Jump to content

Tanner330

Members
 View Profile  See their activity

  • Posts

    13

  • Joined

  • Last visited

 Content Type 

Everything posted by Tanner330

  1. Tanner330
    It was starting up last night. I just ran combo fix again and it did make it further but I received the fatal error blue screen thing again. I think it only made it to stage 3 or 4 last time this time it was at around stage 14 or 15 maybe. And unless it saved it somewhere else I don't think it made a log. I restarted and it has come back up but I'm not sure if I should do anything.
  2. Tanner330
    Nevermind that I just got the same warning again
  3. Tanner330
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2013 Ran by SYSTEM at 2013-03-30 22:17:55 Run:1 Running from D:\ ============================================== The operation completed successfully. The operation completed successfully. ========= bootrec /FixMbr ========= ÿþT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y . ========= End of CMD: ========= ==== End of Fixlog ==== I'm working on some word documents and I'm not surfing the web right now. The PC seems ok as of right now. I guess I'll just keep working and see how it goes. I'll let you know of anything that comes up.
  4. Tanner330
    Here are the logs. I'm not sure if the search one is right because there isn't anything there really. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2013 (ATTENTION: FRST version is 17 days old) Ran by SYSTEM at 30-03-2013 21:17:18 Running from D:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated) HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6245408 2010-05-25] (Realtek Semiconductor) HKLM\...\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden [363064 2010-06-18] (Hewlett-Packard Company) HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-05] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41208 2012-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152544 2012-12-12] (Apple Inc.) HKU\Default\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] () HKU\Default User\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] () Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 ==================== Services (Whitelisted) =================== 4 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] () 2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll" /prefetch:1 [309688 2012-04-12] (Symantec Corporation) ==================== Drivers (Whitelisted) ===================== 1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\BASHDefs\20130301.001\BHDrvx64.sys [1388120 2013-01-15] (Symantec Corporation) 1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation) 1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-12-23] (Symantec Corporation) 1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\IPSDefs\20130319.002\IDSvia64.sys [513184 2012-10-09] (Symantec Corporation) 3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\VirusDefs\20130319.018\ENG64.SYS [126192 2013-03-19] (Symantec Corporation) 3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\VirusDefs\20130319.018\EX64.SYS [2087664 2013-03-19] (Symantec Corporation) 3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation) 1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation) 0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2012-04-17] (Symantec Corporation) 0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation) 3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-08-24] (Symantec Corporation) 1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation) 1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation) ==================== NetSvcs (Whitelisted) ==================== ==================== One Month Created Files and Folders ======== 2013-03-30 21:17 - 2013-03-30 21:17 - 00000000 ____D C:\FRST 2013-03-28 16:01 - 2013-03-28 16:01 - 00274456 ____A C:\Windows\Minidump\032813-65972-01.dmp 2013-03-19 15:57 - 2013-03-19 15:57 - 00271400 ____A C:\Windows\Minidump\031913-55692-01.dmp 2013-03-17 10:00 - 2013-03-17 10:00 - 00002288 ____A C:\{610E6ACB-26A6-4633-BCAC-6E5AABA70759} 2013-03-17 07:42 - 2013-03-04 10:15 - 69796088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe 2013-03-17 07:17 - 2013-03-17 07:17 - 00274456 ____A C:\Windows\Minidump\031713-70403-01.dmp 2013-03-17 06:57 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe 2013-03-17 06:57 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe 2013-03-17 06:57 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe 2013-03-17 06:57 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe 2013-03-17 06:57 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe 2013-03-17 06:57 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe 2013-03-17 06:57 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe 2013-03-17 06:57 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe 2013-03-17 06:56 - 2013-03-17 07:12 - 00000000 ___SD C:\ComboFix 2013-03-17 06:48 - 2013-03-17 06:56 - 00000000 ____D C:\Qoobox 2013-03-17 06:47 - 2013-03-17 06:47 - 00000000 ____D C:\Windows\erdnt 2013-03-17 06:46 - 2013-03-17 06:56 - 00000000 ___SD C:\32788R22FWJFW 2013-03-16 13:17 - 2013-03-16 13:17 - 00000932 ____A C:\AdwCleaner[s1].txt 2013-03-16 13:13 - 2013-03-16 13:13 - 00597667 ____A C:\Users\Owner\Downloads\adwcleaner.exe 2013-03-15 16:36 - 2013-03-15 16:36 - 00000000 ____D C:\Windows\Sun 2013-03-15 15:39 - 2013-03-15 15:39 - 00002014 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk 2013-03-15 15:13 - 2013-03-15 15:13 - 00000129 ____A C:\Windows\System32\MRT.INI 2013-03-15 14:44 - 2013-02-01 23:31 - 17815040 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-03-15 14:44 - 2013-02-01 22:58 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-03-15 14:44 - 2013-02-01 22:57 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-03-15 14:44 - 2013-02-01 22:48 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-03-15 14:44 - 2013-02-01 22:47 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-03-15 14:44 - 2013-02-01 22:47 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-03-15 14:44 - 2013-02-01 22:46 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-03-15 14:44 - 2013-02-01 22:43 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-03-15 14:44 - 2013-02-01 22:42 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-03-15 14:44 - 2013-02-01 22:42 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-03-15 14:44 - 2013-02-01 22:41 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-03-15 14:44 - 2013-02-01 22:40 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-03-15 14:44 - 2013-02-01 22:39 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-03-15 14:44 - 2013-02-01 22:38 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-03-15 14:44 - 2013-02-01 22:38 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-03-15 14:44 - 2013-02-01 22:34 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-03-15 14:44 - 2013-02-01 20:09 - 12321792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-03-15 14:44 - 2013-02-01 19:42 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-03-15 14:44 - 2013-02-01 19:38 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-03-15 14:44 - 2013-02-01 19:31 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-03-15 14:44 - 2013-02-01 19:30 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-03-15 14:44 - 2013-02-01 19:30 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-03-15 14:44 - 2013-02-01 19:29 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-03-15 14:44 - 2013-02-01 19:27 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-03-15 14:44 - 2013-02-01 19:26 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-03-15 14:44 - 2013-02-01 19:26 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-03-15 14:44 - 2013-02-01 19:26 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-03-15 14:44 - 2013-02-01 19:25 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-03-15 14:44 - 2013-02-01 19:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-03-15 14:44 - 2013-02-01 19:23 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-03-15 14:44 - 2013-02-01 19:23 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-03-15 14:44 - 2013-02-01 19:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-03-13 18:03 - 2013-03-15 14:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-03-13 13:25 - 2009-07-13 17:14 - 00020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe ==================== One Month Modified Files and Folders ======= 2013-03-30 17:11 - 2012-03-04 08:04 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-03-30 17:11 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-03-30 17:11 - 2009-07-13 20:51 - 00130014 ____A C:\Windows\setupact.log 2013-03-28 16:24 - 2010-11-20 00:42 - 01369177 ____A C:\Windows\WindowsUpdate.log 2013-03-28 16:12 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-03-28 16:12 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-03-28 16:06 - 2009-07-13 21:13 - 00727334 ____A C:\Windows\System32\PerfStringBackup.INI 2013-03-28 16:01 - 2013-03-28 16:01 - 00274456 ____A C:\Windows\Minidump\032813-65972-01.dmp 2013-03-28 16:01 - 2012-10-17 15:39 - 00000000 ____D C:\Windows\Minidump 2013-03-28 16:00 - 2012-10-17 15:39 - 450124564 ____A C:\Windows\MEMORY.DMP 2013-03-19 19:54 - 2011-06-02 17:37 - 00000000 ____D C:\Users\Owner\Documents\Audible 2013-03-19 19:53 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration 2013-03-19 15:57 - 2013-03-19 15:57 - 00271400 ____A C:\Windows\Minidump\031913-55692-01.dmp 2013-03-19 15:57 - 2011-03-01 11:17 - 00000000 ____D C:\users\Owner 2013-03-18 02:56 - 2012-04-02 15:15 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-03-18 02:43 - 2012-03-04 08:04 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-03-17 21:20 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache 2013-03-17 10:00 - 2013-03-17 10:00 - 00002288 ____A C:\{610E6ACB-26A6-4633-BCAC-6E5AABA70759} 2013-03-17 07:17 - 2013-03-17 07:17 - 00274456 ____A C:\Windows\Minidump\031713-70403-01.dmp 2013-03-17 07:16 - 2011-03-02 03:15 - 00814134 ____A C:\Windows\PFRO.log 2013-03-17 07:12 - 2013-03-17 06:56 - 00000000 ___SD C:\ComboFix 2013-03-17 06:56 - 2013-03-17 06:48 - 00000000 ____D C:\Qoobox 2013-03-17 06:56 - 2013-03-17 06:46 - 00000000 ___SD C:\32788R22FWJFW 2013-03-17 06:47 - 2013-03-17 06:47 - 00000000 ____D C:\Windows\erdnt 2013-03-16 13:17 - 2013-03-16 13:17 - 00000932 ____A C:\AdwCleaner[s1].txt 2013-03-16 13:13 - 2013-03-16 13:13 - 00597667 ____A C:\Users\Owner\Downloads\adwcleaner.exe 2013-03-16 08:05 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF 2013-03-15 16:36 - 2013-03-15 16:36 - 00000000 ____D C:\Windows\Sun 2013-03-15 16:30 - 2011-12-23 17:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-03-15 16:30 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-03-15 15:39 - 2013-03-15 15:39 - 00002014 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk 2013-03-15 