dachel12 Posted May 15, 2013 ID:679970 Share Posted May 15, 2013 My computer is not able to run a full scan with Malwarebytes Anti-Malware because the computer will shut down when I try to run it. I tried to look up the issue and found a similar thread in the forums. That thread had a suggestion to run ComboFix to find the problem. I did so, but now need someone to look over the results because I have no idea what it means. I will attach the text file of the results.Please help.Thanks!combo fix 5-15-2013.txt Link to post Share on other sites More sharing options...
Maniac Posted May 15, 2013 ID:679988 Share Posted May 15, 2013 Hello dachel12 and ! My name is Maniac and I will be glad to help you solve your malware problem.Please note:If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look herePlease follow the instructions here and post your log files:http://forums.malwarebytes.org/index.php?showtopic=9573 Link to post Share on other sites More sharing options...
dachel12 Posted May 15, 2013 Author ID:680072 Share Posted May 15, 2013 Here are my log files. Thank you so much for helping!dds.txtDDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.13.2Run by student at 18:03:34 on 2013-05-15Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4046.1538 [GMT -5:00].AV: Microsoft Forefront Endpoint Protection *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Forefront Endpoint Protection *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\Hpservice.exeC:\Windows\system32\atieclxx.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\IDT\WDM\AESTSr64.exeC:\Program Files\LSI SoftModem\agr64svc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeC:\Windows\system32\dlcxcoms.exeC:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exeC:\Program Files (x86)\Intel\Services\IPT\jhi_service.exeC:\Windows\keyacc32.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exeC:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exeC:\Program Files (x86)\Common Files\Rockwell\RNADiagnosticsSrv.exeC:\Program Files (x86)\Common Files\Rockwell\RsvcHost.exeC:\windows\SysWow64\ArcVCapRender\uArcCapture.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\PROGRAM FILES (X86)\TA INSTRUMENTS\THERMAL ADVANTAGE\QSERIES\TAMA.EXEC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exeC:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Windows\kass.exeC:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exeC:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exeC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\FLASHbrief\FLASHbrief.exeC:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\student\AppData\Roaming\Spotify\spotify.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\wuauclt.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://uwstout.edu/BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: smartdownloader Class: {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - C:\Program Files (x86)\PutLockerDownloader\smarterdownloader.dllBHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dlluRun: [spotify Web Helper] "C:\Users\student\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exeuRun: [MusicManager] "C:\Users\student\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /startmRun: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesmRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbyloginmRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"mRun: [KeyAccess] C:\Windows\kass.exemRun: [flashbrief uws] "c:\Program Files (x86)\FLASHbrief\FLASHbrief.exe" -s uwsmRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"StartupFolder: C:\Users\student\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:255mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabTCP: NameServer = 64.33.128.10 64.33.128.210TCP: Interfaces\{07C9D154-1D34-4BBB-A463-ED5AD2A0B4C9} : DHCPNameServer = 64.33.128.10 64.33.128.210TCP: Interfaces\{07C9D154-1D34-4BBB-A463-ED5AD2A0B4C9}\3547F6574714962707F62747E4564777F627B6 : DHCPNameServer = 144.13.1.7 144.13.1.11TCP: Interfaces\{07C9D154-1D34-4BBB-A463-ED5AD2A0B4C9}\7457E6E61647 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{07C9D154-1D34-4BBB-A463-ED5AD2A0B4C9}\E45445745414255363 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{07C9D154-1D34-4BBB-A463-ED5AD2A0B4C9}\E45445745414255363D25374 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{3EAD70D7-93EA-4362-8B92-C53CD41E34FB} : DHCPNameServer = 144.13.1.7 144.13.1.11Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllAppInit_DLLs= C:\Windows\katrack.