Page 9 of 14 FirstFirst ... 7891011 ... LastLast
  1.    18 Aug 2016 #81
    Join Date : Apr 2015
    Posts : 12,582
    W10Prox64

    Quote Originally Posted by myrnsterMash View Post
    I was only given options about PUPS and whether to auto delete them, but I can not find any log, because it would stop running after it detected the 8 threats. Trust me, I looooooooked, and searched. This info has to exist somewhere, right, but where?
    Click the little arrow next to Show advanced options, and you'll see all the options to select.


    Click image for larger version. 

Name:	eset04.PNG 
Views:	22 
Size:	33.3 KB 
ID:	96876


    Then, select CHANGE for the Current Scan Targets.



    Click image for larger version. 

Name:	eset04a.PNG 
Views:	22 
Size:	34.7 KB 
ID:	96877
      My ComputerSystem Spec
  2.    18 Aug 2016 #82
    Join Date : Apr 2015
    Posts : 12,582
    W10Prox64

    You can have a look for the log here:

    The ESET Online Scanner saves a log file after running, which can be examined or sent in to ESET for further analysis. To view the log file, Show hidden files and folders must be enabled. New logs are appended to the existing log files when multiple scans are run.

    The path to the log file is the following: C:\users\%userprofile%\appdata\local\temp\log.txt
      My ComputerSystem Spec
  3.    18 Aug 2016 #83
    Join Date : Oct 2013
    Penns Forrest
    Posts : 3,506
    Win_8.1-Pro, Win_10.1607-Pro, Mint_17.3

    Quote Originally Posted by simrick View Post
    Looks to me like HMPro found a bunch of Reimage leftovers, a bunch of cookies and one Ask toolbar. I don't see anything else. @Slartybart can confirm.
    Yep, but it looks as though the log was cut short. Might not have been ,,, I haven't looked at a hitman log for a while.

    In any case - clean the threats HitmanPro found. I'll watch to see if ESET gets through with auto-clean set.
      My ComputerSystem Spec
  4.    18 Aug 2016 #84
    Join Date : Aug 2016
    So. CA
    Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter

    I, really do want to understand the complexities of how these, or this one (for starters), infections affect systems. Could you please, tell me if this info is correct?

    Poweliks is not a regular piece of malware because it resides in the memory of the system and stores absolutely no file on the disk, making it more difficult to detect.
    After compromising the computer, the malware creates registry entries with commands that verify for the presence of PowerShell or .NET Framework and for executing the payload.

    Once the file is launched, the cybercriminals turn on the persistency feature of the malware by creating an encoded autostart key in the registry.
    It seems that the encoding technique used by the malware was originally created by Microsoft to safeguard their source code from being altered.In order to avoid detection by system tools, the registry key is hidden by providing a name in non-ASCII characters, which makes it unavailable to the Registry Editor (regedit.exe) in Windows.
    By creating the auto-start key, the attackers make sure that a reboot of the system does not remove it from the computer.
    By decoding the key, Symantec observed two sets of code: one that verified if the affected machine had Windows PowerShell installed, and another one, a Base64-encoded PowerShell script, for calling and executing the shellcode.
    According to the Symantec researchers, the shellcode executes the payload, which attempts to connect to a remote command and control (C&C) server for receiving instructions. There are multiple IP addresses for C&C servers, all hard-coded.
    The peculiarity of this malware is that it does not create any file on the disk, making it more difficult to be detected through classic protection mechanisms.

    cited from: How to remove Trojan.Poweliks virus (Removal Guide)
      My ComputerSystem Spec
  5.    18 Aug 2016 #85
    Join Date : Oct 2013
    Penns Forrest
    Posts : 3,506
    Win_8.1-Pro, Win_10.1607-Pro, Mint_17.3

    Hey, how did you get tot that guide?

    It means that it is sneakier than vanilla malware that can be found in a file

    Let's see what the guide also idenitfied as registry keys

    Command Prompt (Admin)
    copy the following line and right click in the Command Prompt window to paste it

    reg query "HKCU\software\classes\clsid\{ab8902b4-09ca-4bb6-b78d-a8f59079a8d5}" /s

    If the query finds the key, post a screen shot.

    did you perform a clean boot?
      My ComputerSystem Spec
  6.    18 Aug 2016 #86
    Join Date : Apr 2015
    Posts : 12,582
    W10Prox64
      My ComputerSystem Spec
  7.    18 Aug 2016 #87
    Join Date : Oct 2013
    Penns Forrest
    Posts : 3,506
    Win_8.1-Pro, Win_10.1607-Pro, Mint_17.3