15:13 - 2013-03-15 15:13 - 00000129 ____A C:\Windows\System32\MRT.INI 2013-03-15 14:37 - 2013-03-13 18:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-03-15 14:37 - 2010-07-10 21:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-03-13 13:23 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep 2013-03-12 15:25 - 2012-04-02 15:15 - 00693976 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-03-12 15:25 - 2011-05-12 17:21 - 00073432 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-03-04 10:53 - 2011-03-01 12:06 - 72013344 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-03-04 10:15 - 2013-03-17 07:42 - 69796088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe ATTENTION: ========> Check for possible partition/boot infection: C:\Windows\svchost.exe ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit TDL4: custom:26000022 <===== ATTENTION! ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-03-18 15:15:15 Restore point made on: 2013-03-19 16:09:10 Restore point made on: 2013-03-28 16:10:08 ==================== Memory info =========================== Percentage of memory in use: 17% Total physical RAM: 3834.9 MB Available physical RAM: 3151.63 MB Total Pagefile: 3833.05 MB Available Pagefile: 3136.04 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================= 1 Drive c: () (Fixed) (Total:280.47 GB) (Free:38.87 GB) NTFS ==>[system with boot components (obtained from reading drive)] 2 Drive d: () (Removable) (Total:3.74 GB) (Free:3.74 GB) FAT32 3 Drive f: (RECOVERY) (Fixed) (Total:17.32 GB) (Free:2.51 GB) NTFS ==>[system with boot components (obtained from reading drive)] 6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 7 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from reading drive)] ATTENTION: Malware custom entry on BCD on drive y: detected. Check for MBR/Partition infection. Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 298 GB 103 MB Disk 1 Online 3840 MB 0 B Disk 2 No Media 0 B 0 B Partitions of Disk 0: =============== Disk ID: 82337274 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 199 MB 1024 KB Partition 2 Primary 280 GB 200 MB Partition 3 Primary 17 GB 280 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y SYSTEM NTFS Partition 199 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 280 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 F RECOVERY NTFS Partition 17 GB Healthy ========================================================= Partitions of Disk 1: =============== Disk ID: C3072E18 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 3839 MB 28 KB ================================================================================== Disk: 1 Partition 1 Type : 0C Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 D FAT32 Removable 3839 MB Healthy ========================================================= ============================== MBR Partition Table ================== ============================== Partitions of Disk 0: =============== Disk ID: 82337274 Partition 1: ========= Hex: 80003A00000000003900000000000000 Active: YES Type: 00 Size: 0 byte ATTENTION ===> 0 byte partition bootkit on partition 1 Partition 2: ========= Hex: 80202100077E25190008000000380600 Active: YES Type: 07 (NTFS) Size: 199 MB Partition 3: ========= Hex: 007E261907FEFFFF0040060000180F23 Active: NO Type: 07 (NTFS) Size: 280 GB Partition 4: ========= Hex: 00FEFFFF07FEFFFF0058152300502A02 Active: NO Type: 07 (NTFS) Size: 17 GB ============================== Partitions of Disk 1: =============== Disk ID: C3072E18 Partition 1: ========= Hex: 000039000C875EE938000000C8FF7700 Active: NO Type: 0C Size: 4 GB Last Boot: 2013-03-17 21:01 ==================== End Of Log ============================= Farbar Recovery Scan Tool (x64) Version: 13-03-2013 Ran by SYSTEM at 2013-03-30 21:34:59 Running from D:\ ================== Search: ".services.exe" =================== ====== End Of Search ======
  5. Tanner330
    Never mind that it's working now
  6. Tanner330
    I am sending this from my phone. I ran the first part but when I type ".services.exe" after the search in the edit box nothing happens when I hit the search button
  7. Tanner330
    I have just now been able to download the tool you asked me to and I will try and run it tonight
  8. Tanner330
    As I said I can't get it to do anything and I don't have another PC that I can download the stuff you said. I'm also a little nervous now because when I posted here my PC was just running really slow but now it won't even start after running the programs you told me to. Anyway I don't have access to a PC so I can't download that stuff. Not sure what to do now.
  9. Tanner330
    Well now it won't even start up...
  10. Tanner330
    So I went to the link you put for how to disable antivirus and I followed the instructions. Right click on the icon in system tray then click disable auto-protect. Then I ran Combofix and it said Norton was still active. So I ended up going into Norton Advanced and shut down each thing personally and it said everything was off. So then I clicked OK to run Combofix and it got to where it said "stage 3 complete" then my screen went black with a blue box in it and it said... "A problem has been detected and windows has been shut down to prevent damage to your computer..... collecting data for crash dump... beginning crash dump... dumping to disk... physical memory dump complete... Contact system admin...." I restarted and it came back on but it's still running really slow.