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: b Search.us.com Toolbar: {76607929-DC12-4443-AEF0-F56FE203FAFC} - x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-Run: [KeyAccess] kass.exex64-Run: [dlcxmon.exe] "C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe"x64-Run: [MemoryCardManager] "C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe"x64-Run: [DLCXCATS] rundll32 C:\Windows\System32\spool\DRIVERS\x64\3\DLCXtime.dll,RunDLLEntryx64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-3-6 55856]R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-5-9 89600]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-6 203776]R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-15 659976]R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-2-2 18656]R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-4-23 135952]R2 dlcx_device;dlcx_device;C:\Windows\System32\dlcxcoms.exe -service --> C:\Windows\System32\dlcxcoms.exe -service [?]R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-1-28 281656]R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-9 13336]R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]R2 KeyAccess;KeyAccess;C:\Windows\keyacc32.exe [2012-4-20 2106008]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-1 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-1 701512]R2 mitsijm2012;Autodesk Moldflow Inventor Tool Suite Integration 2012 Job Manager;C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [2011-8-2 848704]R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-3-6 113264]R2 TAMA;TA Message Agent (TAMA);C:\Program Files (x86)\TA Instruments\Thermal Advantage\Qseries\Tama.exe [2011-10-4 2337792]R2 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2011-5-9 502464]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-9 2656280]R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144]R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\Windows\System32\drivers\ArcSoftVCapture.sys [2011-5-9 32192]R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-16 115216]R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-5-8 344616]R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-5-8 39464]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-1 25928]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144]S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2012-6-9 89192]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2012-5-1 71168]S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-5-10 1431888]S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-3-8 174680]S3 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2011-5-8 26712]S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-4-15 36680]S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 130008]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-1 19456]S3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012;C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2012-4-9 114824]S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2011-1-15 1116656]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-1 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-1 30208]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-9 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464].=============== File Associations ===============.FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"ShellExec: FrameMaker9.exe: Edit="C:\Program Files (x86)\adobe\framemaker 9\FrameMaker.exe" -ie "%1".=============== Created Last 30 ================.2013-05-15 19:46:26 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{25791E02-B5AE-471F-9D10-BBD8B487DE41}\mpengine.dll2013-05-15 18:13:28 9317456 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-05-15 17:17:27 98816 ----a-w- C:\Windows\sed.exe2013-05-15 17:17:27 256000 ----a-w- C:\Windows\PEV.exe2013-05-15 17:17:27 208896 ----a-w- C:\Windows\MBR.exe2013-05-14 19:14:09 17613192 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe2013-04-30 16:31:00 -------- d-----w- C:\Program Files (x86)\SpeedFan2013-04-30 04:07:10 -------- d-----w- C:\components2013-04-29 23:07:35 -------- d-----w- C:\Program Files (x86)\Hulu Downloader2013-04-29 23:07:32 -------- d-----w- C:\Program Files (x86)\Conduit2013-04-29 23:07:21 -------- d-----w- C:\Users\student\AppData\Local\Conduit2013-04-29 23:06:31 -------- d-----w- C:\Users\student\AppData\Local\CRE2013-04-29 23:03:20 -------- d-----w- C:\Users\student\AppData\Roaming\AnvSoft2013-04-29 21:07:55 -------- d-----w- C:\Users\student\AppData\Roaming\PACE Anti-Piracy2013-04-29 21:07:55 -------- d-----w- C:\Users\student\AppData\Local\PACE Anti-Piracy2013-04-29 21:07:55 -------- d-----w- C:\ProgramData\PACE Anti-Piracy2013-04-24 15:48:14 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys2013-04-23 13:58:28 905296 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5706D99D-5594-47B6-A213-70844C1EED45}\gapaengine.dll2013-04-17 01:46:25 -------- d-----w- C:\Program Files (x86)\Amazon2013-04-16 02:12:32 36680 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys.==================== Find3M ====================.2013-05-14 19:14:19 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-05-14 19:14:19 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-04-11 14:22:56 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll2013-04-11 14:22:56 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll2013-04-04 19:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe2013-03-01 03:36:04 3153408 ----a-w- C:\Windows\System32\win32k.sys.