vsal1030 Posted February 17, 2013 ID:648140 Share Posted February 17, 2013 I suspected I had some sort of virus when all of a sudden I couldn't open any programs on my computer. The curser would just turn to a circle like it was loading and nothing would happen. It wouldn't even open the task manager, just gave me an error. So I downloaded and ran malwarebytes in safe mode with networking and removed everything it found. After removing it said it needed to restart coputer, but after login, the screen just goes black and all you can see is the cursor. I have tried system restore to 2 different points, but the same thing happens, and ctrl-alt-del still doesn't work. I am writing this from safe mode with networking. Can somebody please help me with this?Thanks,VanessaHere are my logs:DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORKInternet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2Run by Vanessa at 11:38:54 on 2013-02-17Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7935.6618 [GMT -6:00].AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\Explorer.EXEC:\Windows\system32\ctfmon.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://searchab.com/?aff=7&uid=555770fe-73df-11e2-8510-2c27d748a465uSearch Bar = hxxp://www.google.com/ieuSearch Page = hxxp://www.google.comuDefault_Search_URL = hxxp://www.google.com/iemStart Page = hxxp://searchab.com/?aff=7&uid=555770fe-73df-11e2-8510-2c27d748a465uSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%smWinlogon: Userinit = userinit.exeBHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: MagniPic: {5933DFC1-2A8F-7DF3-07D2-0F11D9C15111} - C:\ProgramData\MagniPic\51183e7ce1c96.dllBHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dllBHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dllBHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\24.0.1312.57\npchrome_frame.dllBHO: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dllTB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [Google Update] "C:\Users\Vanessa\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [513AFD69C8EB3867AF8F2E8EA373227201852101._service_run] "C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=serviceuRun: [Tonido] "C:\Users\Vanessa\AppData\Roaming\Tonido\launcher.exe" /nobrowseruRun: [sugarSync] "C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=trueuRun: [PrinterShare] C:\Program Files (x86)\PrinterShare\paConsole.exe -minimizeduRun: [Eye-Fi] "C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe"uRun: [MusicManager] "C:\Users\Vanessa\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [Philips Intelligent Agent] "C:\Program Files (x86)\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENTuRun: [Facebook Update] "C:\Users\Vanessa\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserveruRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostartuRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preloaduRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startupuRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeuRun: [bitTorrent] "C:\Users\Vanessa\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZEDmRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exemRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exemRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"mRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exemRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [sPC2050] C:\Windows\vspc2050.exemRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exemRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exeStartupFolder: C:\Users\Vanessa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Vanessa\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\Users\Vanessa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FADESK~1.LNK - C:\Program Files (x86)\FilesAnywhere\FilesAnywhere Desktop\FADesktop.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMAZON~1.LNK - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLOGGI~1.LNK - C:\Program Files (x86)\Sony\Bloggie Software\BGVolumeWatcher.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 192.168.1.1TCP: Interfaces\{2D06E00E-B3CB-4AAE-B0B0-A7A874B387EF} : DHCPNameServer = 216.181.134.16 216.181.30.11TCP: Interfaces\{84249EF6-DAC2-4112-B625-5DE1DF7104AC} : DHCPNameServer = 192.168.42.129TCP: Interfaces\{F6F42BFF-8DF0-4894-AC39-2F9D78E4BFF1} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{F6F42BFF-8DF0-4894-AC39-2F9D78E4BFF1}\34963736F60363436373 : DHCPNameServer = 216.181.134.16 216.181.30.11 192.168.1.1TCP: Interfaces\{F6F42BFF-8DF0-4894-AC39-2F9D78E4BFF1}\C696E6B6379737 : DHCPNameServer = 216.181.134.16 216.181.30.11Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\24.0.1312.57\npchrome_frame.dllHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllAppInit_DLLs= c:\progra~2\magnipic\sprote~1.dllSSODL: WebCheck - <orphaned>x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exex64-Run: [PLF2050] C:\Windows\PLF2050.exex64-Run: [spc2050] C:\Windows\vspc2050.exex64-Run: [AllShare Play] C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe.INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>Hosts: 127.0.0.1 www.spywareinfo.com.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Vanessa\AppData\Roaming\Mozilla\Firefox\Profiles\9ejh7vc2.default\FF - prefs.js: browser.startup.homepage - hxxp://searchab.com/?aff=7&uid=555770fe-73df-11e2-8510-2c27d748a465FF - prefs.js: browser.search.selectedEngine - Privitize VPNFF - prefs.js: keyword.URL - hxxp://searchab.com/?aff=7&uid=555770fe-73df-11e2-8510-2c27d748a465&q=FF - prefs.js: network.proxy.type - 0FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dllFF - plugin: C:\Program Files (x86)\Sony\Bloggie Software\npsome.dllFF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dllFF - plugin: C:\Users\Vanessa\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dllFF - plugin: C:\Users\Vanessa\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: C:\Users\Vanessa\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllFF - plugin: C:\Users\Vanessa\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: !HIDDEN! 2011-12-08 10:29; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3.---- FIREFOX POLICIES ----FF - user.js: general.useragent.extra.brc - .============= SERVICES / DRIVERS ===============.R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-7-13 75904]R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-7-13 38016]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-12-8 55856]R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-2-5 451192]R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-2-5 1129120]R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-12-24 46136]R3 Linksys_adapter_H;Linksys Adapter Network Driver;C:\Windows\System32\drivers\AE2500w764.sys [2011-12-7 1254464]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-7-13 412776]R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-7-13 38456]S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-2-12 1388120]S1 ccSet_MCLIENT;Norton Management Settings Manager;C:\Windows\System32\drivers\MCLIENTx64\0302000.013\ccsetx64.sys [2012-10-22 168096]S1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-2-5 167072]S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20130212.001\IDSviA64.sys [2013-2-12 513184]S1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-2-5 190072]S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-2-5 405624]S2 ACPService;ACPService;C:\Program Files (x86)\Philips\CamSuite\1.0.9.0\ACPService.exe [2008-6-11 741376]S2 AllShare Framework DMS;AllShare Framework DMS;C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [2012-10-23 408184]S2 AllShare Play Service;AllShare Play Service;C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [2012-11-30 662672]S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-7-13 203264]S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-13 361984]S2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]S2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]S2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-11-17 107576]S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]S2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]S2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccsvchst.exe [2012-10-22 143928]S2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-2-5 138272]S2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-7-13 1127448]S2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-12-24 231440]S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-12 138912]S3 FlyUsb;FLY Fusion;C:\Windows\System32\drivers\FlyUsb.sys [2011-11-12 24576]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]S3 phaudlwr;Philips Audio Filter;C:\Windows\System32\drivers\phaudlwr.sys [2009-10-20 