  11. Tanner330
    Thank you for your help on this. So I'm still getting the same high cpu usage warning winrscmde. Seems to bog down when I try to multitask like I usually do. So here are the logs you asked for. Security Check Results of screen317's Security Check version 0.99.61 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! Norton Internet Security WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.0.1400 Java 6 Update 24 Java version out of Date! Adobe Reader 9 Adobe Reader out of Date! Google Chrome 25.0.1364.152 Google Chrome 25.0.1364.172 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 7% ````````````````````End of Log``````````````````````[/u AdwCleaner # AdwCleaner v2.114 - Logfile created 03/16/2013 at 17:17:07 # Updated 05/03/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Owner - OWNER-HP # Boot Mode : Normal # Running from : C:\Users\Owner\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com Folder Deleted : C:\ProgramData\APN ***** [Registry] ***** Key Deleted : HKLM\Software\Freeze.com ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16470 [OK] Registry is clean. -\\ Google Chrome v25.0.1364.172 File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [805 octets] - [16/03/2013 17:17:07] ########## EOF - C:\AdwCleaner[s1].txt - [864 octets] ########## Rogue Killer RogueKiller V8.5.3 [Mar 16 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Owner [Admin rights] Mode : Scan -- Date : 03/16/2013 17:35:10 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sVCHOST] svchost.exe -- C:\Windows\\svchost.exe [x] -> KILLED [TermProc] ¤¤¤ Registry Entries : 5 ¤¤¤ [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK3265GSX SATA Disk Device +++++ --- User --- [MBR] fd9e94e505d8ae31cec54e33fd336b99 [bSP] 268f2e16683a74de5b7f4f339d28c9bf : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 287203 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 588601344 | Size: 17738 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_03162013_02d1735.txt >> RKreport[1]_S_03162013_02d1735.txt RogueKiller V8.5.3 [Mar 16 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Owner [Admin rights] Mode : Remove -- Date : 03/16/2013 17:36:59 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sVCHOST] svchost.exe -- C:\Windows\\svchost.exe [x] -> KILLED [TermProc] ¤¤¤ Registry Entries : 5 ¤¤¤ [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1) [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK3265GSX SATA Disk Device +++++ --- User --- [MBR] fd9e94e505d8ae31cec54e33fd336b99 [bSP] 268f2e16683a74de5b7f4f339d28c9bf : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 287203 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 588601344 | Size: 17738 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2]_D_03162013_02d1736.txt >> RKreport[1]_S_03162013_02d1735.txt ; RKreport[2]_D_03162013_02d1736.txt
  12. Tanner330
    I received this warning and after trying to remove malwarebytes no longer works. PC is running really slow and I am getting all kinds of warnings from my antivirus program. Thanks for any help you can provide. I have attached the log files but I see it says to copy and paste in my post so I will do that also. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16470 Run by Owner at 10:50:18 on 2013-03-16 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.1617 [GMT -4:00] . AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Windows Media Player\wmpnetwk.exe \\.\globalroot\systemroot\svchost.exe -netsvcs C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe C:\Program Files\Realtek\RtVOsd\RtVOsd.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\PROGRA~2\Audible\Bin\AUDIBL~1.EXE C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Bar = Preserve mWinlogon: Userinit = userinit.exe, BHO: MRI_DISABLED - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{E1B3DE66-7E89-43BE-9D39-86F2C7CD888B} : DHCPNameServer = 192.168.1.1 SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-2-6 451192] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-2-6 1129120] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\BASHDefs\20130301.001\BHDrvx64.sys [2013-3-5 1388120] R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-2-6 167072] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\IPSDefs\20130313.003_b0e\IDSviA64.sys [2013-3-15 513184] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-2-6 190072] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-2-6 405624] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-11-20 203264] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-6-25 92216] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-2-6 138272] R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-4-19 315392] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-10-17 138912] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-11-20 38456] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-29 29720] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-11-20 245792] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-1 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-1 1255736] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120] S4 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-11-20 98208] S4 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272] S4 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-6-29 27192] . =============== Created Last 30 ================ . 