============= FINISH: 18:04:04.14 ===============attach.txt.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1Install Date: 8/16/2012 12:17:56 AMSystem Uptime: 5/15/2013 2:52:20 PM (4 hours ago).Motherboard: Hewlett-Packard | | 161CProcessor: Intel® Core i5-2520M CPU @ 2.50GHz | CPU 1 | 1975/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 116 GiB total, 16.643 GiB free.D: is FIXED (NTFS) - 182 GiB total, 155.212 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP174: 5/13/2013 9:14:11 PM - Windows Update.==== Installed Programs ======================.64 Bit HP CIO Components InstallerActiveCheck component for HP Active Support LibraryAdobe Acrobat X Pro - English, Français, DeutschAdobe After Effects CS5.5Adobe AIRAdobe Anchor Service CS4Adobe Community HelpAdobe Content ViewerAdobe Creative Suite 5.5 Design PremiumAdobe Director 11.5Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe FrameMaker 9Adobe FrameMaker CSTI DriverAdobe FrameMaker Dependencies DriverAdobe Linguistics CS4Adobe PDF Library Files CS4Adobe Premiere Pro CS5.5Adobe Reader X (10.1.0)Adobe SetupAdobe Shockwave Player 11.6Adobe StoryAdobe Update Manager CS4Adobe Widget BrowserAECS55_64Amazon MP3 Downloader 1.0.17Apple Application SupportApple Mobile Device SupportApple Software UpdateArcGIS ArcInfo WorkstationArcGIS Desktop 10ArcGIS Desktop 10 Tutorial DataArcSoft Webcam Sharing ManagerATI Catalyst Install ManagerAutoCAD 2012 - EnglishAutoCAD 2012 - English SP2AutoCAD 2012 Language Pack - EnglishAutoCAD Civil 3D 2012AutoCAD Civil 3D 2012 32 Bit Object Enabler on Autodesk Content Service - Language NeutralAutoCAD Civil 3D 2012 32 Bit Object Enabler on Autodesk Inventor Professional 2012 - Language NeutralAutoCAD Civil 3D 2012 32 Bit Object Enabler on Autodesk® Storm and Sanitary Analysis 2012 - Language NeutralAutoCAD Civil 3D 2012 Language Pack - EnglishAutoCAD Civil 3D 2012 SP1Autodesk Content ServiceAutodesk Design Review 2012Autodesk Inventor Fusion 2012Autodesk Inventor Fusion 2012 Language PackAutodesk Inventor Fusion for Inventor 2012 Add-inAutodesk Inventor Fusion for Inventor 2012 Add-in Language PackAutodesk Inventor Fusion plug-in for AutoCAD 2012Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012Autodesk Inventor Professional 2012Autodesk Inventor Professional 2012 EnglishAutodesk Inventor Professional 2012 English Language PackAutodesk Inventor Professional 2012 SP1Autodesk Material Library 2012Autodesk Material Library Base Resolution Image Library 2012Autodesk Material Library Low Resolution Image Library 2012Autodesk Material Library Medium Resolution Image Library 2012Autodesk Revit Architecture 2012Autodesk Revit Architecture 2012 UR2Autodesk Revit Structure 2012Autodesk Revit Structure 2012 UR2Autodesk® Storm and Sanitary Analysis 2012Autodesk® Storm and Sanitary Analysis 2012 x64 Plug-inBonjourBootstrapperBroadcom 2070 Bluetooth 3.0Catalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization AllCatalyst Control Center Profiles Mobileccc-core-staticccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishD3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDell Photo AIO Printer 926DesignPremCS55_64DirectX 9 RuntimeEA SPORTS Game Face Browser Plugin 1.8.0.0Eco Materials Adviser (x64)Energy Star Digital LogoEPSON SX125 Series Printer UninstallFARO LS 1.1.406.58FileASSASSINFLASHbrief Univ of Wisconsin StoutGoogle ChromeGoogle Update HelperHotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)HP 3D DriveGuardHP AutoHP Battery CheckHP Customer Experience EnhancementsHP DocumentationHP ESU for Microsoft Windows 7HP HotKey SupportHP Software FrameworkHP System Default SettingsHP Web CameraHP WebcamHP Webcam DriverHPAsset component for HP Active Support LibraryIBM SPSS Statistics 20iCloudIDT AudioInsight 8.1 for 64 BitinstallDriveMapperIntel® Identity Protection Technology 1.0.71.0Intel® Management Engine ComponentsIntel® Network Connections DriversIntel® PROSet/Wireless for Bluetooth® + High SpeedIntel® Rapid Storage TechnologyiTunesJava 7 Update 13Java Auto UpdaterJavaFX 2.1.0JMicron 1394 Filter DriverJMicron Flash Media Controller DriverLSI HDA ModemMalwarebytes Anti-Malware version 1.75.0.1300Maple 16Micro-Cap 10 EvaluationMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)Microsoft Endpoint Protection Management ComponentsMicrosoft Forefront Endpoint ProtectionMicrosoft Forefront Endpoint Protection 2010 Server ManagementMicrosoft Office 2003 Web ComponentsMicrosoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft Security ClientMicrosoft SilverlightMicrosoft SQL Server 2008 Native ClientMicrosoft SQL Server Compact 3.5 SP2 ENUMicrosoft SQL Server Compact 3.5 SP2 x64 ENUMicrosoft Visual Basic Power Packs 3.0Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENUMicrosoft Visual Studio 2005 Tools for Applications - ENUMicrosoft Visual Studio Tools for Applications 2.0 - ENUMicrosoft Visual Studio Tools for Applications 2.0 RuntimeMicrosoft WSE 3.0 RuntimeMinitab 16Minitab16MSVCRTMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Music ManagerParker Isysnet Analog Module ProfilesParker Isysnet ASCII Module ProfileParker Isysnet Discrete Module ProfilesParker Isysnet Discrete Module Profiles 2Parker Isysnet Discrete Module Profiles 3PDF Report Writer (novaPDF 6.4 printer)PDF Settings CS5PremiereCS55_64Quick Uninstall Tool for Autodesk Inventor 2012QuickTimeRBVirtualFolder64InstRenesas Electronics USB 3.0 Host Controller DriverRespondus LockDown BrowserRevit Architecture 2012Revit Architecture 2012 Language Pack - EnglishRevit Structure 2012Revit Structure 2012 Language Pack - EnglishRockwell Automation 1732 Discrete Module ProfilesRockwell Automation 1734 Analog Module ProfilesRockwell Automation 1734 ASCII Module ProfilesRockwell Automation 1734 Discrete Module ProfilesRockwell Automation 1734 Discrete Module Profiles 2Rockwell Automation 1734 Specialty Module ProfilesRockwell Automation 1738 Analog Module ProfilesRockwell Automation 1738 ASCII Module ProfilesRockwell Automation 1738 Discrete Module ProfilesRockwell Automation 1738 Discrete Module Profiles 2Rockwell Automation 1738 Discrete Module Profiles 3Rockwell Automation 1738 Specialty Module ProfilesRockwell Automation 1756 CNet Comms Module ProfilesRockwell Automation 1756 ENet Comms Module ProfilesRockwell Automation 1756 HART Module ProfilesRockwell Automation 1769 Analog Module ProfilesRockwell Automation 1769 ASCII Module ProfilesRockwell Automation 1769 Boolean Module ProfilesRockwell Automation 1769 Controller Module ProfilesRockwell Automation 1769 Discrete Module ProfilesRockwell Automation 1769 Embedded Module ProfilesRockwell Automation 1769 Specialty Module ProfilesRockwell Automation 1791DS Discrete Module ProfilesRockwell Automation Drives PowerFlex 4 Module ProfilesRockwell Automation Drives PowerFlex 7 2 Module ProfilesRockwell Automation Drives PowerFlex 7 Module ProfilesRockwell Automation Drives SCANport Module ProfilesRockwell Automation Generic Safety Module ProfilesRoxio Activation ModuleRoxio CinePlayer Decoder PackRoxio Express Labeler 3Roxio MyDVD Business 2010Roxio Secure BurnRSLogix 5000 Module Profile CoreRSLogix 5000 Module Profile Setup UtilityRSLogix 5000 Online Books v17.00.00RSLogix 5000 Setup InstallerRSLogix 5000 Start Page Media v17.00.05RSLogix 5000 System UpdatesRSLogix 5000 v17.00.00 (CPR 9 SR 1) DemoSassafras K2 ClientSDKSecurity Update for CAPICOM (KB931906)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit EditionSecurity Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687501) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 32-Bit EditionSecurity Update for Microsoft OneNote 2010 (KB2760600) 32-Bit EditionSecurity Update for Microsoft Visio 2010 (KB2760762) 32-Bit EditionSecurity Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit EditionSecurity Update for Microsoft Word 2010 (KB2760410) 32-Bit EditionSES DriverSkype™ 6.0SolidWorks 2012 x64 Edition SP04SolidWorks eDrawings 2012 x64 Edition SP04SolidWorks Flow Simulation 2012 SP04 x64 Edition SpeedFan (remove only)SpotifySuite Shared Configuration CS4swMSMSynaptics Pointing Device DriverTA Advantage (Thermal / Rheology)TI Connect 1.6Unity Web PlayerUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553092)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553378) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598242) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687503) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687509) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2767886) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2597090) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2598240) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit EditionUW-Stout Web Software InstallationVBA (2627.01)Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWinEst.==== Event Viewer Messages From Past Week ========.5/9/2013 8:41:45 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={22602BD4-1E6E-4365-ACF1-F60C619E6FC9}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. The requested name is valid, but no data of the requested type was found.5/9/2013 11:09:19 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Telephony service, but this action failed with the following error: An instance of the service is already running.5/9/2013 11:09:19 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DNS Client service, but this action failed with the following error: An instance of the service is already running.5/9/2013 11:07:26 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS\Applications.5/9/2013 11:07:19 PM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/9/2013 11:07:19 PM, Error: Service Control Manager [7031] - The Telephony service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/9/2013 11:07:19 PM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.5/9/2013 11:07:19 PM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/9/2013 11:07:19 PM, Error: Service Control Manager [7031] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/9/2013 11:06:37 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Modules Installer service, but this action failed with the following error: An instance of the service is already running.5/9/2013 11:04:37 PM, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/9/2013 11:04:19 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Backup Error Code: 0x8050800c Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. Signature version: 1.149.1591.0;1.149.1591.0 Engine version: 1.1.9402.05/9/2013 11:04:16 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a004 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. Signature version: 1.149.1595.0;1.149.1595.0 Engine version: 1.1.9402.05/9/2013 11:03:54 PM, Error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\Windows\katrk64.dll5/9/2013 11:03:27 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{33e3bad5-e761-11e1-8ed7-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{929E8D32-B353-40B0-B929-F8311EEFC788}' was corrupted and it has been recovered. Some data might have been lost.5/9/2013 11:03:04 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver has successfully restarted.5/9/2013 11:03:01 PM, Error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\Program Files\Autodesk\Revit Architecture 2012\Program\PlugIns\crypto\qca-ossl_Ad_2.dll5/9/2013 11:03:01 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.5/9/2013 11:03:01 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.5/9/2013 11:03:01 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.5/8/2013 11:33:36 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={CF60E797-AB84-4E63-934F-865720D3D8E0}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. The requested name is valid, but no data of the requested type was found.5/8/2013 11:33:06 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={66BCF8EF-39C5-4486-B325-25D239F8554B}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. The requested name is valid, but no data of the requested type was found.5/8/2013 11:18:07 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={020C1D5F-B423-4997-9412-1BD58C034C59}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.5/8/2013 11:17:42 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={0047E7AF-A049-46E3-B9FD-04FB76F15BCE}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.5/8/2013 11:16:39 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={BB4F3305-E7D2-4AF1-ACD4-42EADF7F7D6F}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. The requested name is valid, but no data of the requested type was found.5/15/2013 6:03:36 PM, Error: Service Control Manager [7016] - The TA Message Agent (TAMA) service has reported an invalid current state 0.5/15/2013 12:32:43 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.5/15/2013 12:28:57 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.5/15/2013 12:02:13 PM, Error: Service Control Manager [7034] - The Superfetch service terminated unexpectedly. It has done this 3 time(s).5/15/2013 12:01:12 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/15/2013 12:00:11 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/15/2013 11:58:38 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041790, 0xfffffa80018561c0, 0x000000000000ffff, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 051513-26566-01.5/15/2013 11:58:34 AM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Multimedia Class Scheduler service which failed to start because of the following error: The specified procedure could not be found.5/15/2013 11:58:32 AM, Error: Service Control Manager [7023] - The Multimedia Class Scheduler service terminated with the following error: The specified procedure could not be found.5/15/2013 11:07:50 AM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.5/15/2013 11:07:36 AM, Error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\Program Files (x86)\ArcGIS\Desktop10.0\Bin\GALayerUI.dll5/15/2013 10:40:34 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.5/15/2013 10:40:34 AM, Error: Service Control Manager [7000] - The HP Software Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.5/15/2013 10:40:34 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service hpqwmiex with arguments "" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E}5/15/2013 10:36:58 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.5/15/2013 10:36:58 AM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.5/15/2013 1:12:46 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the KeyAccess service.5/14/2013 6:15:58 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\System32\config\COMPONENTS' was corrupted and