114608]S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]S3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]S3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]S3 SIVDRIVER;SIV Kernel Driver;C:\Windows\System32\drivers\SIVX64.sys [2011-9-30 57312]S3 SPC2050;USB2.0 PC Camera (SPC2050);C:\Windows\System32\drivers\spc2050.sys [2012-1-18 3297792]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-9 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2013-02-16 23:04:55 -------- d-----w- C:\Users\Vanessa\AppData\Roaming\Malwarebytes2013-02-16 23:04:48 -------- d-----w- C:\ProgramData\Malwarebytes2013-02-16 23:04:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-02-11 00:16:23 -------- d-----w- C:\ProgramData\Premium2013-02-11 00:16:15 -------- d-----w- C:\Program Files (x86)\MagniPic2013-02-11 00:15:50 -------- d-----w- C:\ProgramData\MagniPic2013-02-11 00:15:30 -------- d-----w- C:\ProgramData\InstallMate2013-02-10 23:56:28 -------- d-----w- C:\Users\Vanessa\AppData\Roaming\BitTorrent2013-02-05 22:18:46 737952 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\srtsp64.sys2013-02-05 22:18:46 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys2013-02-05 22:18:46 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys2013-02-05 22:18:46 37536 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys2013-02-05 22:18:46 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys2013-02-05 22:18:46 167072 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys2013-02-05 22:18:46 1129120 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys2013-02-05 22:18:32 -------- d-----w- C:\Windows\System32\drivers\NISx64\1309010.00E2013-01-26 00:50:36 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-01-19 15:31:35 -------- d-----w- C:\Users\Vanessa\AppData\Local\kinoma.==================== Find3M ====================.2013-02-08 05:11:49 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-02-08 05:11:49 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2012-11-28 20:18:54 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll.============= FINISH: 11:39:39.25 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 12/1/2011 4:30:34 PMSystem Uptime: 2/17/2013 11:26:53 AM (0 hours ago).Motherboard: FOXCONN | | 2AB1 Processor: AMD Athlon II X4 650 Processor | CPU 1 | 3200/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 920 GiB total, 616.868 GiB free.D: is FIXED (NTFS) - 11 GiB total, 1.343 GiB free.E: is CDROM ()F: is RemovableG: is RemovableH: is RemovableI: is Removable.==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Microsoft ISATAP AdapterDevice ID: ROOT\*ISATAP\0001Manufacturer: MicrosoftName: Microsoft ISATAP Adapter #2PNP Device ID: ROOT\*ISATAP\0001Service: tunnel.Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}Description: Photosmart D110 seriesDevice ID: ROOT\MULTIFUNCTION\0000Manufacturer: HPName: Photosmart D110 seriesPNP Device ID: ROOT\MULTIFUNCTION\0000Service: .Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: Security Processor Loader DriverDevice ID: ROOT\LEGACY_SPLDR\0000Manufacturer: Name: Security Processor Loader DriverPNP Device ID: ROOT\LEGACY_SPLDR\0000Service: spldr.==== System Restore Points ===================.RP172: 1/25/2013 6:49:32 PM - Installed Java 7 Update 11RP173: 2/2/2013 12:00:02 AM - Scheduled CheckpointRP174: 2/9/2013 12:23:38 AM - Scheduled CheckpointRP175: 2/12/2013 9:04:37 PM - Installed Java 7 Update 13RP176: 2/13/2013 3:00:12 AM - Windows UpdateRP177: 2/15/2013 12:56:49 PM - Installed Plex Media Server.==== Installed Programs ======================.64 Bit HP CIO Components InstallerAdobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.5)Agatha Christie - Peril at End HouseAllShare Framework DMSAllShare Play 1.5.0.1211291119Amazon MP3 UploaderAmazon Send to KindleAmazon Unbox VideoAMD APP SDK RuntimeAMD Catalyst Install ManagerAMD FuelAMD Problem Report WizardAMD VISION Engine Control CenterApple Application SupportArcSoft WebCam Companion 2Bejeweled 2 DeluxeBejeweled 3Big Fish Games: Game ManagerBitTorrentBlackhawk Striker 2Blasterball 3Bloggie SoftwareBonjourBounce SymphonyBufferChmBuild-a-lot 2Caillou Ready To ReadCake ManiaCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishChuzzle DeluxeCisco ConnectCoupon Printer for WindowsD110D3DX10DestinationsDeviceDiscoveryDiner Dash 2 Restaurant RescueDocuments To Go Desktop for AndroidDora's World AdventureDropboxDVD Catalyst 4.2Facebook Messenger 2.1.4651.0Farm FrenzyFATE - The Traitor Soulffdshow [rev 2527] [2008-12-19]FilesAnywhere Desktop for WindowsFlipShareFooz KidsFooz Kids PlatformGoogle ChromeGoogle Chrome FrameGoogle DriveGoogle Earth Plug-inGoogle Talk PluginGoogle Update HelperGPBaseService2Hewlett-Packard ACLM.NET v1.2.1.1Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)HP AutoHP Client ServicesHP Customer Experience EnhancementsHP Customer Participation Program 14.0HP GamesHP Imaging Device Functions 14.0HP LinkUpHP MediaSmart/TouchSmart NetflixHP MovieStoreHP OdometerHP Photo CreationsHP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7HP Power AssistantHP Product DetectionHP SetupHP Setup ManagerHP Smart Web Printing 4.60HP Solution Center 14.0HP Support AssistantHP Support InformationHP UpdateHP Vision Hardware DiagnosticsHPAppStudioHPDiagnosticAlertHPPhotoGadgetHPProductAssistantHPSSupplyHulu DesktopHydraVisionIP CameraJava 7 Update 11Java Auto UpdaterJavaFX 2.1.1Junk Mail filter updateK-Lite Codec Pack 9.3.0 (Basic)KoboLabelPrintLeapFrog ConnectLeapFrog My Pals PluginLeapFrog MyOwnLeaptop PluginLeapFrog MyOwnStoryTimePad PluginLeapFrog Tag Junior PluginLearning Lodge NavigatorMagniPicMah Jong MedleyMarketResearchMesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Office 2010Microsoft Office Click-to-Run 2010Microsoft Office Starter 2010 - EnglishMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server Compact 3.5 SP2 ENUMicrosoft SQL Server Compact 3.5 SP2 x64 ENUMicrosoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319Microsoft WSE 3.0 RuntimeMozilla Firefox 10.0.2 (x86 en-US)MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP3 ParserMSXML 4.0 SP3 Parser (KB2721691)MSXML 4.0 SP3 Parser (KB2758694)MSXML 4.0 SP3 Parser (KB973685)Music ManagerMystery P.I. - Stolen in San FranciscoNamco All-Stars PAC-MANNetwork64Norton Internet SecurityNorton ManagementPDF Complete Special EditionPenguins!Philips CamSuitePhilips Intelligent AgentPhilips SPC2050NC WebcamPicasa 3Plants vs. Zombies - Game of the YearPlayReady PC Runtime amd64PlayReady PC Runtime x86PlexPlex Media ServerPoker Superstars IIIPolar BowlerPolar GolferPower2GoPressReaderPrinterShare 2.3.06PS_AIO_07_D110_SW_MinQuickTimeQuickTransferRAR File Open Knife - Free OpenerRealMYSTRealtek High Definition Audio DriverRecovery ManagerRemote Graphics ReceiverRoxioNow PlayerSamsung KiesSAMSUNG USB Driver for Mobile PhonesScanScholastic eReader Support FilesSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Shop for HP SuppliesSkype Click to CallSkype™ 6.0Slingo SupremeSmartWebPrintingSolutionCenterStatusStoriaSugarSync ManagerSuper LoiLoScope WebShortcutSyberia IITonido 2.35.0.16173ToolboxTrayAppUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update Installer for WildTangent Games AppUse the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)Use the entry named LeapFrog Connect to uninstall (LeapFrog MyOwnLeaptop Plugin)Use the entry named LeapFrog Connect to uninstall (LeapFrog MyOwnStoryTimePad Plugin)Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)Virtual Villagers 4 - The Tree of LifeVLC media player 2.0.1VTech Download Agent LibraryWebRegWheel of Fortune 2WildTangent Games App (HP Games)WinampWinamp Detector Plug-inWindows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWinRAR 4.01 (32-bit)WModem Driver InstallerYontoo Layers Runtime 1.10.01Zinio Reader 4Zuma Deluxe.