2013-03-15 00:14:44 -------- d-----w- C:\Users\Owner\AppData\Local\Programs 2013-03-13 21:25:48 20480 ----a-w- C:\Windows\svchost.exe 2013-03-13 21:23:28 7680 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\BA79.tmp 2013-03-13 21:23:28 7680 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\BA78.tmp 2013-02-15 23:58:12 106088 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll 2013-02-15 14:52:09 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-15 14:52:09 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-14 20:41:58 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-02-14 20:41:58 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-02-14 20:41:58 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-02-14 20:41:58 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-02-14 20:41:58 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-02-14 20:41:57 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-02-14 20:41:55 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-02-14 20:41:51 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-02-14 20:41:50 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-02-14 20:41:43 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-02-14 20:41:30 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-02-14 20:41:30 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ==================== Find3M ==================== . 2013-03-12 23:25:57 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-12 23:25:57 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll . ============= FINISH: 10:54:15.95 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 3/1/2011 2:17:29 PM System Uptime: 3/16/2013 10:18:14 AM (0 hours ago) . Motherboard: Hewlett-Packard | | 1444 Processor: AMD Turion II P540 Dual-Core Processor | Socket S1G4 | 2400/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 280 GiB total, 40.306 GiB free. D: is FIXED (NTFS) - 17 GiB total, 2.506 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP96: 2/15/2013 9:49:03 AM - Windows Update RP97: 3/13/2013 9:47:54 PM - Windows Update RP98: 3/15/2013 6:27:10 PM - Windows Update . ==== Installed Programs ====================== . Acrobat.com ActiveCheck component for HP Active Support Library Adobe AIR Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Media Player Adobe Photoshop CS5 Adobe Photoshop Lightroom 3 64-bit Adobe Reader 9.5.4 MUI Adobe Shockwave Player 11.5 Adobe Shockwave Player 11.6 AMD USB Filter Driver Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Driver Installation Program ATI Catalyst Install Manager Audible Download Manager Bejeweled 2 Deluxe Bing Bar Bing Rewards Client Installer Blackhawk Striker 2 Bonjour Build-a-lot 2 Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chapter and Verse Chuzzle Deluxe CinemaNow Media Manager Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Core FTP LE CyberLink DVD Suite CyberLink MediaShow CyberLink PowerDVD 9 CyberLink YouCam Diner Dash 2 Restaurant Rescue Dora's Carnival Adventure Energy Star Digital Logo Escape Rosecliff Island ESU for Microsoft Windows 7 FATE Final Drive Nitro GEAR driver installer for x86 and x64 Gimp 2.6.2 Debug Google Chrome Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper Heroes of Hellas 2 - Olympia HP Advisor HP Customer Experience Enhancements HP Documentation HP Game Console HP Games HP MediaSmart CinemaNow 2.0 HP Photo Creations HP Power Manager HP Quick Launch HP Setup HP Software Framework HP Support Assistant HP Wireless Assistant HPAsset component for HP Active Support Library iTunes Java Auto Updater Java 6 Update 20 (64-bit) Java 6 Update 24 Jewel Quest 3 Jewel Quest Solitaire 2 Junk Mail filter update LabelPrint Malwarebytes Anti-Malware version 1.65.0.1400 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 MotoHelper MergeModules MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) Norton Internet Security PDF Settings CS5 Penguins! PhotoNow! Plants vs. Zombies Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector QuickTime Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Recovery Manager Roxio CinemaNow 2.0 RtVOsd Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) swMSM Synaptics Pointing Device Driver Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Virtual Families Virtual Villagers - The Secret City Wheel of Fortune 2 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Xara Web Designer 7 Premium Xara Web Designer 7 Premium Content Pack ZipGenius 6.3 Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 3/16/2013 2:30:46 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service. 3/16/2013 2:21:56 AM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 3/16/2013 2:10:21 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2. 3/16/2013 10:25:07 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 3/14/2013 8:01:42 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 3/13/2013 8:46:35 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect. 3/13/2013 8:46:35 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/13/2013 8:46:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED} . ==== End Of File =========================== dds.txt attach.txt
  13. Tanner330
    So I keep getting this winrscmde high usage warning. When I tried to run Malwarebytes to remove it Malwarebytes will no longer work upon startup. My pc is running so slow now and my antivirus is giving me warnings. Not sure what to do. Any help will be appreciated.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.