Jump to content

Recommended Posts

Please help. I am a video game developer working from home. Windows 7 wont shut down and freezes also. Would be much appreciated! Thanks!

"Attach"

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 5/13/2012 4:32:42 AM

System Uptime: 2/27/2013 10:19:36 AM (1 hours ago)

.

Motherboard: Hewlett-Packard | | 180B

Processor: AMD A8-3520M APU with Radeon HD Graphics | Socket FS1 | 1597/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 674 GiB total, 426.706 GiB free.

D: is FIXED (NTFS) - 21 GiB total, 2.196 GiB free.

E: is FIXED (FAT32) - 4 GiB total, 1.077 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Cisco Systems VPN Adapter for 64-bit Windows

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco Systems VPN Adapter for 64-bit Windows

PNP Device ID: ROOT\NET\0000

Service: CVirtA

.

Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}

Description: Consumer IR Devices

Device ID: ROOT\SYSTEM\0002

Manufacturer: Microsoft

Name: Consumer IR Devices

PNP Device ID: ROOT\SYSTEM\0002

Service: circlass

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

==== System Restore Points ===================

.

RP111: 2/5/2013 3:03:50 PM - Windows Update

RP112: 2/8/2013 4:54:27 PM - Windows Update

RP113: 2/12/2013 9:43:54 AM - Windows Update

RP114: 2/15/2013 12:10:29 PM - Installed Steam

RP115: 2/16/2013 5:49:50 PM - Installed DirectX

RP116: 2/16/2013 5:56:42 PM - Windows Update

RP117: 2/17/2013 7:49:07 AM - Windows Update

RP118: 2/20/2013 3:00:20 AM - Windows Update

RP119: 2/23/2013 8:00:26 AM - Windows Update

RP120: 2/25/2013 11:07:08 AM - Installed Adobe Acrobat XI Pro.

RP121: 2/25/2013 3:47:46 PM - Installed Perforce Visual Components.

RP122: 2/25/2013 4:03:36 PM - Installed Cisco Systems VPN Client 5.0.07.0290

RP123: 2/25/2013 5:56:59 PM - Removed Adobe Acrobat XI Pro.

RP124: 2/25/2013 6:03:00 PM - Removed Adobe Download Assistant

RP125: 2/25/2013 6:03:19 PM - Removed Adobe Community Help

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

3ds max 7

3ds max 7 Additional Maps and Materials

3ds max 7 Architectural Materials

3ds max 7 Reference Files

64 Bit HP CIO Components Installer

Adobe AIR

Adobe Community Help

Adobe Creative Suite 5 Master Collection

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Media Player

Adobe Reader X (10.1.0) MUI

Adobe Shockwave Player 11.6

Akamai NetSession Interface

Amazon Cloud Drive

Amazon MP3 Downloader 1.0.17

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Fuel

AMD Steady Video Plug-In

AMD System Monitor

AMD VISION Engine Control Center

Amnesia - The Dark Descent

Apple Application Support

Apple Software Update

AuthenTec TrueAPI

Autodesk 3ds Max 2013 32-bit

Autodesk Backburner 2013.0.0

Autodesk Essential Skills Movies for 3ds Max 2013 32-bit

Autodesk FBX Plug-in 2013.1 - 3ds Max 2013

Autodesk Inventor Server Engine for 3ds Max 2013 32-bit

Autodesk Material Library 2013

Autodesk Material Library Base Resolution Image Library 2013

Autodesk Material Library Medium Resolution Image Library 2013

Bejeweled 3

Blackhawk Striker 2

Blurb Book Creator CS5 v2.1.0.20d9

BookSmart® 3.3.2 3.3.2

Broadcom 802.11 Wireless LAN Adapter

Broadcom Bluetooth Software

Broadcom InConcert Maestro

CanoScan LiDE 210 Scanner Driver

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

Cisco Systems VPN Client 5.0.07.0290

Composite 2013

Cradle of Rome 2

CyberLink YouCam

D3DX10

DefaultTab

Dora's World Adventure

Dropbox

ESU for Microsoft Windows 7 SP1

Evernote v. 4.2.3

Farm Frenzy

Farmscapes

FATE

ffdshow v1.2.4422 [2012-04-09]