it has been recovered. Some data might have been lost.5/14/2013 5:12:39 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\RegBack\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.5/14/2013 3:58:05 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={95A4B76A-1BB9-4E7A-BDC9-9F0DACFFFDA9}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. The requested name is valid, but no data of the requested type was found.5/14/2013 3:47:55 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={DC59B854-8363-4426-8A1D-D39036796E41}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. The requested name is valid, but no data of the requested type was found.5/14/2013 2:47:43 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{3EAD70D7-93EA-4362-8B92-C53CD41E34FB} because another computer on the network has the same name. The server could not start.5/13/2013 9:25:21 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user C-A0B3CC2021E4\student SID (S-1-5-21-562460011-2860772844-665103494-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.5/13/2013 9:25:21 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user C-A0B3CC2021E4\student SID (S-1-5-21-562460011-2860772844-665103494-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.5/13/2013 7:49:15 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.5/13/2013 7:44:15 PM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 3 time(s).5/13/2013 7:44:15 PM, Error: Service Control Manager [7034] - The User Profile Service service terminated unexpectedly. It has done this 3 time(s).5/13/2013 7:44:15 PM, Error: Service Control Manager [7034] - The Themes service terminated unexpectedly. It has done this 3 time(s).5/13/2013 7:44:15 PM, Error: Service Control Manager [7034] - The Task Scheduler service terminated unexpectedly. It has done this 3 time(s).5/13/2013 7:44:15 PM, Error: Service Control Manager [7034] - The System Event Notification Service service terminated unexpectedly. It has done this 3 time(s).5/13/2013 7:44:15 PM, Error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 3 time(s).5/13/2013 7:44:15 PM, Error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 3 time(s).5/13/2013 7:44:15 PM, Error: Service Control Manager [7034] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 3 time(s).5/13/2013 7:44:15 PM, Error: Service Control Manager [7034] - The IP Helper service terminated unexpectedly. It has done this 3 time(s).5/13/2013 7:44:15 PM, Error: Service Control Manager [7034] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 3 time(s).5/13/2013 7:44:15 PM, Error: Service Control Manager [7034] - The Certificate Propagation service terminated unexpectedly. It has done this 3 time(s).5/13/2013 7:44:15 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 7:44:15 PM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.5/13/2013 7:44:15 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 7:44:15 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 7:44:13 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.5/13/2013 7:41:13 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The Certificate Propagation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.5/13/2013 7:39:13 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7034] - The KeyAccess service terminated unexpectedly. It has done this 1 time(s).5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7031] - The Certificate Propagation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 7:37:11 PM, Error: Service Control Manager [7001] - The TA Message Agent (TAMA) service depends on the Remote Access Connection Manager service which failed to start because of the following error: The operation completed successfully.5/13/2013 7:18:33 PM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).5/12/2013 9:21:51 PM, Error: Microsoft-Windows-SharedAccess_NAT [30009] - The DHCP allocator encountered a network error while attempting to reply on IP address 0.0.0.0 to a request from a client. The data is the error code.5/11/2013 12:38:30 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Microsoft Antimalware Service service, but this action failed with the following error: An instance of the service is already running.5/11/2013 12:38:15 AM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.5/11/2013 10:14:18 AM, Error: Service Control Manager [7034] - The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).5/10/2013 8:11:10 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver has successfully restarted.5/10/2013 8:11:07 PM, Error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\Help\contexthelp\PLOTSTYLE_CLI.htm5/10/2013 8:11:07 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.5/10/2013 8:11:07 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.5/10/2013 8:11:07 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly..==== End Of File =========================== Link to post Share on other sites More sharing options...