    Here's a shorthand recap

    Outstanding tasks:
    HitmanPro - were the threats cleaned?
    ESET online scan: running with auto set
    Clean Boot
    Reg key query
    Bitdefender Rescue
    TDSSKiller
    Dism
    SFC





    Post# 1 Avast
    Found a PUP
    how-to-remove-driver-side-door-panel-150.ISO
    The Holy Library
    Holy.app
    Holy.exe
    8/3/2016

    Post# 5 Downloads\how-to-remove-driver-side-door-panel-150.ISO
    ????? Avast msg says run Mnam?
    Avast can not do anything, meaning "repair," "quarantine," or "delete,"
    instead an "error" displays prompting me to run the Malwarebytes Anti-Malware scan
    ?????

    Post# 7: Rkill log - No objects found to stop or kill


    Post# 10 ISO deleted - in recycle bin
    Myrna idenfies the downloader from us1 springfile org
    mixed info on research - some malicious, some 1or 2 out of all AV products flagged it

    AdwCleaner log - cleaned up minor PUPs

    Post# 12 JRT & HitmanPro suggested

    Post# 13 - eset online suggested

    Post# 15 JRT log - nothing major

    Post# 24
    hitman results - no threats found
    Threats detected 1,095 ?????

    Post# 28 suggest Mbam

    Post# 32 ESET online hangs at end

    Post# 35 Mbam finds Trojan.Poweliks.B in HKU\S-1-5-21

    Post# 36 Mbam log two threats quarantined

    Post# 37
    suggest remove the two threats
    suggest TDSSkiller

    Post# 38 suggest How to remove the Poweliks Trojan (Removal Guide)

    Post# 39 starts ReImage debacle form ad on sevenForums

    Post# 49 Avast flags Poweliks guide on bleeping

    Post# 50
    suggest Rkill and HitmanPro from the guide
    follow up with Dism & SFC

    Post# 52 correction
    suggest Rkill, ESET Poweliks Cleaner, and HitmanPro from the guide

    Post# 60 Rkill log
    Terminates 1 process
    * C:\Users\MyrnaZ\AppData\Local\Temp\{7E6122F0-DB5E-430A-A6AE-6F73E75D1A32}\{BCCE466F-5194-418B-B7A4-55A77A6E62F6}.exe (PID: 16284) [T-HEUR]
    This was not found in the first Rkill. Probably belongs to ReImage

    Post# 63 ESET Poweliks log - threat not found

    Post# 71
    suggest Clean boot
    Rkill
    Hitman

    Post# 72
    suggest TDSSkiller
    Bitdefender Rescue
    check reg for Poweliks keys

    Post# 73 Hitman log
    Were they cleaned or is that just what was found?

    Post# 76 suggest ESET online scanner with autoclean set
    Last edited by Slartybart; 18 Aug 2016 at 23:46.
      My ComputerSystem Spec
  8.    19 Aug 2016 #88
    Join Date : Aug 2016
    So. CA
    Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter

    Quote Originally Posted by Slartybart View Post
    Hey, how did you get tot that guide?


    Command Prompt (Admin)
    copy the following line and right click in the Command Prompt window to paste it

    reg query "HKCU\software\classes\clsid\{ab8902b4-09ca-4bb6-b78d-a8f59079a8d5}" /s

    If the query finds the key, post a screen shot.

    did you perform a clean boot?
    That link to the guide is, actually a blog, although the title is the same as yours....coincidence?
    How to remove Trojan.Poweliks virus (Removal Guide)
    When I clicked on copy link, it had the same title. I just copied and pasted the url that is its description, above. The query did not show the key in the command prompt when I ran the line you suggested, and I will post the screen shot just so you see it:
    Click image for larger version. 

Name:	ScreenHunter_20 Aug. 19 17.08.gif 
Views:	18 
Size:	5.3 KB 
ID:	97021

    Was I supposed to reboot first? I will reboot now. Something peculiar happened when I was playing a game, yes, a game (but the one and only site I use, and please do not take my stress reliever away...). In between rounds I noticed in the upper corner of the screen a quick "flash" of "X=x" in the same colors and font never seen previously. Am I now just being paranoid?
    I thought I posted the results for Hitman?
      My ComputerSystem Spec
  9.    19 Aug 2016 #89
    Join Date : Apr 2015
    Posts : 12,582
    W10Prox64

    I think Slartybart noticed the Hitman log was incomplete?
      My ComputerSystem Spec
  10.    20 Aug 2016 #90
    Join Date : Aug 2016
    So. CA
    Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter

    "Son of a Poweliks mother jammer!" The recap is beyond appreciated, because trying to do things in order tends to get muddled amongst the posts written and received at different points in time. With that said, I would appreciate it if you would start using the motto:
    "Do NOT be a myrnsterMash!"
    Rule#
    1. Wait until you recieve a response before doing anything else
    2. Do not be a Doofus and Pay Attention to every detail
    3. Do NOT make the same mistake, AGAIN!


