Browser keeps opening with http://www.search.starburnsoftware.com/

Inactive
By Andrew717
Nov 10, 2012
Topic Status:
Not open for further replies.
  1. Everytime I open Mozilla or IE this webpage keeps popping up scans show nothing and manually resetting homepage and browser did not work. Please help. Tried the 5 steps nothing worked here are the logs.
  2. Andrew717

    Andrew717 Newcomer, in training Topic Starter

    Malwarebytes Anti-Malware 1.65.1.1000
    www.malwarebytes.org
    Database version: v2012.11.10.10
    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    User :: COMPUTER [administrator]
    11/10/2012 6:18:04 PM
    mbam-log-2012-11-10 (18-18-04).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 274098
    Time elapsed: 15 minute(s), 18 second(s)
    Memory Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 1
    HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
    Registry Values Detected: 1
    HKLM\SOFTWARE\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com (PUP.MyWebSearch) -> Data: C:\Program Files\MyWebSearch\bar\1.bin -> Quarantined and deleted successfully.
    Registry Data Items Detected: 0
    (No malicious items detected)
    Folders Detected: 0
    (No malicious items detected)
    Files Detected: 0
    (No malicious items detected)
    (end)
  3. Andrew717

    Andrew717 Newcomer, in training Topic Starter

    -------------------Your System-------------------
    Processor:
    Memory: Phys(902/2047 MB), PageFile(0/4095 MB)
    System: Windows Vista Service Pack 2
    SystemID: 6.0
    Metrics: 1440 * 900
    Language: English
    -------------------------------------------------
    #2012-05-06 22:27:41# Info: DVD Creator Start... Version: 2.6.4.23; Registered: False
    #2012-05-06 22:27:49# Info: WSBurn -> WSBurner Create...
    #2012-05-06 22:27:50# Info: WSBurn -> BurnDevices: E:DVD A DH16A6L-C
    #2012-05-06 22:28:51# Info: Main -> WMDropFiles -> files count: 1
    #2012-05-06 22:28:51# Info: WMDropFiles -> files [1] C:\Users\User\Desktop\New Folder\The Three Stooges 2012 TS XviD-26k\The Three Stooges 2012 TS XviD-26k.avi
    #2012-05-06 22:30:23# Info: uBurnSet -> Start Button Click, Do Burn...
    #2012-05-06 22:30:29# Info: WSBurn -> BurnDevices: E:DVD A DH16A6L-C
    #2012-05-06 22:30:29# Info: ConMgr -> DVD Folder: C:\Users\User\Documents\Aimersoft DVD Creator\Output\2012-05-06-223002
    #2012-05-06 22:30:29# Info: >>> DVD Folder Size: 3232.06 MB
    #2012-05-06 22:30:29# Info: >>> DVD Folder Needed Space: 6564 MB
    #2012-05-06 22:30:29# Info: >>> DVD Output Folder Free: 119672 MB
    #2012-05-06 22:30:30# Info: TWSBurner.CheckDisc: DiscType = 1
    #2012-05-06 22:30:30# Info: uBurn -> StartConvert, current BurnEngine is: [StarBurn]
    #2012-05-06 22:30:31# Info: >>>>Convert Call Back: Converting Title...
    #2012-05-06 23:16:30# Info: >>>>Convert Call Back: Converting Menu...
    #2012-05-06 23:17:57# Info: >>>>Convert Call Back: Converting DVD Folder: C:\Users\User\Documents\Aimersoft DVD Creator\Output\2012-05-06-223002
    #2012-05-06 23:30:00# Info: uBurn -> TfrmBurn.DoAfterConversion: >>>Start Burn ...
    #2012-05-06 23:30:00# Info: TWSBurner.CheckDisc: DiscType = 1
    #2012-05-06 23:30:00# Info: WSBurn -> Start to Burn... Folder: C:\Users\User\Documents\Aimersoft DVD Creator\Output\2012-05-06-223002; Label: the three stoog
    #2012-05-06 23:38:01# Info: >>> Finish Burn to disc!
    #2012-05-06 23:38:46# Info: TWSBurner.CheckDisc: DiscType = 0
  4. Andrew717

    Andrew717 Newcomer, in training Topic Starter

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-07.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 1/27/2009 11:28:43 PM
    System Uptime: 11/10/2012 5:48:20 PM (4 hours ago)
    .
    Motherboard: PEGATRON CORPORATION | | Acacia
    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ | Socket AM2 | 2400/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 286 GiB total, 6.374 GiB free.
    D: is FIXED (NTFS) - 12 GiB total, 11.585 GiB free.
    E: is CDROM ()
    G: is Removable
    H: is Removable
    I: is Removable
    J: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0008
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter
    PNP Device ID: ROOT\*6TO4MP\0008
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0011
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #2
    PNP Device ID: ROOT\*6TO4MP\0011
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0012
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #3
    PNP Device ID: ROOT\*6TO4MP\0012
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0020
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #4
    PNP Device ID: ROOT\*6TO4MP\0020
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0030
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #5
    PNP Device ID: ROOT\*6TO4MP\0030
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0032
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #6
    PNP Device ID: ROOT\*6TO4MP\0032
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0034
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #7
    PNP Device ID: ROOT\*6TO4MP\0034
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0035
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #8
    PNP Device ID: ROOT\*6TO4MP\0035
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0062
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #9
    PNP Device ID: ROOT\*6TO4MP\0062
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0075
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #10
    PNP Device ID: ROOT\*6TO4MP\0075
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0076
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #11
    PNP Device ID: ROOT\*6TO4MP\0076
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0077
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #12
    PNP Device ID: ROOT\*6TO4MP\0077
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0078
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #13
    PNP Device ID: ROOT\*6TO4MP\0078
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0079
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #14
    PNP Device ID: ROOT\*6TO4MP\0079
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0081
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #15
    PNP Device ID: ROOT\*6TO4MP\0081
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0082
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #16
    PNP Device ID: ROOT\*6TO4MP\0082
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0083
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #17
    PNP Device ID: ROOT\*6TO4MP\0083
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0084
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #18
    PNP Device ID: ROOT\*6TO4MP\0084
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0086
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #19
    PNP Device ID: ROOT\*6TO4MP\0086
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0087
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #20
    PNP Device ID: ROOT\*6TO4MP\0087
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0088
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #21
    PNP Device ID: ROOT\*6TO4MP\0088
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0089
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #22
    PNP Device ID: ROOT\*6TO4MP\0089
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0090
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #23
    PNP Device ID: ROOT\*6TO4MP\0090
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0091
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #24
    PNP Device ID: ROOT\*6TO4MP\0091
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0092
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #25
    PNP Device ID: ROOT\*6TO4MP\0092
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0093
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #26
    PNP Device ID: ROOT\*6TO4MP\0093
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0095
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #27
    PNP Device ID: ROOT\*6TO4MP\0095
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0096
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #28
    PNP Device ID: ROOT\*6TO4MP\0096
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0098
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #29
    PNP Device ID: ROOT\*6TO4MP\0098
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0099
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #30
    PNP Device ID: ROOT\*6TO4MP\0099
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0101
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #32
    PNP Device ID: ROOT\*6TO4MP\0101
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0102
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #33
    PNP Device ID: ROOT\*6TO4MP\0102
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0103
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #34
    PNP Device ID: ROOT\*6TO4MP\0103
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0104
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #35
    PNP Device ID: ROOT\*6TO4MP\0104
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0105
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #36
    PNP Device ID: ROOT\*6TO4MP\0105
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0108
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #38
    PNP Device ID: ROOT\*6TO4MP\0108
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0110
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #40
    PNP Device ID: ROOT\*6TO4MP\0110
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0111
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #41
    PNP Device ID: ROOT\*6TO4MP\0111
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0112
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #42
    PNP Device ID: ROOT\*6TO4MP\0112
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0113
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #43
    PNP Device ID: ROOT\*6TO4MP\0113
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0115
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #44
    PNP Device ID: ROOT\*6TO4MP\0115
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0117
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #46
    PNP Device ID: ROOT\*6TO4MP\0117
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0124
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #50
    PNP Device ID: ROOT\*6TO4MP\0124
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0126
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #52
    PNP Device ID: ROOT\*6TO4MP\0126
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0127
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #53
    PNP Device ID: ROOT\*6TO4MP\0127
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0128
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #54
    PNP Device ID: ROOT\*6TO4MP\0128
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0130
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #56
    PNP Device ID: ROOT\*6TO4MP\0130
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0131
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #57
    PNP Device ID: ROOT\*6TO4MP\0131
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0132
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #58
    PNP Device ID: ROOT\*6TO4MP\0132
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0134
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #59
    PNP Device ID: ROOT\*6TO4MP\0134
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft ISATAP Adapter
    Device ID: ROOT\*ISATAP\0000
    Manufacturer: Microsoft
    Name: Microsoft ISATAP Adapter
    PNP Device ID: ROOT\*ISATAP\0000
    Service: tunnel
    .
    ==== System Restore Points ===================
    .
    RP1102: 10/16/2012 6:41:13 PM - Scheduled Checkpoint
    RP1103: 10/17/2012 4:20:18 PM - Windows Update
    RP1104: 10/18/2012 7:02:57 PM - Scheduled Checkpoint
    RP1105: 10/21/2012 2:08:00 AM - Windows Update
    RP1106: 10/24/2012 2:59:24 PM - Scheduled Checkpoint
    RP1107: 10/25/2012 1:09:38 AM - Windows Update
    RP1108: 10/25/2012 1:13:59 PM - Scheduled Checkpoint
    RP1109: 10/28/2012 11:42:08 AM - Windows Update
    RP1110: 11/1/2012 1:49:26 PM - Windows Update
    RP1111: 11/2/2012 4:00:16 AM - Scheduled Checkpoint
    RP1112: 11/3/2012 5:12:30 PM - Scheduled Checkpoint
    RP1114: 11/5/2012 12:37:08 PM - Windows Update
    RP1115: 11/6/2012 11:00:07 PM - Scheduled Checkpoint
    RP1116: 11/8/2012 9:11:50 PM - Scheduled Checkpoint
    RP1117: 11/8/2012 11:55:26 PM - Windows Update
    RP1118: 11/9/2012 12:50:16 PM - Scheduled Checkpoint
    RP1119: 11/10/2012 10:55:47 AM - Scheduled Checkpoint
    RP1120: 11/10/2012 12:53:46 PM - Restore Operation
    RP1121: 11/10/2012 1:14:17 PM - Windows Update
    RP1122: 11/10/2012 1:23:07 PM - Removed IObit Toolbar v6.5.
    RP1123: 11/10/2012 1:30:52 PM - Removed BabylonObjectInstaller
    RP1124: 11/10/2012 1:31:29 PM - Removed IObit Toolbar v6.5.
    RP1125: 11/10/2012 1:36:14 PM - Removed IObit Toolbar v6.5.
    RP1126: 11/10/2012 1:58:29 PM - Removed IObit Toolbar v6.5.
    RP1127: 11/10/2012 2:01:28 PM - Removed BabylonObjectInstaller
    RP1128: 11/10/2012 4:19:07 PM - Removed Java(TM) 6 Update 24
    RP1129: 11/10/2012 4:36:03 PM - Removed Java(TM) 6 Update 24
    RP1130: 11/10/2012 4:43:25 PM - OTL Restore Point - 11/10/2012 4:43:25 PM
    RP1131: 11/10/2012 5:54:07 PM - Removed Java(TM) 6 Update 7
    RP1132: 11/10/2012 5:56:10 PM - Removed Java(TM) 6 Update 24
    RP1133: 11/10/2012 6:00:53 PM - Installed Java 7 Update 9
    .
  5. Andrew717

    Andrew717 Newcomer, in training Topic Starter

    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    32 Bit HP CIO Components Installer
    4 Elements II 1.00
    Acrobat.com
    Activation Assistant for the 2007 Microsoft Office suites
    ActiveCheck component for HP Active Support Library
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9.4.4
    Adobe Shockwave Player 11.5
    Advanced SystemCare 3
    ArcSoft Panorama Maker 4
    ArcSoft Photo Book Screen Saver
    ArcSoft Scan-n-Stitch Deluxe
    ArcSoft Video Downloader
    Bejeweled 3 Just For Fun Games
    Bejeweled BlitzJust For Fun Games
    Bejeweled Just For Fun Games
    Bejeweled TwistJust For Fun Games
    Bucksbee Loyalty Plugin - Guppy Media
    BufferChm
    Carbonite Online Backup Setup
    Click'N Design 3D (V5)
    Compatibility Pack for the 2007 Office system
    ConvertXtoDVD 4.1.2.336
    Copy
    CyberLink DVD Suite Deluxe
    DealPly
    Destination Component
    DeviceDiscovery
    DJ_AIO_05_F4400_Software_Min
    Download Updater (AOL LLC)
    DVD Flick 1.3.0.7
    easy gadget
    Enhanced Multimedia Keyboard Solution
    F4400
    Free Video Converter V 3.1
    Game Booster
    Google Drive
    Google Update Helper
    GPBaseService2
    Hardware Diagnostic Tools
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Customer Experience Enhancements
    HP Customer Participation Program 12.0
    HP Demo
    HP Deskjet 1050 J410 series Basic Device Software
    HP Deskjet 1050 J410 series Help
    HP Deskjet 1050 J410 series Product Improvement Study
    HP Deskjet F4400 All-In-One Driver Software 12.0 Rel .5
    HP Imaging Device Functions 12.0
    HP MediaSmart DVD
    HP MediaSmart Music/Photo/Video
    HP MediaSmart SmartMenu
    HP Photo Creations
    HP Picasso Media Center Add-In
    HP Recovery Manager RSS
    HP Smart Web Printing
    HP Solution Center 13.0
    HP Total Care Advisor
    HP Total Care Setup
    HP Update
    HPAsset component for HP Active Support Library
    HPPhotoGadget
    HPProductAssistant
    HPSSupply
    Java 7 Update 9
    Java Auto Updater
    Juno Preloader
    LabelPrint
    LightScribe System Software
    LightScribe Template Labeler
    Malwarebytes Anti-Malware version 1.65.1.1000
    MarketResearch
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access 2007
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Standard 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft VC9 runtime libraries
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    Mozilla Firefox 15.0.1 (x86 en-US)
    Mozilla Firefox 16.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCSetup
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    muvee Reveal
    My HP Games
    NetZero Preloader
    Norton Internet Security
    NVIDIA Drivers
    OGA Notifier 2.0.0048.0
    PictureMover
    Power2Go
    PowerDirector
    Python 2.5.2
    RealNetworks - Microsoft Visual C++ 2005 Runtime
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.1
    Scan
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
    Setup Support for Bucksbee 1.0
    Shaiya(US)
    Shop for HP Supplies
    SmartWebPrinting
    Soft Data Fax Modem with SmartCP
    SolutionCenter
    sp41099
    sp41121
    Spelling Dictionaries Support For Adobe Reader 9
    SPORE Creature Creator Trial Edition
    Status
    Tetris 5000(v1.10 full version)
    Toolbox
    TrayApp
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    VLC media player 1.1.11
    Vuze
    W Photo Studio
    Wallpaper SlideShow LT 1.4.5
    WeatherBug
    WebReg
    WipeDrive SystemSaver
    Yahoo! Install Manager
    Yahoo! Internet Mail
    Yahoo! Mail Advisor
    Yahoo! Messenger
    Yahoo! Software Update
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/9/2012 8:05:15 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGW&threatid=2147667270 Name: Exploit:Java/CVE-2012-1723.CGW ID: 2147667270 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Ini.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/9/2012 8:05:15 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGU&threatid=2147667268 Name: Exploit:Java/CVE-2012-1723.CGU ID: 2147667268 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Anio.class Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/9/2012 8:05:15 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGT&threatid=2147667267 Name: Exploit:Java/CVE-2012-1723.CGT ID: 2147667267 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Rare.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/9/2012 8:05:15 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGO&threatid=2147667262 Name: Exploit:Java/CVE-2012-1723.CGO ID: 2147667262 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Third.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/9/2012 8:03:01 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CKH&threatid=2147667469 Name: Exploit:Java/CVE-2012-1723.CKH ID: 2147667469 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp->wvfef.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/9/2012 8:03:01 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CKG&threatid=2147667468 Name: Exploit:Java/CVE-2012-1723.CKG ID: 2147667468 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp->n.class Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/9/2012 8:03:01 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CKE&threatid=2147667466 Name: Exploit:Java/CVE-2012-1723.CKE ID: 2147667466 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp->w.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/9/2012 8:03:01 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?lin...ava/CVE-2012-1723!generic&threatid=2147665055 Name: Exploit:Java/CVE-2012-1723!generic ID: 2147665055 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp->odptjui.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/9/2012 8:02:50 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-0507.AYE&threatid=2147667426 Name: Exploit:Java/CVE-2012-0507.AYE ID: 2147667426 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache1494360297017311832.tmp;containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache2705609240120384021.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache1494360297017311832.tmp->Mac.class;file:_C:\Users\User\AppData\Local\Temp\jar_cache2705609240120384021.tmp->Mac.class Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/9/2012 8:02:50 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-0507.AYD&threatid=2147667425 Name: Exploit:Java/CVE-2012-0507.AYD ID: 2147667425 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache1494360297017311832.tmp;containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache2705609240120384021.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache1494360297017311832.tmp->SecretKey.class;file:_C:\Users\User\AppData\Local\Temp\jar_cache2705609240120384021.tmp->SecretKey.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/7/2012 9:31:25 PM, Error: EventLog [6008] - The previous system shutdown at 9:04:11 PM on 11/7/2012 was unexpected.
    11/6/2012 8:12:38 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Akamai NetSession Interface service to connect.
    11/5/2012 1:46:40 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
    11/4/2012 2:10:12 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    11/4/2012 12:34:13 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1320.0).
    11/4/2012 12:33:05 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070643 Error description: Fatal error during installation.
    11/10/2012 7:04:07 PM, Error: nvstor32 [5] - A parity error was detected on \Device\RaidPort0.
    11/10/2012 5:50:19 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SRTSP SRTSPX
    11/10/2012 5:50:19 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Licensing Console service to connect.
    11/10/2012 5:50:19 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    11/10/2012 5:50:19 PM, Error: Service Control Manager [7000] - The Norton Internet Security service failed to start due to the following error: The system cannot find the path specified.
    11/10/2012 5:50:19 PM, Error: Service Control Manager [7000] - The Adobe Licensing Console service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    11/10/2012 5:48:39 PM, Error: volmgr [46] - Crash dump initialization failed!
    11/10/2012 5:43:54 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
    11/10/2012 2:42:31 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    11/10/2012 2:42:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC MpFilter NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr SRTSP SRTSPX tdx Wanarpv6
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    11/10/2012 2:42:26 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    11/10/2012 2:41:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    11/10/2012 2:41:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    11/10/2012 2:41:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
    11/10/2012 2:41:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    11/10/2012 2:41:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    11/10/2012 2:23:06 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGW&threatid=2147667270 Name: Exploit:Java/CVE-2012-1723.CGW ID: 2147667270 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Ini.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1807.0, AS: 1.139.1807.0, NIS: 15.12.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 2:23:06 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGU&threatid=2147667268 Name: Exploit:Java/CVE-2012-1723.CGU ID: 2147667268 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Anio.class Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Windows\System32\SearchProtocolHost.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1807.0, AS: 1.139.1807.0, NIS: 15.12.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 2:23:06 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGT&threatid=2147667267 Name: Exploit:Java/CVE-2012-1723.CGT ID: 2147667267 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Rare.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1807.0, AS: 1.139.1807.0, NIS: 15.12.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 2:23:06 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGO&threatid=2147667262 Name: Exploit:Java/CVE-2012-1723.CGO ID: 2147667262 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Third.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1807.0, AS: 1.139.1807.0, NIS: 15.12.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 12:36:00 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGW&threatid=2147667270 Name: Exploit:Java/CVE-2012-1723.CGW ID: 2147667270 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Ini.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 12:36:00 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGU&threatid=2147667268 Name: Exploit:Java/CVE-2012-1723.CGU ID: 2147667268 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Anio.class Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 12:36:00 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGT&threatid=2147667267 Name: Exploit:Java/CVE-2012-1723.CGT ID: 2147667267 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Rare.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 12:36:00 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CGO&threatid=2147667262 Name: Exploit:Java/CVE-2012-1723.CGO ID: 2147667262 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832;file:_C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5e250e44-4337f832->Third.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 12:33:48 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CKH&threatid=2147667469 Name: Exploit:Java/CVE-2012-1723.CKH ID: 2147667469 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp->wvfef.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 12:33:48 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CKG&threatid=2147667468 Name: Exploit:Java/CVE-2012-1723.CKG ID: 2147667468 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp->n.class Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 12:33:48 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-1723.CKE&threatid=2147667466 Name: Exploit:Java/CVE-2012-1723.CKE ID: 2147667466 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp->w.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 12:33:48 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?lin...ava/CVE-2012-1723!generic&threatid=2147665055 Name: Exploit:Java/CVE-2012-1723!generic ID: 2147665055 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache8689954270288145399.tmp->odptjui.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 12:33:39 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-0507.AYE&threatid=2147667426 Name: Exploit:Java/CVE-2012-0507.AYE ID: 2147667426 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache1494360297017311832.tmp;containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache2705609240120384021.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache1494360297017311832.tmp->Mac.class;file:_C:\Users\User\AppData\Local\Temp\jar_cache2705609240120384021.tmp->Mac.class Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 12:33:39 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2012-0507.AYD&threatid=2147667425 Name: Exploit:Java/CVE-2012-0507.AYD ID: 2147667425 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache1494360297017311832.tmp;containerfile:_C:\Users\User\AppData\Local\Temp\jar_cache2705609240120384021.tmp;file:_C:\Users\User\AppData\Local\Temp\jar_cache1494360297017311832.tmp->SecretKey.class;file:_C:\Users\User\AppData\Local\Temp\jar_cache2705609240120384021.tmp->SecretKey.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Signature Version: AV: 1.139.1681.0, AS: 1.139.1681.0, NIS: 15.13.0.0 Engine Version: AM: 1.1.8904.0, NIS: 2.1.8600.0
    11/10/2012 12:01:52 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Backup Error Code: 0x80508007 Error description: Your computer is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems. Signature version: 1.139.1681.0;1.139.1681.0 Engine version: 1.1.8800.0
    11/10/2012 12:01:48 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.137.1839.0;1.137.1839.0 Engine version: 1.1.8800.0
    11/10/2012 1:05:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Akamai service.
    .
    ==== End Of File ===========================
  6. Andrew717

    Andrew717 Newcomer, in training Topic Starter

    DDS (Ver_2012-11-07.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.9.2
    Run by User at 21:35:07 on 2012-11-10
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.619 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
    SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\nvvsvc.exe
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Windows\TEMP\mrtB9CC.tmp\stdrt.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Windows\system32\UI0Detect.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Real\RealPlayer\Update\realsched.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\WallpaperSS\WallpaperSS.exe
    C:\Program Files\AWS\WeatherBug\Weather.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k hpdevmgmt
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://apype.com
    uWindow Title = Windows Internet Explorer provided by Yahoo!
    uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
    mStart Page = hxxp://www.yahoo.com
    mDefault_Page_URL = hxxp://www.yahoo.com
    uProxyOverride = <local>
    uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
    uURLSearchHooks: FCToolbarURLSearchHook Class: {7d139a74-4e4b-d0d4-6dc7-30168d640ee9} - c:\program files\bucksbee loyalty plugin - guppy media\Helper.dll
    uURLSearchHooks: {ba14329e-9550-4989-b3f2-9732e92d17cc} - <orphaned>
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: YuoTubeDownloader: {3d175337-41e3-48eb-a754-493577f658b9} -
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [HPADVISOR] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autorun=AUTORUN
    uRun: [Akamai NetSession Interface] "c:\users\user\appdata\local\akamai\netsession_win.exe"
    uRun: [WallpaperSS] c:\program files\wallpaperss\WallpaperSS.exe
    uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [Wondershare Helper Compact.exe] c:\program files\common files\wondershare\wondershare helper compact\WSHelper.exe
    mRun: [Aimersoft Helper Compact.exe] c:\program files\common files\aimersoft\aimersoft helper compact\ASHelper.exe
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
    mRun: [YuoTubeDownloader_Helper] c:\program files\yuotubedownloader\YuoTubeDownloader_Helper.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 65.32.5.111 65.32.5.112
    TCP: Interfaces\{0674107A-2CD4-4F44-868E-9E5F828F0DC8} : DHCPNameServer = 65.32.5.111 65.32.5.112
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\ujfccpgs.default\
    FF - prefs.js: browser.search.selectedEngine - Custom search
    FF - prefs.js: browser.startup.homepage - hxxp://apype.com
    FF - prefs.js: keyword.URL - hxxp://apype.com/results.php?q=
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
    FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
    FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\users\user\appdata\local\fancy\npfancygame.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll
    .
    ---- FIREFOX POLICIES ----
    .
    user_pref('extensions.dealply.partner', 'iron');
    .
    user_pref('extensions.dealply.channel', 'iron3');
    .
    user_pref('extensions.dealply.installId', 'v23900221256956398834032012052414241121');
    .
    user_pref('extensions.dealply.installIdSource', 'inst');
    FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110819
    FF - user.js: extensions.BabylonToolbar_i.babExt -
    FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
    FF - user.js: extensions.BabylonToolbar_i.id - 1c4bdf8200000000000000248c07cfcf
    FF - user.js: extensions.BabylonToolbar_i.hardId - 1c4bdf8200000000000000248c07cfcf
    FF - user.js: extensions.BabylonToolbar_i.instlDay - 15484
    FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1714:24:21
    FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
    FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
    FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
    FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
    FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
    FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
    R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-1-28 15672]
    R1 MpKsl7611ee88;MpKsl7611ee88;c:\programdata\microsoft\microsoft antimalware\definition updates\{d9d4c556-e573-4b72-af78-4f3df0332034}\MpKsl7611ee88.sys [2012-11-10 29904]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
    S2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\system32\lnsecsl.exe [2012-5-18 905307]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 Norton Internet Security;Norton Internet Security;"c:\program files\norton internet security\engine\16.0.0.125\ccsvchst.exe" /s "norton internet security" /m "c:\program files\norton internet security\engine\16.0.0.125\dimaster.dll" /prefetch:1 --> c:\program files\norton internet security\engine\16.0.0.125\ccSvcHst.exe [?]
    S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 99272]
    S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]
    S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC.pkms [2008-9-9 20640]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2012-11-10 23:16:39 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d9d4c556-e573-4b72-af78-4f3df0332034}\MpKsl7611ee88.sys
    2012-11-10 23:03:26 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
    2012-11-10 23:02:56 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2012-11-10 22:49:39 740784 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{cc3b8dd0-f239-575d-b40d-0602f12e0b99}\GapaEngine.dll
    2012-11-10 22:43:53 -------- d-----w- C:\_OTL
    2012-11-10 21:28:52 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2012-11-10 21:28:52 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2012-11-10 21:22:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-11-10 21:22:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-11-10 18:09:24 6918632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d9d4c556-e573-4b72-af78-4f3df0332034}\mpengine.dll
    2012-10-27 03:02:10 -------- d-----w- c:\program files\Mozilla Firefox(33)
    2012-10-20 05:16:59 -------- d-----w- c:\program files\IObit Toolbar(11)
    2012-10-20 05:16:59 -------- d-----w- c:\program files\common files\Spigot(7)
    2012-10-14 21:06:22 96224 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
    2012-10-14 21:06:22 157272 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe
    2012-10-14 12:49:54 6980552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    .
    ==================== Find3M ====================
    .
    2012-11-10 23:01:24 746984 ----a-w- c:\windows\system32\deployJava1.dll
    2012-11-10 19:24:28 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-11-10 19:24:28 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-09-13 13:28:08 2048 ----a-w- c:\windows\system32\tzres.dll
    2012-08-31 02:03:50 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
    2012-08-31 02:03:50 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys
    2012-08-29 11:27:41 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-08-29 11:27:41 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-08-24 15:53:29 172544 ----a-w- c:\windows\system32\wintrust.dll
    2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
    2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
    2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    .
    ============= FINISH: 21:36:10.45 ===============
  7. Broni

    Broni Malware Annihilator Posts: 46,373   +252

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===========================

    I still need GMER log.
  8. Andrew717

    Andrew717 Newcomer, in training Topic Starter

    The second one posted is what GMer gave me
  9. Broni

    Broni Malware Annihilator Posts: 46,373   +252

    That is not GMER log.
    Please retry.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.