Final Drive Fury

FinalTorrent 2012

Forge

Fraps

Free YouTube Downloader 3.5.134

GetDataBack for FAT

GetDataBack for NTFS

Google Drive

Google Earth Plug-in

Google SketchUp 8

Google Update Helper

GoToMeeting 5.4.0.1083

Hewlett-Packard ACLM.NET v1.1.2.0

HOTLLAMA Media Player - Setup

Hoyle Card Games

HP 3D DriveGuard

HP Application Assistant

HP Auto

HP Client Services

HP CoolSense

HP Customer Experience Enhancements

HP Documentation

HP DVB-T TV Tuner 8.0.64.43

HP Games

HP Launch Box

HP MovieStore

HP On Screen Display

HP Power Manager

HP Quick Launch

HP QuickWeb

HP Recovery Manager

HP Security Assistant

HP Setup

HP Setup Manager

HP SimplePass 2012

HP Software Framework

HP Support Assistant

IDT Audio

iLivid

Java 7 Update 10

Java Auto Updater

JavaFX 2.1.1

Jewel Match 3

Jewel Quest Mysteries: The Seventh Gate Collector's Edition

John Deere Drive Green

Junk Mail filter update

KeyDownload

Letters from Nowhere 2

Luxor HD

MagniPic

Mah Jong Medley

Malwarebytes Anti-Malware version 1.70.0.1100

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WSE 3.0 Runtime

Microsoft_VC80_ATL_x86

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

Mozilla Firefox 19.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Network64

Octoshape add-in for Adobe Flash Player

opensource

PDF Settings CS5

Penguins!

Perforce Visual Components

Picasa 3

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime x86

Poker Superstars III

Polar Bowler

Polar Golfer

PS_AIO_06_C4700_SW_Min

PxMergeModule

QuickTime

Realtek Ethernet Controller Driver

Realtek PCIE Card Reader

RollerCoaster Tycoon 3: Platinum

Scan

Sculptris Alpha 6

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Skype™ 6.2

SpiderOak

Spotify

Steam

swMSM

Synaptics TouchPad Driver

The Treasures of Mystery Island: The Ghost Ship

Toolbox

Torchlight

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update Installer for WildTangent Games App

Validity WBF DDK

Virtual Villagers 4 - The Tree of Life

VLC media player 2.0.4

Wacom Tablet

Web Assistant 2.0.0.572

Web Optimizer

WebTablet FB Plugin

WebTablet IE Plugin

WebTablet Netscape Plugin

WildTangent Games App (HP Games)

WinCHM 3.415

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR archiver

ZBrush 4R2

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

2/27/2013 9:58:26 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.535.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

2/27/2013 9:49:06 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL

2/27/2013 9:43:02 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.535.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

2/27/2013 9:33:22 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

2/27/2013 9:33:07 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2013 9:33:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

2/27/2013 9:33:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

2/27/2013 9:32:41 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl

2/27/2013 9:32:40 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2013 9:32:40 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

2/27/2013 9:32:40 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

2/27/2013 9:32:40 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2013 9:32:40 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2013 9:32:40 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

2/27/2013 9:32:40 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2013 9:32:40 AM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2013 9:32:40 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2013 9:32:40 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

2/27/2013 9:32:40 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

2/27/2013 9:23:20 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

2/27/2013 9:22:50 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.

2/27/2013 9:14:12 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.

2/27/2013 9:14:12 AM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/27/2013 9:08:12 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service.

2/27/2013 9:06:42 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.

2/27/2013 9:06:12 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.

2/27/2013 9:05:42 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.

2/27/2013 9:05:12 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RasMan service.

2/27/2013 8:04:48 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.535.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

2/27/2013 6:06:33 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.535.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

2/27/2013 5:10:18 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.535.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

2/27/2013 4:52:08 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.

2/27/2013 4:52:08 AM, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/27/2013 4:34:37 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service.

2/27/2013 4:34:37 AM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/27/2013 11:42:27 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2013 10:36:22 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2013 10:32:40 AM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.

2/27/2013 10:30:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.535.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

2/27/2013 10:30:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

2/27/2013 10:30:22 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}

2/27/2013 10:23:01 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service SkypeUpdate with arguments "/ComService" in order to run the server: {CC957078-B838-47C4-A7CF-626E7A82FC58}

2/27/2013 10:20:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

2/27/2013 10:20:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

2/27/2013 10:20:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

2/27/2013 10:20:39 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21

2/27/2013 10:20:34 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

2/27/2013 10:20:24 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter SASDIFSV SASKUTIL spldr Wanarpv6

2/27/2013 10:18:40 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.

2/27/2013 10:18:40 AM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/27/2013 10:01:13 AM, Error: BROWSER [8007] - The browser was unable to update the service status bits. The data is the error.

2/27/2013 1:53:23 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.535.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

2/26/2013 9:48:16 AM, Error: Service Control Manager [7022] - The HP Network Devices Support service hung on starting.

2/26/2013 12:24:13 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

2/26/2013 12:24:13 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/26/2013 1:25:30 AM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.

2/25/2013 4:05:07 PM, Error: Service Control Manager [7030] - The Cisco Systems, Inc. VPN Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

2/23/2013 8:13:39 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinHttpAutoProxySvc service.

2/20/2013 11:14:20 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000116 (0xfffffa800530e210, 0xfffff8800439a80c, 0x0000000000000000, 0x0000000000000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022013-48531-01.

.

==== End Of File ===========================

"DDS"

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK

Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.10.2

Run by Carrie at 11:43:24 on 2013-02-27

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5610.4177 [GMT -8:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\Explorer.EXE

C:\Windows\system32\ctfmon.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://searchab.com/?aff=7&uid=de53cb73-8002-11e2-ac02-faa89bfa1bf5

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

uDefault_Search_URL = hxxp://www.google.com/ie

mStart Page = hxxp://www.google.com

uProxyOverride = <local>

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll

BHO: MagniPiicc: {51BA42F7-7816-0411-DECC-43062A232EFD} - C:\ProgramData\MagniPiicc\512cb7edc3c5e.dll

BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Carrie\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: KeyDownload Class: {C1EA4179-A319-4c6a-A3E5-67FF3592A12E} - C:\Program Files (x86)\KeyDownload-Addon\KeyDownload.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: MagniPiicc: {E90F6AA2-A000-4854-49CC-C5E8AB4DAA11} - C:\ProgramData\MagniPiicc\512c9c269951c.dll

TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

uRun: [Akamai NetSession Interface] "C:\Users\Carrie\AppData\Local\Akamai\netsession_win.exe"

uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

uRun: [spotify Web Helper] "C:\Users\Carrie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [spotify] "C:\Users\Carrie\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

uRun: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

StartupFolder: C:\Users\Carrie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Carrie\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\Carrie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\HOTLLA~1.LNK - C:\Program Files (x86)\HOTLLAMA MEDIA\Player\WiseUpdt.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VPNGUI~1.LNK - C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe

uPolicies-Explorer: NoDrives = dword:0

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: NameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{80A4DC4E-6D6E-40D2-AA86-C65BCA3C0E74} : DHCPNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{80A4DC4E-6D6E-40D2-AA86-C65BCA3C0E74}\144545537363 : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{80A4DC4E-6D6E-40D2-AA86-C65BCA3C0E74}\2767232303F513 : DHCPNameServer = 66.75.164.89 66.75.164.90

TCP: Interfaces\{80A4DC4E-6D6E-40D2-AA86-C65BCA3C0E74}\34963736F61373531373 : DHCPNameServer = 172.16.100.10 172.16.100.20 172.16.100.16 192.168.34.32 192.168.34.19

TCP: Interfaces\{80A4DC4E-6D6E-40D2-AA86-C65BCA3C0E74}\65943594F4E42313D2442425 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{80A4DC4E-6D6E-40D2-AA86-C65BCA3C0E74}\65963796F6E62313 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{80A4DC4E-6D6E-40D2-AA86-C65BCA3C0E74}\65963796F6E62313345627 : DHCPNameServer = 192.168.1.1

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= c:\progra~2\magnipic\sprote~1.dll

LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

x64-BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll

x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll

x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Carrie\AppData\Roaming\Mozilla\Firefox\Profiles\xhkio2oy.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://searchab.com/?aff=7&uid=de53cb73-8002-11e2-ac02-faa89bfa1bf5

FF - prefs.js: keyword.URL - hxxp://searchab.com/?aff=7&uid=de53cb73-8002-11e2-ac02-faa89bfa1bf5&q=

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll

FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Carrie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll

FF - ExtSQL: 2013-02-26 02:58; addon@keydownload.com; C:\Users\Carrie\AppData\Roaming\Mozilla\Firefox\Profiles\xhkio2oy.default\extensions\addon@keydownload.com

FF - ExtSQL: 2013-02-26 02:58; addon@defaulttab.com; C:\Users\Carrie\AppData\Roaming\Mozilla\Firefox\Profiles\xhkio2oy.default\extensions\addon@defaulttab.com.xpi

FF - ExtSQL: 2013-02-26 03:27; uqgii@msvlult-.net; C:\Users\Carrie\AppData\Roaming\Mozilla\Firefox\Profiles\xhkio2oy.default\extensions\uqgii@msvlult-.net

FF - ExtSQL: 2013-02-26 05:26; a_lb@ajsmqqo.com; C:\Users\Carrie\AppData\Roaming\Mozilla\Firefox\Profiles\xhkio2oy.default\extensions\a_lb@ajsmqqo.com

FF - ExtSQL: 2013-02-26 14:27; {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}; C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}

FF - ExtSQL: 2013-02-26 16:00; {FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}; C:\Program Files\Web Assistant\Firefox

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.incredibar_i.newTab - false

FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyKkm6rjA&loc=IB_TB&i=26&search=

FF - user.js: extensions.incredibar_i.id - acd680f0000000000000e4d53d065ed7

FF - user.js: extensions.incredibar_i.instlDay - 15559

FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1410:32:20

FF - user.js: extensions.incredibar_i.prtnrId - Incredibar

FF - user.js: extensions.incredibar_i.prdct - incredibar

FF - user.js: extensions.incredibar_i.aflt - orgnl

FF - user.js: extensions.incredibar_i.smplGrp - none

FF - user.js: extensions.incredibar_i.tlbrId - base

FF - user.js: extensions.incredibar_i.instlRef -

FF - user.js: extensions.incredibar_i.dfltLng -

FF - user.js: extensions.incredibar_i.excTlbr - false

FF - user.js: extensions.incredibar_i.ms_url_id -

FF - user.js: extensions.incredibar_i.upn2 - 6OyKkm6rjA

FF - user.js: extensions.incredibar_i.upn2n - 92261890913545050

FF - user.js: extensions.incredibar_i.productid - 26

FF - user.js: extensions.incredibar_i.installerproductid - 26

FF - user.js: extensions.incredibar_i.did - 10650

FF - user.js: extensions.incredibar_i.ppd - 34%5F6

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113959&tt=090812_ppc_3212_6

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=

FF - user.js: extensions.BabylonToolbar.id - acd680f0000000000000e4d53d065ed7

FF - user.js: extensions.BabylonToolbar.instlDay - 15563

FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6

FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.623:13:31

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - base

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488]

R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-5-13 55280]

R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-7-16 96896]

R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-1-5 46136]

R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-7-16 214144]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-5 428136]

S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]

S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-1-5 89600]

S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-28 204288]

S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Carrie\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-2-26 107520]

S2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424]

S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]

S2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-4-25 197504]

S2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520]

S2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]

S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-1-5 2413056]

S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-27 398184]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-27 682344]

S2 mi-raysat_3dsmax2013_32;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 32-bit;C:\Program Files (x86)\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe [2011-9-14 86016]

S2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 130008]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-7 161384]

S2 TabletServiceWacom;TabletServiceWacom;C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [2012-5-15 8518008]

S2 TouchServiceWacom;Wacom Professional Touch Service;C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe [2012-5-15 567672]

S2 Web Assistant;Web Assistant;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-9-16 188760]

S2 WebOptimizer;WebOptimizer;C:\Windows\System32\dmwu.exe [2012-9-16 1259888]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]

S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2012-1-5 133672]

S3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2012-1-5 620584]

S3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2012-1-5 89640]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-1-5 39976]

S3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-5-31 138912]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2012-5-15 13688]

S3 hitmanpro36;HitmanPro 3.6 Support Driver;C:\Windows\System32\drivers\hitmanpro36.sys [2012-9-10 30496]

S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-29 29720]

S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-27 24176]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-1-5 338536]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2012-5-15 65912]

S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2012-5-15 15736]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-14 1255736]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-02-27 13:29:57 -------- d-----w- C:\Program Files (x86)\M2

2013-02-27 13:22:05 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-02-27 13:20:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-02-27 09:55:09 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5A0AE4BD-F34C-41E5-B9AF-F9B43CCF3A76}\offreg.dll

2013-02-26 22:14:52 -------- d-----w- C:\ProgramData\ALM

2013-02-26 22:11:46 -------- d-----w- C:\Users\Carrie\Adobe Flash Builder 4

2013-02-26 10:58:21 -------- d-----w- C:\ProgramData\CLSoft LTD

2013-02-26 10:58:05 -------- d-----w- C:\Program Files (x86)\MagniPic

2013-02-26 10:57:56 -------- d-----w- C:\ProgramData\MagniPiicc

2013-02-26 10:57:34 -------- d-----w- C:\Program Files (x86)\KeyDownload-Addon

2013-02-26 10:57:12 -------- d-----w- C:\Users\Carrie\AppData\Roaming\DefaultTab

2013-02-26 10:57:03 -------- d-----w- C:\Users\Carrie\AppData\Local\SwvUpdater

2013-02-26 10:34:11 -------- d-----w- C:\Users\Carrie\AppData\Roaming\FinalTorrent

2013-02-26 10:26:07 -------- d-----w- C:\Program Files (x86)\FinalTorrent

2013-02-26 10:26:06 -------- d-----w- C:\Users\Carrie\AppData\Local\Programs

2013-02-26 10:15:44 -------- d-----w- C:\ProgramData\APN

2013-02-26 10:08:57 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5A0AE4BD-F34C-41E5-B9AF-F9B43CCF3A76}\mpengine.dll

2013-02-26 00:30:38 -------- d-----w- C:\Users\Carrie\sandboxes

2013-02-26 00:25:07 -------- d-----w- C:\Users\Carrie\.p4qt

2013-02-26 00:03:51 -------- d-----w- C:\Program Files\Common Files\Deterministic Networks

2013-02-26 00:03:51 -------- d-----w- C:\Program Files (x86)\Cisco Systems

2013-02-25 23:48:21 -------- d-----w- C:\Program Files\Perforce

2013-02-25 23:44:36 -------- d-----w- C:\Users\Carrie\AppData\Local\{76EA1E92-7E3E-4832-9817-CD91364889D5}

2013-02-25 18:49:32 -------- d-----w- C:\Users\Carrie\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2013-02-25 10:06:48 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-02-23 22:47:16 -------- d-----r- C:\Program Files (x86)\Skype

2013-02-17 15:53:06 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll

2013-02-17 15:53:06 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll

2013-02-17 15:50:05 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-02-17 15:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-02-17 15:50:02 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-02-17 15:50:02 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll

2013-02-17 15:50:02 182816 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll

2013-02-17 15:50:02 149528 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll

2013-02-17 15:50:01 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll

2013-02-17 15:50:00 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-02-17 01:50:25 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll

2013-02-17 01:50:25 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll

2013-02-15 20:11:28 -------- d-----w- C:\Program Files (x86)\Common Files\Steam

2013-02-15 20:11:20 -------- d-----w- C:\Program Files (x86)\Steam

2013-02-15 17:45:03 -------- d-----w- C:\Fraps

2013-02-13 12:31:13 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-02-13 12:31:12 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-02-13 12:31:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-02-13 12:31:05 3153408 ----a-w- C:\Windows\System32\win32k.sys

2013-02-13 12:31:03 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-02-13 12:31:03 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-02-13 12:31:03 215040 ----a-w- C:\Windows\System32\winsrv.dll

2013-02-13 12:31:03 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-02-13 12:31:02 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-02-13 12:31:01 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-02-13 12:31:00 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-02-13 12:30:59 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2013-02-10 02:51:07 16365936 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

.

==================== Find3M ====================

.

2013-02-10 02:51:23 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-02-10 02:51:23 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe

2013-01-20 23:59:04 230320 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

2013-01-20 23:59:04 130008 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-01-06 22:27:20 95184 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-01-06 22:27:15 779704 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-12 21:37:56 4472832 ----a-w- C:\Windows\SysWow64\GPhotos.scr

2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll

2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll

2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll

2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll

2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs

2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs

2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs

2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs

2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs

2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs

2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs

2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs

2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs

2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs

2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs

2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs

2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs

2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs

2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll

2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

.

============= FINISH: 11:44:33.37 ===============

Link to post
Share on other sites

Hello phantumm and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Step 1

Please uninstall the following applications:

DefaultTab

FinalTorrent 2012

KeyDownload

Web Assistant 2.0.0.572

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 4

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

aswMBR2-1.gif

On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBR2.png

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • Malwarebytes' Anti-Malware log
  • aswMBR log
  • a new fresh DDS log

Link to post
Share on other sites

Here are my log files below. Windows 7 is still having problems when not in Safe Mode. Let me know what you think. Thanks very much.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.6.5 (02.18.2013:1)

OS: Windows 7 Home Premium x64

Ran by Carrie on Wed 02/27/2013 at 15:38:03.39

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [service] weboptimizer

Successfully deleted: [service] weboptimizer

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\browsermngr start page

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\browsermngrdefaultscope

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\abouturls\\Tabs

~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-3527630900-3794179634-2406754103-1001\software\web assistant"

Successfully deleted: [Registry Key] hkey_local_machine\software\babylon

Successfully deleted: [Registry Key] hkey_current_user\software\browsermngr

Successfully deleted: [Registry Key] hkey_local_machine\software\browsermngr

Successfully deleted: [Registry Key] hkey_current_user\software\cr_installer

Failed to delete: [Registry Key] hkey_current_user\software\datamngr_toolbar

Successfully deleted: [Registry Key] hkey_current_user\software\ilivid

Successfully deleted: [Registry Key] hkey_local_machine\software\ilivid

Successfully deleted: [Registry Key] hkey_current_user\software\im

Successfully deleted: [Registry Key] hkey_current_user\software\iminstaller

Successfully deleted: [Registry Key] hkey_current_user\software\startsearch

Successfully deleted: [Registry Key] hkey_local_machine\software\web assistant

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\crossrider

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\sprotector

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\applications\ilividsetupv1.exe

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibar_install_rasapi32

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibar_install_rasmancs

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibartoolbar_rasapi32

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibartoolbar_rasmancs

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasapi32

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasmancs

Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\microsoft\tracing\ilividsetupv1_rasapi32

Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\microsoft\tracing\ilividsetupv1_rasmancs

Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\sp global

Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\sprotector

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{cff4db9b-135f-47c0-9269-b4c6572fd61a}

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827}

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827}

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\clsoft ltd"

Successfully deleted: [Folder] "C:\ProgramData\installmate"

Successfully deleted: [Folder] "C:\ProgramData\premium"

Successfully deleted: [Folder] "C:\Users\Carrie\AppData\Roaming\babylon"

Successfully deleted: [Folder] "C:\Users\Carrie\appdata\local\ilivid player"

Successfully deleted: [Folder] "C:\Users\Carrie\appdata\local\swvupdater"

Successfully deleted: [Folder] "C:\Users\Carrie\appdata\locallow\babylontoolbar"

Successfully deleted: [Folder] "C:\Users\Carrie\appdata\locallow\downloadnsave"

Successfully deleted: [Folder] "C:\Program Files (x86)\free youtube downloader"

Successfully deleted: [Folder] "C:\Program Files (x86)\ilivid"

Successfully deleted: [Folder] "C:\Users\Carrie\AppData\Roaming\microsoft\windows\start menu\programs\browser manager"

~~~ FireFox

Successfully deleted: [File] C:\user.js

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"

Successfully deleted: [File] C:\Users\Carrie\AppData\Roaming\mozilla\firefox\profiles\xhkio2oy.default\user.js

Successfully deleted: [File] C:\Users\Carrie\AppData\Roaming\mozilla\firefox\profiles\xhkio2oy.default\extensions\dcelqecvue@dcelqecvue.org.xpi [Tracur]

Successfully deleted: [File] C:\Users\Carrie\AppData\Roaming\mozilla\firefox\profiles\xhkio2oy.default\browsermngr_extensions.sqlite

Successfully deleted: [File] C:\Users\Carrie\AppData\Roaming\mozilla\firefox\profiles\xhkio2oy.default\browsermngr_prefs.js

Successfully deleted: [Registry Value] hkey_local_machine\software\mozilla\firefox\extensions\\{336d0c35-8a85-403a-b9d2-65c292c39087}

Successfully deleted the following from C:\Users\Carrie\AppData\Roaming\mozilla\firefox\profiles\xhkio2oy.default\prefs.js

user_pref("aol_toolbar.default.homepage.check", false);

user_pref("aol_toolbar.default.search.check", false);

user_pref("browser.newtabpage.blocked", "{\"D1UB8BaJlsJKgY74MMCilw==\":1,\"iMsTJFo19MnActcgtv98+A==\":1,\"pCvCUj4ROYLCbGnjOV+jkg==\":1,\"iIZPkt0FBzMpVVP9yTXXrg==\":1,\"R6xZQCW

user_pref("browser.search.defaultengine", "Privitize VPN");

user_pref("browser.search.defaultenginename", "Privitize VPN");

user_pref("browser.search.order.1", "Privitize VPN");

user_pref("extensions.BabylonToolbar.admin", "");

user_pref("extensions.BabylonToolbar.aflt", "babsst");

user_pref("extensions.BabylonToolbar.dfltLng", "en");

user_pref("extensions.BabylonToolbar.excTlbr", false);

user_pref("extensions.BabylonToolbar.id", "acd680f0000000000000e4d53d065ed7");

user_pref("extensions.BabylonToolbar.instlDay", "15563");

user_pref("extensions.BabylonToolbar.instlRef", "sst");

user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar.prtkDS", 0);

user_pref("extensions.BabylonToolbar.prtkHmpg", 0);

user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar.tlbrId", "base");

user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");

user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");

user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113959&tt=090812_ppc_3212_6");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.623:13:31");

user_pref("extensions.crossrider.bic", "139f115c65306a2b250a611a970395f0");

user_pref("extensions.defaulttab.lastUsed", 1361877812);

user_pref("extensions.incredibar.admin", false);

user_pref("extensions.incredibar.aflt", "orgnl");

user_pref("extensions.incredibar.cntry", "US");

user_pref("extensions.incredibar.dfltLng", "");

user_pref("extensions.incredibar.dfltSrch", false);

user_pref("extensions.incredibar.did", "10650");

user_pref("extensions.incredibar.envrmnt", "production");

user_pref("extensions.incredibar.excTlbr", false);

user_pref("extensions.incredibar.hdrMd5", "4AD6DBEF8C86E5902414B0E82D4227EA");

user_pref("extensions.incredibar.hmpg", false);

user_pref("extensions.incredibar.id", "acd680f0000000000000e4d53d065ed7");

user_pref("extensions.incredibar.installerproductid", "26");

user_pref("extensions.incredibar.instlDay", "15559");

user_pref("extensions.incredibar.instlRef", "");

user_pref("extensions.incredibar.isDcmntCmplt", false);

user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1410:32:20");

user_pref("extensions.incredibar.mntrvrsn", "1.2.0");

user_pref("extensions.incredibar.newTab", false);

user_pref("extensions.incredibar.noFFXTlbr", false);

user_pref("extensions.incredibar.ppd", "34%5F6");

user_pref("extensions.incredibar.prdct", "incredibar");

user_pref("extensions.incredibar.productid", "26");

user_pref("extensions.incredibar.prtnrId", "Incredibar");

user_pref("extensions.incredibar.sg", "none");

user_pref("extensions.incredibar.smplGrp", "none");

user_pref("extensions.incredibar.tlbrId", "base");

user_pref("extensions.incredibar.upn2", "6OyKkm6rjA");

user_pref("extensions.incredibar.upn2n", "92261890913545050");

user_pref("extensions.incredibar.vrsn", "1.5.11.14");

user_pref("extensions.incredibar.vrsnTs", "1.5.11.1410:32:20");

user_pref("extensions.incredibar.vrsni", "1.5.11.14");

user_pref("extensions.incredibar_i.aflt", "orgnl");

user_pref("extensions.incredibar_i.dfltLng", "");

user_pref("extensions.incredibar_i.did", "10650");

user_pref("extensions.incredibar_i.excTlbr", false);

user_pref("extensions.incredibar_i.id", "acd680f0000000000000e4d53d065ed7");

user_pref("extensions.incredibar_i.installerproductid", "26");

user_pref("extensions.incredibar_i.instlDay", "15559");

user_pref("extensions.incredibar_i.instlRef", "");

user_pref("extensions.incredibar_i.ms_url_id", "");

user_pref("extensions.incredibar_i.newTab", false);

user_pref("extensions.incredibar_i.ppd", "34%5F6");

user_pref("extensions.incredibar_i.prdct", "incredibar");

user_pref("extensions.incredibar_i.productid", "26");

user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

user_pref("extensions.incredibar_i.smplGrp", "none");

user_pref("extensions.incredibar_i.tlbrId", "base");

user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyKkm6rjA&loc=IB_TB&i=26&search=");

user_pref("extensions.incredibar_i.upn2", "6OyKkm6rjA");

user_pref("extensions.incredibar_i.upn2n", "92261890913545050");

user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1410:32:20");

user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");

user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");

user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://searchab.com/?aff=7&uid=de53cb73-8002-11e2-ac02-faa89bfa1bf5&q=");

user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");

user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");

user_pref("sweetim.toolbar.searchguard.enable", "");

user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocatio

user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_referrer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://www.hotmail.com/|||86413

user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_temp_referer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://us.yhs4.search.yahoo

user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.

Emptied folder: C:\Users\Carrie\AppData\Roaming\mozilla\firefox\profiles\xhkio2oy.default\minidumps [55 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Wed 02/27/2013 at 15:43:28.26

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware (PRO) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.02.27.09

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)

Internet Explorer 9.0.8112.16421

Carrie :: CARRIE-HP [administrator]

Protection: Disabled

2/27/2013 3:52:43 PM

mbam-log-2013-02-27 (15-52-43).txt

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 521645

Time elapsed: 1 hour(s), 10 minute(s), 46 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2013-02-27 17:16:59

-----------------------------

17:16:59.682 OS Version: Windows x64 6.1.7601 Service Pack 1

17:16:59.682 Number of processors: 4 586 0x100

17:16:59.682 ComputerName: CARRIE-HP UserName: Carrie

17:17:01.292 Initialize success

17:17:04.392 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000077

17:17:04.392 Disk 0 Vendor: TOSHIBA_ GT00 Size: 715404MB BusType: 11

17:17:04.432 Disk 0 MBR read successfully

17:17:04.432 Disk 0 MBR scan

17:17:04.432 Disk 0 Windows 7 default MBR code

17:17:04.452 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048

17:17:04.462 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 689958 MB offset 409600

17:17:04.492 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 21183 MB offset 1413443584

17:17:04.502 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4062 MB offset 1456826368

17:17:04.552 Disk 0 scanning C:\Windows\system32\drivers

17:17:11.012 Service scanning

17:17:36.842 Modules scanning

17:17:36.852 Disk 0 trace - called modules:

17:17:36.882 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amd_xata.sys ACPI.sys storport.sys hal.dll amd_sata.sys

17:17:37.212 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005fb0060]

17:17:37.222 3 CLASSPNP.SYS[fffff8800187643f] -> nt!IofCallDriver -> [0xfffffa8005e3bb10]

17:17:37.222 5 hpdskflt.sys[fffff8800181d189] -> nt!IofCallDriver -> [0xfffffa80059875e0]

17:17:37.232 7 amd_xata.sys[fffff880010dfa1d] -> nt!IofCallDriver -> [0xfffffa8005970040]

17:17:37.242 9 ACPI.sys[fffff88000ee67a1] -> nt!IofCallDriver -> \Device\00000077[0xfffffa80059702f0]

17:17:37.252 Scan finished successfully

17:21:41.193 Disk 0 MBR has been saved successfully to "C:\Users\Carrie\Desktop\MBR.dat"

17:21:41.203 The log file has been saved successfully to "C:\Users\Carrie\Desktop\aswMBR.txt"

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.