Jump to content

Windows 7 Home Premium PC won't start...


Recommended Posts

So, I recently bought a game from Game, called 'Divinity Anthology'. Halfway through the installation, a BSOD appeared and the PC shut down. Now I can no longer boot into Windows normally, through safe mode, or through Startup Repair so repairs can be made. I have Kaspersky Internet Security 2013 installed with real time activated, Windows 7 Ultimate install CD, with no product key, Kaspersky Rescue Disk, and Bitdefender Rescue Disk, but I won't be able to update them as my internet connectivity is through WiFi. Unfortunately, I can't run HJT as well...

Thanks for your help! :)

Link to post
Share on other sites

Welcome to the forum, see if you can do this:

  • Please download Farbar Recovery Scan Tool and save it to a flash drive.

    Please make sure you click download buttons that look like this, not "sponsored ad links":

    bleep-crop.jpg

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    Plug the flash drive into the infected PC.

  • If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:

    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.
    Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.

    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html

    To enter System Recovery Options by using Windows installation disc:

    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:
      • Startup Repair

        System Restore

        Windows Complete PC Restore

        Windows Memory Diagnostic Tool

        Command Prompt

        Select Command Prompt

        Once in the Command Prompt:

    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter

      Note: Replace letter e with the drive letter of your flash drive.

    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
MrC
Link to post
Share on other sites

This will work if you have a good system restore point and can get to the Command prompt: (If it doesn't work the first time keep trying...you may be able get it)

Step 1: Use F8 to Boot to SafeMode With Command Prompt or Command Prompt

Step 2: Type the word "explorer" in black screen > enter

Step 3: Then Navigate to:

Win XP: C:\windows\system32\restore\rstrui.exe and press Enter

Win Vista/Seven: C:\windows\system32\rstrui.exe and press Enter (double click rstrui.exe)

Step 4: Restore Computer to Date you know you were virus free

Step 5: See if it boots up normally.....post on the forum so we can ensure the computers clean

MrC

Link to post
Share on other sites

Good, run RK first and then FRST:

Please download and run RogueKiller 32 Bit to your desktop.

RogueKiller 64 Bit <---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

===============================

Please download Farbar Recovery Scan Tool (FRST) and save it to a folder.

(use correct version for your system.....Which system am I using?)

FRST <----for 32 bit systems

FRST64 <----for 64 bit systems

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
If the logs are large, you can attach them:

To attach a log:

Bottom right corner of this page.

reply1.jpg

New window that comes up.

replyer1.jpg

MrC

Link to post
Share on other sites

RK log:

RogueKiller V8.8.8 _x64_ [Feb 19 2014] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://forum.adlice.com

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Daniel [Admin rights]

Mode : Scan -- Date : 02/23/2014 19:14:03

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤

[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

::1 localhost #[iPv6]

0.0.0.0 fr.a2dfp.net

0.0.0.0 m.fr.a2dfp.net

0.0.0.0 mfr.a2dfp.net

0.0.0.0 ad.a8.net

0.0.0.0 asy.a8ww.net

0.0.0.0 abcstats.com

0.0.0.0 a.abv.bg

0.0.0.0 adserver.abv.bg

0.0.0.0 adv.abv.bg

0.0.0.0 bimg.abv.bg

0.0.0.0 ca.abv.bg

0.0.0.0 www2.a-counter.kiev.ua

0.0.0.0 track.acclaimnetwork.com

0.0.0.0 accuserveadsystem.com

0.0.0.0 www.accuserveadsystem.com

0.0.0.0 achmedia.com

0.0.0.0 csh.actiondesk.com

0.0.0.0 ads.activepower.net

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10 JPVT-60A1YT0 SATA Disk Device +++++

--- User ---

[MBR] 70928e14e3c2deeb23d12da2d4882c32

[bSP] ad688a136b59c9b14840030d68dceb04 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 929324 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1903665152 | Size: 20282 Mo

3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1945202688 | Size: 4062 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[0]_S_02232014_191403.txt >>

Link to post
Share on other sites

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-02-2014

Ran by Daniel (administrator) on HP-COMPUTER on 23-02-2014 19:18:46

Running from C:\Users\Daniel\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe

(AMD) C:\Windows\system32\atieclxx.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)

HKLM\...\Run: [setDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-08] (Hewlett-Packard Company)

HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [574008 2011-07-11] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [218880 2012-05-31] (Kaspersky Lab ZAO)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\Policies\system: [DisableLockWorkstation] 0

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\Policies\system: [DisableChangePassword] 0

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: G - G:\AutoRun.exe

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: {0cfa3be0-d710-11e1-8f84-a0b3cc7f74ca} - G:\AutoRun.exe

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: {2d3b2c99-d996-11e1-a8e7-a0b3cc7f74ca} - G:\AutoRun.exe

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: {2d3b2ca8-d996-11e1-a8e7-a0b3cc7f74ca} - G:\AutoRun.exe

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: {82502800-540c-11e2-b942-a0b3cc7f74ca} - G:\Startme.exe

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: {a51129c8-d726-11e1-907d-a0b3cc7f74ca} - G:\AutoRun.exe

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: {b8178bd6-d246-11e1-ba27-a0b3cc7f74ca} - G:\AutoRun.exe

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: {d9973fbe-85b7-11e3-8d47-a0b3cc7f74ca} - G:\AutoRun.exe

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: {f2b21368-d04e-11e1-b39b-a0b3cc7f74ca} - G:\AutoRun.exe

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: {f2b21376-d04e-11e1-b39b-a0b3cc7f74ca} - G:\AutoRun.exe

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: {fbb3dc71-d6fd-11e1-8603-a0b3cc7f74ca} - G:\AutoRun.exe

HKU\S-1-5-21-431592504-2756394911-1784212680-1001\...\MountPoints2: {fbb3dc76-d6fd-11e1-8603-a0b3cc7f74ca} - G:\AutoRun.exe

Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\Louisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2

SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKLM - {6CFE476D-5A9B-4DA2-9845-BBB998B54DB2} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}

SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKLM-x32 - {6CFE476D-5A9B-4DA2-9845-BBB998B54DB2} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}

SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKCU - {6CFE476D-5A9B-4DA2-9845-BBB998B54DB2} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}

BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-10-15] (EasyBits Software Corp.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Link to post
Share on other sites

n483456-A289-439d-8115-601632D005A0

2014-02-23 16:05 - 2009-07-14 04:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-23 15:59 - 2013-07-02 19:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-23 15:58 - 2014-02-02 21:56 - 00002405 _____ () C:\Windows\setupact.log

2014-02-23 15:58 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-23 08:25 - 2012-08-31 19:43 - 00000000 ____D () C:\Users\Louisa

2014-02-23 08:25 - 2012-07-19 15:06 - 00000000 ____D () C:\Users\Guest

2014-02-23 08:24 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\schemas

2014-02-23 08:23 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\registration

2014-02-23 08:19 - 2013-05-23 16:30 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Google

2014-02-23 08:18 - 2014-02-13 17:46 - 00000000 ____D () C:\AdwCleaner

2014-02-23 08:18 - 2013-12-13 18:47 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-02-23 08:18 - 2013-05-23 16:30 - 00000000 ____D () C:\Program Files (x86)\Google

2014-02-23 00:31 - 2012-07-17 13:42 - 00000000 ____D () C:\Users\Daniel

2014-02-22 00:18 - 2014-02-23 19:16 - 02153984 ____N (Farbar) C:\Users\Daniel\Desktop\FRST64.exe

2014-02-21 15:28 - 2014-02-21 15:28 - 00000000 ____D () C:\Larian Studios

2014-02-20 16:31 - 2013-12-03 16:17 - 31500288 _____ () C:\Users\Daniel\Documents\Windows 3.1.vhd

2014-02-20 16:30 - 2013-12-03 17:09 - 00000000 ____D () C:\Users\Daniel\Documents\Microsoft Windows NT 3.51 Server (3.51.1057.1)

2014-02-20 16:20 - 2013-04-18 17:12 - 00000000 ____D () C:\Users\Daniel\Documents\My Virtual Machines

2014-02-20 06:57 - 2014-02-13 18:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-19 22:47 - 2014-02-19 22:45 - 49940480 _____ () C:\Program Files (x86)\GUTC26.tmp

2014-02-18 20:02 - 2014-02-18 20:02 - 00000000 ____D () C:\Users\Louisa\.thumbnails

2014-02-18 19:59 - 2014-02-18 19:59 - 00000000 ____D () C:\Users\Louisa\AppData\Local\Oblivion

2014-02-13 18:21 - 2013-07-22 16:57 - 00000000 ____D () C:\Windows\system32\MRT

2014-02-13 14:33 - 2014-02-13 14:33 - 00717109 _____ () C:\Users\Louisa\Downloads\Attachments_2014213 (1).zip

2014-02-13 14:30 - 2014-02-13 14:30 - 00717109 _____ () C:\Users\Louisa\Downloads\Attachments_2014213.zip

2014-02-13 14:29 - 2012-08-31 19:43 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DC5DB858-6FFC-4A8C-A298-FF7C6631DC4A}

2014-02-13 14:29 - 2012-07-17 13:49 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DC52867E-7841-4409-8BF4-EF5B1D68C4F8}

2014-02-12 14:14 - 2012-07-25 10:54 - 00000166 _____ () C:\Windows\SysWOW64\DOErrors.log

2014-02-07 18:56 - 2014-02-07 18:56 - 00000000 ____D () C:\Users\Daniel\.thumbnails

2014-02-07 18:55 - 2014-02-07 18:55 - 00001897 _____ () C:\Users\Public\Desktop\Blender.lnk

2014-02-07 18:55 - 2014-02-07 18:55 - 00000000 ____D () C:\Program Files\Blender Foundation

2014-02-07 18:50 - 2014-02-03 17:53 - 00000000 ____D () C:\Users\Daniel\Desktop\MS-DOS Shared Folder

2014-02-07 18:27 - 2014-02-07 18:51 - 52155552 ____N () C:\Users\Daniel\Documents\blender-2.69-windows64.exe

2014-02-07 04:33 - 2009-07-14 05:13 - 00006206 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-04 21:21 - 2013-01-01 12:16 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-02-04 21:21 - 2012-08-23 21:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-02-04 21:21 - 2011-10-15 06:07 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-02-04 20:38 - 2014-02-05 18:13 - 01166132 _____ () C:\Users\Daniel\Desktop\AdwCleaner.exe

2014-02-04 19:47 - 2013-07-02 19:34 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-02-04 18:14 - 2014-02-04 18:14 - 00003900 _____ () C:\Users\Daniel\Documents\Windows 7 Disk - product.ini.txt

2014-02-04 14:08 - 2012-09-05 12:58 - 00000000 ____D () C:\Users\Louisa\AppData\Local\CrashDumps

2014-02-03 22:20 - 2013-12-09 17:49 - 00001015 _____ () C:\Users\Louisa\Desktop\Notepad++.lnk

2014-02-03 22:20 - 2013-12-09 17:49 - 00001015 _____ () C:\Users\Guest\Desktop\Notepad++.lnk

2014-02-03 22:20 - 2013-12-09 17:49 - 00001015 _____ () C:\Users\Daniel\Desktop\Notepad++.lnk

2014-02-03 22:10 - 2014-02-03 22:08 - 16483248 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-consumer-2.00.0.0502.exe

2014-02-03 21:26 - 2014-02-03 21:36 - 29393568 ____N (SUPERAntiSpyware) C:\Users\Daniel\Downloads\SUPERAntiSpyware.exe

2014-02-03 19:00 - 2013-12-08 13:41 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\ImgBurn

2014-02-03 18:00 - 2014-02-03 18:01 - 00001837 _____ () C:\Users\Daniel\Desktop\Microsoft Virtual PC.lnk

2014-02-03 18:00 - 2014-02-03 18:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Virtual PC

2014-02-03 17:55 - 2014-01-08 18:08 - 00000000 ____D () C:\Users\Daniel\.VirtualBox

2014-02-03 17:43 - 2014-02-03 17:43 - 00000000 ____D () C:\Users\Daniel\Documents\VPC2004VMAdditions

2014-02-03 16:37 - 2014-02-03 17:42 - 09042775 ____N () C:\Users\Daniel\Documents\VPC2004VMAdditions.rar

2014-02-02 22:39 - 2014-02-02 22:39 - 00086160 _____ () C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT

2014-02-02 21:56 - 2014-02-02 21:56 - 00344064 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-02-02 21:56 - 2014-02-02 21:56 - 00000000 _____ () C:\Windows\setuperr.log

2014-02-01 22:18 - 2014-02-01 22:18 - 00000000 ____D () C:\Users\Daniel\Documents\LATEST_ADBlocking_HYBRID_27January2014_CWM

2014-02-01 21:53 - 2014-02-01 22:17 - 02467946 ____N () C:\Users\Daniel\Documents\LATEST_ADBlocking_HYBRID_27January2014_CWM.zip

2014-02-01 17:51 - 2012-07-20 21:26 - 00000000 ____D () C:\ProgramData\CanonIJPLM

2014-01-28 14:44 - 2014-01-28 14:44 - 00105074 _____ () C:\Users\Louisa\Downloads\Attachments_2014128.zip

2014-01-28 14:34 - 2014-01-28 14:34 - 00000000 ____D () C:\Users\Louisa\Documents\Fax

2014-01-27 16:34 - 2014-01-27 16:32 - 03618984 _____ () C:\Users\Louisa\Downloads\Attachments_2014127.zip

2014-01-25 12:34 - 2012-10-07 15:19 - 00000000 ____D () C:\Program Files (x86)\Java

2014-01-25 12:28 - 2014-01-25 12:19 - 00000000 ____D () C:\Users\Daniel\Documents\eclipse-standard-kepler-SR1-win32-x86_64

2014-01-25 12:24 - 2014-01-25 12:24 - 00000000 ____D () C:\ProgramData\Oracle

2014-01-25 12:22 - 2014-01-25 12:20 - 00006472 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-25 12:12 - 2014-01-25 12:12 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Mozilla

2014-01-25 12:12 - 2014-01-25 12:12 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Mozilla

2014-01-25 12:11 - 2014-01-25 12:11 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-01-25 12:11 - 2014-01-25 12:11 - 00000000 ____D () C:\ProgramData\Mozilla

2014-01-25 12:11 - 2014-01-25 12:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-01-25 12:11 - 2014-01-25 12:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:

====================

C:\Users\Daniel\AppData\Local\Temp\msxml6-KB927977-enu-amd64.exe

C:\Users\Daniel\AppData\Local\Temp\npp.6.5.2.Installer.exe

C:\Users\Daniel\AppData\Local\Temp\ntdll_dump.dll

C:\Users\Daniel\AppData\Local\Temp\xmlUpdater.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-01 17:00

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-02-2014

Ran by Daniel at 2014-02-23 19:19:22

Running from C:\Users\Daniel\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: Kaspersky Internet Security (Disabled - Out of date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}

AS: Kaspersky Internet Security (Disabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security (Disabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Reader X (10.1.4) MUI (x32 Version: 10.1.4 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (x32 Version: 12.0.0.112 - Adobe Systems, Inc.)

AMD APP SDK Runtime (Version: 2.5.775.2 - Advanced Micro Devices Inc.) Hidden

AMD Catalyst Install Manager (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)

AMD Fuel (Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

AMD Media Foundation Decoders (Version: 1.0.60928.0618 - Advanced Micro Devices, Inc.) Hidden

AMD Steady Video Plug-In (Version: 1.00.0000 - AMD) Hidden

AMD System Monitor (x32 Version: 1.0.9 - Advanced Micro Devices, Inc.)

AMD VISION Engine Control Center (x32 Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)

Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Bejeweled Deluxe 1.87 (x32 Version: - )

Bing Bar (x32 Version: 7.0.826.0 - Microsoft Corporation)

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Blender (Version: 2.69 - Blender Foundation)

Blio (x32 Version: 2.2.8188 - K-NFB Reading Technology, Inc.)

Bonjour (Version: 3.0.0.10 - Apple Inc.)

Canon MP280 series MP Drivers (Version: - )

Canon MP280 series User Registration (x32 Version: - )

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2011.0928.0606.9079 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2011.0928.607.9079 - Advanced Micro Devices, Inc.) Hidden

CCleaner (Version: 4.01 - Piriform)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)

Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden

CyberLink YouCam (x32 Version: 3.5.0.4528 - CyberLink Corp.)

CyberLink YouCam (x32 Version: 3.5.0.4528 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

ESU for Microsoft Windows 7 SP1 (x32 Version: 2.1.1 - Hewlett-Packard)

Evernote v. 4.2.3 (x32 Version: 4.2.3.22 - Evernote Corp.)

Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden

Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden

FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden

Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden

Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)

Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden

Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden

HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden

HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden

HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden

HP Documentation (x32 Version: 1.1.0.0 - Hewlett-Packard)

HP Games (x32 Version: 1.0.2.5 - WildTangent)

HP Launch Box (Version: 1.0.12 - Hewlett-Packard Company)

HP On Screen Display (x32 Version: 1.3.5 - Hewlett-Packard Company)

HP Power Manager (x32 Version: 1.4.4 - Hewlett-Packard Company)

HP Quick Launch (x32 Version: 2.5.2 - Hewlett-Packard Company)

HP QuickWeb (x32 Version: 3.1.1.10197 - Hewlett-Packard Company)

HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden

HP Security Assistant (Version: 1.0.12 - Hewlett-Packard)

HP Setup (x32 Version: 9.0.15076.3891 - Hewlett-Packard Company)

HP Setup Manager (x32 Version: 1.2.14901.3869 - Hewlett-Packard Company)

HP Software Framework (x32 Version: 4.5.1.1 - Hewlett-Packard Company)

HP Support Assistant (x32 Version: 6.1.12.1 - Hewlett-Packard Company)

iCloud (Version: 2.0.2.187 - Apple Inc.)

IDT Audio (x32 Version: 1.0.6341.0 - IDT)

ImgBurn (x32 Version: 2.5.8.0 - LIGHTNING UK!)

iTunes (Version: 11.1.3.8 - Apple Inc.)

Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden

John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Kaspersky Internet Security 2013 (x32 Version: 13.0.0.3370 - Kaspersky Lab)

Kaspersky Internet Security 2013 (x32 Version: 13.0.0.3370 - Kaspersky Lab) Hidden

Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden

Magic Desktop (x32 Version: 3.0 - EasyBits Software AS)

Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)

Microsoft Virtual PC 2007 (Version: 6.0.156.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319 - Microsoft Corporation)

Mozilla Firefox 22.0 (x86 en-US) (x32 Version: 22.0 - Mozilla)

Mozilla Maintenance Service (x32 Version: 22.0 - Mozilla)

MS Access 97 SP2 (x32 Version: - )

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

Notepad++ (x32 Version: 6.5.2 - Notepad++ Team)

Oblivion (x32 Version: 1.00.0000 - Bethesda Softworks)

opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden

Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden

PlayReady PC Runtime x86 (x32 Version: 1.3.0 - Microsoft Corporation)

Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden

QuickTime (x32 Version: 7.73.80.64 - Apple Inc.)

Realtek Ethernet Controller Driver (x32 Version: 7.40.126.2011 - Realtek)

Realtek PCIE Card Reader (x32 Version: 6.1.7601.83 - Realtek Semiconductor Corp.)

REALTEK Wireless LAN Driver (x32 Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)

Revo Uninstaller 1.95 (x32 Version: 1.95 - VS Revo Group)

RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden

Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)

Steam (x32 Version: - Valve Corporation)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (Version: 15.3.29.0 - Synaptics Incorporated)

The Elder Scrolls V: Skyrim (x32 Version: - Bethesda Game Studios)

The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden

Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)

Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden

WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (x32 Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points =========================

25-01-2014 12:19:30 Installed Java 7 Update 51

03-02-2014 17:57:14 Removed Oracle VM VirtualBox 4.2.12

03-02-2014 17:59:11 Removed Oracle VM VirtualBox 4.2.12

03-02-2014 18:00:22 Installed Microsoft Virtual PC 2007

13-02-2014 18:02:00 Windows Update

19-02-2014 23:06:15 Revo Uninstaller's restore point - Google Chrome

==================== Hosts content: ==========================

2009-07-14 02:34 - 2014-02-02 00:02 - 00584067 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

0.0.0.0 fr.a2dfp.net

0.0.0.0 m.fr.a2dfp.net

0.0.0.0 mfr.a2dfp.net

0.0.0.0 ad.a8.net

0.0.0.0 asy.a8ww.net

0.0.0.0 abcstats.com

0.0.0.0 a.abv.bg

0.0.0.0 adserver.abv.bg

0.0.0.0 adv.abv.bg

0.0.0.0 bimg.abv.bg

0.0.0.0 ca.abv.bg

0.0.0.0 www2.a-counter.kiev.ua

0.0.0.0 track.acclaimnetwork.com

0.0.0.0 accuserveadsystem.com

0.0.0.0 www.accuserveadsystem.com

0.0.0.0 achmedia.com

0.0.0.0 csh.actiondesk.com

0.0.0.0 ads.activepower.net

0.0.0.0 app.activetrail.com

0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]

0.0.0.0 traffic.acwebconnecting.com

0.0.0.0 office.ad1.ru

0.0.0.0 cms.ad2click.nl

0.0.0.0 ad2games.com

0.0.0.0 ads.ad2games.com

0.0.0.0 content.ad20.net

0.0.0.0 core.ad20.net

0.0.0.0 banner.ad.nu

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: {06D0AEDF-F619-4B1D-9914-F832812AB9AE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)

Task: {0CE6BBCD-C231-43E2-BDD4-097B34C80E90} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)

Task: {19D1F29B-C816-4751-95F4-35A7D92E496B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-10] (Hewlett-Packard Company)

Task: {25AE32EF-5557-4AEA-8015-EBEC7ADD948F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)

Task: {5D44EF21-FBC3-40C8-B82E-BD1E8E61AD6D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)

Task: {9383FBCA-6F42-4BB7-87F6-F76B38DA21D8} - System32\Tasks\{2F5881DD-870F-4913-8F25-4C56C3BB7C69} => F:\Setup.Now.exe

Task: {AF6CE6B3-E9F4-430A-8858-B0AF483C1078} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04] (Adobe Systems Incorporated)

Task: {B6B39B65-88AB-4453-87C4-48458787B0E4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-431592504-2756394911-1784212680-1001

Task: {B9FABC66-4D06-4D26-BE69-F8DEB40CD94C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)

Task: {D865D20C-821F-4F0C-AB60-F8F13AC81E89} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02] (Google Inc.)

Task: {E50C71BC-8B3D-4730-AFA7-C246840ABA9F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)

Task: {FEDA8637-7ACE-4E7F-BEAB-3C440935E69B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-09-28 13:19 - 2011-09-28 13:19 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2012-09-08 02:32 - 2012-09-08 02:32 - 00943504 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll

2012-06-18 15:24 - 2012-06-18 15:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll

2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (02/23/2014 05:44:03 PM) (Source: .NET Runtime) (User: )

Description: .NET Runtime version : 2.0.50727.5472 - Application ErrorApplication has generated an exception that could not be handled.

Process ID=0xe88 (3720), Thread ID=0x13b0 (5040).

Click OK to terminate the application.

Click CANCEL to debug the application.

Error: (02/23/2014 03:59:20 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/23/2014 00:28:09 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/20/2014 06:58:48 PM) (Source: MsiInstaller) (User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.

Error: (02/20/2014 06:58:36 PM) (Source: MsiInstaller) (User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.

Error: (02/20/2014 06:57:51 PM) (Source: MsiInstaller) (User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.

Error: (02/20/2014 06:57:50 PM) (Source: MsiInstaller) (User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.

Error: (02/20/2014 06:56:17 PM) (Source: MsiInstaller) (User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.

Error: (02/20/2014 06:56:15 PM) (Source: MsiInstaller) (User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.

Error: (02/20/2014 04:07:09 PM) (Source: Application Hang) (User: )

Description: The program Virtual PC.exe version 6.0.156.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1164

Start Time: 01cf2e5544f6504a

Termination Time: 60000

Application Path: C:\Program Files (x86)\Microsoft Virtual PC\Virtual PC.exe

Report Id: e1765224-9a48-11e3-b84b-a0b3cc7f74ca

System errors:

=============

Error: (02/23/2014 07:19:45 PM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/23/2014 07:18:45 PM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/23/2014 07:17:44 PM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/23/2014 07:16:43 PM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/23/2014 07:15:43 PM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/23/2014 07:14:42 PM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/23/2014 07:13:42 PM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/23/2014 07:12:38 PM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/23/2014 07:11:38 PM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/23/2014 07:10:37 PM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Microsoft Office Sessions:

=========================

Error: (02/23/2014 05:44:03 PM) (Source: .NET Runtime)(User: )

Description: .NET Runtime version : 2.0.50727.5472 - Application ErrorApplication has generated an exception that could not be handled.

Process ID=0xe88 (3720), Thread ID=0x13b0 (5040).

Click OK to terminate the application.

Click CANCEL to debug the application.

Error: (02/23/2014 03:59:20 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/23/2014 00:28:09 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/20/2014 06:58:48 PM) (Source: MsiInstaller)(User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/20/2014 06:58:36 PM) (Source: MsiInstaller)(User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/20/2014 06:57:51 PM) (Source: MsiInstaller)(User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/20/2014 06:57:50 PM) (Source: MsiInstaller)(User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/20/2014 06:56:17 PM) (Source: MsiInstaller)(User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/20/2014 06:56:15 PM) (Source: MsiInstaller)(User: HP-COMPUTER)

Description: Product: Angry Birds Star Wars -- Error 4130. There was an error during the Game Explorer configuration process.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/20/2014 04:07:09 PM) (Source: Application Hang)(User: )

Description: Virtual PC.exe6.0.156.0116401cf2e5544f6504a60000C:\Program Files (x86)\Microsoft Virtual PC\Virtual PC.exee1765224-9a48-11e3-b84b-a0b3cc7f74ca

==================== Memory info ===========================

Percentage of memory in use: 21%

Total physical RAM: 7657.41 MB

Available physical RAM: 6016.22 MB

Total Pagefile: 15312.99 MB

Available Pagefile: 13696.76 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:907.54 GB) (Free:754.49 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive d: (Recovery) (Fixed) (Total:19.81 GB) (Free:2.15 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: BBEEB5FC)

Partition: GPT Partition Type.

==================== End Of Log ============================

Link to post
Share on other sites

Download the attached fixlist.txt to the same folder as FRST.

Run FRST.exe and click Fix only once and wait

The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

Then......run ComboFix:

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

 

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.