Maniac Posted May 16, 2013 ID:680353 Share Posted May 16, 2013 Step 1Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.Step 2Please download AdwCleaner from here and save it on your Desktop. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.Now click on the Search tab.Please post the contents of the log-file created in your next post.Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.Step 3Please add to exclusions in Microsoft Forefront Endpoint Protection the following files:C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exehttp://support.microsoft.com/kb/943556Step 4 Download on the desktop RogueKiller Quit all programs Start RogueKiller.exe Wait until Prescan has finished ... Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.In your next reply, post the following log files:Junkware Removal Tool logAdwCleaner logRogueKiller log Link to post Share on other sites More sharing options...
dachel12 Posted May 16, 2013 Author ID:680390 Share Posted May 16, 2013 Here are the logs~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 4.9.4 (05.06.2013:1)OS: Windows 7 Professional x64Ran by student on Thu 05/16/2013 at 11:04:17.91~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownloadSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.comSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\ib updaterSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\imSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminentSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstallerSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearchSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetimSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetimSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopesSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossriderSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\pricegongSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbarSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\putlockerdownloaderSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibar_install_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibar_install_rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibartoolbar_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibartoolbar_rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\putlockerdownloader_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\putlockerdownloader_rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3298573Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BC1D158E-B00D-4C7E-BA14-1DED15942F86}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} ~~~ FilesSuccessfully deleted: [File] "C:\end"~~~ FoldersSuccessfully deleted: [Folder] "C:\ProgramData\tarma installer"Successfully deleted: [Folder] "C:\Users\student\appdata\local\conduit"Successfully deleted: [Folder] "C:\Users\student\appdata\locallow\conduit"Successfully deleted: [Folder] "C:\Users\student\appdata\locallow\incredibar.com"Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"Successfully deleted: [Folder] "C:\Program Files (x86)\perion"~~~ ChromeSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Thu 05/16/2013 at 11:28:00.44End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~# AdwCleaner v2.300 - Logfile created 05/16/2013 at 11:32:49# Updated 28/04/2013 by Xplode# Operating system : Windows 7 Professional Service Pack 1 (64 bits)# User : student - C-A0B3CC2021E4# Boot Mode : Normal# Running from : D:\Student Data\Desktop\adwcleaner.exe# Option [search]***** [services] ********** [Files / Folders] *****File Found : C:\user.jsFolder Found : C:\Program Files (x86)\PutLockerDownloaderFolder Found : C:\Users\student\AppData\Local\APNFolder Found : C:\Users\student\AppData\Local\PutLockerDownloader***** [Registry] *****Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{162E06EC-4E38-4809-AE76-BF2400D34334}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\apfdadfinodckpcehhdhjlgiphgnbfciKey Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjgKey Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfdKey Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfdKey Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]***** [internet Browsers] *****-\\ Internet Explorer v10.0.9200.16537[OK] Registry is clean.-\\ Google Chrome v26.0.1410.64File : C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] File is clean.*************************AdwCleaner[R1].txt - [3612 octets] - [16/05/2013 11:32:49]########## EOF - C:\AdwCleaner[R1].txt - [3672 octets] ##########RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : student [Admin rights]Mode : Scan -- Date : 05/16/2013 11:41:06| ARK || FAK || MBR |¤¤¤ Bad processes : 2 ¤¤¤[sUSP PATH] keyacc32.exe -- C:\Windows\keyacc32.exe [7] -> KILLED [TermProc][sUSP PATH] kass.exe -- C:\Windows\kass.exe [7] -> KILLED [TermProc]¤¤¤ Registry Entries : 15 ¤¤¤[RUN][sUSP PATH] HKCU\[...]\Run : MusicManager ("C:\Users\student\AppData\Local\Programs\Google\MusicManager\MusicManager.exe") [-] -> FOUND[RUN][sUSP PATH] HKUS\S-1-5-21-562460011-2860772844-665103494-1001[...]\Run : MusicManager ("C:\Users\student\AppData\Local\Programs\Google\MusicManager\MusicManager.exe") [-] -> FOUND[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\Run : KeyAccess (C:\Windows\kass.exe) [7] -> FOUND[TASK][sUSP PATH] Insight Update : C:\ProgramData\Stratasys\Check For Updates\InsightUpdater.exe /silent /NOFOCUS [-] -> FOUND[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[APPINIT][sUSP PATH] HKLM\[...]\Windows : AppInit_DLLs (C:\Windows\katrk64.dll) [7] -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\Windows\system32\drivers\etc\hosts127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: Hitachi HTS723232A7A364 +++++--- User ---[MBR] afbc97b7c76dd0c61e59b0b5521c4859[bSP] 0dd7cc57ab9248e12c96f746c02663b4 : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 118784 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 243271680 | Size: 186459 MoUser = LL1 ... OK!User != LL2 ... KO!--- LL2 ---[MBR] bed3ea96e035dd26e952e3b6192504ff[bSP] 68983dad2104e766036c2ad96a1dd331 : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 61440 Mo2 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 128000000 | Size: 1000 Mo3 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 131999744 | Size: 1000 MoFinished : << RKreport[1]_S_05162013_02d1141.txt >>RKreport[1]_S_05162013_02d1141.txt Link to post Share on other sites More sharing options...
Maniac Posted May 16, 2013 ID:680399 Share Posted May 16, 2013 Did you add the files in exclusions?Please re-run AdwCleanerClick on Delete button.Confirm each time with OK.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number. Link to post Share on other sites More sharing options...
dachel12 Posted May 16, 2013 Author ID:680403 Share Posted May 16, 2013 Yes I did. I will rerun AdwCleaner right now Link to post Share on other sites More sharing options...
dachel12 Posted May 16, 2013 Author ID:680425 Share Posted May 16, 2013 I'm sorry that it is taking a long time, but when it tried to restart, my computer started installing updates and it is taking a long time Link to post Share on other sites More sharing options...
Maniac Posted May 16, 2013 ID:680427 Share Posted May 16, 2013 Take your time. Link to post Share on other sites More sharing options...
dachel12 Posted May 16, 2013 Author ID:680467 Share Posted May 16, 2013 Here is my AdwCleaner log. Thanks for your patience!# Operating system : Windows 7 Professional Service Pack 1 (64 bits)# User : student - C-A0B3CC2021E4# Boot Mode : Normal# Running from : D:\Student Data\Desktop\adwcleaner.exe# Option [Delete]***** [services] ********** [Files / Folders] *****File Deleted : C:\user.jsFolder Deleted : C:\Program Files (x86)\PutLockerDownloaderFolder Deleted : C:\Users\student\AppData\Local\APNFolder Deleted : C:\Users\student\AppData\Local\PutLockerDownloader***** [Registry] *****Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{162E06EC-4E38-4809-AE76-BF2400D34334}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\apfdadfinodckpcehhdhjlgiphgnbfciKey Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjgKey Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfdKey Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]***** [internet Browsers] *****-\\ Internet Explorer v10.0.9200.16537[OK] Registry is clean.-\\ Google Chrome v26.0.1410.64File : C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] File is clean.*************************AdwCleaner[R1].txt - [3735 octets] - [16/05/2013 11:32:49]AdwCleaner[R2].txt - [3795 octets] - [16/05/2013 12:00:28]AdwCleaner[R3].txt - [3914 octets] - [16/05/2013 12:00:57]AdwCleaner[s1].txt - [327 octets] - [16/05/2013 12:00:43]AdwCleaner[s2].txt - [3725 octets] - [16/05/2013 12:01:22]########## EOF - C:\AdwCleaner[s2].txt - [3785 octets] ########## Link to post Share on other sites More sharing options...
Maniac Posted May 16, 2013 ID:680476 Share Posted May 16, 2013 Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version. Go to Scanner tab and select Perform Quick Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately. Link to post Share on other sites More sharing options...
dachel12 Posted May 16, 2013 Author ID:680488 Share Posted May 16, 2013 here is the logMalwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.orgDatabase version: v2013.05.16.09Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16540student :: C-A0B3CC2021E4 [administrator]5/16/2013 3:44:46 PMmbam-log-2013-05-16 (15-44-46).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 235522Time elapsed: 5 minute(s), 18 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
Maniac Posted May 16, 2013 ID:680493 Share Posted May 16, 2013 Now please try to perform a full system scan. Link to post Share on other sites More sharing options...
dachel12 Posted May 16, 2013 Author ID:680497 Share Posted May 16, 2013 Alrighty, will do. Link to post Share on other sites More sharing options...
dachel12 Posted May 16, 2013 Author ID:680553 Share Posted May 16, 2013 The full scan ran great. Thank you so much!! Link to post Share on other sites More sharing options...
Maniac Posted May 16, 2013 ID:680559 Share Posted May 16, 2013 Glad I could help! Download OTC to your desktop and run itClick Yes to beginning the Cleanup process and remove these components, including this application.You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.Next:Double click on AdwCleaner.exe to run the tool.Click on UninstallConfirm with YesSafe surfing! Link to post Share on other sites More sharing options...
LDTate Posted May 18, 2013 ID:681206 Share Posted May 18, 2013 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts