PDA

View Full Version : Computer Not Responding also long script running


Pages : [1] 2

cbcotton
03-29-2012, 09:01 PM
I have been having severe problems with my computer freezing I do good to get to read 3 emails a day for waiting to get through it tells me not responding. And it tells me from time to time a long script is running. I paid $89 for a register booster thinking it would solve my problem and no it hasn't helped at all. Please if anyone can help me I would very much appreciate it. Thank You

jholland1964
03-29-2012, 09:24 PM
We need a whole lot more information. Operating system is the first thing.
Full computer specs.
How are you connected to the internet?
Computer make and model would help also.
What anti-virus program do you run?
Firewall?
Have you run any scans for infections? If so, what were the results? It would help if you could post the logs from most recent scans run.
What is the exact name of the Registry booster? Most of those are "junk" as you have found.
Where exactly did you get this registry booster?

cbcotton
03-30-2012, 05:37 PM
Charter Cable Comm/Cable

Hewlitt Packard Pavilion g6-1A19wm notebook pc 64 bit
bought one year ago brand new

Internet Explorer 9

Micosoft Security Essentials

Windows Firewall

Scans for infections
Housecall none
Malwarebytes none

Register Booster Power Suite
recommended from Dear Webby under tools

I have been having this problem for well over 4 months I thought it was due to my fan going out and over heating from what I had read the fan did go bad and had it replaced was still under warranty. But once I got computer back still having the not responding constantly and from time to time a message comes up saying long script running. I go to task manager and nothing shows that shouldn't be running.

I will consider joining once I am financially able I am disabled I have cancer and between my medical bills and gas back and forth for treatments my financial situation is in bad shape.
Thank You
Cindy

jholland1964
03-30-2012, 05:51 PM
Thanks! First of all there is NO CHARGE to join here, in fact you already joined because you cannot post without being a member. I say again...this site is FREE all help given is FREE. So no worries about payments because NONE ARE OWED.

You are a member and Welcome!

So obviously the operating system is Windows 7 since you bought it one year ago and it is a 64bit running IE 9.

Sorry to tell you what you probably have already figured out, that
Register Booster Power Suite by Uniblue is generally considered to be "junk" on most legitimate computer help sites.
One problem with programs from that company is they make them very hard to uninstall, which you should do...but Don't worry about that now, we will get to that later.

What I would like you to do is run a scan with the DDS scanner. This scan is not a fixer program but it will give a pretty clear picture of what may be going on with the computer. The scan takes just a very few minutes. You don't have to be online to do it so you can download it and go offline to run it if you wish. It can be run in safe mode but normal mode is preferable if possible.
Here are the instructions, if you cannot download using the affected computer you can download it to another computer and move it to the affected computer using a flash drive or burn it to a cd and take that to the affected computer.
Here are the instructions:

Download DDS by sUBs and save it to your Desktop.

http://www.bleepingcomputer.com/download/anti-virus/dds

Be sure follow the instructions below carefully

• DoubleClick on dds.scr to run the tool
* A command box will open, displaying added information for your reading pleasure while DDS completes its scan.
* Upon completion, a Dialog Box should open instructing you to save and post the TWO resulting logs (DDS.txt & Attach.txt).
• Copy&Paste both the DDS.txt and the DDS Attach.txt into your post for assistance.
Notice I say copy/paste BOTH logs. The Attach.txt log says at the top to attach it, please do not attach it but copy/paste it also
Both of these logs are very long and because of that will take multiple replies in order to post them here. Please split the logs carefully as each and every line must be seen.

cbcotton
03-31-2012, 12:21 AM
DDS Part 1

DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/2/2011 1:20:03 PM
System Uptime: 3/30/2012 9:59:54 PM (1 hours ago)
.
Motherboard: Hewlett-Packard | | 1697
Processor: AMD Athlon(tm) II P360 Dual-Core Processor | Socket S1G4 | 2300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 234.279 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 2.039 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.087 GiB free.
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Symantec Iron Driver
Device ID: ROOT\LEGACY_SYMIRON\0000
Manufacturer:
Name: Symantec Iron Driver
PNP Device ID: ROOT\LEGACY_SYMIRON\0000
Service: SymIRON
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: BHDrvx64
Device ID: ROOT\LEGACY_BHDRVX64\0000
Manufacturer:
Name: BHDrvx64
PNP Device ID: ROOT\LEGACY_BHDRVX64\0000
Service: BHDrvx64
.
==== System Restore Points ===================
.
RP871: 3/20/2012 8:15:52 AM - Windows Update
RP872: 3/21/2012 3:00:10 AM - Windows Update
RP873: 3/22/2012 3:00:11 AM - Windows Update
RP874: 3/23/2012 3:00:11 AM - Windows Update
RP875: 3/24/2012 10:42:44 AM - Windows Update
RP876: 3/27/2012 2:54:28 AM - Windows Update
RP877: 3/27/2012 8:56:47 PM - Installed Microsoft Fix it 50403
RP878: 3/27/2012 11:16:14 PM - Windows Backup
RP879: 3/27/2012 11:46:45 PM - Windows Update
RP880: 3/29/2012 8:25:34 AM - Removed FixCleaner
RP881: 3/29/2012 3:25:14 PM - DriverScanner - 3/29/2012 3:25:08 PM
RP882: 3/30/2012 4:22:01 AM - Removed FixCleaner
RP883: 3/30/2012 5:23:14 AM - Removed FixCleaner
RP884: 3/30/2012 2:21:30 PM - Removed FixCleaner

cbcotton
03-31-2012, 12:24 AM
DDS Part 2 Installed Programs

==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
aioscnnr
AMD VISION Engine Control Center
Atheros Driver Installation Program
Blio
C4USelfUpdater
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
center
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink DVD Suite
CyberLink YouCam
D3DX10
Energy Star Digital Logo
essentials
ESU for Microsoft Windows 7
Hewlett-Packard ACLM.NET v1.1.2.0
HP CloudDrive
HP Customer Experience Enhancements
HP Documentation
HP MovieStore
HP On Screen Display
HP Power Manager
HP Product Detection
HP Quick Launch
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
Itibiti RTC
Java Auto Updater
Java(TM) 6 Update 30
Junk Mail filter update
KODAK AiO Software
LabelPrint
LightScribe System Software
Mesh Runtime
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 3.0 Runtime
Mozilla Firefox 6.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton Internet Security
Norton PC Checkup
ocr
Octoshape add-in for Adobe Flash Player
PlayReady PC Runtime x86
Power2Go
PreReq
QuickTime
Recovery Manager
RoboForm 7-6-3 (All Users)
RoxioNow Player
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Swag Bucks Toolbar
Uniblue DriverScanner
Uniblue PowerSuite
Uniblue RegistryBooster
Uniblue SpeedUpMyPC
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

cbcotton
03-31-2012, 12:31 AM
DDS Part 3 Event Viewer Message

==== Event Viewer Messages From Past Week ========
.
3/30/2012 8:42:25 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
3/30/2012 6:29:56 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
3/30/2012 2:43:23 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
3/30/2012 2:43:21 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
3/30/2012 2:43:21 AM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/30/2012 2:27:23 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.
3/30/2012 10:01:54 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 SymIRON
3/30/2012 10:01:54 PM, Error: Service Control Manager [7022] - The Client Virtualization Handler service hung on starting.
3/29/2012 7:59:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
3/29/2012 7:45:00 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD External Events Utility service.
3/29/2012 7:37:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the fdPHost service.
3/29/2012 10:51:47 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
3/28/2012 9:44:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
3/28/2012 2:40:27 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
3/28/2012 11:58:58 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.489.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80072ee2 Error description: The operation timed out
3/28/2012 11:33:03 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000006, 0xfffffa8004bb6640). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 032812-50513-01.
3/27/2012 4:44:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.
3/26/2012 8:57:13 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
3/26/2012 5:25:30 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.123.430.0).
3/26/2012 5:25:21 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.340.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80070643 Error description: Fatal error during installation.
3/26/2012 3:49:58 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.
3/26/2012 10:26:55 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Support Assistant Service service.
3/26/2012 10:24:58 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Wireless Assistant Service service.
3/25/2012 8:51:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
3/25/2012 3:59:08 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
3/25/2012 3:53:02 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
3/25/2012 3:44:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
3/25/2012 3:44:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error: An instance of the service is already running.
3/25/2012 3:44:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
3/25/2012 3:43:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 11:59:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wlidsvc service.
3/25/2012 11:59:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
3/23/2012 1:46:04 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.62.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
3/23/2012 1:46:03 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.62.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
.
==== End Of File ===========================

cbcotton
03-31-2012, 12:39 AM
DDS Part 4 Internet Explorer

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by cindy at 22:55:23 on 2012-03-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.887 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spool\drivers\x64\3\EKAiO2MUI. exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_Ac tiveX.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe

cbcotton
03-31-2012, 12:41 AM
DDS Part 5 Pseudo HJT Report

============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.coupons.com/
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
uWindow Title = Windows Internet Explorer provided by Yahoo!
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa0.dll
mURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa0.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TBSB07898 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa0.dll
TB: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Coupons.com CouponBar: {8660e5b3-6c41-44de-8503-98d99bbecd41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
uRun: [PowerSuite] "C:\PROGRA~2\Uniblue\POWERS~1\launcher.exe" delay 20000 -m
mRun: [Conime] %windir%\system32\conime.exe
mRun: [EKAiO2StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI. exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 24.177.176.38 71.92.29.130 24.217.201.67
TCP: Interfaces\{7C413551-5001-4EBE-9365-9DFA8947F2D4} : DhcpNameServer = 24.177.176.38 71.92.29.130 24.217.201.67
TCP: Interfaces\{7C413551-5001-4EBE-9365-9DFA8947F2D4}\2375942554135343 : DhcpNameServer = 192.168.1.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO-X64: RoboForm BHO - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa0.dll
BHO-X64: Swag Bucks - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
BHO-X64: Panda Security Toolbar - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
BHO-X64: TBSB07898 - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
TB-X64: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa0.dll
TB-X64: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
TB-X64: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
mRun-x64: [Conime] %windir%\system32\conime.exe
mRun-x64: [EKAiO2StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI. exe
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE-X64: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

cbcotton
03-31-2012, 12:43 AM
DDS Part 6 Firefox

================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\cindy\AppData\Roaming\Mozilla\Firefox\Pro files\u63ooxgt.default\
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc -
.
============= SERVICES / DRIVERS ===============
.
R?2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_ sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_ xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1206000.0 1D\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYM DS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1206 000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYM EFA64.SYS [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20 110701.051\IDSviA64.sys [2011-7-2 488056]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1206000. 01D\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1206000.01D\SYM NETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-7-5 227384]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2011-3-9 366000]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe [2011-5-9 130008]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atik mdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atik mpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sy s --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftpla ylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftr edirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh .sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\2 0110616.003\BHDrvx64.sys [2011-6-16 1143416]
S1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1206000. 01D\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\Iro nx64.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam_x64.sys --> C:\Windows\system32\DRIVERS\ManyCam_x64.sys [?]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-1-9 4925184]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VS TAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VS TDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVER S\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsus bflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-5 365568]
S4 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-8-5 681528]
S4 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
S4 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe [2011-6-8 123320]

cbcotton
03-31-2012, 12:45 AM
DDS Part 7 Created Last 30

=============== Created Last 30 ================
.
2012-03-31 03:15:25 -------- d-----w- C:\Users\cindy\AppData\Local\{006CB2F0-5C6B-4D4F-9F38-1DFB9A106CF3}
2012-03-31 02:25:33 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{572AB3E9-3074-429B-B171-EEE0C57B8341}\mpengine.dll
2012-03-31 00:20:58 -------- d-----w- C:\Users\cindy\AppData\Roaming\Systweak
2012-03-31 00:20:38 18816 ----a-w- C:\Windows\System32\roboot64.exe
2012-03-30 04:58:49 -------- d-----w- C:\Users\cindy\AppData\Roaming\Malwarebytes
2012-03-30 04:58:29 -------- d-----w- C:\ProgramData\Malwarebytes
2012-03-30 04:48:21 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
2012-03-29 20:25:55 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-03-29 20:25:55 676968 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-03-29 06:38:00 -------- d-----w- C:\Users\cindy\AppData\Roaming\FixCleaner
2012-03-29 06:37:28 -------- d-----w- C:\Program Files (x86)\FixCleaner
2012-03-28 05:30:19 -------- d-----w- C:\Users\cindy\AppData\Local\{AF88789E-19F1-4313-B3C4-E93C4E748D42}
2012-03-28 05:29:43 -------- d-----w- C:\Users\cindy\AppData\Local\{321FAE44-9E34-40FE-A6FF-20BB20309B36}
2012-03-26 21:34:19 -------- d-----w- C:\Temp
2012-03-26 03:43:20 -------- d-----w- C:\Users\cindy\EASTER - EnVELOPES - Standard Size Envelope_files
2012-03-22 01:14:14 -------- d-----w- C:\Users\cindy\AppData\Local\{A91B7C54-194D-42CD-ADB4-AD6E34A3B265}
2012-03-22 01:13:41 -------- d-----w- C:\Users\cindy\AppData\Local\{78C5BF5C-F99E-494F-AD15-B1F7EA0E9862}
2012-03-18 22:07:57 -------- d-----w- C:\Users\cindy\AppData\Local\{A25DAB75-9D35-4069-9C53-F1228093F349}
2012-03-18 22:04:45 -------- d-----w- C:\Users\cindy\AppData\Local\{B3E7B0E0-CE46-47A3-A16B-DF5D504C7DD3}
2012-03-18 19:18:28 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientU X\UpdateableMarkup-3\markup.dll
2012-03-15 18:24:58 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-15 18:24:56 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-15 18:24:55 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-15 10:39:18 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-15 10:39:15 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-15 10:39:15 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-15 10:39:12 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-15 10:39:12 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-15 10:39:12 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-15 10:38:56 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-15 10:38:55 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-15 10:38:55 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-15 10:38:55 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-10 21:07:13 -------- d-----w- C:\Users\cindy\AppData\Local\{D4574D4F-DAB0-4743-A551-43FCD60FC34E}
2012-03-10 21:07:01 -------- d-----w- C:\Users\cindy\AppData\Local\{7593D55A-7BDB-47B8-8E90-9C586652DEB1}
2012-03-09 22:26:11 -------- d-----w- C:\ProgramData\W3i
2012-03-09 22:26:11 -------- d-----w- C:\Program Files (x86)\W3i
2012-03-09 22:26:10 -------- d-----w- C:\Users\cindy\AppData\Local\I Want This
2012-03-04 19:13:43 651264 ------w- C:\Windows\System32\stapi64.dll
2012-03-04 19:13:19 -------- d-----w- C:\Program Files\IDT
2012-03-04 19:13:18 564224 ----a-w- C:\Windows\System32\idt64mp1.exe
2012-03-04 19:13:18 524800 ----a-w- C:\Windows\sttray64.exe
2012-03-04 19:13:18 4594176 ----a-w- C:\Windows\System32\stlang64.dll
2012-03-04 19:13:18 438784 ----a-w- C:\Windows\System32\IDTNC64.cpl
2012-03-01 22:38:23 -------- d-----w- C:\Users\cindy\AppData\Local\{AC2FBAB5-C65D-4424-9811-2F05BFF6970F}
.
==================== Find3M ====================
.
2012-03-29 20:25:55 107624 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-02-21 19:19:43 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
.
============= FINISH: 22:58:38.18 ===============

cbcotton
03-31-2012, 12:48 AM
Hi as you can see I accidently down loaded the wrong thing when I went to the site I clicked on a download on the sidebar a fixit cleaner or something like that but I deleted and did not clean anything so that you could get all the information.

I hope I did this right if there is anything else you need feel free to let me know.
Thanks
Cindy

jholland1964
03-31-2012, 09:51 AM
Your first big problem is you have two anti-virus programs/suites, including the Norton Firewall installed and running on the computer. Microsoft Security Essentials and Norton Internet Security a huge no-no. You should never have two anti-virus programs or two firewalls running on the same computer. The Norton "says" it is disabled, but it is not fully disabled, parts of it are running at boot time and then running all the time.
Only portions of the MSE program are also running so it is likely damaged, especially because it does not show in installed programs but does show in other parts of the log as Enabled. So some of it is there someplace. This also means that possibly the Windows Firewall is also running, or at least some of its files. These things alone will cause major problems, one of those being computer freezes. They would also cause major problems with any other programs you attempt to use.

The Norton program includes multiple toolbars, you also have a Panda Security Toolbar installed and while it is generally considered good, with all these others it likely isn't working correctly and/or has been damaged also.

The first thing you must do is remove Norton and MSE.

You need to use these two tools to do this. Download them and save them to the Desktop. Run the tools one at a time, rebooting the computer after using each one. For the moment don't worry about getting another security program, we will do this once the clean up is finished. We have to know absolutely that all of these programs are 100% gone before attempting to install another. If these aren't fully removed then another one won't work correctly either.

Norton Tool
http://majorgeeks.com/Norton_Removal_Tool_SymNRT_d4749.html When you get to that page click on the Download Locations in the yellow print. The .exe file will pop up, save it to the desktop.

MSE Tool
http://go.microsoft.com/fwlink/?linkid=81699 Clicking on this will give you the OneCareCleanup .exe removal tool. Same it to the desk top.

Once you have both of those on the desk top run each one at a time, rebooting After each tool runs.

You also have known bad programs installed and at least one malware type toolbar and all of these must be uninstalled using Add/Remove after doing the removals of those security programs.

Swag Bucks Toolbar
Uniblue DriverScanner
Uniblue PowerSuite
Uniblue RegistryBooster
Uniblue SpeedUpMyPC

Reboot the computer after uninstalling each one. Once all of the above are uninstalled then run the DDS scanner again. Post back with the NEW logs.

If you have difficulty with any of the above come back immediately and let me know with full information about the difficulty, any error messages, etc.

Don't do ANYTHING else on the computer until given the ok to do so. No email, nothing. After doing all of the above then there will be malware scans that you will need to do and I'll give you those programs to use then. You can't do those until the above items are removed.

cbcotton
03-31-2012, 04:46 PM
How long should this take it shows running in task manager but no box or anything in the task bar?

jholland1964
03-31-2012, 04:49 PM
How long should what take??? I gave you two different files to run.

cbcotton
03-31-2012, 05:06 PM
How long does it take to remove the norton programs I am a bit confused please forgive me? I thought it would run and remove the programs and show me a box that it was complete.

jholland1964
03-31-2012, 05:10 PM
I cannot give you a time frame. But it shouldn't take long. But since you didn't say how long it has been running there is no way I can possibly give an estimate.

Instead please do the following:

Stop the Norton file that I believe you mean is running by ending it in the Task manager.

Then shut down the computer.

Reboot in Safe Mode. Do it this way:

Restart your computer.
When the computer starts you will see your computer's hardware being listed. When you see this information start to gently tap the F8 key on your keyboard repeatedly until you are presented with the Windows 7 Advanced Boot Options screen
Using the arrow keys, select the Safe Mode
Then press the enter key on your keyboard to boot into Windows 7 Safe Mode.

Run the first tool, if it asks to reboot, allow it to do so. This will be a boot to Normal Mode.

Then shut down the computer again and then again boot to Safe Mode and run the second tool.

Reboot to Normal Mode.

Shut down, Reboot again to Safe Mode and Uninstall all of the programs I listed that should be removed. Once all of that is done then reboot, come back here and tell me if you have completed all of the above.

I will then give you the next steps.

MikeN.
03-31-2012, 05:10 PM
[QUOTE=cbcotton;1656508]How long does it take to remove the norton programs I am a bit confused please forgive me? I thought it would run and remove the programs and show me a box that it was complete.[/QUOT


Should take a minute or two to uninstall each of those programs Judy listed. Again, use the tools provided to remove Norton, reboot, use the next tool to remove MSE, reboot then uninstall all the Uniblue crap and reboot again. Come back for more directions as you will not have an antivirus installed after doing these steps.

Judy you must be on invis, didnt see you there

cbcotton
03-31-2012, 06:46 PM
It will not let me connect to the internet in safe mode we are having storm in our area so I thought this may be the problem with connecting to the internet in safe mode but finally I tried connecting not in safe mode and no problem.
So what do I do about this?

also I kept getting a pop up asking to allow or not allow toolbarH application from conduit LTD I keep clicking not allow and it repeatly comes up to where I cannot go forward. and with the freezes it is taking alot of time. I just hope you understand I am not doing anything but trying to accomplish the task at hand.

MikeN.
03-31-2012, 06:47 PM
It will not let me connect to the internet in safe mode we are having storm in our area so I thought this may be the problem with connecting to the internet in safe mode but finally I tried connecting not in safe mode and no problem.
So what do I do about this?

also I kept getting a pop up asking to allow or not allow toolbarH application from conduit LTD I keep clicking not allow and it repeatly comes up to where I cannot go forward. and with the freezes it is taking alot of time. I just hope you understand I am not doing anything but trying to accomplish the task at hand.

Have you downloaded either of those tools?

cbcotton
03-31-2012, 06:52 PM
no i have not downloaded either

MikeN.
03-31-2012, 06:57 PM
no i have not downloaded either

Well, that is part of the plan, you do have internet access, not sure why you are waiting on downloading them. :confused::confused:

cbcotton
03-31-2012, 07:00 PM
I thought you wanted me to do it in safe mode but I will go and download them just did not want to cause bigger problems and thought that was what you wanted me to do so sorry.

jholland1964
03-31-2012, 07:01 PM
It will not let me connect to the internet in safe mode we are having storm in our area so I thought this may be the problem with connecting to the internet in safe mode but finally I tried connecting not in safe mode and no problem.
So what do I do about this?

also I kept getting a pop up asking to allow or not allow toolbarH application from conduit LTD I keep clicking not allow and it repeatly comes up to where I cannot go forward. and with the freezes it is taking alot of time. I just hope you understand I am not doing anything but trying to accomplish the task at hand.

I thought you already had the tools since you were attempting to run the Norton tool. So I am a bit confused here. You posted earlier these messages:
How long should this take it shows running in task manager but no box or anything in the task bar?
How long does it take to remove the norton programs I am a bit confused please forgive me? I thought it would run and remove the programs and show me a box that it was complete. Which said to me that you had already downloaded at least the Norton tool and it was running and you thought it was taking a long time. DID you actually download the tool and attempt to run it? If so, why do you need to download it again?

This should be done in Normal Mode:
Download the tools. Save them to the desktop.

Shut down the computer.
******
Reboot to Safe Mode ONLY, NOT safe mode with networking.

That toolbar pop up shouldn't happen in safe mode without networking.

cbcotton
03-31-2012, 07:27 PM
It had not removed the norton so I thought that was what it was supose to do so I thought it had not download properly. I am not very knowledgable about computer what so ever as you can see and I apolize for this I know this makes your end much harder.

So I am in progress of doing this now.

jholland1964
03-31-2012, 07:51 PM
Ok, that's fine. Remember what we said. Download both tools. Save them to your desktop.
Shut down the computer.
Boot it to safe mode only, not safe mode with networking.
Run the tools one at a time. If the first one asks you to reboot the computer then please do so.
Then shut down again.
Reboot again to safe mode only.
Run the second tool.
If it asks to reboot the computer please do so.
Then shut down again, reboot to safe mode only.
Uninstall those programs I noted earlier.
Reboot the computer when those are finished.
Come back here and we will give you the next steps.

cbcotton
03-31-2012, 09:38 PM
Okay finally after several errors on my part which I deeply apologize for I see it would have not taken as long had I known what I was doing. But your help is more appreciated than you will ever know. It is people like yourself that make this world a much nicer place with all the crime,abuse,deaths,drama in the world it is so far and few to find someone who will take their time to lend a helping hand without expecting a arm and a leg to do so. I can't even begin to thank you enough maybe this will be a lifetime friendship of being able to share smiles and laughs. Thank you once again in advance.
to follow are the new reports.
Thank You
Cindy

jholland1964
03-31-2012, 09:39 PM
Good job! Waiting right here to see what you have to report.

cbcotton
03-31-2012, 10:03 PM
DDS Part 1 after cleanup

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/2/2011 1:20:03 PM
System Uptime: 3/31/2012 9:04:08 PM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 1697
Processor: AMD Athlon(tm) II P360 Dual-Core Processor | Socket S1G4 | 2300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 234.372 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 2.039 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.087 GiB free.
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: SD/MMC card
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??

_USBSTOR#DISK&VEN_KODAK&PROD______SD#MMC_CARD&REV_1.00#7&2B8D154B&0&M100275&0#
Manufacturer: KODAK
Name: G:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??

_USBSTOR#DISK&VEN_KODAK&PROD______SD#MMC_CARD&REV_1.00#7&2B8D154B&0&M100275&0#
Service: WUDFRd
.
==== System Restore Points ===================
.
RP871: 3/20/2012 8:15:52 AM - Windows Update
RP872: 3/21/2012 3:00:10 AM - Windows Update
RP873: 3/22/2012 3:00:11 AM - Windows Update
RP874: 3/23/2012 3:00:11 AM - Windows Update
RP875: 3/24/2012 10:42:44 AM - Windows Update
RP876: 3/27/2012 2:54:28 AM - Windows Update
RP877: 3/27/2012 8:56:47 PM - Installed Microsoft Fix it 50403
RP878: 3/27/2012 11:16:14 PM - Windows Backup
RP879: 3/27/2012 11:46:45 PM - Windows Update
RP880: 3/29/2012 8:25:34 AM - Removed FixCleaner
RP881: 3/29/2012 3:25:14 PM - DriverScanner - 3/29/2012 3:25:08 PM
RP882: 3/30/2012 4:22:01 AM - Removed FixCleaner
RP883: 3/30/2012 5:23:14 AM - Removed FixCleaner
RP884: 3/30/2012 2:21:30 PM - Removed FixCleaner
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
aioscnnr
AMD VISION Engine Control Center
Atheros Driver Installation Program
Blio
C4USelfUpdater
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
center
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink DVD Suite
CyberLink YouCam
D3DX10
Energy Star Digital Logo
essentials
ESU for Microsoft Windows 7
Hewlett-Packard ACLM.NET v1.1.2.0
HP CloudDrive
HP Customer Experience Enhancements
HP Documentation
HP MovieStore
HP On Screen Display
HP Power Manager
HP Product Detection
HP Quick Launch
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
Itibiti RTC
Java Auto Updater
Java(TM) 6 Update 30
Junk Mail filter update
KODAK AiO Software
LabelPrint
LightScribe System Software
Mesh Runtime
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 3.0 Runtime
Mozilla Firefox 6.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
ocr
Octoshape add-in for Adobe Flash Player
PlayReady PC Runtime x86
Power2Go
PreReq
QuickTime
Recovery Manager
RoboForm 7-6-3 (All Users)
RoxioNow Player
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

cbcotton
03-31-2012, 10:06 PM
you do not want the last part of this correct

jholland1964
03-31-2012, 10:07 PM
you do not want the last part of this correct
I didn't think I did, but if you do have it, go ahead and post it too, couple of things I want to check on that would be shown there. Then I will have the next steps you need to do.

cbcotton
03-31-2012, 10:20 PM
OKAY THIS IS THE 1st part on the other file Running processes


DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by cindy at 21:12:30 on 2012-03-31
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.1477 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\System32\spool\drivers\x64\3\EKAiO2MUI. exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_ 1_102_ActiveX.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe

cbcotton
03-31-2012, 10:22 PM
Part 2

============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com/?mtmhp=txtlnkusaolp00000051
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
uWindow Title = Windows Internet Explorer provided by Yahoo!
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TBSB07898 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll
TB: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Coupons.com CouponBar: {8660e5b3-6c41-44de-8503-98d99bbecd41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB: {8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
uRun: [PowerSuite] "C:\PROGRA~2\Uniblue\POWERS~1\launcher.exe" delay 20000 -m
mRun: [Conime] %windir%\system32\conime.exe
mRun: [EKAiO2StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI. exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 24.177.176.38 71.92.29.130 24.217.201.67
TCP: Interfaces\{7C413551-5001-4EBE-9365-9DFA8947F2D4} : DhcpNameServer = 24.177.176.38 71.92.29.130 24.217.201.67
TCP: Interfaces\{7C413551-5001-4EBE-9365-9DFA8947F2D4}\2375942554135343 : DhcpNameServer = 192.168.1.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO-X64: RoboForm BHO - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
BHO-X64: Panda Security Toolbar - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
BHO-X64: TBSB07898 - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll
TB-X64: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
TB-X64: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB-X64: {8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
mRun-x64: [Conime] %windir%\system32\conime.exe
mRun-x64: [EKAiO2StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI. exe
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE-X64: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

cbcotton
03-31-2012, 10:23 PM
Part 3

================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\cindy\AppData\Roaming\Mozilla\Firefox\Pro files\u63ooxgt.default\
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc -
.
============= SERVICES / DRIVERS ===============
.
R?2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_ sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_ xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-7-5 227384]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2011-3-9 366000]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe [2011-6-8 126392]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atik mdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atik mpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sy s --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftpla ylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftr edirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh .sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam_x64.sys --> C:\Windows\system32\DRIVERS\ManyCam_x64.sys [?]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-1-9 4925184]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VS TAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VS TDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVER S\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsus bflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-5 365568]
S4 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-8-5 681528]
S4 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
S4 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe [2011-6-8 123320]
S4 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-04-01 02:02:17 -------- d-----w- C:\WINSSLog
2012-04-01 01:48:20 -------- d-----w- C:\Users\cindy\AppData\Local\{1EDB3AFD-6A1A-465B-9A2E-1F48B87C9CAC}
2012-04-01 00:04:32 -------- d-----w- C:\ProgramData\NortonInstaller
2012-03-31 03:15:25 -------- d-----w- C:\Users\cindy\AppData\Local\{006CB2F0-5C6B-4D4F-9F38-1DFB9A106CF3}
2012-03-31 02:25:33 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{572AB3E9-3074-429B-B171-EEE0C57B8341}\mpengine.dll
2012-03-31 00:20:58 -------- d-----w- C:\Users\cindy\AppData\Roaming\Systweak
2012-03-31 00:20:38 18816 ----a-w- C:\Windows\System32\roboot64.exe
2012-03-30 04:58:49 -------- d-----w- C:\Users\cindy\AppData\Roaming\Malwarebytes
2012-03-30 04:58:29 -------- d-----w- C:\ProgramData\Malwarebytes
2012-03-30 04:48:21 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
2012-03-29 20:25:55 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-03-29 20:25:55 676968 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-03-29 06:38:00 -------- d-----w- C:\Users\cindy\AppData\Roaming\FixCleaner
2012-03-29 06:37:28 -------- d-----w- C:\Program Files (x86)\FixCleaner
2012-03-28 05:30:19 -------- d-----w- C:\Users\cindy\AppData\Local\{AF88789E-19F1-4313-B3C4-E93C4E748D42}
2012-03-28 05:29:43 -------- d-----w- C:\Users\cindy\AppData\Local\{321FAE44-9E34-40FE-A6FF-20BB20309B36}
2012-03-26 21:34:19 -------- d-----w- C:\Temp
2012-03-26 03:43:20 -------- d-----w- C:\Users\cindy\EASTER - EnVELOPES - Standard Size Envelope_files
2012-03-22 01:14:14 -------- d-----w- C:\Users\cindy\AppData\Local\{A91B7C54-194D-42CD-ADB4-AD6E34A3B265}
2012-03-22 01:13:41 -------- d-----w- C:\Users\cindy\AppData\Local\{78C5BF5C-F99E-494F-AD15-B1F7EA0E9862}
2012-03-18 22:07:57 -------- d-----w- C:\Users\cindy\AppData\Local\{A25DAB75-9D35-4069-9C53-F1228093F349}
2012-03-18 22:04:45 -------- d-----w- C:\Users\cindy\AppData\Local\{B3E7B0E0-CE46-47A3-A16B-DF5D504C7DD3}
2012-03-18 19:18:28 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientU X\UpdateableMarkup-3\markup.dll
2012-03-15 18:24:58 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-15 18:24:56 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-15 18:24:55 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-15 10:39:18 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-15 10:39:15 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-15 10:39:15 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-15 10:39:12 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-15 10:39:12 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-15 10:39:12 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-15 10:38:56 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-15 10:38:55 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-15 10:38:55 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-15 10:38:55 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-10 21:07:13 -------- d-----w- C:\Users\cindy\AppData\Local\{D4574D4F-DAB0-4743-A551-43FCD60FC34E}
2012-03-10 21:07:01 -------- d-----w- C:\Users\cindy\AppData\Local\{7593D55A-7BDB-47B8-8E90-9C586652DEB1}
2012-03-09 22:26:11 -------- d-----w- C:\ProgramData\W3i
2012-03-09 22:26:11 -------- d-----w- C:\Program Files (x86)\W3i
2012-03-09 22:26:10 -------- d-----w- C:\Users\cindy\AppData\Local\I Want This
2012-03-04 19:13:43 651264 ------w- C:\Windows\System32\stapi64.dll
2012-03-04 19:13:19 -------- d-----w- C:\Program Files\IDT
2012-03-04 19:13:18 564224 ----a-w- C:\Windows\System32\idt64mp1.exe
2012-03-04 19:13:18 524800 ----a-w- C:\Windows\sttray64.exe
2012-03-04 19:13:18 4594176 ----a-w- C:\Windows\System32\stlang64.dll
2012-03-04 19:13:18 438784 ----a-w- C:\Windows\System32\IDTNC64.cpl
.
==================== Find3M ====================
.
2012-03-29 20:25:55 107624 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-02-21 19:19:43 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
.
============= FINISH: 21:13:34.94 ===============

jholland1964
03-31-2012, 10:24 PM
Staying in Normal Mode, go to Add/Remove and look for this listing
essentials

If it is there Uninstall it.

You have 6 instances of Internet Explorer running...did you have 6 Internet Explorer tabs or Internet Explorer windows open when you ran this last DDS scan?

cbcotton
03-31-2012, 10:30 PM
2nd Part of 1st report

==== Event Viewer Messages From Past Week ========
.
3/31/2012 9:05:58 PM, Error: Service Control Manager [7022] - The Client Virtualization Handler service hung on starting.
3/31/2012 9:02:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the

service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
3/31/2012 9:00:59 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location

Awareness service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 9:00:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the

service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/31/2012 9:00:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the

service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/31/2012 9:00:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the

service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
3/31/2012 9:00:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the

service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/31/2012 9:00:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the

service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/31/2012 9:00:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the

service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/31/2012 9:00:43 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load:

AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
3/31/2012 9:00:36 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface

Service service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 9:00:36 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on

the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is

not functioning.
3/31/2012 9:00:36 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB

MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group

failed to start.
3/31/2012 9:00:36 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB

MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group

failed to start.
3/31/2012 9:00:36 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI

proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 9:00:36 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network

Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 9:00:36 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support

Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 9:00:36 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver

for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 9:00:36 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the

Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed

to start.
3/31/2012 8:48:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the

service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
3/31/2012 8:36:51 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which

failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 8:35:54 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after

receiving a preshutdown control.
3/31/2012 8:05:59 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has

encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description:

Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition

updates in order to enable real-time protection.
3/31/2012 8:02:04 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has

encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description:

Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition

updates in order to enable real-time protection.
3/31/2012 7:56:55 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has

encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description:

Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition

updates in order to enable real-time protection.
3/31/2012 7:52:53 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has

encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description:

Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition

updates in order to enable real-time protection.
3/31/2012 7:48:34 PM, Error: Service Control Manager [7031] - The Common Client Job Manager Service service terminated

unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/31/2012 7:34:33 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has

encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description:

Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition

updates in order to enable real-time protection.
3/31/2012 7:03:57 PM, Error: Service Control Manager [7031] - The Norton Internet Security service terminated unexpectedly. It

has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/31/2012 6:27:42 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the

Windows Error Reporting Service service to connect.
3/31/2012 6:24:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the eventlog service.
3/31/2012 6:17:16 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered

an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error

Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to

enable real-time protection.
3/31/2012 6:17:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load:

BHDrvx64 SymIRON
3/31/2012 6:13:42 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load:

AFD BHDrvx64 DfsC discache eeCtrl IDSVia64 MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON

SymNetS tdx vwififlt Wanarpv6 WfpLwf
3/31/2012 6:00:17 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered

an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error

Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to

enable real-time protection.
3/31/2012 5:52:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the

service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
3/31/2012 5:52:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the

service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
3/31/2012 1:13:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the upnphost service.
3/31/2012 1:13:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the HP Support Assistant Service service.
3/31/2012 1:12:34 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the HP Wireless Assistant Service service.
3/31/2012 1:12:02 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{7C413551-5001-

4EBE-9365-9DFA8947F2D4} because another computer on the network has the same name. The server could not start.
3/31/2012 1:11:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the NIS service.
3/31/2012 1:11:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the EFS service.
3/30/2012 2:43:23 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the

service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
3/30/2012 2:43:21 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the

Windows Modules Installer service to connect.
3/30/2012 2:43:21 AM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the

following error: The service did not respond to the start or control request in a timely fashion.
3/30/2012 2:27:23 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the PCCUJobMgr service.
3/29/2012 7:45:00 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the AMD External Events Utility service.
3/29/2012 7:37:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the fdPHost service.
3/29/2012 10:51:47 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has

encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description:

Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition

updates in order to enable real-time protection.
3/28/2012 9:44:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the HPWMISVC service.
3/28/2012 2:40:27 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the Wlansvc service.
3/28/2012 11:58:58 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update

signatures. New Signature Version: Previous Signature Version: 1.123.489.0 Update Source: Microsoft Update

Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type:

Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0

Error code: 0x80072ee2 Error description: The operation timed out
3/28/2012 11:33:03 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a

bugcheck. The bugcheck was: 0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000006,

0xfffffa8004bb6640). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 032812-50513-01.
3/27/2012 4:44:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the PlugPlay service.
3/26/2012 8:57:13 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has

encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description:

Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition

updates in order to enable real-time protection.
3/26/2012 5:25:30 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the

following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.123.430.0).
3/26/2012 5:25:21 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update

signatures. New Signature Version: Previous Signature Version: 1.123.340.0 Update Source: Microsoft Update

Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type:

Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0

Error code: 0x80070643 Error description: Fatal error during installation.
3/25/2012 8:51:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the ShellHWDetection service.
3/25/2012 3:59:08 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has

encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description:

Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition

updates in order to enable real-time protection.
3/25/2012 3:53:02 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has

encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description:

Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition

updates in order to enable real-time protection.
3/25/2012 3:44:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action

(Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with

the following error: An instance of the service is already running.

cbcotton
03-31-2012, 10:33 PM
Part 3 1st Report

3/25/2012 3:44:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action

(Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the

following error: An instance of the service is already running.
3/25/2012 3:43:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action

(Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An

instance of the service is already running.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated

unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has

done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1

time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done

this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated

unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It

has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1

time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly.

It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated

unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has

done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated

unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 11:59:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the wlidsvc service.
3/25/2012 11:59:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a

transaction response from the Netman service.
.
==== End Of File ===========================

jholland1964
03-31-2012, 10:34 PM
Sorry Cindy, I posted in the middle of your posting your log, did you see this?

Staying in Normal Mode, go to Add/Remove and look for this listing

essentials

If it is there Uninstall it.

You have 6 instances of Internet Explorer running...did you have 6 Internet Explorer tabs or Internet Explorer windows open when you ran this last DDS scan?

Judy

cbcotton
03-31-2012, 10:44 PM
There were not 6 open boxes in the lower task bar but I know with it freezing up I am constantly clicking to get it to unfreeze so this would totally not surprise me. I cannot get anywhere with this computer it has been a major migraine for me and just gets worse. so what do I need to do.

cbcotton
03-31-2012, 10:48 PM
Under programs there is no listing just essentials there is a windows live essentials

jholland1964
03-31-2012, 10:54 PM
There were not 6 open boxes in the lower task bar but I know with it freezing up I am constantly clicking to get it to unfreeze so this would totally not surprise me. I cannot get anywhere with this computer it has been a major migraine for me and just gets worse. so what do I need to do.Under programs there is no listing just essentials there is a windows live essentials OK that's fine. MSE is still "somewhere" on the computer because it still shows in the log, but it IS disabled so that is fine for now. We will worry about that later on. Let's see if we can find out if there is more malware on the computer.

Here is the next step.

Please download Malwarebytes' Anti-Malware (MBA-M) to your Desktop.

http://majorgeeks.com/downloadget.php?id=5756&file=9&evp=693ee0b20204960edfd909666f809b26

Then close all your browsers.

* DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version if one is available. There are always new updates to the definitions.
* Once the program has loaded, select Perform full scan, then choose the drive(s) then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected if malware is found.

* When MBA-M finishes, Notepad will open with the log. The log can be retrieved by opening up MBAM and clicking on the Logs Tab at the top of the program .

Reboot the computer

Open MBA-M again, and get the log. The log can be retrieved by opening up MBAM and clicking on the Logs Tab at the top of the program.

Come back here and Copy/Paste the log into a new reply.

This scan could likely take well over 1 hour, maybe a bit more. IF and only IF the computer totally freezes up during this scan, stop the scan. Shut down the computer and Reboot to Safe mode and run the Full Scan again.

It IS preferable that MBA-M be run in Normal Mode because it doesn't scan all files in Safe Mode but it can be run in Safe Mode if that is the only way you can get it to complete, but as I said, please try first in Normal Mode.

*Do you have some other device plugged into the computer like an external hard drive, a usb hub, a camera of some kind?
*Does the computer freeze in Safe Mode???

**Please answer these questions before leaving to get the MBA-M program, this is very important.

cbcotton
03-31-2012, 11:13 PM
I don't really know if it freezes in safe mode I have not been able to log on to internet in safe mode do I go forward

jholland1964
03-31-2012, 11:17 PM
I don't mean Online, I mean just plain old Safe Mode.
So if I am understanding you though, are you saying that it only freezes when you are doing something online, not when doing other things on the computer that do not require you to use IE or whatever browser you are using?

cbcotton
03-31-2012, 11:19 PM
I don't do anything offline not even sure what you can all do offline. I always use Internet Exp I have Firefox as a back up but never use.

jholland1964
03-31-2012, 11:24 PM
When you were in Safe Mode...Not online in Safe mode, just safe mode...was it freezing?

cbcotton
03-31-2012, 11:31 PM
Not that I remember but I was not there long.

jholland1964
03-31-2012, 11:35 PM
Not that I remember but I was not there long.
Ok, but you also could never use Safe Mode with Networking? What happened when you tried?

cbcotton
03-31-2012, 11:41 PM
I would get a complete black screen and it was just like I had not internet service thats why I thought there for awhile it was my provider. I even called them to see if service was out.

jholland1964
03-31-2012, 11:52 PM
I would get a complete black screen and it was just like I had not internet service thats why I thought there for awhile it was my provider. I even called them to see if service was out.
You got a black screen but would go no farther, not to the desktop at all? Safe mode, regardless of just plain Safe mode or Safe Mode with Networking should eventually take you to the desktop. It will look odd because the display drivers aren't loaded and of course there are some things you cannot do but you should see the desktop, yours never gets there when trying Safe Mode with Networking?
How long did you wait? It may take longer.

cbcotton
03-31-2012, 11:53 PM
Ok I just tried that again I felt like there was something I had missed telling you my chemo makes me have bad brain fog so here is what happen.
I rebooted and signed on as safe mose it loaded window files then it came up a black screen that at top said microsoft window(R) Build 7601 Service Pack 1

then a large box pulls up help and support and explains safe mode
but still could not log into internet.

cbcotton
03-31-2012, 11:55 PM
So do I move forward with the Malwarebytes' Anti-Malware (MBA-M)

jholland1964
03-31-2012, 11:59 PM
Take a look at my Attachment. Do you see that Screen when you Tap F8?

and if you do are you navigating to where my arrow points and hitting the Enter Key?

cbcotton
04-01-2012, 12:01 AM
I am a bigger problem than you expected...lol but I hope you can get me through this. I never get a desk top even in normal mode I think one time when I put a background pic which I no longer have it stopped showing desktop.

And when I started having problems steve at world start it was the old one before it change over told how to change settings so that it don't take up so much memory or whatever so I hope you know what I'm talking about.

cbcotton
04-01-2012, 12:03 AM
I thought you said go to safe mode NOT SAFE NETWORKING p.s. i hope you don't have a gun...lol

jholland1964
04-01-2012, 12:09 AM
I am a bigger problem than you expected...lol but I hope you can get me through this. I never get a desk top even in normal mode I think one time when I put a background pic which I no longer have it stopped showing desktop.

And when I started having problems steve at world start it was the old one before it change over told how to change settings so that it don't take up so much memory or whatever so I hope you know what I'm talking about.
I thought you said go to safe mode NOT SAFE NETWORKING p.s. i hope you don't have a gun...lol

I am only asking questions here to try to get a clearer picture. But basically, Safe Mode and Safe Mode with Networking are pretty much the same Except with Networking that gives you the Internet in Safe Mode. When I had you do the removes I did want only Safe Mode and that was correct. You were the one who said you couldn't get Safe Mode with Networking and that isn't normal, you should be able to do both.

Not sure what you mean by "the old one before the change" I have been a member here 7 years and this is the same forum it was then. Nothing has changed here really since I first joined.

If you did changes based on something you read when you were using a different computer then that was for a different operating system then this is a big reason for your problems. Settings must be based on the operating system you are using today, not one you used many years ago. There is really no comparison between them except they all are called Windows "something". Setting changes should be done based on the Operating system on the present computer. What worked on older systems won't work on newer ones and vice/versa.

Look at my attachment...you get nothing similar to what my desktop shows? Ours will not be identical because we don't have the same programs installed but certainly should be similar

cbcotton
04-01-2012, 12:10 AM
So do you want me to go to Safe Mode Networking i do see that when i hit f8

cbcotton
04-01-2012, 12:12 AM
No i have no desktop what soever to come up i thought this was something before world start but it is steve who told me let me look up i feel sure i saved the email

jholland1964
04-01-2012, 12:21 AM
So do you want me to go to Safe Mode Networking i do see that when i hit f8

Yes, I will want you to try that later, not now, maybe tomorrow. I am just trying to get a clearer picture here. So you see NO desktop whatsoever, correct? Then how do you open programs, like Internet Explorer? When I told you to download DDS, and the other files to your Desktop...where did they go, did you see them or did you have to look for them someplace?

No i have no desktop what soever to come up i thought this was something before world start but it is steve who told me let me look up i feel sure i saved the email

Are you sure this was a personal email or was it a Newsletter? They are very different. The thing is, you have a very high power computer, with a very large hard drive that is nearly empty. There really would be no reason to do whatever it is you have done to not take up so much memory or whatever it was you were trying to do. But even something to save memory certainly shouldn't remove the normal desktop.

cbcotton
04-01-2012, 12:28 AM
No i never see a desktop and to get to the desktop i have to go to start and type it in.

to get on the net i have a box with a e on it in my lower task bar at the bottom for some reason i have 2 down there now and this just happened within the last day or 2.

whatever i did that steve told in the email was for visual i know i have the email it changed nothing other than the way things appear it don't have the fancy looks of the newer verision. i know i have caused myself more problems trying to resolve the problems i have but i have been so desperate to find a solution.

what time is it where you are it is 12:28 my time

jholland1964
04-01-2012, 12:35 AM
It is 1:38 am here. Tell you what, look for the email or whatever it was that you used to do whatever it was that made your computer look like it does today. Tomorrow come back and tell me exactly what was done, copy/paste the info if you have to do that. We need the full information, including the Date of the information.
The way you are having to access things is just totally wrong, it should be as easy as the click of the mouse. You shouldn't have to click anything to see what I see...when the computer boots up you should see something similar to what the printscreen of my desktop shows. If you are not then there is something terribly wrong, or something that should not have been turned off has been turned off.
Forget the MBA-M for the moment. We need to get this all worked out first.

cbcotton
04-01-2012, 12:40 AM
Ok sounds good I will get this info for you and get back with you tomorow i hope you sleep good and i look forward to talking with you tomorrow.
Thanks
Cindy

jholland1964
04-01-2012, 12:41 AM
I will "talk" you tomorrow.

cbcotton
04-01-2012, 10:48 AM
Good shall I say afternoon I was up most of the night sick I got about 4 hours sleep. But am ready when you are to proceed. I have looked for the email where I made the changes have not found it but I know I have it.

cbcotton
04-01-2012, 12:11 PM
Good shall I say afternoon I was up most of the night sick I got about 4 hours sleep. But am ready when you are to proceed. I have looked for the email where I made the changes have not found it but I know I have it.

jholland1964
04-01-2012, 02:04 PM
Have gone through both logs again multiple times, looking at Event Error messages especially. Virtually all of these errors or at least the majority of them are due to the fact that key Windows Services did not start when the computer booted up. "Some" may have been generated during the Safe Boot, but certainly not all of them since the errors go back to the 25th and you didn't even post here until the 29th. All of the Windows Services that are not starting should be set to Automatic Startup for Windows 7 and for some reason they either are not set that way or if are set correctly to Automatic start up they obviously are not working correctly because they don't run. Some have to do with your ability to connect or stay connected to the internet.
Now you could have done this yourself, manually, or an infection could have done this OR that supposed Registry Booster could have done it. I really can't say for sure.

I want you to check msconfig to see what it says about boot options.
Look at my attachment.

Go to Start and type in msconfig into that search box. When that opens on that very first Tab it will show you Start up Selection. Be sure there is a dot in Normal Startup. If there is not a dot there, put one there, click Apply, Ok.
Then reboot the computer and come back and tell me what happened.

cbcotton
04-01-2012, 03:17 PM
I fell asleep but I found the email what I did Turned off window areo for performance. I have not gone and reversed due to falling asleep.
here is the information. would you reather me post reply than qucik reply?


Turn Off Windows Aero for Performance




Home -> Desktop Enhancement -> Turn Off Windows Aero for Performance


91 % - 35 Total Votes


Printer Friendly
Share

Like what you see here? Subscribe to the Tech Tips newsletter! Email: Subscribe





Windows 7 is certainly pretty, and Aero makes those open desktop windows look even better. But all that pretty takes up computing resources.

If you’ve installed Windows 7 on an older machine, or if you just want your computer to run more efficiently, there are two ways that you can reduce your graphics features. If you combine these methods, you can free up your graphics card to work faster in applications or games.



To deactivate Aero on your desktop, right-click anywhere on the desktop, and then left-click Personalize in the resulting menu.



The Personalization menu contains the various graphics themes you can use on your desktop windows. The default Windows scheme uses Aero, which includes features like translucent window frames. If you want your system to run a bit more efficiently, select the Windows 7 Basic theme, or any of the Windows Classic or High Contrast themes. This will reduce the work your graphics card has to do to run your desktop.

If you want to reduce other graphics features and speed things up even more, you can edit your visual effect in the System Properties menu.




Right-click on the Computer icon and left-click Properties. This will take you to the System Properties menu.




In the task menu on the left, left-click Advanced system settings.




Under the Advanced tab of the resulting menu, find the section marked Performance. Left-click the Settings button to the right of this section.




By default, your visual effects will be set to let Windows choose the best settings. You can experiment with these settings as you wish by clicking Apply each time you change
something.


Some of the bigger resource-hogging effects include fading out menus, animating windows and controls, and visual styles on windows and buttons. Other features, like smoothing screen fonts, are helpful enough (for your eyes especially!) that it’s a good idea to leave them on. A good custom setting may look like this:




Once you have selected the desired settings, click OK to finish. Your desktop and windows may not look as pretty anymore, but for XP users the difference is hard to notice – and your computer will definitely run faster!

cbcotton
04-01-2012, 03:33 PM
Completed task there was no dot there I put one there and rebooted

cbcotton
04-01-2012, 03:40 PM
When I did the registery it was a 100% money back guarantee for 30 days so when it did not resolve all my problems but it did help some so I contacted them and they guy gave me several things to do and I remember I had gone there I remember typing in the msconfig. But I don't remember removing that.

jholland1964
04-01-2012, 03:46 PM
That is from the World Start Newsletter, July 10, 2010.

So I presume then you have chosen Black. Correct? This should NOT affect or improve the computer with it's freezing problem, if anything this should have "maybe" speeded things up, but with the computer you have that should not have been necessary. If you see no desktop icons then this may also be why.

Did you do EVERYTHING listed there? Reduce Graphics features, edit your visual effects, alter all the performance settings?

Of course the choice to do this was/is yours. But many of those tips are most beneficial for Windows 7 that has been installed on an older machine, not for a computer like yours really. Yours is brand new and should perform at a very high rate of speed already, these changes would not have really made a huge difference, at least I don't believe, except for the way things look.

Did you do these things because of the freezing?

jholland1964
04-01-2012, 03:48 PM
Completed task there was no dot there I put one there and rebooted
When I did the registery it was a 100% money back guarantee for 30 days so when it did not resolve all my problems but it did help some so I contacted them and they guy gave me several things to do and I remember I had gone there I remember typing in the msconfig. But I don't remember removing that.
Reply With Quote


If you altered anything having to do with Boot up, either in Startup, Boot or Services then that dot would be removed automatically and you would have been using Selective Start up and there would have been no dot in Normal startup

cbcotton
04-01-2012, 03:52 PM
I did do these things for the freezing I was trying anything that I could do to solve the problem and now seeing I caused more problems. I don't remember everything I did do but I know it did alter the looks but I want to go and reverse as soon as you tell me its okay to do so. what would you like for me to do next?

jholland1964
04-01-2012, 03:52 PM
Did the change make any difference?
I have to leave shortly for about an hour but will be back later.
Run that MBA-M scan please following directions I gave you earlier.

cbcotton
04-01-2012, 03:58 PM
It has not froze since but I will do the MBA-M scan and I hope I am closer to getting my sanity back. Thank You

cbcotton
04-01-2012, 04:07 PM
Ok just gave me a box not resaponding. I do no understand this message

Quote (Originally by cbcotton)---
Completed task there was no dot there I put one there and rebooted
---End Quote---
???? Completed task??? Where did you see that??? Nothing like that shows in my print screen.

jholland1964
04-01-2012, 05:19 PM
I did do these things for the freezing I was trying anything that I could do to solve the problem and now seeing I caused more problems. I don't remember everything I did do but I know it did alter the looks but I want to go and reverse as soon as you tell me its okay to do so. what would you like for me to do next?

Ok just gave me a box not resaponding. I do no understand this message

Quote (Originally by cbcotton)---
Completed task there was no dot there I put one there and rebooted
---End Quote---
???? Completed task??? Where did you see that??? Nothing like that shows in my print screen.
I actually changed that message after I saw your second post, so ignore the one above.
When did you get the box "not responding"? What exactly were you doing at that time that you got the "not responding" box?

cbcotton
04-01-2012, 05:27 PM
I was coming back to respond to your message from doing.

okay trying to do MBA=M it is not giving me a drive (s) only choices are
c
d
e
f
g
q

there is a check mark next to c,d,q so i have not done anything

cbcotton
04-01-2012, 05:45 PM
What do you want me to do?

MikeN.
04-01-2012, 05:57 PM
What do you want me to do?

Leave the check mark in all of those listed and run the scan please. C is your main drive

cbcotton
04-01-2012, 07:46 PM
Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.01.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
cindy :: MRMDE-HP [administrator]

Protection: Enabled

4/1/2012 6:20:50 PM
mbam-log-2012-04-01 (18-20-50).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 367262
Time elapsed: 1 hour(s), 9 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\CLSID\{7b9f8c21-46ec-4c0b-8683-e755ef84577a} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971cee-01b8-42bc-9d91-456b1faad6be} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971cee-01b8-42bc-9d91-456b1faad6be} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{23B38049-323F-443D-9732-F454E5B15B72} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\CouponAlert_2p (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\cindy\AppData\LocalLow\CouponAlert_2pEI\I nstallr\Cache\0131371C.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\cindy\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\cindy\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.

(end)

cbcotton
04-01-2012, 07:56 PM
2012/03/30 02:32:10 -0500 MRMDE-HP cindy MESSAGE Executing scheduled update: Daily
2012/03/30 02:32:10 -0500 MRMDE-HP cindy MESSAGE Starting protection
2012/03/30 02:32:12 -0500 MRMDE-HP cindy ERROR Scheduled update failed: No address found failed with error code 11004
2012/03/30 02:32:16 -0500 MRMDE-HP cindy MESSAGE Protection started successfully
2012/03/30 02:32:19 -0500 MRMDE-HP cindy MESSAGE Starting IP protection
2012/03/30 02:32:27 -0500 MRMDE-HP cindy MESSAGE IP Protection started successfully

cbcotton
04-01-2012, 07:57 PM
2012/04/01 18:06:37 -0500 MRMDE-HP cindy MESSAGE Starting protection
2012/04/01 18:06:42 -0500 MRMDE-HP cindy MESSAGE Protection started successfully
2012/04/01 18:06:45 -0500 MRMDE-HP cindy MESSAGE Starting IP protection
2012/04/01 18:06:50 -0500 MRMDE-HP cindy MESSAGE IP Protection started successfully
2012/04/01 18:19:14 -0500 MRMDE-HP cindy MESSAGE Starting protection
2012/04/01 18:19:20 -0500 MRMDE-HP cindy MESSAGE Protection started successfully
2012/04/01 18:19:23 -0500 MRMDE-HP cindy MESSAGE Starting IP protection
2012/04/01 18:19:26 -0500 MRMDE-HP cindy MESSAGE IP Protection started successfully
2012/04/01 18:20:34 -0500 MRMDE-HP cindy MESSAGE Starting database refresh
2012/04/01 18:20:34 -0500 MRMDE-HP cindy MESSAGE Stopping IP protection
2012/04/01 18:23:29 -0500 MRMDE-HP cindy MESSAGE IP Protection stopped
2012/04/01 18:23:33 -0500 MRMDE-HP cindy MESSAGE Database refreshed successfully
2012/04/01 18:23:33 -0500 MRMDE-HP cindy MESSAGE Starting IP protection
2012/04/01 18:23:37 -0500 MRMDE-HP cindy MESSAGE IP Protection started successfully
2012/04/01 18:30:29 -0500 MRMDE-HP cindy MESSAGE Executing scheduled update: Daily
2012/04/01 18:30:30 -0500 MRMDE-HP cindy MESSAGE Database already up-to-date
2012/04/01 19:44:35 -0500 MRMDE-HP cindy MESSAGE Starting protection
2012/04/01 19:44:38 -0500 MRMDE-HP cindy MESSAGE Protection started successfully
2012/04/01 19:44:41 -0500 MRMDE-HP cindy MESSAGE Starting IP protection
2012/04/01 19:44:45 -0500 MRMDE-HP cindy MESSAGE IP Protection started successfully

MikeN.
04-01-2012, 07:59 PM
You already posted the pertinent log, not sure where your getting this latest info from. Next step, disregard the part about disabling your av as you dont have one installed. Would strongly suggest after this scan is done, adding Avira av.

Next do this:
Please Run the ESET Online Scanner

http://www.eset.com/onlinescan/scanner.php?i_agree=14
* You can use Internet Explorer to to complete this scan and you will need to allow an Active X to be installed or you may use Firefox
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log

cbcotton
04-01-2012, 07:59 PM
Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.01.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
cindy :: MRMDE-HP [administrator]

Protection: Enabled

4/1/2012 6:20:50 PM
mbam-log-2012-04-01 (18-20-50).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 367262
Time elapsed: 1 hour(s), 9 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\CLSID\{7b9f8c21-46ec-4c0b-8683-e755ef84577a} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971cee-01b8-42bc-9d91-456b1faad6be} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971cee-01b8-42bc-9d91-456b1faad6be} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{23B38049-323F-443D-9732-F454E5B15B72} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\CouponAlert_2p (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\cindy\AppData\LocalLow\CouponAlert_2pEI\I nstallr\Cache\0131371C.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\cindy\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\cindy\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.

(end)

jholland1964
04-01-2012, 08:00 PM
Good, now do this:

Run the ESET Online Scanner

http://www.eset.com/onlinescan/scanner.php?i_agree=14

* You can use Internet Explorer to complete this scan and you will need to allow an Active X to be installed or you may use Firefox
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt.

Reboot the computer after the scan, which also will likely take as long as the MBA-M scan took to complete.

Come back here and post that ESET Scan log.
You will have to go to C:\Program Files\EsetOnlineScanner\log.txt. to get that log.
You are doing great.

cbcotton
04-01-2012, 08:11 PM
Is Avira av a security I need to pay for?

MikeN.
04-01-2012, 08:13 PM
Is Avira av a security I need to pay for?

No...Do the Eset scan and we will get you set up after that. Would never steer anyone towards a paid product when there are free ones that are just as good or better. Have a read on this thread when your scan is finished.

http://forum.worldstart.com/showthread.php?t=157857

cbcotton
04-01-2012, 08:20 PM
I really appreciate the encouragement I so much needed it I was afraid you were getting tired of me. Thank You
I thought I did not have a anti virus program.

cbcotton
04-01-2012, 08:23 PM
I thought you said MSE was disable?

MikeN.
04-01-2012, 08:26 PM
I thought you said MSE was disable?

I am coming into this thread late, as far as i remember, MSE and Norton av's were both removed. Meaning you dont have an av installed presently, that is why I mentioned installing Avira. Run the Eset scan and we will get that situation resolved right after.

jholland1964
04-01-2012, 08:29 PM
I thought you said MSE was disable?
It is disabled. Don't worry about that now. There will be a lot more that has to be done. We have to figure out WHY the freezing is happening, how to get your desktop back, why all this happened IF possible and see if we can get it all fixed.
Just do the ESET scan for now, have it fix whatever it finds and then come back.
There is a lot to do here, putting another av on there right now is not something that we can do until we figure out what is actually going on. We don't want to add other programs until we get things straightened out. Just don't do any more than necessary online...like the scan and coming here.

cbcotton
04-01-2012, 08:31 PM
ok it says i have window defender what do i do?

cbcotton
04-01-2012, 08:33 PM
It says it detected another anti virus it says it could affect the scan and i clicked the list and it shows window defender so do i go forward with it?

cbcotton
04-01-2012, 08:38 PM
I do not see that in the programs. I had contacted Norton awhile back to remove all their stuff and the computer constantly would freeze and the people would never hang in there to get it removed. so what do i do now?

jholland1964
04-01-2012, 08:50 PM
Just go ahead. Don't worry about it. Windows Defender was turned off and is not an av program, it probably is detecting the MSE files that we can't find, but it IS disabled so continue. Norton IS gone, you removed it yesterday. Windows Defender has nothing to do with Norton so there would be no reason for them to help you with that.

MikeN.
04-01-2012, 09:18 PM
Just go ahead. Don't worry about it. Windows Defender was turned off and is not an av program, it probably is detecting the MSE files that we can't find, but it IS disabled so continue. Norton IS gone, you removed it yesterday. Windows Defender has nothing to do with Norton so there would be no reason for them to help you with that.

Might suggest trying to reinstall MSE, reboot then try and uninstall it again. Hopefully what was probably removed using that Uniblue registry program will be replaced allowing removal.

cbcotton
04-01-2012, 10:40 PM
where do i go to get it i typed that in the serach box and nothing came back

jholland1964
04-01-2012, 10:43 PM
where do i go to get it i typed that in the serach box and nothing came back
Typed what into the Search box?
If you mean the ESET log then you have to go to My Computer, double click C drive Program files OR Program Files (x86) not sure which one it will be in since it's a 64bit system.

cbcotton
04-01-2012, 11:12 PM
Not sure what all you wanted

ok there are lots of files and it is not letting me copy

jholland1964
04-01-2012, 11:14 PM
Not sure what all you wanted

ok there are lots of files and it is not letting me copy
There should be only one file labeled EsetOnlineScanner\log.txt

That .txt tells you it is a Notepad file, that is what you want. Open it up and copy it all.

cbcotton
04-01-2012, 11:19 PM
under log text document this was all there

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK

jholland1964
04-01-2012, 11:21 PM
Did you watch the scan when it was taking place? If so did it tell you it found anything?

cbcotton
04-01-2012, 11:21 PM
There is a quarentine file a module file

he was showing win32registrybooster application while it was running like 4 of them
then a win32-gen application

jholland1964
04-01-2012, 11:23 PM
There is a quarentine file a module file

he was showing win32registrybooster application while it was running like 4 of them
then a win32-gen application
Can you look again to see if there is a log in there. It will not say text document. It will say .txt

And did you tell the program to Fix or Remove items found?

What you posted was not a log file. It is the file showing you that the program installed and Registered ok. But that is not a log.

cbcotton
04-01-2012, 11:29 PM
it tell me to look for a program to open or to manually make one

jholland1964
04-01-2012, 11:31 PM
it tell me to look for a program to open or to manually make one
Sorry, but I don't understand. It told YOU to make one? Or look for a program? What program?

cbcotton
04-01-2012, 11:35 PM
ok i am looking and trying i click to remove it is freezing it got better than is worse at the moment

jholland1964
04-01-2012, 11:36 PM
ok i am looking and trying i click to remove it is freezing it got better than is worse at the moment
What are you trying to remove? I didn't tell you to remove anything except the items found by the scan, but all of that should have been fully completed BEFORE you came back here.

Are you still on the ESET Scanner Page???? It should have been closed and completely finished BEFORE you come back here. IF you are still on that page and have not told it to remove then the scan isn't finished with it's work. It wouldn't produce and log until it was totally finished with the removals and then you were told first to Reboot the computer AFTER that and then come back here, not while the scan was waiting to be told what to do.

cbcotton
04-01-2012, 11:45 PM
windows can't open file
file em 000_36 32.dat

to open this file windows needs to know what program you want to use to open it.
windows can go online to look it up automatically or you can manually select from a list of programs that are installed on your computer what do you want to do?

choices

use the web service to find the correct program

or

select a program from a list of installed programs


ok cancel

cbcotton
04-01-2012, 11:46 PM
it finshed and i rebooted

jholland1964
04-01-2012, 11:47 PM
windows can't open file
file em 000_36 32.dat

to open this file windows needs to know what program you want to use to open it.
windows can go online to look it up automatically or you can manually select from a list of programs that are installed on your computer what do you want to do?

choices

use the web service to find the correct program

or

select a program from a list of installed programs


ok cancel

You are not supposed to be opening a .dat file. Why are you attempting to open this file and where is it located????

cbcotton
04-01-2012, 11:52 PM
ok let me write down exactly what i am doing

jholland1964
04-01-2012, 11:54 PM
ok let me write down exactly what i am doing

Ok

cbcotton
04-02-2012, 12:04 AM
i open disk c

go to program files(x86)

then ESET

then

ESET online scanner

then it opens up all of these

modules
quartine
esets_apiA.dll
esets_apiW.dll
ESETSSmartInstaller
log
OnlineCmdLineScanner
OnlineCmdLineScannerA
online scanner
online scanner.ocx
online scanner64.ocx
online scanner App
online scanner lang.dll
online unistaller
unicows.dll

cbcotton
04-02-2012, 12:06 AM
then i tried to open the log and some of the other and thats when i get the box telling me i need to go through some program to open i tried to make shortcut to desktop and that did same thing

cbcotton
04-02-2012, 12:09 AM
i know your over there scrathing your head and there is no telling what else...lol

cbcotton
04-02-2012, 12:13 AM
scratching

cbcotton
04-02-2012, 12:16 AM
maybe creating new names for me...lol

jholland1964
04-02-2012, 12:25 AM
There is no scannerlog.txt there, meaning likely it didn't or wasn't allowed to fully complete. ESET says this on their FAQ page
The ESET Online Scanner saves a log file after running, which can be examined or sent in to ESET for further analysis. The path to the log file is "C:\Program Files\ESET\EsetOnlineScanner\log.txt".

I am going to be honest here, I am SURE you have some freezing problems, I truly am. But part of your problem, with this scan, and with the other scans and some of the other things you have done here is you do not give whatever it is you are working with time to take the action needed after ONE click. If you continue to click, click, click...each click tells the computer to do something when it hasn't finished what it was told to do with the first click because a second click happened, telling it to do it again, so it starts over and then another click happens so it is trying three or more times to do the very same thing, it cannot do that so it freezes.

For instance, remember the one DDS log showed 6 different instances of Internet Explorer open. You said yourself you kept clicking. So it opened 6 different Internet Explorers one on top of the other and none of them had time to fully load before you clicked again.
You have to give these things time to actually do what it is you want to do.
With this ESET scanner still running, you came back here. This would slow down the scan, possibly stop it because that is the only thing that must be done, let it run. When the scan was complete it would have told you that it was complete and then you should have had to tell it to remove the items and then you should not have clicked again but waited while it moved those infected files to the quarantine file. Once that was finished it would have told you it was finished and you could close the browser.

You posted this
ok i am looking and trying i click to remove it is freezing it got better than is worse at the moment
Then 9 minutes later you said:
windows can't open file
file em 000_36 32.dat...etc.

Then one minute later you said:
it finshed and i rebooted
I don't understand how you could have done all this and have the scanner remove the infected files, rebooted and posted all that here in less than 10 minutes unless you are using two computers.

Are you using two computers?

cbcotton
04-02-2012, 12:25 AM
okay so your not talking to me...lol...

jholland1964
04-02-2012, 12:30 AM
okay so your not talking to me...lol...
I just posted to you. Post #118 right above this one #119 that I quoted.

cbcotton
04-02-2012, 12:32 AM
okay i totally agree with me clicking constantly i guess i got into that with it freezing but i do know i did not do a thing even send you a message until it said finshed. i was reading a magazine and i waited for it to finsh. i don't remember though telling it to remove at the end. i am doing what you say and don't want to create more problems.
so what do you recommend beside give the computer time to do what it needs to do before clicking.

jholland1964
04-02-2012, 12:34 AM
Is it still freezing or just taking awhile to "do what you click"?

cbcotton
04-02-2012, 12:40 AM
well it has one time trying to open the files but i have not done anything

i was just kidding please understand i am so thankful for your help and i know that it will
not get better if i don't stop doing what i am doing to cause any problems.

cbcotton
04-02-2012, 12:42 AM
you have invested your time and effort to help me and i will not do anything to cause more problems if you tell me what i am doing wrong i will correct it right then and there.

jholland1964
04-02-2012, 12:42 AM
well it has one time trying to open the files but i have not done anything

i was just kidding please understand i am so thankful for your help and i know that it will
not get better if i don't stop doing what i am doing to cause any problems.
Oh I know you were kidding. I AM happy to help. Next thing you need to do is get rid of that Black Desktop, because that is what you have, I "think".

If you move your cursor around, without the browser open can you see the mouse arrow moving around on that black screen?

cbcotton
04-02-2012, 12:43 AM
may i ask your name my name is Cindy it is nice to meet you

jholland1964
04-02-2012, 12:46 AM
My name is Judy, nice to meet you too Cindy.

cbcotton
04-02-2012, 12:51 AM
and internet expl check for a solution

it is not actually a black screen it comes up with 4 square blocks with pictures in them it just not as fancy as it was.

jholland1964
04-02-2012, 12:52 AM
and internet expl check for a solution

it is not actually a black screen it comes up with 4 square blocks with pictures in them it just not as fancy as it was.
But you CAN see the mouse arrow????

cbcotton
04-02-2012, 12:54 AM
it is a older version of a windows screen

jholland1964
04-02-2012, 12:56 AM
it is a older version of a windows screen

But can you see the Mouse Arrow???? I do need to know this before I can tell you what to do next.

cbcotton
04-02-2012, 12:57 AM
it is a older version of a windows screen but would like to get back to what i am supose to have

jholland1964
04-02-2012, 12:58 AM
Can you please answer my question about the Mouse arrow? this is really, really, really important. I want to at least do this before I have to leave. This is going to take just a few seconds If I know if you can see the mouse arrow.

cbcotton
04-02-2012, 12:59 AM
yes i can see my arrow key when i move it around on that opening page but i do not have a desktop unless i go to start and type it in

jholland1964
04-02-2012, 01:08 AM
yes i can see my arrow key when i move it around on that opening page but i do not have a desktop unless i go to start and type it in
You HAVE a desktop....
it is a older version of a windows screen but would like to get back to what i am supose to have
That IS the desktop. The desktop is the screen you see when no programs are open. That is the desktop.

I want you to put your mouse anywhere on that screen with the 4 square blocks with pictures in them and RIGHT CLICK the mouse ONE Time. You should get a box that looks like my attachment. When that opens Click ONE time on Personalize. Then you will get the big box shown in my Second attachment.
When that opens choose any one of those Aero Themes and Click it ONE TIME. You desktop should change to that.
After that changes then click ONE TIME on the line on the left that says Change Desktop Icons.
Then you will get another box like the one in my third attachment. Click ONE time on the Button that says Restore Defaults. THen click ONE time on OK.
Close all of those boxes and come back and tell me if things changed to what you have chosen.
Don't come back and reply until you have done all of that.

jholland1964
04-02-2012, 01:16 AM
Cindy, I really have to get off of here, it is 2:15. Post back if it works or if it doesn't work. I will take a look in the morning and figure out what to do next depending on the results of this.

jholland1964
04-02-2012, 01:22 AM
Don't forget, you don't have an anti-virus program yet because we have to get rid of the remainders of MSE. So don't do a lot of surfing around, you aren't protected. After we get things so you can actually easily see what you are doing and your computer displays everything correctly, then we can finish that up when it's easier to see what you are doing.

cbcotton
04-02-2012, 01:33 AM
just starting the last things you told me to do i had problems computer kicked out and had problems signing back on

i am doing nothing but what you tell me thanks for reminding me though

cbcotton
04-02-2012, 07:32 AM
I was able to change the desktop to the picture that I chose but there is no icons listed not sure if this is what exactly you were shooting for.

jholland1964
04-02-2012, 08:32 AM
I was able to change the desktop to the picture that I chose but there is no icons listed not sure if this is what exactly you were shooting for.

Part of what I was shooting for. Did you attempt the second step?
After that changes then click ONE TIME on the line on the left that says Change Desktop Icons.

jholland1964
04-02-2012, 08:49 AM
Cindy, I see you reading about System Restore....Do Not Use System Restore. This is Not going to help with your problems. There is nothing about the problems you are having that System Restore can fix.

Please answer my question I asked you in Post #140

jholland1964
04-02-2012, 09:00 AM
Cindy, you just have to begin answering the questions asked. Obviously if you aren't here you can't do that, but right now you are here but reading about System Restore. Please don't use that and please answer my question. Did you do the following:
Click ONE TIME on the line on the left that says Change Desktop Icons.
Click ONE time on the Button that says Restore Defaults

cbcotton
04-02-2012, 10:08 AM
i was reading that info you told me to read yesterday and scanning i never read. but not doing any of it just trying to educate myself.
yes i did click both just one time

jholland1964
04-02-2012, 10:12 AM
I am going to have to leave here for awhile shortly.

Please follow the instructions below, report back the results and then I will come back later and read your reply.

Please keep checking through the day for my response. I have a meeting in one hour and then another later in the afternoon. I will check in between those meetings.

Anyway, if the Icons are still missing we will attempt to fix that Later.

I am going to give you the steps to at least try to get the computer back to somewhat the way it was before you used all those steps from that old WS newsletter.

The Icon instructions will come later if you have not gotten them back yet after these instructions, as will the removal of MSE remainders and install of a new Av program.

After you have done the steps below, Please do nothing else except report if the steps below worked and check back from time to time to see if I have replied.

You appear to be able to navigate your way around without them so I am going to give you another thing to do and I say again, we'll work on the Icon fix and the AV problems later on.

1. Right Click My Computer. Choose Properties. *See Attachment 1.

2. Click One time on Advanced System Settings. *See Attachment 2.

3. When that opens Click One Time on Performance Settings button. *See Attachment 3.

4. When that opens put a dot in "Let Windows choose what's best for my computer" and make sure there are check marks in ALL boxes in that window below that. When you have done all that click One time on the Apply button which will become visible. *See Attachment 4.

Give each step time to work Please. Results will not be instantaneous. Then close all that out and Reboot the computer, see how it works and come back here and report ALL of the results in one post.

Don't post questions between the steps. Give each step ample time to work.

When one is finished move to the next.

Do them one after another until all are complete.

Reboot and come back with how it all worked.

I will check for your reply when I return. Judy

cbcotton
04-02-2012, 11:15 AM
I was able to complete the task

jholland1964
04-02-2012, 12:21 PM
I was able to complete the task
Several questions, please answer them with one reply.

1. Is the computer still freezing all the time?

2. Are your Icons still missing?

3. When you click on the Start button, do you see something similar to what shows in my attachment? Won't have to have same things because that is a print screen of what mine shows, but something similar? *See attachment

cbcotton
04-02-2012, 01:07 PM
Judy we lost power I am on my sons phone I am still I don't have my icons do have about same visual as yours

cbcotton
04-02-2012, 01:09 PM
My battery is dead

cbcotton
04-02-2012, 01:20 PM
Ok got power but for sme revrasons my enter k ey not working son gone to get mouse

cbcotton
04-02-2012, 02:14 PM
i'm back

cbcotton
04-02-2012, 02:17 PM
what do you want me to do now?

jholland1964
04-02-2012, 02:45 PM
Just returned from my meeting.
Do this for me,

Right Click on Desktop

Click View

Make sure there is a check mark next to Show Desktop Icons. (special thanks to force12c)

*See Attached.

cbcotton
04-02-2012, 03:53 PM
I do have icons

jholland1964
04-02-2012, 04:01 PM
I do have icons
Hallelujah!!

Ok, here is the next thing you need to do, Check your hard disk for errors.

http://windows.microsoft.com/en-US/windows-vista/Check-your-hard-disk-for-errors

Open Computer by clicking the Start button, ONE TIME, and then clicking Computer.

Right-click the hard disk drive that you want to check, and then click Properties. The disk you want to check is "C"

Click the Tools tab, and then, under Error-checking, click Check Now. Administrator permission required If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

To automatically repair problems with files and folders that the scan detects, select Automatically fix file system errors. Otherwise, the disk check will simply report problems but not fix them.

To perform a thorough disk check, select Scan for and attempt recovery of bad sectors. This scan attempts to find and repair physical errors on the hard disk itself, and it can take much longer to complete.

To check for both file errors and physical errors, select both Automatically fix file system errors and Scan for and attempt recovery of bad sectors.

Click Start.

Depending upon the size of your hard disk, this may take several minutes. For best results, don't use your computer for any other tasks while it's checking for errors.

If you select Automatically fix file system errors for a disk that is in use (for example, the partition that contains Windows), you'll be prompted to reschedule the disk check for the next time you restart your computer.

This IS what your want to do.

Shut down all the way down and then Start up the computer and it will begin the check.

It will not look like it normally does, you likely will see a light blue screen showing you the progress of each section.

It will take awhile. You will not be able to do anything else until this is finished. Once it is finished it will continue to fully boot up to the normal desktop.

jholland1964
04-02-2012, 04:57 PM
Have been giving this some thought.

You also only use IE 9. IE 9 is notoriously slow and if you continuously click then it will eventually freeze up or fail to work and prompt you to close it because it fails to respond because it can't, it has been told to do something numerous times. I absolutely hate it, which is why I rarely use it, only when I have to use it.

It may need repair, but try below first.

Try Resetting Internet Explorer.

1. Start Internet Explorer.

2. On the Tools menu, click Internet Options.

3. On the Advanced tab, click Reset under Reset Internet Explorer settings.

4. You will get a box asking if you are sure you want to do this. In the Reset Internet Explorer Settings dialog box, click Reset to confirm.

Close Internet Explorer, reopen it and see if it makes a difference at all.

Also, I will be away for a few hours this evening. I WILL check in as soon as I return so post back with results of ALL of the above and any problems experienced while doing those.
Mike may check in if he gets off work early enough and may have instructions to hopefully take care of the MSE problem and possibly installing another AV. Follow his instructions exactly if he posts any and be sure to respond with all info he may request.
I will be back later this evening for sure so don't feel abandoned. Judy

cbcotton
04-02-2012, 06:46 PM
i would like to get rid of then can i do that?

MikeN.
04-02-2012, 07:28 PM
i would like to get rid of then can i do that?

No, you cant. Did you do the disk check that Judy recommended or for that matter resetting IE? It would help things greatly if you informed us of everything done based on recommendations to you. It keeps the posts to an absolute minimum so we dont have to ask if something that was recommended to do was actually done or not.

cbcotton
04-02-2012, 08:05 PM
I have completed the aboe task and have just been able to get back here to post due to freezing.

cbcotton
04-02-2012, 08:12 PM
what do you want me to do next? I did the disk check and have completed the resetting the Internet Explorer. I was having problems getting back into world start to reply but it seems that has been corrected. I have computer to say not responding 1 time and have done nothing but the task at hand nothing else. awaiting new task.

MikeN.
04-02-2012, 08:28 PM
what do you want me to do next? I did the disk check and have completed the resetting the Internet Explorer. I was having problems getting back into world start to reply but it seems that has been corrected. I have computer to say not responding 1 time and have done nothing but the task at hand nothing else. awaiting new task.

Ok, try and reinstall MSE av and reboot. If it installs correctly, then we want you to then uninstall it,again rebooting, hopefully it will all be removed so we can then install another free, better av. Let me know how it goes.

http://windows.microsoft.com/en-US/windows/products/security-essentials

cbcotton
04-02-2012, 09:20 PM
Tried to reinstall MSE it gave me message I already had MSE installed and gave me error message code Ox4FF02. so what do I do now?

cbcotton
04-02-2012, 09:35 PM
It gave me a page to click to how to and below the how page link it gave this message.

Your PC must run genuine Windows to install Microsoft Security Essentials. Internet access fees may apply while downloading.

then got the not responding message to click recover webpage as
I have been getting everytime it freezes.

so what would you like for me to do?

jholland1964
04-02-2012, 09:47 PM
You ARE running a genuine copy of Windows, correct?

Would you be comfortable manually editing the Registry? I can give you the steps if you are willing to try, but the steps must be done 100% accurately, not stopping in the middle to come back and ask a question.

cbcotton
04-02-2012, 10:01 PM
this is what it tells you to do when you go to how to remove MSE after it told me that I cannot install MSE because I already have MSE and that I need to run the geniune version which I don't understand. But awaiting your reply before I go further.
How do I uninstall antivirus or antispyware programs?

If you use more than one antivirus or antispyware program at the same time, your PC may experience decreased performance, become unstable, or restart unexpectedly. Before you install Microsoft Security Essentials, or if you want to resolve issues with Microsoft Security Essentials, including installation issues, you must first completely remove any Internet security programs from your PC.

Caution:

When you remove your currently installed Internet security programs, your PC is in an unprotected state. If you have problems installing Microsoft Security Essentials after you remove your existing Internet security programs, contact Microsoft Security Essentials Support by submitting a case online.

Tip:

You’ll need to restart your PC while following these instructions. Write them down, print them, or bookmark this page (mark it as a Favorite) to make it easier to find this topic again.


Step 1: Remove antivirus or antispyware programs



1.
In Windows XP, click Start, click Run, type appwiz.cpl, and then press Enter.
-or-
In Windows Vista, click Start. In the Start search box, type appwiz.cpl, and then press Enter.
–or–
In Windows 7, click Start. In the Search programs and files box, type appwiz.cpl, and then press Enter.

2.
In the list of installed programs, uninstall any other Internet security programs.

3.
Restart your PC.


Note:

Some Internet security apps don’t uninstall completely. You may need to download and run a cleanup utility for your previous security app for it to be completely removed.


If you use another antispyware program together with Microsoft Security Essentials, we recommend that you turn off real-time scanning in the other program. For more information, see the documentation supplied by that antispyware program.


Important:

If your antivirus program is disabled, or if you don't have one installed, you should follow these guidelines:

Don’t download or open files from sources that you don't trust.


Don’t visit websites that you don't trust.


Don’t open email attachments from contacts that you don’t trust.


Top of page


Step 2: Completely uninstall Windows Live OneCare





1.
Microsoft Windows Live OneCare doesn't always uninstall completely. If you have recently uninstalled it, you should download the Windows Live OneCare Utility cleanup tool by clicking http://go.microsoft.com/fwlink/?LinkId=167350.

2.
In Windows Internet Explorer, in the File Download – Security Warning dialog box, click Save. Browse to the location where you want to save the file, and then click Save.

3.
Go to the location where you saved the file.

4.
In Windows XP, double-click the file.
-or-
In Windows Vista, right-click the file, and then click Run as administrator.

5.
Click Run, and then click Continue.

6.
Read the licensing agreement. If you agree, select I accept the terms of the End User Licensing Agreement, and then click Continue.

7.
Click Clean.

8.
After the clean-up tool finishes, click Restart Now.

cbcotton
04-02-2012, 10:06 PM
I don't have a problem doing that as long as I am given all the information needed to go through the whole process. How long does this take not that it matters just wondering. I am ready when you are.

jholland1964
04-02-2012, 10:06 PM
None of that is what I asked you. That is not the information you need. I have the information you need.
Please answer the question I asked you in post #163.
You have got to please start reading the questions and answer them, not with something else, but with the answer to the question asked.

cbcotton
04-02-2012, 10:08 PM
to my knowledge I am running the full verison of MSE

cbcotton
04-02-2012, 10:15 PM
I apologize for not answering the question as that you ask. just thought you would want to know what it told me in message.
to my knowledge I am running the geniune verison of MSE

jholland1964
04-02-2012, 10:16 PM
to my knowledge I am running the full verison of MSE

That is not what I asked you.

The error very plainly said,
"Your PC must run genuine Windows
"
meaning the operating system.

I asked you if you are postive that the operating system is Genuine. This means was it licensed by Microsoft?

I then asked you if you would be comfortable with manually editing the registry.

A new question to go along with the two above:

Where did you actually Purchase the computer???

Please answer all three in one reply.

cbcotton
04-02-2012, 10:24 PM
How do I know if I am running geniune windows?

And I said yes I am willing to do the manual register.

jholland1964
04-02-2012, 10:27 PM
I asked you a third question. Where did you purchase the computer?

cbcotton
04-02-2012, 10:37 PM
I looked under operating system it says windows 7 home premium version

Yes I feel comfortable with running registry as long as I am given all needed information

I purchased from walmart

jholland1964
04-02-2012, 10:38 PM
Ok, first of all, I want you to DELETE that MSE Install File that you downloaded. Come back and tell me that you have deleted it.

cbcotton
04-02-2012, 10:58 PM
I went to programs and removed MSE would this be the correct and only place I want to make sure I did the correct thing. If I am not sure I ask.

jholland1964
04-02-2012, 11:06 PM
It was listed in Programs???? You told me much earlier it was NOT listed there.

What I asked you to do was to delete the Installer file that you download, not the program file...I didn't KNOW there was a Program File or Folder listed.

MMFELL
04-02-2012, 11:09 PM
Has it got a sticker on the PC stating the key and that the windows version is genuine?

Go here www.microsoft.com/genuine/validate/ and if you are genuine then a screen will display saying so.

cbcotton
04-02-2012, 11:12 PM
I don't remember telling you that it was not there honestly.

jholland1964
04-02-2012, 11:22 PM
Please do as MM has requested.

cbcotton
04-02-2012, 11:31 PM
update install failed

The validation service may be unavailable. Try validation again later. If the problem persists, you may need to uninstall the Update to Windows Activation Technologies (KB971033):

i do have a windows 7 sticker on laptop

jholland1964
04-02-2012, 11:34 PM
Did you make Recovery Disks when you purchased the computer as instructed when you turned it on for the first time?

cbcotton
04-02-2012, 11:35 PM
United States Change | All Microsoft Sites Skip to content pane

Search this website
HomeDiscover Windows
DesktopPersonalizeDigital photosTV and streamingWindows TouchMore articlesProducts
Windows 7Windows VistaWindows XPInternet ExplorerWindows LiveWindows Media PlayerWindows PhoneGenuine Windows homeShopDownloads
Windows 7Windows VistaWindows XPInternet ExplorerWindows LivePersonalization Gallery homeWindows 7 themesDesktop backgroundsGadgetsLanguagesService Pack CenterHelp & How-to
Windows 7Windows VistaWindows XPInternet ExplorerWindows LiveWindows Media PlayerWindows PhoneWindows CommunityWindows AccessibilityGenuine Windows homeBefore you buyFor your businessGet Help

Welcome to Windows!
Because Windows installed on your PC is genuine, enjoy the security, reliability and protection it provides.

Genuine Windows customers get a complimentary subscription to Microsoft Security Essentials, the award-winning, antivirus software that helps you protect your PC.

cbcotton
04-02-2012, 11:40 PM
The computer was purchased for me when I was in the hospital and my son bought it for me since I only had a desktop.

jholland1964
04-02-2012, 11:49 PM
The computer was purchased for me when I was in the hospital and my son bought it for me since I only had a desktop.
I have all I need to know. Please wait a moment while I prepare the next steps for you.

jholland1964
04-02-2012, 11:57 PM
Ok, then the system IS Genuine.
What I want you to do is go to this page.

Click One time to go there.

http://support.microsoft.com/kb/2483120#FixItForMeAlways

When you get there I want you to Scroll DOWN until you get to this section:

Step 1: Back up the registry

IGNORE the instructions for XP

Go to THIS portion of the page where it says the following:

Windows Vista or Windows 7

1. Click the Start button, then type regedit in the Search programs and files text box. Click Regedit. *See Attachments, there are two

2. In the navigation pane (the left pane) of Registry Editor, right-click Computer, and then click Export. *See 3rd Attached.

Follow those instructions as shown in my attachments.

Then Scroll Down the page and follow the instructions where it says:

Fix it for me
To fix this problem automatically, click the Fix it button or link. Then click Run In the File Download dialog box, and follow the steps in the Fix it wizard.

You then will click on the Fix It Button.

BEFORE YOU BEGIN THIS: Please read these and tell me if you understand these instructions. You Will NOT be able to come back here in the middle of the fix.

jholland1964
04-03-2012, 12:45 AM
Well, even though I posted this at the end of my last reply:

BEFORE YOU BEGIN THIS: Please read these and tell me if you understand these instructions. You Will NOT be able to come back here in the middle of the fix.

you left without telling me if you DID understand all of this. So I can only presume that you did understand them. I asked you that because if even one line was not clear to you I could have given that answer. I also wanted to know that you did understand them BEFORE you began them because I was going to post the next step for you to do. I will not do that now. It will have to wait until sometime tomorrw.

You DO have to begin sometime to please answer ALL questions asked of you immediately after they are asked. These questions are not asked just to be asking. I have asked you and Mike has asked you questions because it is/was information that we sincerely NEED TO KNOW in order to better understand what steps we need to give to you next.

If we don't know the answers then we cannot go forward with the next steps because giving you the wrong instructions could cause further damage to the computer. We are trying to help you repair damage done, not cause further damage.

There are some questions throughout this thread that were never answered, even though some were asked multiple times. Because you didn't answer we only could presume that what we asked did not apply and we proceeded, hopefully we were not wrong.

Please, when asked a question, answer that question in your very next reply.
This makes a big difference in what steps or how steps will be given.

If we don't get the answer we run the risk of proceeding blindly and giving an incorrect or out of order step. This can cause further problems.

Please answer questions immediately after they are asked.

I am leaving for the night. I will return sometime tomorrow. Please report the results of the last instructions given to you.

I cannot, in good conscience, give any more steps until I know ALL of the results of the latest set of instructions given to you above.

cbcotton
04-03-2012, 04:44 AM
I have been having serious problems logging into the i nternet i had this praaaoblem on and off all during the day but not as bad as now. I never did the register I went and read and was trying to post back here and had serious problems getting connected. I will post more when I get up. I am on my sons phone

jholland1964
04-03-2012, 07:10 AM
I have been having serious problems logging into the i nternet i had this praaaoblem on and off all during the day but not as bad as now. I never did the register I went and read and was trying to post back here and had serious problems getting connected. I will post more when I get up. I am on my sons phone

You said yesterday that you had a power outage in your area. Problems connecting may very likely be the result of this outage and may be due to problems from your Charter Cable connection NOT the computer.

Try these steps please which come Directly from Charter Cable (http://www.myaccount.charter.com/customers/support.aspx?supportarticleid=1776) which should usually be done anyway when experiencing any connection problems. These would correct problems with the modem or the router and if they do not then very often this will help determine that the connection problem lies with THEM not the computer. Cable modems and routers DO break also and DO usually need replacement after extensive and continual use. Resetting using the steps below of both is also recommended every so often also just as a matter of course.

If you use a Modem Only

1. Shut Down/Turn Off your computer
2. Unplug the power cord from the back of the cable modem.
3. Wait 30 seconds then reconnect the power to the cable modem
4. Wait 2 minutes to allow the modem to connect. The modem connection lights will be solid
5. Turn on your computer
6. Attempt to surf to two web pages to verify connectivity

I don't know if you are using a modem And a router, IF you also use a router please follow these steps.

If you use a Modem AND a Router

1. Shut Down/Turn Off your computer
2. Unplug the power cord from the back of the cable modem.
3. Unplug the power cord from the router.
4. Wait 30 seconds then reconnect the power to the cable modem
5. Wait 2 minutes to allow the modem to connect. The modem connection lights will be solid.
6. Reconnect the power to the router
7. Turn on your computer
8. Attempt to surf to two web pages to verify connectivity

If you use a Modem/Router Combo use these steps.

1. Shut Down/Turn Off your computer
2. Unplug the power cord from the modem/router combined device
3. Wait 30 seconds then reconnect the power to the modem/router combo
4. Wait 2 minutes to allow the modem/router combo to connect.
5.Turn on your computer
6. Attempt to surf to two web pages to verify connectivity

If none of the above works, still please don't assume the problem lies with the computer.

It still can be due to problems Charter Cable and you MUST call them.
Tell them of your connectivity problems, the steps you used above to correct the problems. Be sure to stress that you had Good connectivity BEFORE the power outages.

cbcotton
04-03-2012, 09:10 AM
Just want to let you know that this was the reason why I did not come and give faster response yesterday. I am doing nothing but trying to be right here to do whatever needs to be done to help you help me take care of this problem.

I am very appreciative of all your help and know that if I don't give you the correct information you need in a quick and proper manner you cannot give me the correct task to do.

With the freezing, not responding and the with the recover webpage is the only reason I cannot get back to you and along with the not being able to connect to the internet.

I read but still feel I need to read the information again to feel more comfortable to do the next task manually doing the registry.

have I answered all the neccesary questions?

cbcotton
04-03-2012, 09:16 AM
I am in the process of rereading the directions on the registry and feel I can complete all the needed task.

I will send a message before starting the registry.

jholland1964
04-03-2012, 09:18 AM
Thanks!
I would strongly suggest that, BEFORE you do anything else today, that you follow the recommendations for resetting your modem and router (if you use a router) I gave you just this morning in post #187, right above your last post.

Do all of that and then come back and report how that goes. AFTER that then I will tell you when you should do the registry fix.

One more question....How Much RAM is installed on this computer?

You can easily find this out if you don't know by Right Click on My Computer and choose Properties.

The very first screen you see will be similar to the one showing in my attachment. Do that real quick and come back and report how much is installed.

cbcotton
04-03-2012, 09:57 AM
I completed the resetting and it took care of the connection probelm it appears as for as I know I was able to come right in beside computer freezing and give you update. so hopefully this is taking care of.

Ram info 3.00GB (274 GB usable)

the computer froze not responding had to recover webpage reason for delay in answering.

I have Dr appointment I need to leave here in about 35 minutes so I will not be able to do anything until I get back which will be about 3 hours I have a drive to the treatment center. I will advise as soon as I am back.

Is there anyway I can give you Judy control over my computer?

jholland1964
04-03-2012, 10:00 AM
I completed the resetting and it took care of the connection probelm it appears as for as I know I was able to come right in beside computer freezing and give you update. so hopefully this is taking care of.

Ram info 3.00GB (274 GB usable)

the computer froze not responding had to recover webpage reason for delay in answering.

I have Dr appointment I need to leave here in about 35 minutes so I will not be able to do anything until I get back which will be about 3 hours I have a drive to the treatment center. I will advise as soon as I am back.

Is there anyway I can give you Judy control over my computer?

Don't think I can take control of your computer. But try this speed test through Charter Cable and come back and tell me the results. It should take just a minute or so.

http://speedtest.charter.com/


Also do this:

Open Internet Explorer.
Click on Tools, then Internet Options.
Click on the Security tab.
Click on Internet in the top panel. Then click the Default Level button. (If it's already on the default level, that button will be disabled.)

jholland1964
04-03-2012, 10:02 AM
Do those above, come back and report. Then I will just plan on hearing from you later today after your appointment. That won't be a problem at all.

You have plenty of RAM and that is good. Eliminates one question for sure.

cbcotton
04-03-2012, 10:21 AM
Charter info

Last Result:
Download Speed: 2.83 Mbps (0.35 MB/sec transfer rate)
Upload Speed: 2.94 Mbps (0.37 MB/sec transfer rate)
Latency: 41 ms
Tuesday, April 03, 2012 10:08:26 AM

Cannot click on default
ther is a check mark in a box that says
enable protected mode(requires restarting Internet Explorer)

Is there anything else bfore I leave?
Have I answered all questions?

jholland1964
04-03-2012, 10:26 AM
Well for one thing you internet speed isn't that good. Rather slow. Mine is considered average, yours is barely one-third of mine.

Try something that doesn't require internet. Close all your browsers. Wait a moment.
You have Office installed on the computer.

Open Word and type something, anything, doesn't even have to be a sentence, just letters, that type of thing. See if the computer freezes.

cbcotton
04-03-2012, 10:47 AM
typed along paragraph and no freezing.

i have only had charter for 2 months and had att prior to that and was having the freezing problems then did not change because of that changed due to losing internet service constantly.

Ok I am gone will send message as soon as I get back
Thank you hope you enjoy your day
Cindy

jholland1964
04-03-2012, 12:07 PM
typed along paragraph and no freezing.

i have only had charter for 2 months and had att prior to that and was having the freezing problems then did not change because of that changed due to losing internet service constantly.

Ok I am gone will send message as soon as I get back
Thank you hope you enjoy your day
Cindy

Based on your paragraph typing without freezing issue I have a pretty good idea what is the likely culprit. We can take care of that AFTER you try that registry fix to get rid of that MSE that refuses to be removed, which I have found with research at MS and also multiple other forums is not an uncommon problem either, so don't feel alone on that one. Hopefully the fix will do the trick.

cbcotton
04-03-2012, 02:53 PM
Judy I would like to read through those instructions again and make sure I have no questions if you don't mind. and then I will send a message that I am ready to start.
is this okay?

jholland1964
04-03-2012, 02:59 PM
Judy I would like to read through those instructions again and make sure I have no questions if you don't mind. and then I will send a message that I am ready to start.
is this okay?

Absolutely! Want you to be comfortable with it before you try.

cbcotton
04-03-2012, 03:05 PM
Judy I am ready to proceed

jholland1964
04-03-2012, 03:08 PM
Judy I am ready to proceed
Ok."10-9-8-7-6-5-4-3-2-1-Ignition-Blast Off".:D

Remember you can't come back here, cause you won't be able to, until this fix is done. Once it completes post back I will be waiting

cbcotton
04-03-2012, 03:27 PM
I am finshed with that it was not so bad I was just wanting to make sure I did it right it would just worry me if I caused more unecessary problems.

any question?

next task

cbcotton
04-03-2012, 03:30 PM
was able to go through the whole task without freezing

jholland1964
04-03-2012, 03:30 PM
Well, we need to see if it was Really removed.
Run DDS again.
Here is the link again, think you know what to do or do you need the instructions again?

http://www.bleepingcomputer.com/download/anti-virus/dds

cbcotton
04-03-2012, 03:32 PM
if thats okay

jholland1964
04-03-2012, 03:32 PM
Sure no problem at all.

cbcotton
04-03-2012, 04:36 PM
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/2/2011 1:20:03 PM
System Uptime: 4/3/2012 2:41:01 PM (2 hours ago)
.
Motherboard: Hewlett-Packard | | 1697
Processor: AMD Athlon(tm) II P360 Dual-Core Processor | Socket S1G4 | 2300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 237.296 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 2.039 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.087 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP874: 3/23/2012 3:00:11 AM - Windows Update
RP875: 3/24/2012 10:42:44 AM - Windows Update
RP876: 3/27/2012 2:54:28 AM - Windows Update
RP877: 3/27/2012 8:56:47 PM - Installed Microsoft Fix it 50403
RP878: 3/27/2012 11:16:14 PM - Windows Backup
RP879: 3/27/2012 11:46:45 PM - Windows Update
RP880: 3/29/2012 8:25:34 AM - Removed FixCleaner
RP881: 3/29/2012 3:25:14 PM - DriverScanner - 3/29/2012 3:25:08 PM
RP882: 3/30/2012 4:22:01 AM - Removed FixCleaner
RP883: 3/30/2012 5:23:14 AM - Removed FixCleaner
RP884: 3/30/2012 2:21:30 PM - Removed FixCleaner
RP885: 4/1/2012 7:02:40 PM - Windows Backup
RP886: 4/2/2012 11:01:06 PM - Windows Update
RP887: 4/3/2012 3:17:33 PM - Installed Microsoft Fix it 50692
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
aioscnnr
AMD VISION Engine Control Center
Atheros Driver Installation Program
Blio
C4USelfUpdater
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
center
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink DVD Suite
CyberLink YouCam
D3DX10
Energy Star Digital Logo
ESET Online Scanner v3
essentials
ESU for Microsoft Windows 7
Hewlett-Packard ACLM.NET v1.1.2.0
HP CloudDrive
HP Customer Experience Enhancements
HP Documentation
HP MovieStore
HP On Screen Display
HP Power Manager
HP Product Detection
HP Quick Launch
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
Itibiti RTC
Java Auto Updater
Java(TM) 6 Update 30
Junk Mail filter update
KODAK AiO Software
LabelPrint
LightScribe System Software
Malwarebytes Anti-Malware version 1.60.1.1000
Mesh Runtime
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 3.0 Runtime
Mozilla Firefox 6.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
ocr
Octoshape add-in for Adobe Flash Player
PlayReady PC Runtime x86
Power2Go
PreReq
QuickTime
Recovery Manager
RoboForm 7-6-3 (All Users)
RoxioNow Player
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
4/3/2012 3:54:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
4/3/2012 2:42:50 PM, Error: Service Control Manager [7022] - The Client Virtualization Handler service hung on starting.
4/3/2012 11:08:16 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa8003a49050, 0xfffff80000b9c518, 0xfffffa8005416c10). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 040312-16785-01.
4/3/2012 10:52:36 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hpqwmiex service.
4/2/2012 6:05:23 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
4/2/2012 6:05:23 PM, Error: Service Control Manager [7038] - The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
4/2/2012 6:05:23 PM, Error: Service Control Manager [7038] - The lmhosts service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
4/2/2012 6:05:23 PM, Error: Service Control Manager [7038] - The Dhcp service was unable to log on as NT Authority\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
4/2/2012 6:05:23 PM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The service did not start due to a logon failure.
4/2/2012 6:05:23 PM, Error: Service Control Manager [7000] - The TCP/IP NetBIOS Helper service failed to start due to the following error: The service did not start due to a logon failure.
4/2/2012 6:05:23 PM, Error: Service Control Manager [7000] - The Portable Device Enumerator Service service failed to start due to the following error: A system shutdown is in progress.
4/2/2012 6:05:23 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not start due to a logon failure.
4/2/2012 6:05:23 PM, Error: Service Control Manager [7000] - The HP Software Framework Service service failed to start due to the following error: The pipe has been ended.
4/2/2012 6:05:23 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure.
4/2/2012 6:05:23 PM, Error: Service Control Manager [7000] - The DHCP Client service failed to start due to the following error: The service did not start due to a logon failure.
4/2/2012 6:05:23 PM, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: A system shutdown is in progress.
4/2/2012 6:05:23 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: A system shutdown is in progress.
4/2/2012 6:05:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
4/2/2012 6:05:22 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/2/2012 6:05:22 PM, Error: Service Control Manager [7000] - The Network Connections service failed to start due to the following error: A system shutdown is in progress.
4/2/2012 6:05:22 PM, Error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: A system shutdown is in progress.
4/2/2012 6:05:07 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
4/2/2012 5:39:40 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD External Events Utility service.
4/2/2012 2:10:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
4/2/2012 12:07:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPClientSvc service.
4/2/2012 1:27:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.

cbcotton
04-03-2012, 05:04 PM
4/2/2012 1:27:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.
4/1/2012 10:00:13 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.
3/31/2012 9:02:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
3/31/2012 9:00:43 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
3/31/2012 8:48:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
3/31/2012 8:36:51 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 8:05:59 PM, Error: Microsoft Antimalware [3002] -
3/31/2012 7:48:34 PM, Error: Service Control Manager [7031] - The Common Client Job Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/31/2012 7:03:57 PM, Error: Service Control Manager [7031] - The Norton Internet Security service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/31/2012 6:17:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 SymIRON
3/31/2012 6:13:42 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 DfsC discache eeCtrl IDSVia64 MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf
3/31/2012 5:52:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
3/31/2012 5:52:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
3/31/2012 11:45:30 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 11:45:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/31/2012 11:45:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/31/2012 11:45:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
3/31/2012 11:45:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/31/2012 11:45:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/31/2012 11:45:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/31/2012 11:45:14 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
3/31/2012 11:45:12 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 11:45:12 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 11:45:12 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 11:45:12 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 11:45:12 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 11:45:12 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 11:45:12 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 11:45:12 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 11:45:12 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 1:13:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service.
3/31/2012 1:13:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Support Assistant Service service.
3/31/2012 1:12:34 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Wireless Assistant Service service.
3/31/2012 1:12:02 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{7C413551-5001-4EBE-9365-9DFA8947F2D4} because another computer on the network has the same name. The server could not start.
3/31/2012 1:11:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
3/30/2012 2:43:23 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
3/30/2012 2:43:21 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
3/30/2012 2:43:21 AM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/29/2012 7:37:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the fdPHost service.
3/28/2012 9:44:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
3/28/2012 2:40:27 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
3/28/2012 11:33:03 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000006, 0xfffffa8004bb6640). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 032812-50513-01.
3/27/2012 4:44:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.
.
==== End Of File ===========================

jholland1964
04-03-2012, 05:05 PM
I need to see the DDS.txt log, not the one you are posting....Sorry.:(

The one that begins like this:
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by cindy at 22:55:23 on 2012-03-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.887 [GMT -5:00]

cbcotton
04-03-2012, 05:12 PM
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by cindy at 15:58:51 on 2012-04-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.807 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spool\drivers\x64\3\EKAiO2MUI. exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_Ac tiveX.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com/?mtmhp=txtlnkusaolp00000051
uWindow Title = Windows Internet Explorer provided by Yahoo!
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
mWinlogon: Userinit=userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TBSB07898 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll
TB: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Coupons.com CouponBar: {8660e5b3-6c41-44de-8503-98d99bbecd41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB: {8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
uRun: [PowerSuite] "C:\PROGRA~2\Uniblue\POWERS~1\launcher.exe" delay 20000 -m
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
mRun: [Conime] %windir%\system32\conime.exe
mRun: [EKAiO2StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI. exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
dRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
StartupFolder: C:\Users\cindy\AppData\Roaming\MICROS~1\Windows\ST ARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program
\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 24.177.176.38 71.92.29.130 24.217.201.67
TCP: Interfaces\{7C413551-5001-4EBE-9365-9DFA8947F2D4} : DhcpNameServer = 24.177.176.38 71.92.29.130 24.217.201.67
TCP: Interfaces\{7C413551-5001-4EBE-9365-9DFA8947F2D4}\2375942554135343 : DhcpNameServer = 192.168.1.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO-X64: RoboForm BHO - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
\WindowsLiveLogin.dll
BHO-X64: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
BHO-X64: Panda Security Toolbar - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
BHO-X64: TBSB07898 - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll
TB-X64: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
TB-X64: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB-X64: {8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
mRun-x64: [Conime] %windir%\system32\conime.exe
mRun-x64: [EKAiO2StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI. exe
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE-X64: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
.

jholland1964
04-03-2012, 05:16 PM
Hallelujah!!!!!!

MSE is GONE!!!!!:banana::banana::banana:

jholland1964
04-03-2012, 05:20 PM
Freezing????

cbcotton
04-03-2012, 05:26 PM
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\cindy\AppData\Roaming\Mozilla\Firefox\Pro files\u63ooxgt.default\
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc -
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_ sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_ xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atik mdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atik mpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system3 2\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sy s --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftpla ylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftr edirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh .sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam_x64.sys --> C:\Windows\system32\DRIVERS\ManyCam_x64.sys
[?]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows
\system32\DRIVERS\netw5v64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VS TAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VS TDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVER S\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsus bflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-04-03 20:18:15 1094 ----a-w- C:\FixitRegBackup.reg
2012-04-03 19:47:23 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-04-03 19:47:18 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AAA8C29D-ADD9-453F-9EB9-
0C405EED2E58}\mpengine.dll
2012-04-02 01:28:10 -------- d-----w- C:\Program Files (x86)\ESET
2012-04-01 21:59:00 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-04-01 21:58:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-01 02:02:17 -------- d-----w- C:\WINSSLog
2012-04-01 01:48:20 -------- d-----w- C:\Users\cindy\AppData\Local\{1EDB3AFD-6A1A-465B-9A2E-1F48B87C9CAC}
2012-04-01 00:04:32 -------- d-----w- C:\ProgramData\NortonInstaller
2012-03-31 03:15:25 -------- d-----w- C:\Users\cindy\AppData\Local\{006CB2F0-5C6B-4D4F-9F38-1DFB9A106CF3}
2012-03-31 00:20:58 -------- d-----w- C:\Users\cindy\AppData\Roaming\Systweak
2012-03-31 00:20:38 18816 ----a-w- C:\Windows\System32\roboot64.exe
2012-03-30 04:58:49 -------- d-----w- C:\Users\cindy\AppData\Roaming\Malwarebytes
2012-03-30 04:58:29 -------- d-----w- C:\ProgramData\Malwarebytes
2012-03-30 04:48:21 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
2012-03-29 20:25:55 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-03-29 20:25:55 676968 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-03-29 06:38:00 -------- d-----w- C:\Users\cindy\AppData\Roaming\FixCleaner
2012-03-29 06:37:28 -------- d-----w- C:\Program Files (x86)\FixCleaner
2012-03-28 05:30:19 -------- d-----w- C:\Users\cindy\AppData\Local\{AF88789E-19F1-4313-B3C4-E93C4E748D42}
2012-03-28 05:29:43 -------- d-----w- C:\Users\cindy\AppData\Local\{321FAE44-9E34-40FE-A6FF-20BB20309B36}
2012-03-26 21:34:19 -------- d-----w- C:\Temp
2012-03-26 03:43:20 -------- d-----w- C:\Users\cindy\EASTER - EnVELOPES - Standard Size Envelope_files
2012-03-22 01:14:14 -------- d-----w- C:\Users\cindy\AppData\Local\{A91B7C54-194D-42CD-ADB4-AD6E34A3B265}
2012-03-22 01:13:41 -------- d-----w- C:\Users\cindy\AppData\Local\{78C5BF5C-F99E-494F-AD15-B1F7EA0E9862}
2012-03-18 22:07:57 -------- d-----w- C:\Users\cindy\AppData\Local\{A25DAB75-9D35-4069-9C53-F1228093F349}
2012-03-18 22:04:45 -------- d-----w- C:\Users\cindy\AppData\Local\{B3E7B0E0-CE46-47A3-A16B-DF5D504C7DD3}
2012-03-18 19:18:28 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientU X\UpdateableMarkup-3\markup.dll
2012-03-15 18:24:58 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-15 18:24:56 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-15 18:24:55 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-15 10:39:18 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-15 10:39:15 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-15 10:39:15 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-15 10:39:12 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-15 10:39:12 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-15 10:39:12 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-15 10:38:56 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-15 10:38:55 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-15 10:38:55 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-15 10:38:55 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-10 21:07:13 -------- d-----w- C:\Users\cindy\AppData\Local\{D4574D4F-DAB0-4743-A551-43FCD60FC34E}
2012-03-10 21:07:01 -------- d-----w- C:\Users\cindy\AppData\Local\{7593D55A-7BDB-47B8-8E90-9C586652DEB1}
2012-03-09 22:26:11 -------- d-----w- C:\ProgramData\W3i
2012-03-09 22:26:11 -------- d-----w- C:\Program Files (x86)\W3i
2012-03-09 22:26:10 -------- d-----w- C:\Users\cindy\AppData\Local\I Want This
.
==================== Find3M ====================
.
2012-03-29 20:25:55 107624 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-02-23 14:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-21 19:19:43 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 16:02:08.90 ===============

cbcotton
04-03-2012, 05:30 PM
I hope that you know how much I appreciate all your help I have tried to not be any problem because you have been such a blessing to me. I know for a fact that people who reach out and help others are blessed triple in all things in their life.
Thank You
Cindy

jholland1964
04-03-2012, 05:35 PM
Oh My! Well Thank You Cindy. I am a big believer in Pay it Forward, so you pay it forward to another then things will keep going forward.

Ok, now, back to business, let's get this "baby" running!

I am going to go about this "backwards". You do need an anti-virus program BUT...let's try a brand new browser first.

I "think" cannot say for sure, but "think" part of your problem is Internet Explorer 9.

I want you to go into Add/Remove and Uninstall Firefox 6...it is WAY out of date.

Then I want you to download Firefox 11.0 from here:

http://www.mozilla.org/en-US/products/download.html

Download and Install it. We are going to have to configure it of course but that won't take long.

Download, install it and then also download and install this Theme Addon for it

https://addons.mozilla.org/en-US/firefox/addon/firefox-3-theme-for-firefox/

It helps make Firefox look more like the "older browsers", makes me feel more comfortable when using it ....and I rarely use another browser.

You can Import all your Favorite web sites from IE into Firefox of course. If you don't know how to do this I will tell you.

cbcotton
04-03-2012, 05:54 PM
do you want me to reboot before i install new firefox

jholland1964
04-03-2012, 06:02 PM
do you want me to reboot before i install new firefox
No, not necessary. Just be sure you close all other browser windows once you have it downloaded.
Do you know how to import the favorites from IE to Firefox so you can get back here ok? Or do you want those instructions now?

cbcotton
04-03-2012, 06:26 PM
it gave me the warning unresponsive script

don't ask me again continue stop script

i clicked stop script but it would constantly come back up then i hit the x to exit i had to hit it 2 times to stop it from coming up

what should i do?

i have downloaded firefox but i have not done the other download i am gone to do that now

jholland1964
04-03-2012, 06:56 PM
What actually gave you this warning? The warnings are given by specific things, they just don't pop up on their own. IE? Firefox?

If it was IE please go to this page, using IE and run the Fix It

http://support.microsoft.com/kb/175500

cbcotton
04-03-2012, 06:58 PM
can you tell me if reset in firefox means refresh i went to view and i don't see refresh but under zoom there is a reset?

cbcotton
04-03-2012, 07:00 PM
it would by no means be nothing new in IE

have completed all the task

jholland1964
04-03-2012, 07:03 PM
it would by no means be nothing new in IE

have completed all the task
You mean completed installing Firefox or completed running the Fix It??

cbcotton
04-03-2012, 07:06 PM
both things to do with firefox

have not done anything with fix it except what i did earlier with the registry

what do you want me to do?

jholland1964
04-03-2012, 07:23 PM
both things to do with firefox

have not done anything with fix it except what i did earlier with the registry

what do you want me to do?
both of what things? I am very confused here...in this post you said:
it gave me the warning unresponsive script
don't ask me again continue stop script
i clicked stop script but it would constantly come back up then i hit the x to exit i had to hit it 2 times to stop it from coming up
what should i do?
i have downloaded firefox but i have not done the other download i am gone to do that now
I asked you this:
What actually gave you this warning? The warnings are given by specific things, they just don't pop up on their own. IE? Firefox?
If it was IE please go to this page, using IE and run the Fix It
http://support.microsoft.com/kb/175500

Why didn't you run that Fix It? It is not the same one I had you do earlier. It is one to fix this script error.

You continued to install Firefox and ask questions about Firefox but it had given you an error and you also asked how to refresh Firefox. Why would you need to refresh Firefox? This isn't something one usually has to do manually all of the time, sometimes yes, but not all the time.
Sorry, but I really don't know what is going on at all now.

cbcotton
04-03-2012, 07:29 PM
Then I want you to download Firefox 11.0 from here:

http://www.mozilla.org/en-US/products/download.html

Download and Install it. We are going to have to configure it of course but that won't take long.

Download, install it and then also download and install this Theme Addon for it

https://addons.mozilla.org/en-US/fir...e-for-firefox/

cbcotton
04-03-2012, 07:31 PM
the unresponsive message came up while i was in firefox

cbcotton
04-03-2012, 07:33 PM
i usually do a refresh to get your message if i am in worldstart and need to see if you have posted me a new message

cbcotton
04-03-2012, 07:36 PM
ok i was finished down loading firefox and reboot when i was heading to send you a message and it frooze up on me in firefox thats when i got the message

cbcotton
04-03-2012, 07:41 PM
I am constantly getting the message in firefox that computer not responding also long script running this is posting now at very top of the computer above the menu bar

i am so sorry i confuse you i honestly don't mean to and i think you know that

cbcotton
04-03-2012, 07:51 PM
if i am in worldstart waiting for you to respond what is the proper way to get your new message it is not gonna just pop up is it?

jholland1964
04-03-2012, 08:06 PM
The problem is, you are not answering the questions, you ask them but don't give me time to answer them, you instead continue with what you are doing.
You shouldn't answer a question in a reply title and then give a reply that often times has noting to do with that title.
Your reply read just like this:
it gave me the warning unresponsive script
don't ask me again continue stop script
i clicked stop script but it would constantly come back up then i hit the x to exit i had to hit it 2 times to stop it from coming up

what should i do?

i have downloaded firefox but i have not done the other download i am gone to do that now
Which, I am sorry said to me, you had done one step, not the other and what should you do? Meaning you were going to wait for my answer before you went any farther. But you didn't, you went ahead.
But you didn't give me any time to find or even type the answer. Because by the time I did, after searching for the answer and it took me awhile to find it, you had gone ahead. So by the time I found the answer you had finished everything and instead of answering the question your reply asked me about refreshing Firefox.

I told you IF it had been in IE because I didn't know where the error was posted to you, you didn't say where it came from...a box popping up from someplace, across a page or where, I had no idea. You didn't say, you only said "it" so I assumed it came from IE because you only said you had downloaded firefox and had not downloaded the other Firefox file I told you to get.

Please answer questions within the reply, not in a reply title and then especially ask another question in the actual reply. Reply titles are easily missed, I didn't even see them until I went back through them all the third time.

You need to run that Fix It I noted because it fixes the registry, which is why you are getting these errors in both browser now...the registry is damaged and that is one of the damaged pieces that must be repaired.

cbcotton
04-03-2012, 08:07 PM
is there somewhere that you can recommend to give me a course on basic computing skills i don't claim to do things right i just do what i have learned to get me where i am trying to go. and i am sure i go around the block to just get around the bush.

it is like children they don't come with instructions on how to do everything you learn as
you go.
please don't get discouraged with me.

jholland1964
04-03-2012, 08:09 PM
if i am in worldstart waiting for you to respond what is the proper way to get your new message it is not gonna just pop up is it?
Go to the Front Page. When a new answer is posted it will show when the page automatically refreshes.

jholland1964
04-03-2012, 08:38 PM
you learn as
you go.

Exactly how I learned.

cbcotton
04-03-2012, 08:45 PM
judy i have completed the fix it

did i answer all your questions?

and what would you like for me to do next?

jholland1964
04-03-2012, 08:54 PM
judy i have completed the fix it

did i answer all your questions?

and what would you like for me to do next?
Yep, questions thus far answered. You need to Customize Firefox a bit, if you have not done that yet, so you can see all the buttons.

Right Click there my arrow points and you will get that box that shows in attachment. Put check marks in all boxes you have there. You may not have all that I do because I have an addon or two I know you don't have yet.

You also need to update your Java, which is one version out of date.

Go here to do that, click the button and it will update. Then come back and let me know how things are going.

http://java.com/en/download/index.jsp

cbcotton
04-03-2012, 09:16 PM
i have completed the firefox but will got back later and do more when you are not waiting on me.

updated java

next task

jholland1964
04-03-2012, 09:23 PM
How is the freezing? Any more errors?

I want you to turn Off Windows Defender. It is worthless and interferes with other security programs.

Please go to Startmenu and type Defender , press enter and you can turn windows defender to OFF.

As soon as you do that come right back. If things are going pretty well, I will give you the link with full instructions Including Pictures on it about Installing and configuring Avira Free Anti-Virus 2012

cbcotton
04-03-2012, 09:31 PM
while I was waiting on your next message a box come up on the main screen say this

A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete.

Script: resource://gre/modules/XPCOMUtils.jsm:331
I then tried closing the box by clicking on stop script it would go off and come right back I did this 3 times then clicked on the x to close the box it then came up again did it again and finally then the box closed.

jholland1964
04-03-2012, 09:34 PM
Hang on a second let me do some checking but answer this question Immediately.

Were you using Firefox or IE when this error came up?

If the warning comes up again don't tell it to stop but tell it to continue.

jholland1964
04-03-2012, 09:49 PM
Were you using Firefox or IE when this error came up?

cbcotton
04-03-2012, 09:54 PM
freezing seems to have gotten worse

i just sent you the error message i received before i got your message

i went to type in defender when i do it pops up a box and this is what the box shows


scan for spyware start scan now
and other potentially unwanted software

your computer has not been scanned in several days. we recommend scheduling a daily scan of your computer.

i tried this 3 times typing in defender and the smae thing happens every time

okay while i was trying to get back to reply to your questions for some reason a box pops up to the left on the main screen showing the downloads

cbcotton
04-03-2012, 09:55 PM
i was in firefox i have not been doing anything with ie unless you tell me to

jholland1964
04-03-2012, 09:59 PM
Ok, I have asked you this at least one time earlier and you did not answer.

Do you have Recovery Disks for this computer? You should have made them the first time you turned on the computer, you would have received a message to do this.

Did you???

Please answer quickly.

cbcotton
04-03-2012, 10:03 PM
my computer is acting crazy when i clicked post reply to send this message this information pops up in the quick reply box i did not click on the quick reply

http://forum.worldstart.com/newreply.php?do=newreply&noquote=1&p=165721



also when i type defender in the search box at the start menu at the top of the box that i told you that pops up also has this at the top like a menu bar

home scan history tools ?

so where do we stand now?

jholland1964
04-03-2012, 10:04 PM
Ok, I have asked you this at least one time earlier and you did not answer.

Do you have Recovery Disks for this computer? You should have made them the first time you turned on the computer, you would have received a message to do this.

Did you???

Please answer quickly.

Third time the charm maybe?

cbcotton
04-03-2012, 10:07 PM
firefox

jholland1964
04-03-2012, 10:09 PM
also when i type defender in the search box at the start menu at the top of the box that i told you that pops up also has this at the top like a menu bar

home scan history tools ?

so where do we stand now?

You are seeing Firefox above the box is all. *See Attached

jholland1964
04-03-2012, 10:10 PM
Ok, I have asked you this at least one time earlier and you did not answer.

Do you have Recovery Disks for this computer? You should have made them the first time you turned on the computer, you would have received a message to do this.

Did you???

Please answer quickly.

I am now asking you this question for the 4th time.

cbcotton
04-03-2012, 10:12 PM
okay I am just seeing this message No i did not do a recovery disk i answered this yesterday i told you i wasd in the hospital when computer was bought for me