==== Event Viewer Messages From Past Week ========.2/17/2013 11:28:01 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.2/17/2013 11:28:00 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}2/17/2013 11:28:00 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}2/17/2013 11:27:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}2/17/2013 11:27:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}2/17/2013 11:27:36 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 212/17/2013 11:27:20 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_MCLIENT ccSet_NIS discache eeCtrl IDSVia64 spldr SRTSPX SymIRON SymNetS Wanarpv62/17/2013 11:27:20 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.2/17/2013 11:27:18 AM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..2/17/2013 11:27:17 AM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.2/17/2013 11:26:09 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.2/17/2013 11:25:43 AM, Error: Service Control Manager [7022] - The HP Support Assistant Service service hung on starting.2/17/2013 11:20:35 AM, Error: Service Control Manager [7000] - The iPodDrv service failed to start due to the following error: The system cannot find the file specified.2/17/2013 11:10:53 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}2/16/2013 8:12:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.2/16/2013 8:12:40 PM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.2/16/2013 6:42:55 PM, Error: Service Control Manager [7022] - The Peer Networking Identity Manager service hung on starting.2/16/2013 6:42:55 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Networking Identity Manager service which failed to start because of the following error: After starting, the service hung in a start-pending state.2/16/2013 6:42:55 PM, Error: Service Control Manager [7001] - The Peer Name Resolution Protocol service depends on the Peer Networking Identity Manager service which failed to start because of the following error: After starting, the service hung in a start-pending state.2/16/2013 6:39:09 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wbengine service.2/16/2013 6:37:13 PM, Error: Microsoft-Windows-Bits-Client [16398] - A new BITS job could not be created. The current job count for the user Vanessa-HP\Vanessa (3040) is equal to or greater than the job limit (60) specified through group policy. To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits.2/16/2013 4:56:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.2/16/2013 4:56:23 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.2/16/2013 4:26:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.2/16/2013 4:26:22 PM, Error: Service Control Manager [7000] - The Application Information service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.2/16/2013 4:02:23 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Power Assistant Service service to connect.2/16/2013 4:02:23 PM, Error: Service Control Manager [7000] - The HP Power Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.2/16/2013 4:01:52 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the FlipShare Server service to connect.2/16/2013 4:01:21 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the FlipShare Service service to connect.2/16/2013 4:01:21 PM, Error: Service Control Manager [7000] - The FlipShare Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.2/16/2013 1:27:28 PM, Error: Service Control Manager [7022] - The SPP Notification Service service hung on starting.2/15/2013 4:16:01 AM, Error: Microsoft-Windows-Bits-Client [16398] - A new BITS job could not be created. The current job count for the user Vanessa-HP\Vanessa (453) is equal to or greater than the job limit (60) specified through group policy. To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits.2/15/2013 11:32:59 AM, Error: Service Control Manager [7031] - The Peer Networking Identity Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.2/15/2013 11:32:59 AM, Error: Service Control Manager [7031] - The Peer Networking Grouping service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.2/15/2013 11:32:59 AM, Error: Service Control Manager [7031] - The Peer Name Resolution Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.2/15/2013 11:32:29 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.2/13/2013 2:28:03 AM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 1203.2/11/2013 4:08:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.2/11/2013 4:08:25 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR15..==== End Of File ===========================dds.txtattach.txt Link to post Share on other sites More sharing options...
MrCharlie Posted February 17, 2013 ID:648146 Share Posted February 17, 2013 Welcome to the forum.Can you post the log from Malwarebytes that shows what was deleted or removed.MrC Link to post Share on other sites More sharing options...
vsal1030 Posted February 17, 2013 Author ID:648152 Share Posted February 17, 2013 Malwarebytes Anti-Malware (Trial) 1.70.0.1100www.malwarebytes.orgDatabase version: v2013.02.16.07Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)Internet Explorer 9.0.8112.16421Vanessa :: VANESSA-HP [administrator]Protection: Disabled2/16/2013 5:07:15 PMmbam-log-2013-02-16 (17-07-15).txtScan type: Full scan (C:\|D:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 422341Time elapsed: 54 minute(s), 7 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 14HKCR\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} (Adware.Yontoo) -> Quarantined and deleted successfully.HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} (Adware.Yontoo) -> Quarantined and deleted successfully.HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} (Adware.Yontoo) -> Quarantined and deleted successfully.HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> Quarantined and deleted successfully.HKCR\YontooIEClient.Layers.1 (Adware.Yontoo) -> Quarantined and deleted successfully.HKCR\YontooIEClient.Layers (Adware.Yontoo) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> Quarantined and deleted successfully.HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.HKCR\CLSID\{5933DFC1-2A8F-7DF3-07D2-0F11D9C15111} (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5933DFC1-2A8F-7DF3-07D2-0F11D9C15111} (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EB03EF39-C655-D560-FA95-79182B837D64} (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 1HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://searchab.com/?aff=7&uid=555770fe-73df-11e2-8510-2c27d748a465) Good: (http://www.google.com) -> Quarantined and repaired successfully.Folders Detected: 1C:\ProgramData\MagniPic (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.Files Detected: 5C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Adware.Yontoo) -> Quarantined and deleted successfully.C:\ProgramData\MagniPic\51183e7ce1c96.tlb (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.C:\ProgramData\MagniPic\51183e7ce1c96.dll (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.C:\ProgramData\MagniPic\settings.ini (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.C:\ProgramData\MagniPic\uninstall.exe (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.(end) Link to post Share on other sites More sharing options...
vsal1030 Posted February 17, 2013 Author ID:648156 Share Posted February 17, 2013 Malwarebytes Anti-Malware (Trial) 1.70.0.1100www.malwarebytes.orgDatabase version: v2013.02.16.07Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)Internet Explorer 9.0.8112.16421Vanessa :: VANESSA-HP [administrator]Protection: Disabled2/16/2013 7:55:25 PMmbam-log-2013-02-16 (19-55-25).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 208039Time elapsed: 56 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
vsal1030 Posted February 17, 2013 Author ID:648158 Share Posted February 17, 2013 I hope that was what you were asking for. Those were the logs I found. Does that help? I am not very good at this stuff, thank you for your time and help on this matter. Link to post Share on other sites More sharing options...
MrCharlie Posted February 17, 2013 ID:648163 Share Posted February 17, 2013 Please do this:Please download Farbar Recovery Scan Tool and save it to a flash drive.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. Plug the flash drive into the infected PC.If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt. If you are using Vista or Windows 7 enter System Recovery Options.To enter System Recovery Options from the Advanced Boot Options:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.Use the arrow keys to select the Repair your computer menu item.Select US as the keyboard language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account an click Next. Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.To make a repair disk on Windows 7 consult: http://www.sevenforu...isc-create.htmlTo enter System Recovery Options by using Windows installation disc:Insert the installation disc.Restart your computer.If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.Click Repair your computer.Select US as the keyboard language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account and click Next.On the System Recovery Options menu you will get the following options:Startup RepairSystem RestoreWindows Complete PC RestoreWindows Memory Diagnostic ToolCommand PromptSelect Command PromptOnce in the Command Prompt:[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst (for x64 bit version type e:\frst64) and press EnterNote: Replace letter e with the drive letter of your flash drive.[*]The tool will start to run.[*]When the tool opens click Yes to disclaimer.[*]Press Scan button.[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.MrC Link to post Share on other sites More sharing options...
vsal1030 Posted February 17, 2013 Author ID:648180 Share Posted February 17, 2013 Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-02-2013 01Ran by SYSTEM at 17-02-2013 13:07:58Running from G:\Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) The current controlset is ControlSet001==================== Registry (Whitelisted) ===================HKLM\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)HKLM\...\Run: [PLF2050] C:\Windows\PLF2050.exe [40960 2008-07-10] (sonix)HKLM\...\Run: [spc2050] C:\Windows\vspc2050.exe [684032 2008-04-02] (Sonix)HKLM\...\Run: [AllShare Play] C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [406944 2012-11-29] (Samsung Electronics)HKLM-x32\...\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)HKLM-x32\...\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [365512 2012-06-28] ()HKLM-x32\...\Run: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [268640 2011-11-12] (LeapFrog Enterprises, Inc.)HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)HKLM-x32\...\Run: [] [x]HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-10-26] (Nullsoft, Inc.)HKLM-x32\...\Run: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe [43520 2011-02-14] ()HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)HKLM-x32\...\Run: [sPC2050] C:\Windows\vspc2050.exe [684032 2008-04-02] (Sonix)HKLM-x32\...\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-10-13] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-12-03] (Samsung Electronics Co., Ltd.)HKU\Vanessa\...\Run: [Google Update] "C:\Users\Vanessa\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-12-07] (Google Inc.)HKU\Vanessa\...\Run: [513AFD69C8EB3867AF8F2E8EA373227201852101._service_run] "C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service [1248208 2013-01-25] (Google Inc.)HKU\Vanessa\...\Run: [Tonido] "C:\Users\Vanessa\AppData\Roaming\Tonido\launcher.exe" /nobrowser [100864 2011-11-14] (CodeLathe LLC)HKU\Vanessa\...\Run: [sugarSync] "C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true [11184480 2013-01-24] (SugarSync, Inc.)HKU\Vanessa\...\Run: [PrinterShare] C:\Program Files (x86)\PrinterShare\paConsole.exe -minimized [1124352 2011-09-08] (PrinterAnywhere)HKU\Vanessa\...\Run: [Eye-Fi] "C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe" [x]HKU\Vanessa\...\Run: [MusicManager] "C:\Users\Vanessa\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [7437824 2013-01-14] (Google Inc.)HKU\Vanessa\...\Run: [Philips Intelligent Agent] "C:\Program Files (x86)\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT [613792 2008-02-21] (Philips Consumer Electronics)HKU\Vanessa\...\Run: [Facebook Update] "C:\Users\Vanessa\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-11] (Facebook Inc.)HKU\Vanessa\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [16328976 2012-12-17] (Google)HKU\Vanessa\...\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" [3795688 2012-12-03] (Plex, Inc.)HKU\Vanessa\...\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [967608 2012-12-03] (Samsung)HKU\Vanessa\...\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [577536 2012-11-28] (Samsung Electronics)HKU\Vanessa\...\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843704 2012-12-03] (Samsung)HKU\Vanessa\...\Run: [bitTorrent] "C:\Users\Vanessa\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED [1053520 2013-02-10] (BitTorrent Inc.)HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [512360 2012-12-14] (Malwarebytes Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1Startup: C:\ProgramData\Start Menu\Programs\Startup\Amazon Unbox.lnkShortcutTarget: Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)Startup: C:\ProgramData\Start Menu\Programs\Startup\Bloggie Watcher Utility.lnkShortcutTarget: Bloggie Watcher Utility.lnk -> C:\Program Files (x86)\Sony\Bloggie Software\BGVolumeWatcher.exe (Sony Corporation)Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnkShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)Startup: C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> (No File)Startup: C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FADesktop.exe.lnkShortcutTarget: FADesktop.exe.lnk -> C:\Program Files (x86)\FilesAnywhere\FilesAnywhere Desktop\FADesktop.exe (FilesAnywhere)==================== Services (Whitelisted) ===================2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)2 ACPService; "C:\Program Files (x86)\Philips\CamSuite\1.0.9.0\ACPService.exe" [741376 2008-06-11] ()2 ADVService; "C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe" [25704 2011-11-23] (Amazon.com)2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [408184 2012-10-23] (Samsung)2 AllShare Play Service; "C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe" [662672 2012-11-29] (Copyright 2012 SAMSUNG)2 FlipShare Service; "C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe" [460144 2011-05-06] ()2 FlipShareServer; "C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe" [1085440 2011-05-06] ()2 HP Power Assistant Service; "C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe" [107576 2010-11-17] ()2 MCLIENT; "C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe" /s "MCLIENT" /m "C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\diMaster.dll" /prefetch:1 [535416 2012-10-11] (Symantec Corporation)2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll" /prefetch:1 [309688 2012-04-12] (Symantec Corporation)==================== Drivers (Whitelisted) =====================1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [1388120 2013-01-15] (Symantec Corporation)1 ccSet_MCLIENT; C:\Windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys [168096 2012-10-03] (Symantec Corporation)1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)3 CpqDfw; C:\Windows\System32\Drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)3 cqcpu; C:\Windows\System32\Drivers\cqcpu.sys [24376 2010-03-01] ()1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-08] (Symantec Corporation)3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-12] (Symantec Corporation)3 FlyUsb; C:\Windows\System32\Drivers\FlyUsb.sys [24576 2011-11-12] (LeapFrog)1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20130212.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-29] (Broadcom Corporation)3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2012-03-28] (MediaMall Technologies, Inc.)3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20130212.016\ENG64.SYS [126192 2013-02-11] (Symantec Corporation)3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20130212.016\EX64.SYS [2087664 2013-02-11] (Symantec Corporation)3 phaudlwr; C:\Windows\System32\Drivers\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)3 SIVDRIVER; \??\C:\Windows\system32\Drivers\SIVX64.sys [57312 2008-06-14] (Ray Hinchliffe)3 SPC2050; C:\Windows\System32\Drivers\SPC2050.sys [3297792 2009-01-20] ()3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-22] (Symantec Corporation)1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation)1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation)2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [x]==================== NetSvcs (Whitelisted) ======================================== One Month Created Files and Folders ========2013-02-17 13:07 - 2013-02-17 13:07 - 00000000 ____D C:\FRST2013-02-17 10:53 - 2013-02-17 10:53 - 01464401 ____A (Farbar) C:\Users\Vanessa\Downloads\FRST64 (1).exe2013-02-17 10:52 - 2013-02-17 10:53 - 01464401 ____A (Farbar) C:\Users\Vanessa\Downloads\FRST64.exe2013-02-17 10:22 - 2013-02-17 10:22 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-02-17 10:22 - 2012-12-14 14:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys2013-02-17 10:21 - 2013-02-17 10:22 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Vanessa\Downloads\mbam-setup-1.70.0.1100.exe2013-02-17 09:39 - 2013-02-17 09:41 - 00026488 ____A C:\Users\Vanessa\Desktop\dds.txt2013-02-17 09:39 - 2013-02-17 09:41 - 00019030 ____A C:\Users\Vanessa\Desktop\attach.txt2013-02-17 09:37 - 2013-02-17 09:37 - 00688992 ____R (Swearware) C:\Users\Vanessa\Downloads\dds.com2013-02-16 18:21 - 2013-02-16 18:21 - 00001149 ____A C:\AdwCleaner[R3].txt2013-02-16 18:21 - 2013-02-16 18:21 - 00000345 ____A C:\AdwCleaner[s2].txt2013-02-16 18:20 - 2013-02-16 18:20 - 00001089 ____A C:\AdwCleaner[R2].txt2013-02-16 18:04 - 2013-02-16 18:05 - 00004494 ____A C:\AdwCleaner[s1].txt2013-02-16 18:02 - 2013-02-16 18:02 - 00004368 ____A C:\AdwCleaner[R1].txt2013-02-16 15:04 - 2013-02-17 10:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-02-16 15:04 - 2013-02-16 15:04 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Malwarebytes2013-02-16 15:04 - 2013-02-16 15:04 - 00000000 ____D C:\ProgramData\Malwarebytes2013-02-13 15:52 - 2013-02-13 16:09 - 280714089 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E19.HDTV.x264-LOL.mp42013-02-13 15:49 - 2013-02-13 15:49 - 00011133 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E19_HDTV_x264-LOL_(eztv).torrent2013-02-13 12:23 - 2013-02-13 12:28 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty Little Liars S03E18 HDTV x264-LOL[ettv]2013-02-13 12:21 - 2013-02-13 12:21 - 00022235 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E18_HDTV_x264-LOL(ettv).torrent2013-02-13 11:37 - 2013-02-13 11:48 - 279660780 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E17.HDTV.x264-LOL.mp42013-02-13 11:35 - 2013-02-13 11:35 - 00011093 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E17_HDTV_x264-LOL_(eztv).torrent2013-02-13 10:47 - 2013-02-13 10:57 - 268427589 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E16.HDTV.x264-LOL.mp42013-02-13 10:44 - 2013-02-13 10:44 - 00010653 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E16_HDTV_x264-LOL_(eztv).torrent2013-02-13 10:26 - 2013-02-13 10:33 - 251001348 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E15.HDTV.x264-LOL.mp42013-02-13 10:23 - 2013-02-13 10:23 - 00009992 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E15_HDTV_x264-LOL_(eztv).torrent2013-02-13 07:58 - 2013-02-13 10:16 - 258432621 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E14.HDTV.x264-LOL.mp42013-02-13 07:56 - 2013-02-13 07:56 - 00010272 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E14_HDTV_x264-LOL_(eztv).torrent2013-02-12 22:30 - 2013-02-12 23:07 - 319981979 ____A C:\Users\Vanessa\Downloads\pretty.little.liars.313.hdtv-lol.mp42013-02-12 22:28 - 2013-02-12 22:28 - 00003708 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E13_HDTV_x264_LOL_mp4.torrent2013-02-12 21:25 - 2013-02-12 21:33 - 259701181 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E12.HDTV.x264-LOL.mp42013-02-12 21:23 - 2013-02-12 21:23 - 00010725 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E12_HDTV_x264-LOL_(eztv).torrent2013-02-12 20:41 - 2013-02-12 20:51 - 306458776 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E11.HDTV.x264-LOL.mp42013-02-12 20:38 - 2013-02-12 20:38 - 00012506 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E11_HDTV_x264-LOL_(eztv).torrent2013-02-12 19:54 - 2013-02-12 20:00 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty Little Liars S03E10 HDTV x264-LOL[ettv]2013-02-12 19:53 - 2013-02-12 19:53 - 00022095 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E10_HDTV_x264-LOL(ettv).torrent2013-02-12 19:00 - 2013-02-12 19:07 - 267944555 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E09.HDTV.x264-LOL.mp42013-02-12 18:58 - 2013-02-12 18:58 - 00011046 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E09_HDTV_x264-LOL_(eztv).torrent2013-02-12 10:22 - 2013-02-12 11:53 - 366606336 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E08.FASTSUB.VOSTFR.HDTV.XviD-ATeam.avi2013-02-12 10:20 - 2013-02-12 10:20 - 00014886 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E08_FASTSUB_VOSTFR_HDTV_XviD-ATeam.torrent2013-02-12 10:19 - 2013-02-12 10:19 - 00002626 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E07_FASTSUB_VOSTFR_HDTV_XViD-KP (1).torrent2013-02-12 08:31 - 2013-02-12 09:39 - 368275456 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E07.FASTSUB.VOSTFR.HDTV.XViD-KP.avi2013-02-12 08:29 - 2013-02-12 08:29 - 00002626 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E07_FASTSUB_VOSTFR_HDTV_XViD-KP.torrent2013-02-11 14:25 - 2013-02-11 14:26 - 00000000 ____D C:\Users\Vanessa\Downloads\[www.Cpasbien.com] Pretty.Little.Liars.S03E06.FASTSUB.VOSTFR.HDTV.XviD-Xtrem2013-02-11 14:23 - 2013-02-11 14:23 - 00029473 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E06_FASTSUB_VOSTFR_HDTV_XviD-Xtrem.torrent2013-02-11 13:50 - 2013-02-11 13:57 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty Little Liars S03E05 HDTV XviD-AuX[ettv]2013-02-11 13:48 - 2013-02-11 13:48 - 00028981 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E05_HDTV_XviD-AuX(ettv).torrent2013-02-11 10:43 - 2013-02-17 09:18 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E04.HDTV.XviD-AFG2013-02-11 10:41 - 2013-02-11 10:41 - 00029619 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E04_HDTV_XviD_AFG(ettv).torrent2013-02-10 16:22 - 2013-02-17 09:18 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E03.HDTV.XviD-AFG2013-02-10 16:22 - 2013-02-10 16:26 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty Little Liars S03E02 HDTV x264-LOL[ettv]2013-02-10 16:21 - 2013-02-10 16:30 - 268666694 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E01.HDTV.x264-LOL.mp42013-02-10 16:21 - 2013-02-10 16:21 - 00020995 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E02_HDTV_x264-LOL(ettv).torrent2013-02-10 16:20 - 2013-02-10 16:20 - 00029545 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E03_HDTV_XviD_AFG(ettv).torrent2013-02-10 16:19 - 2013-02-10 16:19 - 00011066 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E01_HDTV_x264-LOL_(eztv).torrent2013-02-10 16:16 - 2013-02-17 11:01 - 00000378 ___AH C:\Windows\Tasks\MagniPicUpdaterTask{426A1871-5951-41E3-B551-1B94030C11F1}.job2013-02-10 16:16 - 2013-02-17 09:18 - 00000000 ____D C:\ProgramData\Premium2013-02-10 16:16 - 2013-02-10 16:16 - 00000000 ____D C:\Program Files (x86)\MagniPic2013-02-10 16:15 - 2013-02-17 09:18 - 00000000 ____D C:\ProgramData\MagniPic2013-02-10 16:15 - 2013-02-17 09:18 - 00000000 ____D C:\ProgramData\InstallMate2013-02-10 16:08 - 2013-02-10 16:08 - 00846256 ____A (PrivitizeVPN) C:\Users\Vanessa\Downloads\Pretty_Little_Liars_Season_3_EP_1-7_secure.exe2013-02-10 15:58 - 2013-02-10 15:58 - 00000901 ____A C:\Users\Public\Desktop\BitTorrent.lnk2013-02-10 15:56 - 2013-02-17 09:18 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\BitTorrent2013-02-10 15:56 - 2013-02-10 15:56 - 01053520 ____A (BitTorrent Inc.) C:\Users\Vanessa\Downloads\BitTorrent.exe2013-01-25 16:50 - 2013-01-12 01:30 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2013-01-25 16:50 - 2013-01-12 01:26 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2013-01-25 16:50 - 2013-01-12 01:24 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe2013-01-25 16:49 - 2013-01-25 16:50 - 00004611 ____A C:\Windows\SysWOW64\jupdate-1.7.0_11-b21.log2013-01-19 07:31 - 2013-01-19 07:31 - 00000000 ____D C:\Users\Vanessa\AppData\Local\kinoma2013-01-19 06:25 - 2013-01-19 06:25 - 00029184 ____A C:\Users\Vanessa\Downloads\16 (1).wiz==================== One Month Modified Files and Folders =======2013-02-17 13:07 - 2013-02-17 13:07 - 00000000 ____D C:\FRST2013-02-17 11:01 - 2013-02-10 16:16 - 00000378 ___AH C:\Windows\Tasks\MagniPicUpdaterTask{426A1871-5951-41E3-B551-1B94030C11F1}.job2013-02-17 11:01 - 2011-12-12 14:44 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-02-17 11:01 - 2011-07-13 09:43 - 00000000 ____D C:\ProgramData\PDFC2013-02-17 11:00 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT2013-02-17 11:00 - 2009-07-13 20:51 - 00069829 ____A C:\Windows\setupact.log2013-02-17 10:58 - 2011-07-14 09:44 - 01655481 ____A C:\Windows\WindowsUpdate.log2013-02-17 10:53 - 2013-02-17 10:53 - 01464401 ____A (Farbar) C:\Users\Vanessa\Downloads\FRST64 (1).exe2013-02-17 10:53 - 2013-02-17 10:52 - 01464401 ____A (Farbar) C:\Users\Vanessa\Downloads\FRST64.exe2013-02-17 10:22 - 2013-02-17 10:22 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-02-17 10:22 - 2013-02-17 10:21 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Vanessa\Downloads\mbam-setup-1.70.0.1100.exe2013-02-17 10:22 - 2013-02-16 15:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-02-17 09:41 - 2013-02-17 09:39 - 00026488 ____A C:\Users\Vanessa\Desktop\dds.txt2013-02-17 09:41 - 2013-02-17 09:39 - 00019030 ____A C:\Users\Vanessa\Desktop\attach.txt2013-02-17 09:37 - 2013-02-17 09:37 - 00688992 ____R (Swearware) C:\Users\Vanessa\Downloads\dds.com2013-02-17 09:20 - 2011-12-01 14:30 - 00000000 ____D C:\users\Vanessa2013-02-17 09:18 - 2013-02-11 10:43 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E04.HDTV.XviD-AFG2013-02-17 09:18 - 2013-02-10 16:22 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E03.HDTV.XviD-AFG2013-02-17 09:18 - 2013-02-10 16:16 - 00000000 ____D C:\ProgramData\Premium2013-02-17 09:18 - 2013-02-10 16:15 - 00000000 ____D C:\ProgramData\MagniPic2013-02-17 09:18 - 2013-02-10 16:15 - 00000000 ____D C:\ProgramData\InstallMate2013-02-17 09:18 - 2013-02-10 15:56 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\BitTorrent2013-02-17 09:18 - 2012-11-24 09:49 - 00000000 ____D C:\AllShare Play2013-02-17 09:18 - 2012-07-23 10:42 - 00000000 ___SD C:\Users\Vanessa\Google Drive2013-02-17 09:18 - 2012-01-18 06:43 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\ArcSoft2013-02-17 09:18 - 2011-12-09 09:26 - 00000000 ____D C:\Program Files (x86)\Yontoo Layers Runtime2013-02-17 09:18 - 2011-12-09 09:22 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\OpenCandy2013-02-17 09:18 - 2011-12-08 08:22 - 00000000 ____D C:\ProgramData\HP2013-02-17 09:18 - 2011-07-13 09:49 - 00000000 ____D C:\ProgramData\Norton2013-02-17 09:18 - 2011-07-13 09:34 - 00000000 ____D C:\ProgramData\RoxioNow2013-02-17 09:18 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat2013-02-17 09:18 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared2013-02-17 09:17 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration2013-02-17 09:15 - 2011-12-09 10:32 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Dropbox2013-02-17 09:14 - 2011-12-12 15:57 - 00000000 ____D C:\Program Files (x86)\Plex2013-02-17 09:14 - 2011-12-08 11:11 - 00000000 ____D C:\Program Files (x86)\Java2013-02-16 18:30 - 2011-07-13 15:13 - 00000000 ____D C:\ProgramData\Recovery2013-02-16 18:29 - 2010-11-20 23:16 - 00000000 ___RD C:\Users\Public\Recorded TV2013-02-16 18:21 - 2013-02-16 18:21 - 00001149 ____A C:\AdwCleaner[R3].txt2013-02-16 18:21 - 2013-02-16 18:21 - 00000345 ____A C:\AdwCleaner[s2].txt2013-02-16 18:20 - 2013-02-16 18:20 - 00001089 ____A C:\AdwCleaner[R2].txt2013-02-16 18:05 - 2013-02-16 18:04 - 00004494 ____A C:\AdwCleaner[s1].txt2013-02-16 18:02 - 2013-02-16 18:02 - 00004368 ____A C:\AdwCleaner[R1].txt2013-02-16 16:42 - 2009-07-13 20:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-02-16 16:42 - 2009-07-13 20:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-02-16 15:04 - 2013-02-16 15:04 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Malwarebytes2013-02-16 15:04 - 2013-02-16 15:04 - 00000000 ____D C:\ProgramData\Malwarebytes2013-02-16 03:51 - 2011-12-10 12:39 - 00000000 ____D C:\Users\Vanessa\AppData\Local\SugarSync2013-02-15 09:24 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\FxsTmp2013-02-14 23:32 - 2011-12-09 18:58 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\HP Support Assistant2013-02-14 23:32 - 2011-12-02 15:07 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\HpUpdate2013-02-13 16:09 - 2013-02-13 15:52 - 280714089 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E19.HDTV.x264-LOL.mp42013-02-13 15:49 - 2013-02-13 15:49 - 00011133 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E19_HDTV_x264-LOL_(eztv).torrent2013-02-13 13:54 - 2011-12-23 07:02 - 00000000 ____D C:\Users\Vanessa\AppData\Local\CrashDumps2013-02-13 12:28 - 2013-02-13 12:23 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty Little Liars S03E18 HDTV x264-LOL[ettv]2013-02-13 12:21 - 2013-02-13 12:21 - 00022235 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E18_HDTV_x264-LOL(ettv).torrent2013-02-13 11:48 - 2013-02-13 11:37 - 279660780 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E17.HDTV.x264-LOL.mp42013-02-13 11:35 - 2013-02-13 11:35 - 00011093 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E17_HDTV_x264-LOL_(eztv).torrent2013-02-13 10:57 - 2013-02-13 10:47 - 268427589 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E16.HDTV.x264-LOL.mp42013-02-13 10:44 - 2013-02-13 10:44 - 00010653 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E16_HDTV_x264-LOL_(eztv).torrent2013-02-13 10:33 - 2013-02-13 10:26 - 251001348 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E15.HDTV.x264-LOL.mp42013-02-13 10:23 - 2013-02-13 10:23 - 00009992 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E15_HDTV_x264-LOL_(eztv).torrent2013-02-13 10:16 - 2013-02-13 07:58 - 258432621 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E14.HDTV.x264-LOL.mp42013-02-13 07:56 - 2013-02-13 07:56 - 00010272 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E14_HDTV_x264-LOL_(eztv).torrent2013-02-12 23:07 - 2013-02-12 22:30 - 319981979 ____A C:\Users\Vanessa\Downloads\pretty.little.liars.313.hdtv-lol.mp42013-02-12 22:28 - 2013-02-12 22:28 - 00003708 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E13_HDTV_x264_LOL_mp4.torrent2013-02-12 21:33 - 2013-02-12 21:25 - 259701181 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E12.HDTV.x264-LOL.mp42013-02-12 21:23 - 2013-02-12 21:23 - 00010725 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E12_HDTV_x264-LOL_(eztv).torrent2013-02-12 20:51 - 2013-02-12 20:41 - 306458776 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E11.HDTV.x264-LOL.mp42013-02-12 20:38 - 2013-02-12 20:38 - 00012506 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E11_HDTV_x264-LOL_(eztv).torrent2013-02-12 20:00 - 2013-02-12 19:54 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty Little Liars S03E10 HDTV x264-LOL[ettv]2013-02-12 19:53 - 2013-02-12 19:53 - 00022095 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E10_HDTV_x264-LOL(ettv).torrent2013-02-12 19:07 - 2013-02-12 19:00 - 267944555 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E09.HDTV.x264-LOL.mp42013-02-12 18:58 - 2013-02-12 18:58 - 00011046 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E09_HDTV_x264-LOL_(eztv).torrent2013-02-12 18:54 - 2011-12-07 19:21 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1617474927-1116081613-3671628581-1000UA.job2013-02-12 18:53 - 2011-12-09 10:35 - 00000000 ___RD C:\Users\Vanessa\Dropbox2013-02-12 18:52 - 2011-07-13 09:49 - 00000000 ____D C:\Windows\System32\Drivers\NISx642013-02-12 18:49 - 2012-12-31 00:34 - 00000340 ____A C:\Windows\Tasks\HPCeeScheduleForVanessa.job2013-02-12 18:49 - 2011-12-15 01:22 - 00002503 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk2013-02-12 18:48 - 2011-12-10 12:39 - 00000000 ____D C:\Program Files (x86)\SugarSync2013-02-12 18:48 - 2010-11-20 19:47 - 01799852 ____A C:\Windows\PFRO.log2013-02-12 18:16 - 2011-12-12 14:44 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-02-12 18:10 - 2012-04-09 10:09 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job2013-02-12 17:48 - 2011-12-08 08:34 - 00000328 ____A C:\Windows\Tasks\HP Photo Creations Communicator.job2013-02-12 17:32 - 2012-03-06 08:22 - 00000936 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1617474927-1116081613-3671628581-1000UA.job2013-02-12 14:32 - 2012-03-06 08:22 - 00000914 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1617474927-1116081613-3671628581-1000Core.job2013-02-12 11:53 - 2013-02-12 10:22 - 366606336 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E08.FASTSUB.VOSTFR.HDTV.XviD-ATeam.avi2013-02-12 10:20 - 2013-02-12 10:20 - 00014886 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E08_FASTSUB_VOSTFR_HDTV_XviD-ATeam.torrent2013-02-12 10:19 - 2013-02-12 10:19 - 00002626 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E07_FASTSUB_VOSTFR_HDTV_XViD-KP (1).torrent2013-02-12 09:39 - 2013-02-12 08:31 - 368275456 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E07.FASTSUB.VOSTFR.HDTV.XViD-KP.avi2013-02-12 08:29 - 2013-02-12 08:29 - 00002626 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E07_FASTSUB_VOSTFR_HDTV_XViD-KP.torrent2013-02-12 00:54 - 2011-12-07 19:21 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1617474927-1116081613-3671628581-1000Core.job2013-02-11 14:26 - 2013-02-11 14:25 - 00000000 ____D C:\Users\Vanessa\Downloads\[www.Cpasbien.com] Pretty.Little.Liars.S03E06.FASTSUB.VOSTFR.HDTV.XviD-Xtrem2013-02-11 14:23 - 2013-02-11 14:23 - 00029473 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E06_FASTSUB_VOSTFR_HDTV_XviD-Xtrem.torrent2013-02-11 14:11 - 2009-07-13 21:13 - 00779724 ____A C:\Windows\System32\PerfStringBackup.INI2013-02-11 13:57 - 2013-02-11 13:50 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty Little Liars S03E05 HDTV XviD-AuX[ettv]2013-02-11 13:48 - 2013-02-11 13:48 - 00028981 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E05_HDTV_XviD-AuX(ettv).torrent2013-02-11 10:41 - 2013-02-11 10:41 - 00029619 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E04_HDTV_XviD_AFG(ettv).torrent2013-02-10 16:30 - 2013-02-10 16:21 - 268666694 ____A C:\Users\Vanessa\Downloads\Pretty.Little.Liars.S03E01.HDTV.x264-LOL.mp42013-02-10 16:26 - 2013-02-10 16:22 - 00000000 ____D C:\Users\Vanessa\Downloads\Pretty Little Liars S03E02 HDTV x264-LOL[ettv]2013-02-10 16:21 - 2013-02-10 16:21 - 00020995 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E02_HDTV_x264-LOL(ettv).torrent2013-02-10 16:20 - 2013-02-10 16:20 - 00029545 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E03_HDTV_XviD_AFG(ettv).torrent2013-02-10 16:19 - 2013-02-10 16:19 - 00011066 ____A C:\Users\Vanessa\Downloads\[monova.org] Pretty_Little_Liars_S03E01_HDTV_x264-LOL_(eztv).torrent2013-02-10 16:16 - 2013-02-10 16:16 - 00000000 ____D C:\Program Files (x86)\MagniPic2013-02-10 16:08 - 2013-02-10 16:08 - 00846256 ____A (PrivitizeVPN) C:\Users\Vanessa\Downloads\Pretty_Little_Liars_Season_3_EP_1-7_secure.exe2013-02-10 15:58 - 2013-02-10 15:58 - 00000901 ____A C:\Users\Public\Desktop\BitTorrent.lnk2013-02-10 15:56 - 2013-02-10 15:56 - 01053520 ____A (BitTorrent Inc.) C:\Users\Vanessa\Downloads\BitTorrent.exe2013-02-10 01:28 - 2012-12-12 01:28 - 00000346 ____A C:\Windows\Tasks\HPCeeScheduleForVANESSA-HP$.job2013-02-07 23:29 - 2011-12-23 08:12 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt2013-02-07 23:29 - 2011-12-09 18:59 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log2013-02-07 21:11 - 2012-04-09 10:08 - 00697712 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-02-07 21:11 - 2011-12-10 12:54 - 00074096 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2013-02-05 14:50 - 2011-12-16 07:33 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Mozilla2013-02-01 15:50 - 2011-12-07 19:22 - 00002384 ____A C:\Users\Vanessa\Desktop\Google Chrome.lnk2013-01-25 16:50 - 2013-01-25 16:49 - 00004611 ____A C:\Windows\SysWOW64\jupdate-1.7.0_11-b21.log2013-01-22 10:19 - 2011-12-12 16:24 - 00000000 ____D C:\Users\Vanessa\AppData\Local\Plex2013-01-22 06:39 - 2011-12-13 11:48 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\SoftGrid Client2013-01-20 12:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache2013-01-20 10:33 - 2011-12-22 16:02 - 00000000 ____D C:\Users\Vanessa\Desktop\kindle books2013-01-20 10:29 - 2011-12-08 09:09 - 00000000 ____D C:\Program Files (x86)\Panasonic2013-01-20 10:29 - 2011-07-13 09:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information2013-01-20 10:24 - 2011-12-10 14:16 - 00000000 ____D C:\PFS6.1HD_TMP2013-01-19 07:31 - 2013-01-19 07:31 - 00000000 ____D C:\Users\Vanessa\AppData\Local\kinoma2013-01-19 06:25 - 2013-01-19 06:25 - 00029184 ____A C:\Users\Vanessa\Downloads\16 (1).wiz==================== Known DLLs (Whitelisted) ===================================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit==================== EXE ASSOCIATION =====================HKLM\...\.exe: exefile => OKHKLM\...\exefile\DefaultIcon: %1 => OKHKLM\...\exefile\open\command: "%1" %* => OK==================== Restore Points =========================Restore point made on: 2013-01-25 16:49:43Restore point made on: 2013-02-01 22:00:12Restore point made on: 2013-02-08 22:23:46Restore point made on: 2013-02-12 19:04:57Restore point made on: 2013-02-13 01:00:18Restore point made on: 2013-02-15 10:57:01==================== Memory info =========================== Percentage of memory in use: 12%Total physical RAM: 7935.29 MBAvailable physical RAM: 6929.45 MBTotal Pagefile: 7933.48 MBAvailable Pagefile: 6895.71 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.9 MB==================== Partitions =============================1 Drive c: (OS) (Fixed) (Total:920.41 GB) (Free:616.74 GB) NTFS ==>[system with boot components (obtained from reading drive)]2 Drive e: (HP_RECOVERY) (Fixed) (Total:11 GB) (Free:1.34 GB) NTFS ==>[system with boot components (obtained from reading drive)]4 Drive g: () (Removable) (Total:29.65 GB) (Free:20.39 GB) FAT329 Drive x: (Boot) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS10 Drive y: (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 931 GB 10 MB Disk 1 Online 29 GB 0 B Disk 2 No Media 0 B 0 B Disk 3 No Media 0 B 0 B Disk 4 No Media 0 B 0 B Disk 5 No Media 0 B 0 B Partitions of Disk 0:===============Disk ID: 7ECF8B17 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 90 MB 1024 KB Partition 2 Primary 920 GB 94 MB Partition 3 Primary 11 GB 920 GB==================================================================================Disk: 0Partition 1Type : 07Hidden: NoActive: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 1 Y SYSTEM NTFS Partition 90 MB Healthy =========================================================Disk: 0Partition 2Type : 07Hidden: NoActive: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 2 C OS NTFS Partition 920 GB Healthy =========================================================Disk: 0Partition 3Type : 07Hidden: NoActive: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 3 E HP_RECOVERY NTFS Partition 11 GB Healthy =========================================================Partitions of Disk 1:===============Disk ID: C3072E18 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 29 GB 19 MB==================================================================================Disk: 1Partition 1Type : 0CHidden: NoActive: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 4 G FAT32 Removable 29 GB Healthy =========================================================Last Boot: 2013-02-12 23:39==================== End Of Log ============================= Link to post Share on other sites More sharing options...
MrCharlie Posted February 17, 2013 ID:648212 Share Posted February 17, 2013 I can restore the registry back to this..which was the last good boot:Last Boot: 2013-02-12 23:39Did you use a restore point for that date??Give this a try first:Please download the attached fixlist.txt and copy it to your flashdrive.NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemOn Vista or Windows 7: Now please enter System Recovery Options. (as you did before)Run FRST64 or FRST (which ever one you're using) and press the Fix button just once and wait.The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.See if the computer boots normally now.MrC Link to post Share on other sites More sharing options...
vsal1030 Posted February 17, 2013 Author ID:648227 Share Posted February 17, 2013 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-02-2013 01Ran by SYSTEM at 2013-02-17 14:35:02 Run:1Running from G:\==============================================HKEY_LOCAL_MACHINE\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ Default Value restored successfully.==== End of Fixlog ==== Link to post Share on other sites More sharing options...
vsal1030 Posted February 17, 2013 Author ID:648228 Share Posted February 17, 2013 Computer still boots to black screen. Link to post Share on other sites More sharing options...
MrCharlie Posted February 17, 2013 ID:648232 Share Posted February 17, 2013 OK, you didn't answer my question about system restore.MrC Link to post Share on other sites More sharing options...
vsal1030 Posted February 17, 2013 Author ID:648236 Share Posted February 17, 2013 I tried to restore to two different points. I think one was 2-15 and the other 2-12 Link to post Share on other sites More sharing options...
MrCharlie Posted February 17, 2013 ID:648238 Share Posted February 17, 2013 OK, that answers my question.The fact that Windows loads in safe mode but not in normal mode means something that's loading in normal mode is causing the problem.This is going to take a little work on your part but perform a "Clean Boot" to see if you can isolate the problem:http://support.microsoft.com/kb/929135Let me know....MrC Link to post Share on other sites More sharing options...
vsal1030 Posted February 17, 2013 Author ID:648243 Share Posted February 17, 2013 This seems very complicated, I will try it. Hopefully I do it right! Link to post Share on other sites More sharing options...
MrCharlie Posted February 17, 2013 ID:648248 Share Posted February 17, 2013 OK, take you time...MrC Link to post Share on other sites More sharing options...
vsal1030 Posted February 17, 2013 Author ID:648262 Share Posted February 17, 2013 Ok, I have a question. I started the clean boot with half of the boxes checked and the computer started up this time, but nothing still worked. And this kept popping up on the bottom of the screen:Malwarebytes Anti-Malware has blocked andquarantined a threat:C:\ProgramData\Premium\MagniPic\MagniPic.exeTrojan.StartpageClick here to display quaratineWhen I clicked on it nothing happened.What should I do from here? Should I uninstall that program? Should I continue with the clean boot? And do I check more boxes or uncheck boxes?Also, when I ran the Farbar Recovery Tool... when it asked me to login to an administrator account it not only had my name as an option but it had HomeGroupUser$ as another option. I know I didn't add that and I don't remember seeing that before. I don't know if that means anything? Link to post Share on other sites More sharing options...
MrCharlie Posted February 17, 2013 ID:648271 Share Posted February 17, 2013 Yes see if you can uninstall it...MrC Link to post Share on other sites More sharing options...
vsal1030 Posted February 17, 2013 Author ID:648276 Share Posted February 17, 2013 It won't let me uninstall. Gives me this message:Error 2 while loading archive:The system cannot find the file specified.It was installed on 2/10/12.. it says Link to post Share on other sites More sharing options...
MrCharlie Posted February 17, 2013 ID:648282 Share Posted February 17, 2013 Forget about that for now, does the computer boot up now?? MrC Link to post Share on other sites More sharing options...
vsal1030 Posted February 17, 2013 Author ID:648285 Share Posted February 17, 2013 I haven't finished doing the clean boot. I stopped after the first one to ask you that question. Like I said, it boots up, but nothing else works. I haven't isolated the problem. I will continue now. Link to post Share on other sites More sharing options...
MrCharlie Posted February 18, 2013 ID:648292 Share Posted February 18, 2013 OK...let me know. MrC Link to post Share on other sites More sharing options...
vsal1030 Posted February 18, 2013 Author ID:648626 Share Posted February 18, 2013 This is very time consuming, especially when I have 2 kids to take care of. That's why it is taking me so long, sorry. But here is an update. I'm kind of stuck and don't know what to do.I thought I had it narrowed down to 10 possible Microsoft services. My computer booted up and everything was working except for the internet. I thought my wireless adapter broke so I plugged my computer directly into my router and went on. I thought I had it pegged to Windows remote management, but this time nothing worked. I unplugged my computer from the internet and tried again. This time it worked. So I rechecked all the Microsoft services and tried it again without connecting to the internet and the computer worked. So I don't know if I should start the whole process over without being connected to the internet or just continue on with the microsoft services being connected to the internet. Please advise. Link to post Share on other sites More sharing options...
MrCharlie Posted February 19, 2013 ID:648665 Share Posted February 19, 2013 You can take as much time as needed, I'm not going anywhere.If I was there I would be able to help you but I'm not so you'll just have to determine the problem by yourself by using this method.Are you using this method to determine the problem, I think I've recreated it as best as possible for you.It's about half way down at the link I gave you:http://support.microsoft.com/kb/929135----------------------Here it is>>>>>>How to determine what is causing the problem by clean bootWindows Vista and Windows 72A: Log on to the computer by using an account that has administrator rights.2B: Click Start, type msconfig.exe in the Start Search box, and then press Enter to start the System Configuration utility.If you are prompted for an administrator password or for confirmation, you should type the password or provide confirmation.2C: Click the Services tab, and then click to select the Hide all Microsoft services check box.2D: Click to select half of the check boxes in the Service list.2E: Click OK, and then click Restart.2F: After the computer finishes restarting, determine whether the problem still occurs.<+>If the problem still occurs, repeat steps 2a through 2e, but clear half of the checked boxes in the Service list that you originally selected.<+>If the problem does not occur, repeat steps 2a through 2e, selecting only half of the remaining check boxes that are cleared in the Service list. Repeat these steps until you have selected all the check boxes.<+>If you still experience the problem after only one service is selected in the Service list, this means that the selected service causes the problem. Go to step 2j. If no service causes this problem, go to step 2g.2G: step2g Perform a clean boot by repeating steps 2a and 2b.Click the Startup tab, and then click to select half of the check boxes in the Startup Item list.2I: Click OK, and then click Restart.<+>If the problem still occurs, repeat steps 2g and 2h, but clear half of the checked boxes in the Startup Item list that you originally selected.<+>If the problem does not occur, repeat steps 2g and 2h, selecting only half of the remaining check boxes that are cleared in the Startup Item list. Repeat these steps until you have selected all the check boxes.<+>If you still experience the problem after only one Startup Item is selected in the Startup Item list, this means that theselected Startup Item causes theproblem. Go to Step 2j. If no Startup Item causes this problem, a Microsoft service probably causes the problem.To determine which Microsoft service may be causing the problem, repeat steps 2a through 2f without selecting the Hide all Microsoft services check box in either step.2J: step2j After you determine the startup item or the service that causes the problem, contact the program manufacturer to determine whether the problem can be resolved. Or, run the System Configuration utility, and then click to clear the check box for the problem item.Let me know.....MrC Link to post Share on other sites More sharing options...
vsal1030 Posted February 19, 2013 Author ID:648683 Share Posted February 19, 2013 Okay, that is what I am doing. The problem I am seeing is that it doesn't seem to be one thing that is causing the problem, it seems to be several. Sometimes one thing will work and others do not. The farther I get through the items, more things start working. I am in the Microsoft items now. It seems everything is working, just not absolutely sure. I narrowed it down to "Print Spooler" which seems very odd, and makes me wonder if I am doing this properly. Link to post Share on other sites More sharing options...
MrCharlie Posted February 19, 2013 ID:648687 Share Posted February 19, 2013 Don't worry too much about what doesn't work, try to figure out what's causing it not to boot into Windows.Try to see what service stops it from booting.Do you have a friend that can help you??Let me know....MrC Link to post Share on other sites More sharing options...
Recommended Posts