    So, here is the recap, of which I began with the first item:
    Outstanding tasks:

    HitmanPro - were the threats cleaned?
    ESET online scan: running with auto set
    Clean Boot
    Reg key query
    Bitdefender Rescue
    TDSSKiller
    Dism
    SFC

    Tra la la, decides to go to downloads in C: Drive (no need to download the same programs, again, right), and this is what I see:
    Click image for larger version. 

Name:	ScreenHunter_01 Aug. 19 22.22.gif 
Views:	1 
Size:	38.7 KB 
ID:	97049

    Granted, I did download the some of the same programs twice thinking it best to start "clean," but realized that was stupid, afterwards, sigh. There is not one reason, whatsoever for the .zip files, none! I have it set to ask how I want to open files, and .zip files are not supposed to open, much less run, ever. Seriously? The .zip files shown for ESET were not .zip files until I rebooted, now what?

    Please, note my email in permissions...is that typical?
    "Jeepers, am I being watched? I think my toaster is infected, too it keeps making crumbs, why do telemarketers know my name".....really, ugh........

    What the heck.....opened the supposed log from the .zip files:
    [2016.08.18 15:37:57.326] - Begin
    [2016.08.18 15:37:57.328] -
    [2016.08.18 15:37:57.344] - ....................................
    [2016.08.18 15:37:57.346] - ..::::::::::::::::::....................
    [2016.08.18 15:37:57.349] - .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT.. Win32/Poweliks
    [2016.08.18 15:37:57.354] - .::EE::::EE:SS:::::::.EE....EE....TT...... Version: 1.0.0.5
    [2016.08.18 15:37:57.357] - .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT...... Built: Jun 30 2015
    [2016.08.18 15:37:57.359] - .::EE:::::::::::::SS:.EE..........TT......
    [2016.08.18 15:37:57.361] - .::EEEEEE:::SSSSSS::..EEEEEE.....TT..... Copyright (c) ESET, spol. s r.o.
    [2016.08.18 15:37:57.368] - ..::::::::::::::::::.................... 1992-2015. All rights reserved.
    [2016.08.18 15:37:57.369] - ....................................
    [2016.08.18 15:37:57.369] -
    [2016.08.18 15:37:57.370] - --------------------------------------------------------------------------------
    [2016.08.18 15:37:57.370] -
    [2016.08.18 15:37:57.372] - INFO: OS: 6.2.9200 SP0
    [2016.08.18 15:37:57.372] - INFO: Product Type: Workstation
    [2016.08.18 15:37:57.373] - INFO: WoW64: False
    [2016.08.18 15:37:57.373] - INFO: Machine guid: DFA3F11D-1180-47E0-B36D-654F2CAE83E7
    [2016.08.18 15:37:57.374] -
    [2016.08.18 15:38:03.172] - INFO: Scanning for system infection...
    [2016.08.18 15:38:03.174] - --------------------------------------------------------------------------------
    [2016.08.18 15:38:03.174] -
    [2016.08.18 15:38:03.174] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
    [2016.08.18 15:38:03.177] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
    [2016.08.18 15:38:03.179] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
    [2016.08.18 15:38:03.180] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
    [2016.08.18 15:38:03.181] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]...
    [2016.08.18 15:38:03.181] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]...
    [2016.08.18 15:38:03.181] - INFO: Processing classes...
    [2016.08.18 15:38:03.182] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}]
    [2016.08.18 15:38:03.182] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{031E4825-7B94-4dc3-B131-E946B44C8DD5}]
    [2016.08.18 15:38:03.182] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}]
    [2016.08.18 15:38:03.182] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{5999E1EE-711E-48D2-9884-851A709F543D}]
    [2016.08.18 15:38:03.182] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
    [2016.08.18 15:38:03.182] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{6bb93b4e-44d8-40e2-bd97-42dbcf18a40f}]
    [2016.08.18 15:38:03.182] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}]
    [2016.08.18 15:38:03.183] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}]
    [2016.08.18 15:38:03.183] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}]
    [2016.08.18 15:38:03.183] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}]
    [2016.08.18 15:38:03.183] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}]
    [2016.08.18 15:38:03.184] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    [2016.08.18 15:38:03.184] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{A3CA1CF4-5F3E-4AC0-91B9-0D3716E1EAC3}]
    [2016.08.18 15:38:03.184] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
    [2016.08.18 15:38:03.185] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{A9DC7008-F751-405D-9DD2-BAA4CD84A705}]
    [2016.08.18 15:38:03.185] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}]
    [2016.08.18 15:38:03.185] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    [2016.08.18 15:38:03.185] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}]
    [2016.08.18 15:38:03.185] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}]
    [2016.08.18 15:38:03.185] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    [2016.08.18 15:38:03.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}]
    [2016.08.18 15:38:03.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}]
    [2016.08.18 15:38:03.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{031E4825-7B94-4dc3-B131-E946B44C8DD5}]
    [2016.08.18 15:38:03.186] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}]
    [2016.08.18 15:38:03.187] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{5999E1EE-711E-48D2-9884-851A709F543D}]
    [2016.08.18 15:38:03.187] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
    [2016.08.18 15:38:03.187] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{6bb93b4e-44d8-40e2-bd97-42dbcf18a40f}]
    [2016.08.18 15:38:03.187] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}]
    [2016.08.18 15:38:03.187] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}]
    [2016.08.18 15:38:03.187] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}]
    [2016.08.18 15:38:03.187] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}]
    [2016.08.18 15:38:03.188] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}]
    [2016.08.18 15:38:03.188] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    [2016.08.18 15:38:03.188] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{A3CA1CF4-5F3E-4AC0-91B9-0D3716E1EAC3}]
    [2016.08.18 15:38:03.188] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
    [2016.08.18 15:38:03.188] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{A9DC7008-F751-405D-9DD2-BAA4CD84A705}]
    [2016.08.18 15:38:03.188] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}]
    [2016.08.18 15:38:03.188] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    [2016.08.18 15:38:03.188] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}]
    [2016.08.18 15:38:03.188] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}]
    [2016.08.18 15:38:03.188] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    [2016.08.18 15:38:03.188] - INFO: Processing clsid [\Registry\User\S-1-5-21-2048041476-2006749296-819459500-1005\SOFTWARE\Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}]
    [2016.08.18 15:38:03.189] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
    [2016.08.18 15:38:03.193] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
    [2016.08.18 15:38:03.193] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
    [2016.08.18 15:38:03.193] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
    [2016.08.18 15:38:03.193] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
    [2016.08.18 15:38:03.194] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
    [2016.08.18 15:38:03.194] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
    [2016.08.18 15:38:03.194] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
    [2016.08.18 15:38:03.194] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
    [2016.08.18 15:38:03.194] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
    [2016.08.18 15:38:03.205] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
    [2016.08.18 15:38:03.205] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
    [2016.08.18 15:38:03.206] - INFO: (XSW) Scanning for XSW variant...
    [2016.08.18 15:38:03.250] - INFO: (XSW) Processing users subkeys...
    [2016.08.18 15:38:03.258] - INFO: Win32/Poweliks not found
    [2016.08.18 15:38:13.606] - End
    Last edited by myrnsterMash; 20 Aug 2016 at 16:19.
      My ComputerSystem Spec

 
Page 9 of 14 FirstFirst ... 7891011 ... LastLast


Similar Threads
Thread Forum
Make a drive ask for password before installing an application?
So, a little context: We have five public gaming computers wich is free to use. The computers are running a 120 GB SSD (C:) with windows 10 and a 2 TB HDD (D:) wich is primaly used for installing games. They are set up with noe administrator user...
User Accounts and Family Safety
Copy data files from a CDROM - access denied
I just upgraded to windows 10. I am trying to copy DATA files and folders from a DVD. This is not music, movies, or anything like that, these are data files I was able to access in prior versions of Windows 10 that I placed them on the DVD myself....
General Support
Solved Do I need to remove other non OS drive?
Hi, I'm pretty sure I'll be upgrading my desktop this week while I'm on vacation. I've done my laptop with no problems at all, it's a Dell Latitude E6400 with Win7 Pro bought refurbished from Newegg. The laptop was a mid 2008 model and W10 works...
Installation and Upgrade
Solved One Drive haters - here's how to remove One Drive from File explorer
Hi there Thanks to topgundcp here's how to remove One Drive from File explorer after a reboot. OneDrive Integration in Windows 8.1 - Enable or Disable 1.Win+R->gpedit.msc 2.Navigate to: Computer Configuration\Administrative...
Software and Apps
Solved How can I remove recent use application ?
As the topic sad how can I remove recent use application like this ? :( http://i.imgur.com/QxSBzLY.jpg
General Support
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 19:21.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums