drivers\Bprotect.sys
    2014-12-29 19:04:45 -------- d-----w- C:\ProgramData\Baidu Security
    2014-12-29 19:04:44 38208 ----a-w- C:\windows\System32\drivers\Bfmon.sys
    2014-12-29 19:04:43 59712 ----a-w- C:\windows\System32\drivers\Bfilter.sys
    2014-12-29 19:04:06 -------- d-----w- C:\ProgramData\Baidu
    2014-12-29 19:04:06 -------- d-----w- C:\Program Files (x86)\Baidu Security
    2014-12-29 18:30:52 23752 ----a-w- C:\windows\SysWow64\drivers\efimon.sys
    2014-12-29 11:22:40 76800 ----a-w- C:\windows\System32\drivers\hidclass.sys
    2014-12-29 11:22:40 32896 ----a-w- C:\windows\System32\drivers\hidparse.sys
    2014-12-29 11:21:24 102608 ----a-w- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
    2014-12-29 06:28:23 -------- d-sh--w- C:\$360Section
    2014-12-29 06:24:18 -------- d-----w- C:\Program Files (x86)\360
    2014-12-29 04:06:48 -------- d-----w- C:\Users\Florenda Richards\AppData\Local\Apps
    2014-12-27 13:48:47 -------- d-----w- C:\Users\Florenda Richards\AppData\Local\Aviator
    2014-12-27 13:48:33 -------- d-----w- C:\Program Files (x86)\Whitehat
    2014-12-27 13:46:31 -------- d-----w- C:\Users\Florenda Richards\AppData\Local\Downloaded Installations
    2014-12-27 12:35:04 -------- d-----w- C:\Users\Florenda Richards\AppData\Local\Coowon
    2014-12-12 20:44:13 -------- d-----w- C:\Program Files (x86)\VirtualDJ
    2014-12-10 14:35:34 3981488 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
    .
    ==================== Find3M ====================
    .
    2014-12-29 11:19:56 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-12-29 11:19:56 701616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
    2014-11-28 12:02:18 18456 ----a-w- C:\windows\System32\drivers\psi_mf_amd64.sys
    2014-11-24 19:04:56 275080 ------w- C:\windows\System32\MpSigStub.exe
    2014-11-20 17:40:57 2237952 ----a-w- C:\windows\System32\wininet.dll
    2014-11-20 17:40:43 600064 ----a-w- C:\windows\System32\vbscript.dll
    2014-11-20 17:38:38 3959296 ----a-w- C:\windows\System32\jscript9.dll
    2014-11-20 17:38:30 136704 ----a-w- C:\windows\System32\iesysprep.dll
    2014-11-20 17:38:29 67072 ----a-w- C:\windows\System32\iesetup.dll
    2014-11-20 17:37:17 1509376 ----a-w- C:\windows\System32\inetcpl.cpl
    2014-11-20 14:09:10 1762816 ----a-w- C:\windows\SysWow64\wininet.dll
    2014-11-20 14:08:58 523776 ----a-w- C:\windows\SysWow64\vbscript.dll
    2014-11-20 14:07:20 2861568 ----a-w- C:\windows\SysWow64\jscript9.dll
    2014-11-20 14:07:13 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
    2014-11-20 14:07:13 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
    2014-11-20 14:06:22 1441280 ----a-w- C:\windows\SysWow64\inetcpl.cpl
    2014-11-20 13:01:44 2706432 ----a-w- C:\windows\System32\mshtml.tlb
    2014-11-20 12:56:08 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
    2014-11-20 12:36:28 441856 ----a-w- C:\windows\System32\html.iec
    2014-11-20 12:28:50 361984 ----a-w- C:\windows\SysWow64\html.iec
    2014-11-20 12:12:07 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe
    2014-11-20 12:05:09 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
    2014-11-11 03:08:52 241152 ----a-w- C:\windows\System32\pku2u.dll
    2014-11-11 02:44:32 186880 ----a-w- C:\windows\SysWow64\pku2u.dll
    2014-11-11 02:44:25 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
    2014-11-11 01:46:26 119296 ----a-w- C:\windows\System32\drivers\tdx.sys
    2014-10-14 02:16:37 155064 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
    2014-10-14 02:13:00 3241984 ----a-w- C:\windows\System32\msi.dll
    2014-10-14 02:12:57 1460736 ----a-w- C:\windows\System32\lsasrv.dll
    2014-10-14 01:50:47 22016 ----a-w- C:\windows\SysWow64\secur32.dll
    2014-10-14 01:50:41 2363904 ----a-w- C:\windows\SysWow64\msi.dll
    2014-10-14 01:49:38 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
    2013-02-20 01:45:42 4126720 ----a-w- C:\Program Files (x86)\GUTE3BB.tmp
    .
    ============= FINISH: 22:43:00.03 ===============
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/6/2012 7:11:40 PM
    System Uptime: 12/31/2014 10:25:33 PM (0 hours ago)
    .
    Motherboard: TOSHIBA | | Portable PC
    Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz | U3E1 | 2300/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 581 GiB total, 518.773 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: BAPIDRV
    Device ID: ROOT\LEGACY_BAPIDRV\0000
    Manufacturer:
    Name: BAPIDRV
    PNP Device ID: ROOT\LEGACY_BAPIDRV\0000
    Service: BAPIDRV
    .
    ==== System Restore Points ===================
    .
    RP156: 12/29/2014 7:30:12 AM - Windows Update
    RP157: 12/29/2014 7:37:47 AM - Windows Update
    RP158: 12/29/2014 7:39:07 AM - Windows Update
    RP159: 12/29/2014 7:45:05 AM - Windows Update
    RP160: 12/29/2014 7:48:05 AM - Windows Update
    RP161: 12/29/2014 7:51:51 AM - Windows Update
    RP162: 12/29/2014 7:53:12 AM - Windows Update
    RP163: 12/29/2014 7:55:20 AM - Windows Update
    RP164: 12/29/2014 7:56:32 AM - Windows Update
    RP165: 12/29/2014 7:58:14 AM - Windows Update
    RP166: 12/29/2014 9:21:04 AM - Windows Update
    RP167: 12/29/2014 9:22:28 AM - Windows Update
    RP168: 12/29/2014 9:23:48 AM - Windows Update
    RP169: 12/29/2014 9:25:13 AM - Windows Update
    RP170: 12/29/2014 11:53:51 AM - Windows Update
    RP171: 12/31/2014 5:28:35 PM - Windows Update
    RP172: 12/31/2014 7:41:31 PM - Windows Update
    RP173: 12/31/2014 9:19:59 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Adobe AIR
    Adobe Flash Player 15 Plugin
    Adobe Flash Player 16 ActiveX
    Adobe Reader XI (11.0.10)
    Adobe Refresh Manager
    Adobe Shockwave Player 12.1
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    Aviator
    Baidu Antivirus
    Baidu Browser
    D3DX10
    DVDFab 6.0.2.2 (June 26, 2009)
    Google Chrome
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hidden Secrets Nostradamus
    Intel(R) Manageability Engine Firmware Recovery Agent
    Intel(R) Management Engine Components
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    Intel(R) USB 3.0 eXtensible Host Controller Driver
    IntelĀ® Trusted Connect Service Client
    Java 7 Update 25
    Java Auto Updater
    Java(TM) 6 Update 25
    Junk Mail filter update
    Mesh Runtime
    Microsoft .NET Framework 4.5.1
    Microsoft Age of Empires II
    Microsoft Application Error Reporting
    Microsoft Office 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    MotoHelper MergeModules
    Mozilla Firefox 31.0 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP3 Parser (KB2758694)
    Panda Cloud Antivirus
    PlayReady PC Runtime amd64
    PlayReady PC Runtime x86
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Reader Driver
    Realtek WLAN Driver
    Safety Optimizer
    Secunia PSI (3.0.0.10004)
    swMSM
    Synaptics Pointing Device Driver
    Toshiba App Place
    TOSHIBA Application Installer
    TOSHIBA Assist
    TOSHIBA Audio Enhancement
    Toshiba Book Place
    TOSHIBA Bulletin Board
    TOSHIBA Disc Creator
    TOSHIBA eco Utility
    TOSHIBA Face Recognition
    TOSHIBA Hardware Setup
    TOSHIBA HDD/SSD Alert
    Toshiba Laptop Checkup
    TOSHIBA Media Controller
    TOSHIBA Media Controller Plug-in
    Toshiba Online Backup
    TOSHIBA PC Health Monitor
    TOSHIBA Quality Application
    TOSHIBA Recovery Media Creator
    TOSHIBA ReelTime
    TOSHIBA Resolution+ Plug-in for Windows Media Player
    Toshiba Security Dashboard
    TOSHIBA Service Station
    TOSHIBA Supervisor Password
    TOSHIBA User's Guide
    TOSHIBA Value Added Package
    TOSHIBA Web Camera Application
    TOSHIBARegistration
    Virtual DJ Pro Full - Atomix Productions
    VS10Runtimex64
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR archiver
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/31/2014 9:50:40 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
    12/31/2014 9:26:25 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2894844).
    12/31/2014 9:26:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2971850).
    12/31/2014 9:26:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2957509).
    12/31/2014 9:26:00 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2931356).
    12/31/2014 9:25:53 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2968294).
    12/31/2014 9:25:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2868626).
    12/31/2014 9:25:34 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2893294).
    12/31/2014 9:25:25 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2957189).
    12/31/2014 9:25:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB3003743).
    12/31/2014 9:25:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2972211).
    12/31/2014 9:24:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2939576).
    12/31/2014 9:24:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2972100).
    12/31/2014 9:24:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2887069).
    12/31/2014 9:24:23 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2973201).
    12/31/2014 9:24:13 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB3013126).
    12/31/2014 9:24:04 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2993958).
    12/31/2014 9:23:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2972280).
    12/31/2014 9:23:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2961072).
    12/31/2014 9:23:33 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2864202).
    12/31/2014 9:23:25 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2868038).
    12/31/2014 9:23:20 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2918614).
    12/31/2014 9:23:15 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2871997).
    12/31/2014 9:22:58 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2979570).
    12/31/2014 9:22:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2912390).
    12/31/2014 9:22:42 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2991963).
    12/31/2014 9:22:34 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2976897).
    12/31/2014 9:22:20 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB3005607).
    12/31/2014 9:22:20 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2911501).
    12/31/2014 9:22:13 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2957503).
    12/31/2014 9:22:04 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2977292).
    12/31/2014 9:21:58 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2980245).
    12/31/2014 9:21:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2973112).
    12/31/2014 9:21:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2992611).
    12/31/2014 9:21:33 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2978120).
    12/31/2014 9:21:28 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB3010788).
    12/31/2014 9:21:23 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2984972).
    12/31/2014 9:20:53 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB3002885).
    12/31/2014 9:20:42 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB3006226).
    12/31/2014 9:20:42 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2892074).
    12/31/2014 9:20:37 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2862152).
    12/31/2014 9:20:33 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2978668).
    12/31/2014 9:00:27 PM, Error: Service Control Manager [7034] - The Secunia PSI Agent service terminated unexpectedly. It has done this 2 time(s).
    12/31/2014 8:51:22 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Type with the following error: Access is denied.
    12/31/2014 8:44:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2978742).
    12/31/2014 8:44:15 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Cumulative Security Update for Internet Explorer 10 for Windows 7 for x64-based Systems (KB3008923).
    12/31/2014 8:43:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2864058).
    12/31/2014 8:33:59 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2926765).
    12/31/2014 7:46:53 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2973351).
    12/31/2014 10:40:45 PM, Error: Service Control Manager [7034] - The Secunia PSI Agent service terminated unexpectedly. It has done this 1 time(s).
    12/31/2014 10:26:15 PM, Error: Service Control Manager [7000] - The Spyware Terminator 2012 Realtime Shield Service service failed to start due to the following error: The system cannot find the file specified.
    12/31/2014 10:19:02 PM, Error: Service Control Manager [7030] - The Baidu System Repair Tool Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    12/31/2014 10:00:07 PM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
    12/30/2014 8:43:51 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 252.
    12/30/2014 12:50:59 PM, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
    12/30/2014 1:03:00 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2864202).
    12/30/2014 1:03:00 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2864058).
    12/30/2014 1:03:00 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2862335).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2926765).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2912390).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2911501).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2909210).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2900986).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2894844).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2893294).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2892074).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2887069).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2876331).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2871997).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2868725).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2868626).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2868038).
    12/30/2014 1:02:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2862152).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Update for Windows (KB2980245).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB3013126).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB3010788).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB3008923).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB3006226).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB3005607).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB3003743).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB3002885).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2993958).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2992611).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2991963).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2984972).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2979570).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2978742).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2978668).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2978120).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2977292).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2976897).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2973351).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2973201).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2973112).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2972280).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2972211).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2972100).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2971850).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2968294).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2961072).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2957509).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2957503).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2957189).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2943357).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2939576).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2937610).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2931356).
    12/30/2014 1:02:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80071a2d: Security Update for Windows (KB2918614).
    12/29/2014 4:27:28 PM, Error: Service Control Manager [7030] - The Baidu Spark Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    12/29/2014 2:43:29 PM, Error: Service Control Manager [7030] - The Mini Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    12/29/2014 2:04:31 PM, Error: Service Control Manager [7030] - The Baidu Hips Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    12/29/2014 2:04:24 PM, Error: Service Control Manager [7030] - The Baidu Antivirus Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    12/28/2014 11:21:51 PM, Error: Service Control Manager [7030] - The Panda Security Generic Uninstaller service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    12/28/2014 10:57:47 PM, Error: Application Popup [1060] - \SystemRoot\System32\DRIVERS\PSKMAD.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    12/25/2014 8:23:51 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Protect Monitor service to connect.
    12/25/2014 8:23:51 AM, Error: Service Control Manager [7000] - The Protect Monitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    .
    ==== End Of File ===========================
     
  7. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    55,763
    First Name:
    Derek
    did you use the panda uninstall tool because panda is still installed
     
  8. Florenda

    Florenda Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    36
    yes i used the link you sent
     
  9. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    55,763
    First Name:
    Derek
    did you actually run the program or just download it .
    did you get any error message or did it tell you that it had or couldn't uninstall
    because it doesn't look like anything has happened at all
     
  10. Florenda

    Florenda Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    36
    yes i opended and ran from the like you gave me 2 times and it did nothing
     
  11. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    55,763
    First Name:
    Derek
    can you uninstall baidu
    I think that is blocking the panda uninstaller
     
  12. Florenda

    Florenda Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    36
    yes i will disable and rerun panda uninstaller
     
  13. Florenda

    Florenda Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    36
    i closed the antivirus down completely and reran panda uninstaller and its still there
     
  14. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    55,763
    First Name:
    Derek
    Delete any existing version of ComboFix you might already have sitting on your desktop or in downloads folder
    Please read and follow all these instructions very carefully
    Do not edit or remove any information or user names etc, otherwise we cannot fix the problem. If you insist on editing out anything then I will close the topic & refuse to offer any help.

    Download ComboFix from Hereto your Desktop or your downloads folder.

    **Note: It is important that it is saved directly to your desktop or downloads folder and run from either the desktop or the downloads folder and not any other folder on your computer**
    --------------------------------------------------------------------
    1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    • Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
    • Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
    • Remember to re enable the protection again after combofix has finished
    --------------------------------------------------------------------
    2. Close any open browsers and any other programs you might have running
    Double click on combofix.exe & follow the prompts.​
    If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
    Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
    When finished, it will produce a report for you.
    Please post the "C:\ComboFix.txt" for further review


    ****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

    Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
    Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.Read HERE why we disable autoruns

    Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

    Please tell us if it has cured the problems or if there are any outstanding issues

    *EXTRA NOTES*
    • If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
    • If Combofix reboot is due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
    • If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

    Post the log in next reply please...
     
  15. Florenda

    Florenda Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    36
    ComboFix 14-12-30.01 - Florenda Richards 01/01/2015 15:31:55.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3989.2011 [GMT -5:00]
    Running from: c:\users\Florenda Richards\Downloads\ComboFix.exe
    AV: Baidu Antivirus *Enabled/Updated* {10616E6C-0E20-8594-D377-A7D03F6128A6}
    AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
    FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
    SP: Baidu Antivirus *Disabled/Updated* {AB008F88-281A-8A1A-E9C7-9CA244E6621B}
    SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\END
    c:\programdata\374311380
    c:\programdata\374311380\BIT646D.tmp
    c:\users\Florenda Richards\AppData\Roaming\inst.exe
    c:\users\Florenda Richards\AppData\Roaming\Mozilla\Firefox\Profiles\ejjhxt0x.default\searchplugins\trovi-search.xml
    c:\windows\msdownld.tmp
    c:\windows\msxml4-KB2758694-chs.LOG
    .
    .
    ((((((((((((((((((((((((( Files Created from 2014-12-01 to 2015-01-01 )))))))))))))))))))))))))))))))
    .
    .
    2015-01-01 20:39 . 2015-01-01 20:39 -------- d-----w- c:\users\Default\AppData\Local\temp
    2015-01-01 19:42 . 2015-01-01 19:42 -------- d-----w- c:\users\Florenda Richards\AppData\Local\ElevatedDiagnostics
    2015-01-01 19:02 . 2015-01-01 19:03 -------- d-----w- C:\SMCLpav
    2015-01-01 18:53 . 2015-01-01 18:55 -------- d-----w- C:\FRST
    2015-01-01 18:52 . 2014-09-05 02:11 6584320 ----a-w- c:\windows\system32\mstscax.dll
    2015-01-01 18:52 . 2014-09-05 01:52 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll
    2015-01-01 18:22 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
    2015-01-01 18:22 . 2013-10-02 04:38 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
    2015-01-01 18:22 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
    2015-01-01 18:22 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2015-01-01 18:22 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2015-01-01 18:22 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll
    2015-01-01 18:22 . 2013-10-02 01:29 62976 ----a-w- c:\windows\system32\tsgqec.dll
    2015-01-01 18:22 . 2013-10-02 00:14 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
    2015-01-01 18:22 . 2013-10-02 00:14 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll
    2015-01-01 18:22 . 2013-10-01 23:58 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll
    2015-01-01 18:21 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
    2015-01-01 18:21 . 2013-10-02 00:15 1057280 ----a-w- c:\windows\system32\rdvidcrl.dll
    2015-01-01 18:21 . 2013-10-02 00:08 83968 ----a-w- c:\windows\system32\TSWbPrxy.exe
    2015-01-01 18:21 . 2013-10-02 00:01 420864 ----a-w- c:\windows\system32\wksprt.exe
    2015-01-01 18:21 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe
    2015-01-01 18:21 . 2013-10-01 23:08 855552 ----a-w- c:\windows\SysWow64\rdvidcrl.dll
    2015-01-01 18:21 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe
    2015-01-01 18:20 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
    2015-01-01 18:20 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
    2015-01-01 18:20 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
    2015-01-01 18:20 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
    2015-01-01 18:20 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
    2015-01-01 18:20 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
    2015-01-01 18:20 . 2012-08-23 09:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
    2015-01-01 14:28 . 2015-01-01 14:28 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2015-01-01 14:28 . 2015-01-01 14:28 -------- d-----w- c:\program files (x86)\Java
    2015-01-01 04:31 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
    2015-01-01 04:31 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
    2015-01-01 04:31 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
    2015-01-01 04:31 . 2014-07-09 02:03 6656 ----a-w- c:\windows\system32\KBDRU.DLL
    2015-01-01 04:31 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
    2015-01-01 04:31 . 2014-07-09 01:31 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
    2015-01-01 04:31 . 2014-07-09 01:31 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
    2015-01-01 03:25 . 2014-12-02 06:40 65856 ----a-w- c:\windows\system32\drivers\bsrbc64.sys
    2015-01-01 03:19 . 2015-01-01 19:55 -------- d-----w- c:\programdata\BsrSvc_exe
    2015-01-01 01:44 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
    2015-01-01 01:44 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
    2015-01-01 01:44 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
    2015-01-01 01:44 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
    2015-01-01 01:44 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
    2015-01-01 01:35 . 2015-01-01 01:35 -------- d-----w- c:\windows\Migration
    2015-01-01 00:57 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
    2015-01-01 00:57 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
    2015-01-01 00:57 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
    2015-01-01 00:57 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
    2015-01-01 00:57 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
    2015-01-01 00:57 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
    2015-01-01 00:57 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
    2015-01-01 00:57 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
    2015-01-01 00:57 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
    2015-01-01 00:57 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
    2015-01-01 00:47 . 2014-12-15 09:13 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D52314F8-EC70-4DF6-84DD-3C7CF1C29F00}\mpengine.dll
    2015-01-01 00:46 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
    2015-01-01 00:46 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
    2015-01-01 00:42 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
    2015-01-01 00:42 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
    2015-01-01 00:42 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
    2015-01-01 00:42 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
    2015-01-01 00:42 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
    2015-01-01 00:42 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
    2015-01-01 00:42 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
    2015-01-01 00:42 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
    2015-01-01 00:39 . 2014-11-20 17:39 97280 ----a-w- c:\windows\system32\mshtmled.dll
    2014-12-31 23:06 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
    2014-12-31 23:05 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
    2014-12-31 23:03 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
    2014-12-31 23:03 . 2013-07-04 12:57 259584 ----a-w- c:\windows\system32\WebClnt.dll
    2014-12-31 23:03 . 2013-07-04 12:50 102400 ----a-w- c:\windows\system32\davclnt.dll
    2014-12-31 23:03 . 2013-07-04 11:57 205824 ----a-w- c:\windows\SysWow64\WebClnt.dll
    2014-12-31 23:03 . 2013-07-04 11:51 81920 ----a-w- c:\windows\SysWow64\davclnt.dll
    2014-12-31 23:03 . 2013-07-04 10:11 140800 ----a-w- c:\windows\system32\drivers\mrxdav.sys
    2014-12-31 23:03 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
    2014-12-31 23:03 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
    2014-12-31 23:02 . 2014-02-04 02:35 190912 ----a-w- c:\windows\system32\drivers\storport.sys
    2014-12-31 23:02 . 2014-02-04 02:35 274880 ----a-w- c:\windows\system32\drivers\msiscsi.sys
    2014-12-31 23:02 . 2014-02-04 02:35 27584 ----a-w- c:\windows\system32\drivers\Diskdump.sys
    2014-12-31 23:02 . 2014-02-04 02:28 2048 ----a-w- c:\windows\system32\iologmsg.dll
    2014-12-31 23:02 . 2014-02-04 02:00 2048 ----a-w- c:\windows\SysWow64\iologmsg.dll
    2014-12-31 23:02 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
    2014-12-31 23:02 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
    2014-12-31 22:58 . 2013-06-06 05:50 41472 ----a-w- c:\windows\system32\lpk.dll
    2014-12-31 22:57 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
    2014-12-31 22:57 . 2014-10-30 01:45 155136 ----a-w- c:\windows\SysWow64\charmap.exe
    2014-12-31 22:29 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
    2014-12-31 22:29 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
    2014-12-31 22:29 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
    2014-12-31 22:29 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
    2014-12-31 22:29 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
    2014-12-31 22:29 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
    2014-12-31 22:29 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
    2014-12-31 22:29 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
    2014-12-31 22:29 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
    2014-12-31 22:29 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
    2014-12-31 22:28 . 2014-05-14 14:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
    2014-12-31 22:28 . 2014-05-14 14:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
    2014-12-31 22:28 . 2014-05-14 14:20 36864 ----a-w- c:\windows\system32\wuapp.exe
    2014-12-31 22:28 . 2014-05-14 14:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
    2014-12-31 22:22 . 2014-12-31 22:22 -------- d-----w- c:\users\Florenda Richards\AppData\Local\WindowsUpdate
    2014-12-31 22:14 . 2014-12-31 22:14 -------- d-----w- c:\users\Florenda Richards\AppData\Local\Secunia PSI
    2014-12-31 22:14 . 2014-12-31 22:14 -------- d-----w- c:\program files (x86)\Secunia
    2014-12-31 01:39 . 2014-12-31 01:39 -------- d-----w- c:\programdata\F-Secure
    2014-12-31 00:56 . 2014-12-31 00:56 -------- d-----w- C:\MGADiagToolOutput
    2014-12-31 00:55 . 2014-12-31 00:55 -------- d-----w- c:\programdata\Office Genuine Advantage
    2014-12-29 21:26 . 2014-12-29 21:28 -------- d-----w- c:\users\Florenda Richards\AppData\Roaming\Baidu
    2014-12-29 21:26 . 2014-12-29 21:27 -------- d-----w- c:\program files (x86)\baidu
    2014-12-29 19:43 . 2014-12-29 19:43 -------- d-----w- c:\users\Florenda Richards\AppData\Local\MiniService
    2014-12-29 19:05 . 2015-01-01 14:22 -------- d-----w- c:\programdata\BavSvc_exe
    2014-12-29 19:04 . 2014-12-29 19:04 201536 ----a-w- c:\windows\system32\drivers\BdSandbox.sys
    2014-12-29 19:04 . 2014-12-29 19:04 481696 ----a-w- c:\windows\system32\drivers\bndef64.sys
    2014-12-29 19:04 . 2014-12-29 19:04 -------- d-----w- c:\programdata\Baidu Security
    2014-12-29 19:04 . 2014-12-29 19:04 164096 ----a-w- c:\windows\system32\drivers\Bprotect.sys
    2014-12-29 19:04 . 2014-12-29 19:04 66720 ----a-w- c:\windows\system32\drivers\bnbasex64.sys
    2014-12-29 19:04 . 2014-12-29 19:04 38208 ----a-w- c:\windows\system32\drivers\Bfmon.sys
    2014-12-29 19:04 . 2014-12-29 19:04 59712 ----a-w- c:\windows\system32\drivers\Bfilter.sys
    2014-12-29 19:04 . 2014-12-29 21:27 -------- d-----w- c:\programdata\Baidu
    2014-12-29 19:04 . 2014-12-29 19:04 -------- d-----w- c:\program files (x86)\Baidu Security
    2014-12-29 18:30 . 2014-12-24 08:11 23752 ----a-w- c:\windows\SysWow64\drivers\efimon.sys
    2014-12-29 11:22 . 2013-07-03 04:05 76800 ----a-w- c:\windows\system32\drivers\hidclass.sys
    2014-12-29 11:22 . 2013-07-03 04:05 32896 ----a-w- c:\windows\system32\drivers\hidparse.sys
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2015-01-01 14:22 . 2012-07-11 16:06 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2015-01-01 14:22 . 2012-03-22 21:34 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-11-27 21:40 . 2012-12-20 14:51 112710672 ----a-w- c:\windows\system32\MRT.exe
    2014-11-24 19:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
    2013-02-20 01:45 . 2013-02-20 01:45 4126720 ----a-w- c:\program files (x86)\GUTE3BB.tmp
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-07-11 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "PSUAMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2013-05-28 32736]
    "Baidu Bsr"="c:\program files (x86)\Baidu Security\Baidu Antivirus\BavAdvTools\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe" [2014-12-09 3147112]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "panda4_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn" [X]
    "panda4_0dn_XP"="reg.exe delete HKCU\Software\panda4_0dn" [X]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0PCloudBroom64.exe \systemroot\system32\BroomData.bit
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
    @="Service"
    .
    R1 BAPIDRV;BAPIDRV;c:\windows\system32\DRIVERS\BAPIDRV64.sys;c:\windows\SYSNATIVE\DRIVERS\BAPIDRV64.sys [x]
    R2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [x]
    R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
    R3 BdSandbox;Baidu BdSandbox Driver;c:\windows\System32\drivers\BdSandbox.sys;c:\windows\SYSNATIVE\drivers\BdSandbox.sys [x]
    R3 BdSandboxSrv;Baidu BdSandbox Virtual Service;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdSandboxSrv64.exe;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdSandboxSrv64.exe [x]
    R3 BsrSvc;Baidu System Repair Tool Service;c:\program files (x86)\Baidu Security\Baidu Antivirus\BavAdvTools\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe;c:\program files (x86)\Baidu Security\Baidu Antivirus\BavAdvTools\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe [x]
    R3 cpuz134;cpuz134;c:\users\FLOREN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\FLOREN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
    R3 keycrypt;keycrypt;c:\windows\system32\DRIVERS\KeyCrypt64.sys;c:\windows\SYSNATIVE\DRIVERS\KeyCrypt64.sys [x]
    R3 PSINReg;PSINReg;c:\windows\system32\DRIVERS\PSINReg.sys;c:\windows\SYSNATIVE\DRIVERS\PSINReg.sys [x]
    R3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
    R3 SparkUpdater;Baidu Spark Updater;c:\program files (x86)\Baidu\SparkUpdate\Sparkupdate.exe;c:\program files (x86)\Baidu\SparkUpdate\Sparkupdate.exe [x]
    R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
    R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
    R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R4 bsrbc;Baidu Antivirus BootClean Driver;c:\windows\system32\drivers\bsrbc64.sys;c:\windows\SYSNATIVE\drivers\bsrbc64.sys [x]
    R4 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPihsw.sys [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
    S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
    S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
    S1 Bfilter;Baidu Antivirus Minifilter Driver;c:\windows\System32\drivers\Bfilter.sys;c:\windows\SYSNATIVE\drivers\Bfilter.sys [x]
    S1 Bfmon;Baidu FS Monitor Driver;c:\windows\System32\drivers\Bfmon.sys;c:\windows\SYSNATIVE\drivers\Bfmon.sys [x]
    S1 Bnbase;Bnbase;c:\windows\system32\drivers\bnbasex64.sys;c:\windows\SYSNATIVE\drivers\bnbasex64.sys [x]
    S1 Bndef;Baidu NetDefense;c:\windows\System32\drivers\bndef64.sys;c:\windows\SYSNATIVE\drivers\bndef64.sys [x]
    S1 Bprotect;Baidu Protect;c:\windows\System32\drivers\Bprotect.sys;c:\windows\SYSNATIVE\drivers\Bprotect.sys [x]
    S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSAlpc.sys [x]
    S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttp.sys [x]
    S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttps.sys [x]
    S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys;c:\windows\SYSNATIVE\DRIVERS\NNSIds.sys [x]
    S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPicc.sys [x]
    S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPop3.sys [x]
    S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys;c:\windows\SYSNATIVE\DRIVERS\NNSProt.sys [x]
    S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPrv.sys [x]
    S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSSmtp.sys [x]
    S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys;c:\windows\SYSNATIVE\DRIVERS\NNSStrm.sys [x]
    S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSTlsc.sys [x]
    S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys;c:\windows\SYSNATIVE\DRIVERS\psinknc.sys [x]
    S2 BavSvc;Baidu Antivirus Service;c:\program files (x86)\Baidu Security\Baidu Antivirus\BavSvc.exe;c:\program files (x86)\Baidu Security\Baidu Antivirus\BavSvc.exe [x]
    S2 BHipsSvc;Baidu Hips Service;c:\program files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe;c:\program files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe [x]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
    S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
    S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
    S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [x]
    S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe [x]
    S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe [x]
    S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINAflt.sys [x]
    S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys;c:\windows\SYSNATIVE\DRIVERS\PSINFile.sys [x]
    S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProc.sys [x]
    S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProt.sys [x]
    S2 SparkSvc;Baidu Spark Service;c:\program files (x86)\baidu\Spark\sparkservice.exe;c:\program files (x86)\baidu\Spark\sparkservice.exe [x]
    S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
    S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
    S3 BNmon;(BNmon);c:\program files (x86)\Baidu Security\Baidu Antivirus\BNmon64.sys;c:\program files (x86)\Baidu Security\Baidu Antivirus\BNmon64.sys [x]
    S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
    S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
    S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
    S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
    S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]
    S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *Deregistered* - BdApiUtil
    *Deregistered* - BdCameraProtect
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2015-01-01 14:43 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2015-01-01 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 14:22]
    .
    2015-01-01 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
    - c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
    .
    2014-12-31 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
    - c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BaiduAntivirusIconLock]
    @="{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}"
    [HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}]
    2014-12-29 19:04 314728 ----a-w- c:\program files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <local>;192.168.*.*
    TCP: DhcpNameServer = 192.168.254.254
    FF - ProfilePath - c:\users\Florenda Richards\AppData\Roaming\Mozilla\Firefox\Profiles\ejjhxt0x.default\
    FF - prefs.js: browser.search.selectedEngine -
    FF - prefs.js: browser.startup.homepage - about:home
    user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.blocklist.enabled', false);user_pref('security.mixed_content.block_active_content', false);
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file)
    Toolbar-Locked - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCCUJobMgr]
    "ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.38\diMaster.dll\" /prefetch:1"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    c:\program files (x86)\Baidu Security\Baidu Antivirus\BavUpdater.exe
    .
    **************************************************************************
    .
    Completion time: 2015-01-01 15:51:08 - machine was rebooted
    ComboFix-quarantined-files.txt 2015-01-01 20:51
    .
    Pre-Run: 555,345,739,776 bytes free
    Post-Run: 556,071,395,328 bytes free
    .
    - - End Of File - - 7CB8C451C5797F0B96BF3F5C08451CF9
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1140257

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice