Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer keeps shutting down randomly (blue screen errors)


  • This topic is locked This topic is locked
4 replies to this topic

#1 xxvincentxx

xxvincentxx

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:48 PM

Posted 07 July 2014 - 06:06 AM

My computer has been shutting down randomly and I keep getting the blue screen errors. I believe it is malware/viruses because everytime I tried to do a custom scan of my hardrive it would find 2 infections, then it would freeze and shut down. For some reason my computer would not let me upload the log, so I will post it here for your convenience. Any help would be much appreciated thank you.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 3/30/2013 11:37:05 AM
System Uptime: 7/7/2014 3:22:46 AM (1 hours ago)
.
Motherboard: Foxconn | | 2ADA
Processor: Intel® Pentium® CPU G640 @ 2.80GHz | CPU 1 | 1596/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 260.899 GiB free.
D: is CDROM ()
E: is Removable
F: is CDROM ()
G: is FIXED (NTFS) - 1863 GiB total, 0.03 GiB free.
H: is FIXED (NTFS) - 466 GiB total, 1.614 GiB free.
K: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP227: 7/6/2014 2:09:08 PM - Scheduled Checkpoint
RP228: 7/6/2014 7:06:10 PM - Installed 7-Zip 9.20 (x64 edition)
RP229: 7/7/2014 3:38:18 AM - Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
RP230: 7/7/2014 3:52:24 AM - Removed Google Drive
.
==== Image File Execution Options =============
.
IFEO: hd-apkhandler.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO: hd-runapp.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO: hd-startlauncher.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO: spotify.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
x64-IFEO: hd-apkhandler.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
x64-IFEO: hd-runapp.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
x64-IFEO: hd-startlauncher.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
x64-IFEO: spotify.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20 (x64 edition)
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Photoshop CS6
Adobe Reader XI (11.0.07)
Adobe Shockwave Player 12.1
Adventure Inlay Safari Edition
aioscnnr
Akamai NetSession Interface
Alchemists Apprentice
Amazon Kindle
Ancient Secrets
APA PERRLA
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Asamis Sushi Shop
Atlantis Deluxe
Aurora 32.0a2 (x86 en-US)
Bejeweled 3
BlueStacks App Player
BlueStacks Notification Center
Bonjour
Bookworm Adventures Astounding Planet
Burger Shop
C4USelfUpdater
Cake Mania Main Street
calibre 64bit
CCleaner
CDisplay 1.8
center
ClipConverter
CLUE Accusations and Alibis
COLLAPSE!
ConvertHelper 2.2
Corel PaintShop Pro X6
Daum PotPlayer 1.5.45955 x64 Edition
Dell System Detect Bootstrapper
Dream Chronicles Trilogy
Duplicate Cleaner Free 3.2.3
Dynomite Deluxe
essentials
FBReader for Windows
Foxit Reader
Free YouTube Downloader 3.5.179
ICA
Insaniquarium Deluxe
Intel® Processor Graphics
IPM_PSP_COM
IPM_PSP_COM64
iSkysoft iTube Studio(Build 3.8.0.3)
iTube Player(Build 1.0.0)
iTunes
Java 7 Update 55
Java Auto Updater
KillProcess 2.44
Kodak AIO Printer
KODAK AiO Software
L, Frank Baum's The Wonderful Wizard of Oz
Last.fm Scrobbler 2.1.35
Linksys EasyLink Advisor
Magic Academy II .
MahJongg Fortuna Deluxe
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Mortimer Beckett and the Lost King Premium Edition
Mortimer Beckett and the Secrets of Spooky Manor 1.1.0
Mortimer Beckett and the Time Paradox 1.00
Mozilla Firefox 30.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystic Inn 1.00
Nero 7 Premium
neroxml
ocr
PC Wizard 2013.2.12
PDF Settings CS6
PreReq
PrintProjects
PS3 Media Server
PSPPContent
PSPPHelp
PSPPro64
QuickTime
SAMSUNG USB Driver for Mobile Phones
Secrets of Six Seas
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Setup
Spotify
SquareOff Gold RA
swMSM
System Requirements Lab CYRI
The Da Vinci Code 1.00
The Rosetta Stone
TuneUp Utilities 2014
TuneUp Utilities 2014 (en-US)
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon Wireless Software Upgrade Assistant - Samsung(ar)
Verizon Wireless Software Utility Application for Android - Samsung
VirtualCloneDrive
VLC media player 2.0.8
VSO ConvertXToDVD
WebEx Support Manager for Internet Explorer
Where's Waldo The Fantastic Journey
Winamp
Winamp Detector Plug-in
WinPcap 4.1.1
WinRAR archiver
Your Uninstaller! 7
Zuma's Revenge!
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
7/7/2014 3:29:02 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
7/7/2014 3:23:47 AM, Error: Service Control Manager [7000] - The SXUPTP Driver service failed to start due to the following error: The system cannot find the file specified.
7/7/2014 3:23:26 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0x000000001ea0c000, 0x0000000000000001, 0x0000000000000000, 0x0000000000000008). A dump

was saved in: C:\Windows\MEMORY.DMP. Report Id: 070714-35412-01.
7/6/2014 8:23:39 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
7/6/2014 4:15:27 AM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
7/6/2014 2:46:49 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
7/6/2014 2:46:48 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
7/6/2014 11:07:32 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.177.1784.0 Update Source: Microsoft Update Server

Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10701.0 Error code: 0x80072f8f

Error description: A security error occurred
7/6/2014 1:58:28 AM, Error: Service Control Manager [7034] - The Kodak AiO Network Discovery Service service terminated unexpectedly. It has done this 1 time(s).
7/6/2014 1:20:38 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041790, 0xfffffa80043978e0, 0x000000000000ffff, 0x0000000000000000). A dump was

saved in: C:\Windows\MEMORY.DMP. Report Id: 070614-22183-01.
7/5/2014 2:45:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.177.1746.0).
7/5/2014 2:45:34 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.177.1703.0 Update Source: Microsoft Update Server

Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10701.0 Error code: 0x80070643

Error description: Fatal error during installation.
7/5/2014 2:45:31 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: 1.177.1746.0 Previous Signature Version: 1.177.1703.0 Update Source: User

Update Stage: Install Source Path: Signature Type: AntiVirus Update Type: Delta User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.10701.0 Previous Engine Version: 1.1.10701.0 Error code: 0x8050800c Error

description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
7/5/2014 2:45:31 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: 1.177.1746.0 Previous Signature Version: 1.177.1703.0 Update Source: User

Update Stage: Install Source Path: Signature Type: AntiSpyware Update Type: Delta User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.10701.0 Previous Engine Version: 1.1.10701.0 Error code: 0x8050800c Error

description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
7/5/2014 11:05:34 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.177.1768.0).
7/5/2014 11:05:29 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.177.1703.0 Update Source: Microsoft Update Server

Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10701.0 Error code: 0x80070643

Error description: Fatal error during installation.
7/5/2014 11:05:26 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: 1.177.1768.0 Previous Signature Version: 1.177.1703.0 Update Source: User

Update Stage: Install Source Path: Signature Type: AntiVirus Update Type: Delta User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.10701.0 Previous Engine Version: 1.1.10701.0 Error code: 0x8050800c Error

description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
7/5/2014 11:05:26 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: 1.177.1768.0 Previous Signature Version: 1.177.1703.0 Update Source: User

Update Stage: Install Source Path: Signature Type: AntiSpyware Update Type: Delta User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.10701.0 Previous Engine Version: 1.1.10701.0 Error code: 0x8050800c Error

description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
7/3/2014 2:45:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.177.1589.0).
7/3/2014 2:45:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.177.1501.0 Update Source: Microsoft Update Server

Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10701.0 Error code: 0x80070643

Error description: Fatal error during installation.
7/3/2014 2:20:29 PM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The configuration registry database is corrupt.
7/2/2014 9:16:19 AM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
7/2/2014 9:16:06 AM, Error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\Program Files (x86)\Kodak\AiO\Center

\HippoDLLWrapper.dll
7/2/2014 6:06:35 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff800031ffaa1, 0xfffff88008f05ea0, 0x0000000000000000). A dump was

saved in: C:\Windows\MEMORY.DMP. Report Id: 070214-19344-01.
7/2/2014 6:03:14 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
7/2/2014 5:53:12 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041284, 0x0000000031604001, 0x0000000000000000, 0xfffff70001080000). A dump was

saved in: C:\Windows\MEMORY.DMP. Report Id: 070214-16177-01.
7/2/2014 2:34:44 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000024 (0x00000000001904fb, 0xfffff880033b7858, 0xfffff880033b70b0, 0xfffff88001762371). A dump was saved

in: C:\Windows\MEMORY.DMP. Report Id: 070214-15865-01.
7/2/2014 2:12:48 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
7/2/2014 2:12:04 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.
7/2/2014 1:59:20 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000003452, 0x0000000075864000, 0xfffff700010811c0, 0x1a7000016611c8d4). A dump was

saved in: C:\Windows\MEMORY.DMP. Report Id: 070214-14586-01.
7/1/2014 8:34:25 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/1/2014 8:20:26 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
7/1/2014 8:19:25 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server

Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007043c Error

description: This service cannot be started in Safe Mode
7/1/2014 8:19:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
7/1/2014 8:18:59 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
7/1/2014 8:18:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/1/2014 8:18:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/1/2014 8:18:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/1/2014 8:18:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/1/2014 8:18:26 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache ElbyCDIO MpFilter spldr Wanarpv6
7/1/2014 8:18:26 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/1/2014 8:18:25 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Backup Error Code:

0x80096010 Error description: The digital signature of the object did not verify. Signature version: 1.177.1243.0;1.177.1243.0 Engine version: 1.1.10701.0
7/1/2014 8:18:24 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code:

0x8050a004 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. Signature version: 1.177.1335.0;1.177.1335.0 Engine version: 1.1.10701.0
7/1/2014 5:37:44 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0x000000001efdc740, 0x0000000000000000, 0x0000000073601951, 0x0000000000000008). A dump

was saved in: C:\Windows\MEMORY.DMP. Report Id: 070114-22588-01.
7/1/2014 4:59:13 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4.
7/1/2014 4:06:10 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Microsoft Antimalware Service service, but this action failed with the following error: An

instance of the service is already running.
7/1/2014 4:05:49 AM, Error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\Program Files (x86)\Winamp\Plugins\nsvdec_vp5.dll
7/1/2014 4:05:39 AM, Error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\Program Files (x86)\Winamp\Plugins\nsvdec_vp5.dll
7/1/2014 3:58:35 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
7/1/2014 3:58:35 AM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/1/2014 3:57:42 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000024 (0x00000000001904fb, 0xfffff88008ff3378, 0xfffff88008ff2bd0, 0xfffff880016498db). A dump was saved in:

C:\Windows\MEMORY.DMP. Report Id: 070114-21543-01.
7/1/2014 3:54:09 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1720031708-975624618-1142757231-1000-0-ntuser.dat' was corrupted and it has

been recovered. Some data might have been lost.
.
==== End Of File ===========================



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.55.2
Run by Vincent at 3:58:56 on 2014-07-07
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6030.3542 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dlbfcoms.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\java.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\IDT\WDM\beats64.exe
C:\Users\Vincent\AppData\Local\Akamai\netsession_win.exe
C:\Users\Vincent\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\msiexec.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://us.search.yahoo.com/yhs/search?hspart=CND&hsimp=yhs-002&type=AC6CABBA6ED3B4F86BCF_s55_g_e
mStart Page = hxxp://www.google.com
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: iSkysoft iTube Studio: {0F789748-F853-4734-A187-A096F05306E5} - C:\Program Files (x86)\iSkysoft\iTube Studio\SVRIEPlugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Akamai NetSession Interface] "C:\Users\Vincent\AppData\Local\Akamai\netsession_win.exe"
uRun: [uTorrent] "C:\Users\Vincent\AppData\Roaming\uTorrent\uTorrent.exe"
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
mRun: [BrowserPlugInHelper] C:\Program Files (x86)\iSkysoft\iTube Studio\BrowserPlugInHelper.exe
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: dell.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{418D984B-ADCC-44D5-9E3A-3591C69E17B5} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{6105E6FD-520B-472D-98CF-090ABAE90A4B} : DHCPNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
IFEO: hd-apkhandler.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO: hd-runapp.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO: hd-startlauncher.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO: spotify.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
x64-mStart Page = hxxp://www.google.com
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: hd-apkhandler.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
x64-IFEO: hd-runapp.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
x64-IFEO: hd-startlauncher.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
x64-IFEO: spotify.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\qch889sg.default-1385637834382\
FF - prefs.js: browser.startup.homepage - hxxps://us.search.yahoo.com/yhs/search?hspart=CND&hsimp=yhs-002&type=AC6CABBA6ED3B4F86BCF_s55_g_e
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Winamp Detect\npwachk.dll
FF - plugin: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: C:\Users\Vincent\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
FF - ExtSQL: !HIDDEN! 2013-11-27 01:04; {7F737E3E-993D-43AB-9109-90C4E82752CC}; C:\Program Files (x86)\iSkysoft\iTube Studio\SVRFirefoxExt
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-11-15 630632]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-11-15 28008]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-1-20 115472]
R2 dlbf_device;dlbf_device;C:\Windows\System32\dlbfcoms.exe -service --> C:\Windows\System32\dlbfcoms.exe -service [?]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-3-15 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]
R2 LinksysUpdater;Linksys Updater;C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-11-13 204800]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-6 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-6 860472]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 133928]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2014-4-15 2140984]
R3 cpuz136;cpuz136;C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [2014-7-7 25320]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-7-6 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-6 122584]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-11-15 883928]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-11-15 34544]
R3 tihub3;TI USB3 Hub Service;C:\Windows\System32\drivers\tihub3.sys [2011-9-27 136000]
R3 tixhci;TI XHCI Service;C:\Windows\System32\drivers\tixhci.sys [2011-9-27 409408]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2014-3-26 14112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-10-28 107288]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-11 111616]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-6 63704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-9-13 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-10-28 204568]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2014-1-3 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-9-13 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-30 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-1-20 402192]
S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-1-20 385808]
.
=============== Created Last 30 ================
.
2014-07-07 10:47:38 114176 ----a-w- C:\Windows\SysWow64\PCWizard.cpl
2014-07-07 10:47:30 -------- d-----w- C:\Program Files (x86)\CPUID
2014-07-07 08:58:18 -------- d-----w- C:\Program Files (x86)\The Sims 3 Ultimate Edition
2014-07-07 06:08:25 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B7D828E7-B521-4D12-9F83-27D34E8FD89D}\offreg.dll
2014-07-06 13:17:52 10779000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B7D828E7-B521-4D12-9F83-27D34E8FD89D}\mpengine.dll
2014-07-06 12:06:08 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-07-06 12:06:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-07-06 12:06:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-06 11:39:44 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-06 11:39:42 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-06 11:36:09 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-06 10:10:00 -------- d-----w- C:\torrents
2014-07-06 09:50:45 -------- d-----w- C:\MATS
2014-07-05 06:05:24 10779000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-07-04 06:05:39 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E198349A-5535-4F27-85F3-6F4369239BC2}\gapaengine.dll
2014-07-02 08:53:56 -------- d-----w- C:\Windows\ERUNT
2014-07-02 08:46:09 -------- d-----w- C:\AdwCleaner
2014-07-01 13:00:42 -------- d-----w- C:\ProgramData\RogueKiller
2014-06-27 12:16:21 -------- d-----w- C:\Users\Vincent\AppData\Roaming\Angry_Birds
2014-06-11 22:54:21 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-06-11 22:50:20 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-11 22:50:19 424448 ----a-w- C:\Windows\System32\aeinv.dll
.
==================== Find3M ====================
.
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-14 09:31:38 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 09:31:38 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-14 09:31:21 17938608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-04-28 20:37:58 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-15 22:59:24 40760 ----a-w- C:\Windows\System32\TURegOpt.exe
2014-04-15 22:59:16 43320 ----a-w- C:\Windows\System32\uxtuneup.dll
2014-04-15 22:59:16 36152 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
2014-04-15 22:59:16 29496 ----a-w- C:\Windows\System32\authuitu.dll
2014-04-15 22:59:16 25400 ----a-w- C:\Windows\SysWow64\authuitu.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 4:04:30.71 ===============

Attached Files

  • Attached File  dds.zip   5.85KB   0 downloads
  • Attached File  log.zip   5.87KB   1 downloads

Edited by xxvincentxx, 07 July 2014 - 06:15 AM.


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:48 PM

Posted 07 July 2014 - 07:51 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • If any threats are found, don´t click the Cleanup button - rather save the log and post it up in your topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 xxvincentxx

xxvincentxx
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:48 PM

Posted 07 July 2014 - 09:24 AM

Here is the log. Also I did a ESET online scan a few days ago and it found 4 infections, then it got to 99% and I got the blue screen. I didn't have the opportunity to delete the infections. This is horrible.

Attached Files


Edited by xxvincentxx, 07 July 2014 - 09:24 AM.


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:48 PM

Posted 08 July 2014 - 09:04 AM

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:48 PM

Posted 15 July 2014 - 07:41 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users