Jump to content

closer2u

Members
  • Posts

    15
  • Joined

  • Last visited

Everything posted by closer2u

  1. Keven, I ran FRST from my F: Drive and deleted the FIxlog.txt that was generated. I then ran Delfix and deleted the log it generated. I believe both programs ran successfully. The computer appears to be running fine using either the IE or Chrome Browser. What happened with my C hard drive? I didn't delete anything on my C drive and now it has 93 GB of free space out of 136 GB. Did this virus replicate itself and eat up space on my hard drive as well shutting down the connection to the internet? Just seems strange to me. I tried to restore "hibernate" using the attached "Geek" site with no success. Neither method worked. My command prompt was C:\Windows\32> Maybe that was the problem. This is not a major issue in that the sleep mode works fine and other then not having the hibernate function on my start menu the computer is working great. At this point, I have plenty of space on my hard drive to install the AV programs and tools that you recommended. Is my computer clean and should I install some of these AV and FW programs immediately? Your advice is valued. Thank you for all your patience, diligence and considerate direction in resolving this issue. Let me know what to do next. Gerry
  2. Do I have to delete the Fixlog text document or FRST document that appears on the F: memory stick before attaching the fixlist.txt to the memory stick?
  3. Kevin, I saved FRST on both the memory stick, F: Drive and see the file on my laptop at the (OS)C:\FRST location on the computer. There are three folders (Hives, Logs, and Quarantine). I searched my laptop but did not see any fixlist.txt files. I believe these are on the memory stick, F:Drive. Should I just proceed and attach fixlist.txt to the location on the C Drive where FRST is located and then proceed in that the fixlist.txt files are on the memory stick? i assume that all this can be done before I download any of the AV programs that you recommend and that should be done after running Delfix. Also, mystereously I noticed that my C Hard Drive has 92 or 136 GB free. I seem to still have all the pictures and downloads that were on my computer previously. How did so much space appear?
  4. My computer appears to be working fine. I seems to be working a bit faster and not locking up. I am getting more security popups before directed to another site when browsing the internet. What virus actually caused my computer to lose connection to the internet and run so slowly? I have Windows Defender on my computer but do not have a virus protection program. I have heard that AVG and avast are good anti virus programs that can be downloaded for free. What do you recommend? Is there a periodic scan that I should do to prevent and check for Malware? What browser do you recommend? Is Chrome or Firefox safer than Internet Explorer? I noticed about 2 months ago that "hibernate" was no longer on my start menu just "sleep." Was this changed by an update? My C Hard drive is almost full. Is this what caused my computer to run slow and lock up, or was it some type of virus. It seems to be working fine now. I know that I have too many questions but I really appreciate your help and want to make sure that my laptop continues to perform like it appears to be doing now. Thanks for all your help. Gerry
  5. The computer seems to be running faster and working fine. It use to lock up quite a bit. There appears to be more security pop ups when using the internet. Is this because I'm using IE as my browser or will these appear if I use Chrome? What was the virus or trojan that exactly blocked my internet connection and slowed down my computer? I'm concerned that I need to have a virus protection program on the computer to protect it from malware, viruses and trojans. I heard that AVG and avast were good and could be downloaded for free. As of now, I think I only have Windows Defender? Is my computer vulnerable to trojans and things? What do you recommend? I'm currently using Chrome as my browser. Is one browser or another more prone to malware attacks? What do you recommend? Also, my hard drive is almost full and I'm planning on backing it up to free up space. Is this why my computer was running slow or was it because of some type of virus or infection? It seems to be much more responsive. Last, I noticed about 2 months ago that I no longer had the hibernate function on my start menu, just sleep. Was there an update that removed this from Vista? Please provide me with any procedures or recommendations to keep my computer running smoothly. Is there a security scan that I should do periodically? I appreciate all your help Thank you very much! Gerry
  6. Kevin: I can not get the file to attach to this reply. I search for the C:/ComboFix.txt file and the revised ComboFix log shows up in ComboFix - Notepad. I can't find this file anywhere else on my computer. When I try to save the notepad file to my computer it says that it already exists and do you want to replace. I click yes, and it says, "C:\ComboFix.txt file - Make sure that the path and file name are correct." I don't know how to get this notepad file to save to my computer and attach the file to the reply. I know I'm doing something wrong. Sorry for the delay. Thanks Gerry
  7. Kevin, Here are the CF and ESET logs. When I ran ESET it never gave me an option "to make sure that the option remove found threats is unticked" or any of the other options. It just began scanning. Took about an hour and a half to complete. Found the two threats. Let me know if this looks right to you and how to proceed. Also, would like to know what actually caused this problem and what virus protection program would be good. I heard both AVG and avast were good. What browser would you recommend? Thanks again. Await your instructions. Gerry ESET SCAN.txt ComboFix.txt
  8. Kevin, I closed my browsers and opened notepad. I typed in ClearJavaCache:: and saved it to CFScript.txt as pictured. I dragged this file to the Combofix shortcut on my desktop. It then ran another scan and generated another Combofix log. I'm not sure I did this correctly. Was there something else I should have done. I didn't see any green install type lines when I dragged the CFScript.txt file to the cat icon on my desktop. I have to run some errands for the next couple hours. I'll run the scan from ESET when I get back. Let me know if it sounds like the log that was generated cleared the Java cache. Thanks Gerry
  9. Kevin, Attached is the ComboFix.txt. So far, I'm still using Chrome as my default browser. Don't know if auto run was turned off after running Combofix. I don't have a problem turning on manually, as long as they work. Please, let me know what virus protection to put on the laptop to protect it once you etermine it is running clean. I'll await further instructions. Sorry for the delay. Thanks Gerry ComboFix.txt
  10. Kevin, I generated the Combofix log file. It is saved in a combofix notepad on my computer. Can't copy and past successfully to you. What am I doing wrong?
  11. Kevin, I looked at all the programs that were installed on my laptop and did not find Combofix. Perhaps, it showed up on the log because it was on the memory stick. I downloaded Combofix to my desktop. Somehow, I downloaded it twice. Went into remove programs and tryed to remove one of the copies, it wasn't there. I sent onc of the copies to the desktop. I tryed to disable my Norton Internet Security but have little success. On the Norton Protection Center status there is a red x next to Virus protection, spyware definitions and protection update. There is a green check mark next to inbound firewall and the other items. I'm unable to disable the inbound firewall. I went to the Connecting to the Internet tab and noticed that a red x appeared next to the "Advanced Firewall." Green check mark appears next to the other items. The Norton subscription is out of date. A red x appears over the yellow icon on the menu bar. Should I just uninstall it from my computer? I'm thinking of installing another virus program like AVG. Also, should I shut off the Windows firewall before running Combofix. How long does it stay off? Do I have to shut down any of these programs: CCleaner Privacy mantra Live Updates from Symantec Let me know how to proceed. Don't want to run Combofix until I'm sure I have all virus protection off. Thanks again, Gerry
  12. Keven, I'm finally back home. No, I did not run Combofix on my laptop. I had the program on there when I used it to fix a problem on my desktop and transferred it to the memory stick. I ran all your instructions from the desktop to the memory stick and then to the laptop. I was able to restore the connection to the internet after FRST fix. The computer did not reboot by itself but locked up. When I shut it down and restarted the connection was there and my wifi worked. I tried to run ESET repair tool from the laptop but it gave me an error message and would not run. I was able to run ESET from the memory stick. Attached are the log files that you requested. I hope this is what you need. I have some other issues with the computer that I have listed after the log files. Perhaps some of these will be addressed after reviewing the logs. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-02-2014 01 Ran by Gerry at 2014-02-11 11:18:43 Run:1 Running from F:\ Boot Mode: Normal ============================================== Content of fixlist: ***************** Start Winsock: Missing Catalog9 entry, broken internet access. <===== ATTENTION. cmd: netsh winsock reset C:\Users\Gerry\AppData\Local\Temp\air3742.exe C:\Users\Gerry\AppData\Local\Temp\_is12F8.exe End ***************** Winsock: Missing Catalog9 entry, broken internet access. <===== ATTENTION. => Winsock will be renumbered. ========= netsh winsock reset ========= Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107 Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= C:\Users\Gerry\AppData\Local\Temp\air3742.exe => Moved successfully. C:\Users\Gerry\AppData\Local\Temp\_is12F8.exe => Moved successfully. ==== End of Fixlog ==== Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014 01 Ran by Gerry (administrator) on GERRY-PC on 11-02-2014 12:39:20 Running from F:\ Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe () C:\Windows\System32\WLTRYSVC.EXE (Dell Inc.) C:\Windows\System32\bcmwltry.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Ralink Technology, Corp.) C:\Program Files\Tenda\Common\RaRegistry.exe (Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe (Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Dell Inc.) C:\Windows\System32\WLTRAY.EXE (Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe (Orbiscom Ltd. All rights reserved.) C:\Program Files\Virtual Account Numbers\CitiVAN.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe (Orbiscom Ltd. All rights reserved.) C:\Program Files\Virtual Account Numbers\CitiVAN.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (SigmaTel, Inc.) C:\Windows\sttray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Gteko Ltd.) C:\Program Files\DellSupport\DSAgnt.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe (Codeode) C:\Program Files\Privacy Mantra 2.06\privacymantra.exe (Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe (Dell Inc) C:\Program Files\Dell\QuickSet\quickset.exe (Tenda Technology, Corp.) C:\Program Files\Tenda\Common\RaUI.exe (Microsoft Corporation) C:\Windows\System32\cleanmgr.exe (Orbiscom Ltd.) C:\Windows\System32\OBroker.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE (Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe (Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe (Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe (Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe (Microsoft Corporation) C:\Windows\system32\msiexec.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\IELowutil.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation) HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-11-17] (Synaptics, Inc.) HKLM\...\Run: [broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [1540096 2006-11-27] (Dell Inc.) HKLM\...\Run: [Corel Photo Downloader] - C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe HKLM\...\Run: [iSUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-10-03] (Macrovision Corporation) HKLM\...\Run: [] - [X] HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115816 2007-01-09] (Symantec Corporation) HKLM\...\Run: [osCheck] - C:\Program Files\Norton Internet Security\osCheck.exe [22696 2006-12-03] (Symantec Corporation) HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-30] (Google) HKLM\...\Run: [ECenter] - c:\dell\E-Center\EULALauncher.exe [17920 2006-11-17] ( ) HKLM\...\Run: [PCMService] - C:\Program Files\Dell\MediaDirect\PCMService.exe [184320 2006-10-13] (CyberLink Corp.) HKLM\...\Run: [iSUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2006-10-03] (Macrovision Corporation) HKLM\...\Run: [dscactivate] - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2007-10-09] ( ) HKLM\...\Run: [symantec PIF AlertEng] - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2007-11-28] (Symantec Corporation) HKLM\...\Run: [DellSupportCenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.) HKLM\...\Run: [Citi Virtual Account Numbers] - C:\Program Files\Virtual Account Numbers\CitiVAN.exe [398336 2013-03-04] (Orbiscom Ltd. All rights reserved.) HKLM\...\Run: [NvSvc] - C:\Windows\system32\nvsvc.dll [90191 2006-12-13] (NVIDIA Corporation) HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [7766016 2006-12-13] (NVIDIA Corporation) HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [81920 2006-12-13] (NVIDIA Corporation) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.) HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.) HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION) HKLM\...\Run: [LTCM Client] - C:\Program Files\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.) HKLM\...\Run: [Virtual Account Numbers] - C:\Program Files\Virtual Account Numbers\CitiVAN.exe [398336 2013-03-04] (Orbiscom Ltd. All rights reserved.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) HKLM\...\Run: [sigmatelSysTrayApp] - C:\Windows\sttray.exe [303104 2007-02-08] (SigmaTel, Inc.) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\Run: [DellSupport] - C:\Program Files\DellSupport\DSAgnt.exe [446976 2006-11-12] (Gteko Ltd.) HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation) HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\Run: [DellSupportCenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.) HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\Run: [com.codeode.privacymantra] - C:\Program Files\Privacy Mantra 2.06\privacymantra.exe [958464 2009-03-28] (Codeode) HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\Run: [EPSON Artisan 730 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHQA.EXE [212480 2011-01-20] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\MountPoints2: {310b2ed7-055a-11dc-874d-806e6f6e6963} - E:\setup.exe AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-07-30] (Google) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://my.yahoo.com/?mkg=015 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9 HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://us-mg5.mail.yahoo.com/neo/launch?.rand=ad7ht97j05r2a&ufb=1# URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) SearchScopes: HKCU - {40F38155-8BD8-427B-A34B-0822F8E97B2F} URL = http://delicious.com/search?p={searchTerms} SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=TV5rS-jBhYHunMV-RTNYkijycqE?q={searchTerms} SearchScopes: HKCU - {FA7F210E-96FF-4B04-B8DE-EA3139D63B8C} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9 SearchScopes: HKCU - {FB26DAB2-02C2-41A2-8428-B030E36FAB51} URL = http://www.flickr.com/search/?q={searchTerms} BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) BHO: Virtual Account Numbers Helper - {17424104-1444-4810-85D7-B4DA413C5A9A} - C:\Program Files\Virtual Account Numbers\CitiVANHelper.dll (Orbiscom Ltd. All rights reserved.) BHO: No Name - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (Symantec Corporation) BHO: CitiUSBrowserHelper Class - {387EDF53-1CF2-4523-BC2F-13462651BE8C} - C:\Program Files\Virtual Account Numbers\BhoCitUS.dll (Orbiscom Ltd. All rights reserved.) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Updater For XFIN_PORTAL - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files\xfin_portal\auxi\comcastAu.dll No File BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) Toolbar: HKLM - Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation) Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) Toolbar: HKLM - Virtual Account Numbers - {7A21A046-B886-4A62-9D69-EF2059B0A27B} - C:\Program Files\Virtual Account Numbers\CitiVANToolbar.dll (Orbiscom Ltd. All rights reserved.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Extension: (Google Wallet) - C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25] ========================== Services (Whitelisted) ================= R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554616 2007-05-11] (Symantec Corporation) R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation) R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation) R2 CLTNetCnService; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation) S3 comHost; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [49296 2006-12-03] (Symantec Corporation) S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [70656 2006-11-07] () R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [521600 2011-06-09] (SEIKO EPSON CORPORATION) S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-30] (Google) S3 ISPwdSvc; C:\Program Files\Norton Internet Security\isPwdSvc.exe [80552 2006-12-03] (Symantec Corporation) R3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2983544 2007-05-11] (Symantec Corporation) R2 LiveUpdate Notice Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation) S2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2007-11-28] (Symantec Corporation) R2 RalinkRegistryWriter; C:\Program Files\Tenda\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.) S3 RaMediaServer; C:\Program Files\Tenda\Common\RaMediaServer.exe [621632 2011-03-04] () R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-13] (SupportSoft, Inc.) S3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1252232 2007-11-02] () R2 SymAppCore; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [46736 2006-12-03] (Symantec Corporation) R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1716224 2006-11-27] (Dell Inc.) ==================== Drivers (Whitelisted) ==================== R2 dsunidrv; C:\Program Files\DellSupport\Drivers\dsunidrv.sys [7424 2006-08-17] (Gteko Ltd.) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-10-16] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-13] (Symantec Corporation) R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20140115.001\IDSvix86.sys [287792 2013-09-17] (Symantec Corporation) S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1168960 2011-11-10] (Ralink Technology Corp.) R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [406672 2006-12-03] (Symantec Corporation) S3 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [247608 2007-03-27] (Symantec Corporation) S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [276792 2007-03-27] (Symantec Corporation) R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [25400 2007-03-27] (Symantec Corporation) R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [647680 2007-02-08] (SigmaTel, Inc.) R3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [11792 2006-12-03] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [115000 2007-05-30] (Symantec Corporation) R3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [144784 2006-12-03] (Symantec Corporation) R3 SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [38928 2006-12-03] (Symantec Corporation) R0 symlcbrd; C:\Windows\System32\drivers\symlcbrd.sys [10344 2013-12-14] (Symantec Corporation) R3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [37008 2006-12-03] (Symantec Corporation) R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26384 2006-12-03] (Symantec Corporation) R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [185744 2006-12-03] (Symantec Corporation) S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog32.sys [X] S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070623.007\NAVENG.SYS [X] S3 NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070623.007\NAVEX15.SYS [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-11 12:17 - 2014-02-11 12:17 - 00000000 ____D () C:\Users\Public\Desktop\CC Support 2014-02-11 11:50 - 2014-02-11 12:05 - 00691486 _____ () C:\Users\Gerry\Downloads\ServicesRepair (1).exe 2014-02-11 11:49 - 2014-02-11 12:05 - 04009167 _____ () C:\Users\Gerry\Downloads\ServicesRepair.exe 2014-02-11 01:25 - 2014-02-11 12:39 - 00000000 ____D () C:\FRST 2014-02-09 19:17 - 2014-02-09 19:17 - 00000000 ____D () C:\Qoobox 2014-02-08 12:23 - 2014-02-08 12:23 - 00000490 _____ () C:\Users\Gerry\Documents - Shortcut.lnk 2014-02-08 09:47 - 2014-02-08 09:47 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-08 09:47 - 2014-02-08 09:47 - 00000000 _____ () C:\Windows\setupact.log 2014-01-29 21:28 - 2014-01-29 21:28 - 00000000 ____D () C:\ProgramData\Ralink 2014-01-29 21:27 - 2014-01-29 21:27 - 00001465 _____ () C:\Users\Public\Desktop\Tenda Wireless Utility.lnk 2014-01-29 21:25 - 2014-01-29 22:18 - 00008091 _____ () C:\Windows\system32\RaCoInst.log 2014-01-29 21:16 - 2014-01-29 21:16 - 00000000 ____D () C:\ProgramData\Tenda Driver 2014-01-29 21:16 - 2011-11-10 17:11 - 01168960 _____ (Ralink Technology Corp.) C:\Windows\system32\Drivers\netr28u.sys 2014-01-29 21:16 - 2011-11-10 16:55 - 00238944 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInst.dll 2014-01-29 21:16 - 2011-11-10 16:55 - 00014119 _____ () C:\Windows\system32\RaCoInst.dat 2014-01-29 21:15 - 2014-01-29 21:16 - 00000000 ____D () C:\Program Files\Cisco 2014-01-29 21:15 - 2014-01-29 21:15 - 00000000 ____D () C:\Windows\system32\RaLanguages 2014-01-29 21:15 - 2014-01-29 21:15 - 00000000 ____D () C:\Program Files\Tenda 2014-01-29 21:15 - 2011-09-16 16:19 - 00000450 _____ () C:\Windows\system32\DiagFunc.ini 2014-01-29 21:15 - 2011-05-04 13:56 - 01608768 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll 2014-01-29 21:15 - 2011-05-04 13:54 - 00802880 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAIHV.dll 2014-01-29 21:15 - 2010-07-01 17:45 - 00119648 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll 2014-01-29 21:15 - 2010-06-29 10:34 - 00480608 _____ () C:\Windows\system32\DiagFunc.dll 2014-01-24 14:36 - 2014-01-24 14:36 - 00000000 ____D () C:\Windows\system32\vmm32 2014-01-24 14:36 - 2014-01-24 14:36 - 00000000 ____D () C:\Users\Gerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Accessories 2014-01-20 12:24 - 2014-01-20 12:24 - 01286627 _____ () C:\Users\Gerry\Downloads\Unconfirmed 135194.crdownload 2014-01-18 09:46 - 2014-01-18 09:46 - 00000206 _____ () C:\Users\Gerry\CD Drive - Shortcut.lnk 2014-01-14 14:54 - 2014-01-14 14:57 - 00009743 _____ () C:\Users\Gerry\Downloads\Owner_Statement_Simple.xlsx ==================== One Month Modified Files and Folders ======= 2014-02-11 12:39 - 2014-02-11 01:25 - 00000000 ____D () C:\FRST 2014-02-11 12:38 - 2007-05-18 11:13 - 01366396 _____ () C:\Windows\WindowsUpdate.log 2014-02-11 12:29 - 2011-12-19 09:49 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-11 12:29 - 2007-05-18 11:50 - 00000000 ____D () C:\MDT 2014-02-11 12:28 - 2007-05-27 18:49 - 00013025 _____ () C:\Users\Gerry\AppData\Roaming\nvModes.001 2014-02-11 12:25 - 2013-01-21 10:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-11 12:25 - 2011-12-19 09:48 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-11 12:25 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-11 12:25 - 2006-11-02 07:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-11 12:25 - 2006-11-02 07:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-11 12:17 - 2014-02-11 12:17 - 00000000 ____D () C:\Users\Public\Desktop\CC Support 2014-02-11 12:13 - 2013-01-21 10:55 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-02-11 12:13 - 2013-01-21 10:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-02-11 12:05 - 2014-02-11 11:50 - 00691486 _____ () C:\Users\Gerry\Downloads\ServicesRepair (1).exe 2014-02-11 12:05 - 2014-02-11 11:49 - 04009167 _____ () C:\Users\Gerry\Downloads\ServicesRepair.exe 2014-02-11 01:24 - 2006-11-02 05:33 - 00703404 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-09 19:17 - 2014-02-09 19:17 - 00000000 ____D () C:\Qoobox 2014-02-09 18:35 - 2009-04-05 23:40 - 00001356 _____ () C:\Users\Gerry\AppData\Local\d3d9caps.dat 2014-02-08 12:23 - 2014-02-08 12:23 - 00000490 _____ () C:\Users\Gerry\Documents - Shortcut.lnk 2014-02-08 12:23 - 2007-05-24 23:23 - 00000000 ____D () C:\Users\Gerry 2014-02-08 09:47 - 2014-02-08 09:47 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-08 09:47 - 2014-02-08 09:47 - 00000000 _____ () C:\Windows\setupact.log 2014-01-31 10:51 - 2007-05-26 00:16 - 00013025 _____ () C:\Users\Gerry\AppData\Roaming\nvModes.dat 2014-01-30 08:57 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-01-29 22:18 - 2014-01-29 21:25 - 00008091 _____ () C:\Windows\system32\RaCoInst.log 2014-01-29 21:28 - 2014-01-29 21:28 - 00000000 ____D () C:\ProgramData\Ralink 2014-01-29 21:27 - 2014-01-29 21:27 - 00001465 _____ () C:\Users\Public\Desktop\Tenda Wireless Utility.lnk 2014-01-29 21:16 - 2014-01-29 21:16 - 00000000 ____D () C:\ProgramData\Tenda Driver 2014-01-29 21:16 - 2014-01-29 21:15 - 00000000 ____D () C:\Program Files\Cisco 2014-01-29 21:15 - 2014-01-29 21:15 - 00000000 ____D () C:\Windows\system32\RaLanguages 2014-01-29 21:15 - 2014-01-29 21:15 - 00000000 ____D () C:\Program Files\Tenda 2014-01-29 21:15 - 2007-05-18 11:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-01-24 14:36 - 2014-01-24 14:36 - 00000000 ____D () C:\Windows\system32\vmm32 2014-01-24 14:36 - 2014-01-24 14:36 - 00000000 ____D () C:\Users\Gerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Accessories 2014-01-24 14:36 - 2007-05-18 11:27 - 00000000 ____D () C:\Program Files\Dell 2014-01-24 13:55 - 2007-06-08 06:06 - 00000000 ____D () C:\Users\Gerry\AppData\Roaming\Corel 2014-01-22 17:52 - 2007-05-18 11:58 - 00059666 _____ () C:\Windows\PFRO.log 2014-01-20 12:24 - 2014-01-20 12:24 - 01286627 _____ () C:\Users\Gerry\Downloads\Unconfirmed 135194.crdownload 2014-01-18 14:50 - 2011-12-19 09:54 - 00001973 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-18 14:34 - 2007-05-25 20:32 - 00000488 _____ () C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Gerry.job 2014-01-18 10:15 - 2007-05-24 23:28 - 00041472 _____ () C:\Users\Gerry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-18 09:46 - 2014-01-18 09:46 - 00000206 _____ () C:\Users\Gerry\CD Drive - Shortcut.lnk 2014-01-17 11:11 - 2006-11-02 08:01 - 00032552 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-01-16 03:20 - 2013-07-30 02:08 - 00000000 ____D () C:\Windows\system32\MRT 2014-01-16 03:10 - 2006-11-02 05:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-01-14 14:57 - 2014-01-14 14:54 - 00009743 _____ () C:\Users\Gerry\Downloads\Owner_Statement_Simple.xlsx ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-11 12:32 ==================== End Of Log ============================ Farbar Service Scanner Version: 02-02-2014 Ran by Gerry (administrator) on 11-02-2014 at 12:44:38 Running from "F:\" Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== Other Services: ============== File Check: ======== C:\Windows\system32\nsisvc.dll => MD5 is legit C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit C:\Windows\system32\dhcpcsvc.dll => MD5 is legit C:\Windows\system32\Drivers\afd.sys => MD5 is legit C:\Windows\system32\Drivers\tdx.sys => MD5 is legit C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit C:\Windows\system32\dnsrslvr.dll => MD5 is legit C:\Windows\system32\mpssvc.dll => MD5 is legit C:\Windows\system32\bfe.dll => MD5 is legit C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit C:\Windows\system32\SDRSVC.dll => MD5 is legit C:\Windows\system32\vssvc.exe => MD5 is legit C:\Windows\system32\wscsvc.dll => MD5 is legit C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\system32\wuaueng.dll => MD5 is legit C:\Windows\system32\qmgr.dll => MD5 is legit C:\Windows\system32\es.dll => MD5 is legit C:\Windows\system32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit **** End of log **** Kevin, Some other issues: Still getting the error from Norton Symantec. - "Auto-protect unexpected error- X000003E8" When I try to free up space on my laptop with disk cleanup it stalls, Says: "Scanning: system error memory dump files." I get a Pop Up tells me to check my computer security settings. My computer is pretty slow and takes a long time to boot up. What's the best way to save files to another hard drive or storage source? Are there programs that I should remove from my computer that are prone to a virus? Will this speed up my computer? As I recall, I had a hibernate function on my Vista start menu but now I only have a sleep mode. Did an update occur which eliminated this function? I appreciate all your help and await further instructions. Thanks again, Gerry
  13. Kevin, Thanks for the help. Followed your instructions with some success. I still have some issues but the laptop is now accessing the internet. I've been running around all day and won't be home until after midnight. Will post the logs you requested and update you on how things went either real late tonight or tomorrow. Once again, thanks for the help. You guys are amazing. Gerry
  14. Kevin, Thank you for your help. The infected computer is my laptop not my desk top. Attached are the logs you requested. Let me know if this is what you wanted and how to proceed. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014 01 Ran by Gerry (administrator) on GERRY-PC on 11-02-2014 01:35:18 Running from F:\ Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe () C:\Windows\System32\WLTRYSVC.EXE (Dell Inc.) C:\Windows\System32\bcmwltry.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe (Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Ralink Technology, Corp.) C:\Program Files\Tenda\Common\RaRegistry.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Dell Inc.) C:\Windows\System32\WLTRAY.EXE (Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe (CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe (Orbiscom Ltd. All rights reserved.) C:\Program Files\Virtual Account Numbers\CitiVAN.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe (Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe (Orbiscom Ltd. All rights reserved.) C:\Program Files\Virtual Account Numbers\CitiVAN.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (SigmaTel, Inc.) C:\Windows\sttray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Gteko Ltd.) C:\Program Files\DellSupport\DSAgnt.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Codeode) C:\Program Files\Privacy Mantra 2.06\privacymantra.exe (Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe (Dell Inc) C:\Program Files\Dell\QuickSet\quickset.exe (Tenda Technology, Corp.) C:\Program Files\Tenda\Common\RaUI.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe (Orbiscom Ltd.) C:\Windows\System32\OBroker.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe () C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation) HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-11-17] (Synaptics, Inc.) HKLM\...\Run: [broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [1540096 2006-11-27] (Dell Inc.) HKLM\...\Run: [Corel Photo Downloader] - C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe HKLM\...\Run: [iSUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-10-03] (Macrovision Corporation) HKLM\...\Run: [] - [X] HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115816 2007-01-09] (Symantec Corporation) HKLM\...\Run: [osCheck] - C:\Program Files\Norton Internet Security\osCheck.exe [22696 2006-12-03] (Symantec Corporation) HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-30] (Google) HKLM\...\Run: [ECenter] - c:\dell\E-Center\EULALauncher.exe [17920 2006-11-17] ( ) HKLM\...\Run: [PCMService] - C:\Program Files\Dell\MediaDirect\PCMService.exe [184320 2006-10-13] (CyberLink Corp.) HKLM\...\Run: [iSUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2006-10-03] (Macrovision Corporation) HKLM\...\Run: [dscactivate] - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2007-10-09] ( ) HKLM\...\Run: [symantec PIF AlertEng] - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2007-11-28] (Symantec Corporation) HKLM\...\Run: [DellSupportCenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.) HKLM\...\Run: [Citi Virtual Account Numbers] - C:\Program Files\Virtual Account Numbers\CitiVAN.exe [398336 2013-03-04] (Orbiscom Ltd. All rights reserved.) HKLM\...\Run: [NvSvc] - C:\Windows\system32\nvsvc.dll [90191 2006-12-13] (NVIDIA Corporation) HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [7766016 2006-12-13] (NVIDIA Corporation) HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [81920 2006-12-13] (NVIDIA Corporation) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.) HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.) HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION) HKLM\...\Run: [LTCM Client] - C:\Program Files\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.) HKLM\...\Run: [Virtual Account Numbers] - C:\Program Files\Virtual Account Numbers\CitiVAN.exe [398336 2013-03-04] (Orbiscom Ltd. All rights reserved.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) HKLM\...\Run: [sigmatelSysTrayApp] - C:\Windows\sttray.exe [303104 2007-02-08] (SigmaTel, Inc.) HKLM\...\Run: [ALUAlert] - C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe [493176 2007-05-11] (Symantec Corporation) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\Run: [DellSupport] - C:\Program Files\DellSupport\DSAgnt.exe [446976 2006-11-12] (Gteko Ltd.) HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation) HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\Run: [DellSupportCenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.) HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\Run: [com.codeode.privacymantra] - C:\Program Files\Privacy Mantra 2.06\privacymantra.exe [958464 2009-03-28] (Codeode) HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\Run: [EPSON Artisan 730 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHQA.EXE [212480 2011-01-20] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-741311009-463962571-1667769170-1000\...\MountPoints2: {310b2ed7-055a-11dc-874d-806e6f6e6963} - E:\setup.exe AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-07-30] (Google) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://my.yahoo.com/?mkg=015 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9 HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://us-mg5.mail.yahoo.com/neo/launch?.rand=ad7ht97j05r2a&ufb=1# URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) SearchScopes: HKCU - {40F38155-8BD8-427B-A34B-0822F8E97B2F} URL = http://delicious.com/search?p={searchTerms} SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=TV5rS-jBhYHunMV-RTNYkijycqE?q={searchTerms} SearchScopes: HKCU - {FA7F210E-96FF-4B04-B8DE-EA3139D63B8C} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9 SearchScopes: HKCU - {FB26DAB2-02C2-41A2-8428-B030E36FAB51} URL = http://www.flickr.com/search/?q={searchTerms} BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) BHO: Virtual Account Numbers Helper - {17424104-1444-4810-85D7-B4DA413C5A9A} - C:\Program Files\Virtual Account Numbers\CitiVANHelper.dll (Orbiscom Ltd. All rights reserved.) BHO: No Name - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (Symantec Corporation) BHO: CitiUSBrowserHelper Class - {387EDF53-1CF2-4523-BC2F-13462651BE8C} - C:\Program Files\Virtual Account Numbers\BhoCitUS.dll (Orbiscom Ltd. All rights reserved.) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Updater For XFIN_PORTAL - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files\xfin_portal\auxi\comcastAu.dll No File BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) Toolbar: HKLM - Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation) Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) Toolbar: HKLM - Virtual Account Numbers - {7A21A046-B886-4A62-9D69-EF2059B0A27B} - C:\Program Files\Virtual Account Numbers\CitiVANToolbar.dll (Orbiscom Ltd. All rights reserved.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Winsock: Missing Catalog9 entry, broken internet access. <===== ATTENTION. Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Extension: (Google Wallet) - C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25] ========================== Services (Whitelisted) ================= R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554616 2007-05-11] (Symantec Corporation) R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation) R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation) R2 CLTNetCnService; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation) S3 comHost; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [49296 2006-12-03] (Symantec Corporation) S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [70656 2006-11-07] () R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [521600 2011-06-09] (SEIKO EPSON CORPORATION) S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-30] (Google) S3 ISPwdSvc; C:\Program Files\Norton Internet Security\isPwdSvc.exe [80552 2006-12-03] (Symantec Corporation) S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2983544 2007-05-11] (Symantec Corporation) R2 LiveUpdate Notice Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation) S2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2007-11-28] (Symantec Corporation) R2 RalinkRegistryWriter; C:\Program Files\Tenda\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.) S3 RaMediaServer; C:\Program Files\Tenda\Common\RaMediaServer.exe [621632 2011-03-04] () R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-13] (SupportSoft, Inc.) R3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1252232 2007-11-02] () R2 SymAppCore; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [46736 2006-12-03] (Symantec Corporation) R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1716224 2006-11-27] (Dell Inc.) ==================== Drivers (Whitelisted) ==================== R2 dsunidrv; C:\Program Files\DellSupport\Drivers\dsunidrv.sys [7424 2006-08-17] (Gteko Ltd.) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-10-16] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-13] (Symantec Corporation) R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20140115.001\IDSvix86.sys [287792 2013-09-17] (Symantec Corporation) S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1168960 2011-11-10] (Ralink Technology Corp.) R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [406672 2006-12-03] (Symantec Corporation) S3 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [247608 2007-03-27] (Symantec Corporation) S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [276792 2007-03-27] (Symantec Corporation) R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [25400 2007-03-27] (Symantec Corporation) R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [647680 2007-02-08] (SigmaTel, Inc.) R3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [11792 2006-12-03] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [115000 2007-05-30] (Symantec Corporation) R3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [144784 2006-12-03] (Symantec Corporation) R3 SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [38928 2006-12-03] (Symantec Corporation) R0 symlcbrd; C:\Windows\System32\drivers\symlcbrd.sys [10344 2013-12-14] (Symantec Corporation) R3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [37008 2006-12-03] (Symantec Corporation) R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26384 2006-12-03] (Symantec Corporation) R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [185744 2006-12-03] (Symantec Corporation) S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog32.sys [X] S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070623.007\NAVENG.SYS [X] S3 NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070623.007\NAVEX15.SYS [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-11 01:25 - 2014-02-11 01:35 - 00000000 ____D () C:\FRST 2014-02-09 19:17 - 2014-02-09 19:17 - 00000000 ____D () C:\Qoobox 2014-02-08 12:23 - 2014-02-08 12:23 - 00000490 _____ () C:\Users\Gerry\Documents - Shortcut.lnk 2014-02-08 09:47 - 2014-02-08 09:47 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-08 09:47 - 2014-02-08 09:47 - 00000000 _____ () C:\Windows\setupact.log 2014-01-29 21:28 - 2014-01-29 21:28 - 00000000 ____D () C:\ProgramData\Ralink 2014-01-29 21:27 - 2014-01-29 21:27 - 00001465 _____ () C:\Users\Public\Desktop\Tenda Wireless Utility.lnk 2014-01-29 21:25 - 2014-01-29 22:18 - 00008091 _____ () C:\Windows\system32\RaCoInst.log 2014-01-29 21:16 - 2014-01-29 21:16 - 00000000 ____D () C:\ProgramData\Tenda Driver 2014-01-29 21:16 - 2011-11-10 17:11 - 01168960 _____ (Ralink Technology Corp.) C:\Windows\system32\Drivers\netr28u.sys 2014-01-29 21:16 - 2011-11-10 16:55 - 00238944 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInst.dll 2014-01-29 21:16 - 2011-11-10 16:55 - 00014119 _____ () C:\Windows\system32\RaCoInst.dat 2014-01-29 21:15 - 2014-01-29 21:16 - 00000000 ____D () C:\Program Files\Cisco 2014-01-29 21:15 - 2014-01-29 21:15 - 00000000 ____D () C:\Windows\system32\RaLanguages 2014-01-29 21:15 - 2014-01-29 21:15 - 00000000 ____D () C:\Program Files\Tenda 2014-01-29 21:15 - 2011-09-16 16:19 - 00000450 _____ () C:\Windows\system32\DiagFunc.ini 2014-01-29 21:15 - 2011-05-04 13:56 - 01608768 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll 2014-01-29 21:15 - 2011-05-04 13:54 - 00802880 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAIHV.dll 2014-01-29 21:15 - 2010-07-01 17:45 - 00119648 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll 2014-01-29 21:15 - 2010-06-29 10:34 - 00480608 _____ () C:\Windows\system32\DiagFunc.dll 2014-01-24 14:36 - 2014-01-24 14:36 - 00000000 ____D () C:\Windows\system32\vmm32 2014-01-24 14:36 - 2014-01-24 14:36 - 00000000 ____D () C:\Users\Gerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Accessories 2014-01-20 12:24 - 2014-01-20 12:24 - 01286627 _____ () C:\Users\Gerry\Downloads\Unconfirmed 135194.crdownload 2014-01-18 09:46 - 2014-01-18 09:46 - 00000206 _____ () C:\Users\Gerry\CD Drive - Shortcut.lnk 2014-01-14 14:54 - 2014-01-14 14:57 - 00009743 _____ () C:\Users\Gerry\Downloads\Owner_Statement_Simple.xlsx ==================== One Month Modified Files and Folders ======= 2014-02-11 01:35 - 2014-02-11 01:25 - 00000000 ____D () C:\FRST 2014-02-11 01:24 - 2006-11-02 05:33 - 00703404 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-11 00:17 - 2006-11-02 07:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-11 00:17 - 2006-11-02 07:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-10 16:00 - 2007-05-18 11:13 - 01337044 _____ () C:\Windows\WindowsUpdate.log 2014-02-10 15:59 - 2007-05-18 11:50 - 00000000 ____D () C:\MDT 2014-02-10 15:58 - 2007-05-27 18:49 - 00013025 _____ () C:\Users\Gerry\AppData\Roaming\nvModes.001 2014-02-09 19:17 - 2014-02-09 19:17 - 00000000 ____D () C:\Qoobox 2014-02-09 18:35 - 2009-04-05 23:40 - 00001356 _____ () C:\Users\Gerry\AppData\Local\d3d9caps.dat 2014-02-08 12:23 - 2014-02-08 12:23 - 00000490 _____ () C:\Users\Gerry\Documents - Shortcut.lnk 2014-02-08 12:23 - 2007-05-24 23:23 - 00000000 ____D () C:\Users\Gerry 2014-02-08 09:47 - 2014-02-08 09:47 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-08 09:47 - 2014-02-08 09:47 - 00000000 _____ () C:\Windows\setupact.log 2014-01-31 10:51 - 2007-05-26 00:16 - 00013025 _____ () C:\Users\Gerry\AppData\Roaming\nvModes.dat 2014-01-30 08:57 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-01-29 22:18 - 2014-01-29 21:25 - 00008091 _____ () C:\Windows\system32\RaCoInst.log 2014-01-29 21:28 - 2014-01-29 21:28 - 00000000 ____D () C:\ProgramData\Ralink 2014-01-29 21:27 - 2014-01-29 21:27 - 00001465 _____ () C:\Users\Public\Desktop\Tenda Wireless Utility.lnk 2014-01-29 21:16 - 2014-01-29 21:16 - 00000000 ____D () C:\ProgramData\Tenda Driver 2014-01-29 21:16 - 2014-01-29 21:15 - 00000000 ____D () C:\Program Files\Cisco 2014-01-29 21:15 - 2014-01-29 21:15 - 00000000 ____D () C:\Windows\system32\RaLanguages 2014-01-29 21:15 - 2014-01-29 21:15 - 00000000 ____D () C:\Program Files\Tenda 2014-01-29 21:15 - 2007-05-18 11:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-01-24 14:36 - 2014-01-24 14:36 - 00000000 ____D () C:\Windows\system32\vmm32 2014-01-24 14:36 - 2014-01-24 14:36 - 00000000 ____D () C:\Users\Gerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Accessories 2014-01-24 14:36 - 2007-05-18 11:27 - 00000000 ____D () C:\Program Files\Dell 2014-01-24 13:55 - 2007-06-08 06:06 - 00000000 ____D () C:\Users\Gerry\AppData\Roaming\Corel 2014-01-22 17:52 - 2007-05-18 11:58 - 00059666 _____ () C:\Windows\PFRO.log 2014-01-22 09:36 - 2013-01-21 10:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-22 09:35 - 2011-12-19 09:49 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-22 09:35 - 2011-12-19 09:48 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-20 12:24 - 2014-01-20 12:24 - 01286627 _____ () C:\Users\Gerry\Downloads\Unconfirmed 135194.crdownload 2014-01-18 14:50 - 2011-12-19 09:54 - 00001973 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-18 14:34 - 2007-05-25 20:32 - 00000488 _____ () C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Gerry.job 2014-01-18 10:15 - 2007-05-24 23:28 - 00041472 _____ () C:\Users\Gerry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-18 09:46 - 2014-01-18 09:46 - 00000206 _____ () C:\Users\Gerry\CD Drive - Shortcut.lnk 2014-01-17 11:13 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-01-17 11:11 - 2006-11-02 08:01 - 00032552 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-01-16 03:20 - 2013-07-30 02:08 - 00000000 ____D () C:\Windows\system32\MRT 2014-01-16 03:10 - 2006-11-02 05:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-01-14 14:57 - 2014-01-14 14:54 - 00009743 _____ () C:\Users\Gerry\Downloads\Owner_Statement_Simple.xlsx Some content of TEMP: ==================== C:\Users\Gerry\AppData\Local\Temp\air3742.exe C:\Users\Gerry\AppData\Local\Temp\_is12F8.exe Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-02-2014 01 Ran by Gerry at 2014-02-11 01:35:49 Running from F:\ Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Reader XI (11.0.05) (Version: 11.0.05 - Adobe Systems Incorporated) AOL Install (Version: 1.0.0 - America Online, Inc) AppCore (Version: 1 - Symantec Corporation) Hidden Apple Application Support (Version: 2.3.4 - Apple Inc.) Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.) Apple Software Update (Version: 2.1.3.127 - Apple Inc.) AV (Version: 1 - Symantec Corporation) Hidden Bonjour (Version: 3.0.0.10 - Apple Inc.) ccCommon (Version: 106.1.1.4 - Symantec) Hidden CCleaner (Version: 2.36 - Piriform) Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Conexant HDA D110 MDC V.92 Modem (Version: - ) Corel Paint Shop Pro Photo XI (Version: 11.003.0000 - Corel Inc) Corel Snapfire Plus (Version: 1.003.0000 - Corel) Dell Resource CD (Version: 1.00.0000 - Dell Inc.) Dell Support Center (Support Software) (Version: 2.2.09085 - Dell) Dell System Customization Wizard (Version: 1.00.0000 - Dell Inc.) Dell Wireless WLAN Card (Version: 4.102.15.57 - Dell Inc.) DellSupport (Version: 6.0.3030 - Dell) Digital Line Detect (Version: 1.21 - BVRP Software, Inc) Documentation & Support Launcher (Version: 1.00.0000 - Dell Inc.) EarthLink Setup Files (Version: 2005.2.178.0.2.2 - EarthLink, Inc.) EPSON Artisan 730 Series Printer Uninstall (Version: - SEIKO EPSON Corporation) Epson Connect (Version: - ) Epson Customer Participation (Version: 1.0.0.0 - SEIKO EPSON CORPORATION) Epson Download Navigator (Version: 1.0.1 - SEIKO EPSON CORPORATION) Epson Event Manager (Version: 2.50.0000 - SEIKO EPSON CORPORATION) Epson Print CD (Version: 2.05.00 - SEIKO EPSON CORPORATION) EPSON Scan (Version: - Seiko Epson Corporation) EpsonNet Print (Version: 2.4j - SEIKO EPSON CORPORATION) Games, Music, & Photos Launcher (Version: 1.00.0000 - Dell Inc.) Google Chrome (Version: 32.0.1700.76 - Google Inc.) Google Desktop (Version: 5.9.1005.12335 - Google) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (Version: 7.5.4805.320 - Google Inc.) Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden Internet Service Offers Launcher (Version: 1.00.0000 - Dell Inc.) iTunes (Version: 11.0.4.4 - Apple Inc.) Java Auto Updater (Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden Java 6 Update 24 (Version: 6.0.240 - Oracle) Java 7 Update 5 (Version: 7.0.50 - Oracle) JavaFX 2.1.1 (Version: 2.1.1 - Oracle Corporation) LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.53 - Symantec Corporation) LiveUpdate Notice (Symantec Corporation) (Version: 1.4.5 - Symantec Corporation) LTCM Client (Version: 1.20.3792 - Leader Technologies Inc) MediaDirect (Version: 4.7 - Dell) Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Office 2000 Professional (Version: 9.00.2720 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation) Microsoft Works (Version: 08.05.0818 - Microsoft Corporation) Modem Diagnostic Tool (Version: 1.0.17.8 - Dell) MSRedist (Version: 1.0.0.0 - Symantec Corporation) Hidden MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation) NetWaiting (Version: 2.5.41 - BVRP Software, Inc) Norton AntiVirus (Version: 14.1.0.27 - Symantec Corporation) Hidden Norton Confidential Browser Component (Version: 1.1.0.6 - Symantec Corporation) Hidden Norton Confidential Web Protection Component (Version: 1.1.0.6 - Symantec Corporation) Hidden Norton Internet Security (Symantec Corporation) (Version: 10.1.0.26 - Symantec Corporation) Norton Internet Security (Version: 10.1.0 - Symantec Corp.) Hidden Norton Internet Security (Version: 10.1.0.26 - Symantec Corporation) Hidden Norton Protection Center (Version: 2007.1.2.11 - Symantec Corporation) Hidden NVIDIA Drivers (Version: - ) OutlookAddinSetup (Version: 1.0.0 - CyberLink) Privacy Mantra 2.06 (Version: - ) QuickSet (Version: 7.2.11 - Dell Inc.) QuickTime (Version: 7.71.80.42 - Apple Inc.) Roxio Creator Audio (Version: 3.3.0 - Roxio) Roxio Creator BDAV Plugin (Version: 3.3.0 - Roxio) Roxio Creator Copy (Version: 3.3.0 - Roxio) Roxio Creator Data (Version: 3.3.0 - Roxio) Roxio Creator DE (Version: 3.3.0 - Roxio) Roxio Creator Tools (Version: 3.3.0 - Roxio) Roxio Express Labeler (Version: 2.1.0 - Roxio) Roxio MyDVD DE (Version: 9.0.116 - Roxio, Inc.) Roxio Update Manager (Version: 3.0.0 - Roxio) SigmaTel Audio (Version: 5.10.5102.0 - SigmaTel) Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden SPBBC 32bit (Version: 3.1.1.4 - Symantec Corporation) Hidden Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated) Symantec Real Time Storage Protection Component (Version: 10.1.5.4 - Symantec Corporation) Hidden SymNet (Version: 7.1.0.27 - Symantec Corporation) Hidden Synaptics Pointing Device Driver (Version: 9.0.1.3 - Synaptics) Tenda Wireless LAN Card (Version: 1.5.12.0 - Tenda) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation) URL Assistant (Version: - ) User's Guides (Version: - ) Virtual Account Numbers (Version: 1.0.6.0 - Citi) Hidden Virtual Account Numbers (Version: 3.8.0.0 - Citi) Yahoo! Install Manager (Version: - ) Yahoo! Toolbar (Version: - ) ZipDownloader (Version: - ) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {366DE781-755A-42DA-9156-B151A301B5AC} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation) Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {3CA3ECED-475B-4952-B99F-2DF6451059C4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation) Task: {52986707-4AD9-4B4F-92E2-5AA976545C04} - System32\Tasks\Norton Internet Security - Run Full System Scan - Gerry => C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2006-12-03] (Symantec Corporation) Task: {58587894-2AE1-4EFA-BD81-C90239F6FFE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-19] (Google Inc.) Task: {6AAEB4C3-4D8D-44B7-B530-9F2404DFBCE8} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {6F3AA5D8-741E-4399-9D0D-D876909A331D} - System32\Tasks\Microsoft\Windows\RestartManager\{90424D66-2E1F-48bc-ABCD-7E6740CDAD6B} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation) Task: {BC100217-0A6D-4089-BC6C-8BC604492CE3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12] (Adobe Systems Incorporated) Task: {D3C93726-6116-40D3-9D75-6FFC51DBAB90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-19] (Google Inc.) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] () Task: {FE29F158-3D26-493B-AE86-00CBE16B1766} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Gerry.job => C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe ==================== Loaded Modules (whitelisted) ============= 2007-05-18 11:27 - 2006-11-27 17:55 - 00065536 _____ () C:\Windows\system32\bcmwlrmt.dll 2006-11-08 19:47 - 2006-11-08 19:47 - 00091680 _____ () C:\Program Files\Dell\QuickSet\dadkeyb.dll 2007-05-18 11:27 - 2006-11-27 17:55 - 00065536 _____ () C:\Windows\System32\bcmwlrmt.dll 2013-05-05 06:28 - 2012-12-06 13:38 - 00039424 _____ () C:\Program Files\Virtual Account Numbers\VANRes.dll 2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-01-29 21:27 - 2011-05-04 19:53 - 01058664 _____ () C:\Program Files\Tenda\Common\RaWLAPI.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: Microsoft ISATAP Adapter #11 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Microsoft ISATAP Adapter #18 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Microsoft ISATAP Adapter #12 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Microsoft ISATAP Adapter #26 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Could not start eventlog service, could not read events. The Windows Event Log service is starting. The Windows Event Log service could not be started. A system error has occurred. System error 1747 has occurred. The authentication service is unknown. ==================== Memory info =========================== Percentage of memory in use: 82% Total physical RAM: 1021.71 MB Available physical RAM: 173.75 MB Total Pagefile: 2305.73 MB Available Pagefile: 972.16 MB Total Virtual: 2047.88 MB Available Virtual: 1913.22 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:137 GB) (Free:0.45 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:4.46 GB) NTFS Drive f: () (Removable) (Total:0.12 GB) (Free:0.11 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 58000000) Partition 1: (Not Active) - (Size=55 MB) - (Type=DE) Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS) Partition 3: (Active) - (Size=137 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=2 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 121 MB) (Disk ID: 00000000) Farbar Service Scanner Version: 02-02-2014 Ran by Gerry (administrator) on 11-02-2014 at 01:40:04 Running from "F:\" Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Dnscache Service is not running. Checking service configuration: The start type of Dnscache service is OK. The ImagePath of Dnscache service is OK. The ServiceDll of Dnscache service is OK. Dhcp Service is not running. Checking service configuration: The start type of Dhcp service is OK. The ImagePath of Dhcp service is OK. The ServiceDll of Dhcp service is OK. Connection Status: ============== Attempt to access Local Host IP returned error: Localhost is blocked: Other errors LAN connected. Attempt to access Google IP returned error. Other errors Attempt to access Google.com returned error: Other errors Attempt to access Yahoo.com returned error: Other errors Windows Firewall: ============= MpsSvc Service is not running. Checking service configuration: The start type of MpsSvc service is OK. The ImagePath of MpsSvc service is OK. The ServiceDll of MpsSvc service is OK. Checking LEGACY_MpsSvc: ATTENTION!=====> Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist. Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ Windows Update: ============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is OK. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv service is OK. BITS Service is not running. Checking service configuration: The start type of BITS service is OK. The ImagePath of BITS service is OK. The ServiceDll of BITS service is OK. Checking LEGACY_BITS: ATTENTION!=====> Unable to open LEGACY_BITS\0000 registry key. The key does not exist. Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== Other Services: ============== File Check: ======== C:\Windows\system32\nsisvc.dll => MD5 is legit C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit C:\Windows\system32\dhcpcsvc.dll => MD5 is legit C:\Windows\system32\Drivers\afd.sys => MD5 is legit C:\Windows\system32\Drivers\tdx.sys => MD5 is legit C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit C:\Windows\system32\dnsrslvr.dll => MD5 is legit C:\Windows\system32\mpssvc.dll => MD5 is legit C:\Windows\system32\bfe.dll => MD5 is legit C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit C:\Windows\system32\SDRSVC.dll => MD5 is legit C:\Windows\system32\vssvc.exe => MD5 is legit C:\Windows\system32\wscsvc.dll => MD5 is legit C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\system32\wuaueng.dll => MD5 is legit C:\Windows\system32\qmgr.dll => MD5 is legit C:\Windows\system32\es.dll => MD5 is legit C:\Windows\system32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit **** End of log **** Please, let me know how to proceed. Thank you for your help. Gerry
  15. My Dell Laptop will not connect to the internet via wifi or ethernet cable. My desk top, iphone and smart tv all work okay. I tried using a wireless usb adapter and that didn't work. I'm pretty sure it's not a hardware problem. I even swapped out another motherboard with the same result. All other programs work although my computer takes a long time to boot up and it won't connect to the internet and wifi. When I boot the computer on, It says, "Connection Status Unknown." "Windows could not connect to the event notification service..." Norton Symantic sends me the following message: "Auto-Protect unexpected error - 0x000003E8." It will not system restore. It can not find restore points or they were erased. I'm using my old desktop and haping that I can download diagnostic programs from memory stick to my laptop so that it can resolve the problem. I was able to run a "Hijack This Log" using the memory stick. Please see the attached log. I also have old copies of Combo Fix and TDS Killer. I'm not sure if these can be loaded to a disk and then run thru my DVD drive or flash drive. Logfile of HijackThis v1.99.1 Scan saved at 1:36:15 PM, on 2/10/2014 Platform: Unknown Windows (WinNT 6.00.1906 SP2) MSIE: Internet Explorer v9.00 (9.00.8112.16526) Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Virtual Account Numbers\CitiVAN.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Epson Software\Event Manager\EEventManager.exe C:\Program Files\Virtual Account Numbers\CitiVAN.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\sttray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Tenda\Common\RaUI.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\OBroker.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\ZipDownloader\ZipDownloader.exe C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe F:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://my.yahoo.com/?mkg=015 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Virtual Account Numbers Helper - {17424104-1444-4810-85D7-B4DA413C5A9A} - C:\Program Files\Virtual Account Numbers\CitiVANHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: CitiUS Shared Browser Helper Object - {387EDF53-1CF2-4523-BC2F-13462651BE8C} - C:\Program Files\Virtual Account Numbers\BhoCitUS.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Updater For XFIN_PORTAL - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files\xfin_portal\auxi\comcastAu.dll (file missing) O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Virtual Account Numbers - {7A21A046-B886-4A62-9D69-EF2059B0A27B} - C:\Program Files\Virtual Account Numbers\CitiVANToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [Citi Virtual Account Numbers] C:\PROGRA~1\VIRTUA~1\CitiVAN.exe /lang=en_RG /dontopenmycards O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [LTCM Client] C:\Program Files\LTCM Client\ltcmClient.exe /startup O4 - HKLM\..\Run: [Virtual Account Numbers] C:\PROGRA~1\VIRTUA~1\CitiVAN.exe /lang=en_RG /dontopenmycards O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [ALUAlert] "C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe" "/LOWDISKSPACE C" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [com.codeode.privacymantra] "C:\Program Files\Privacy Mantra 2.06\privacymantra.exe" -minimized O4 - HKCU\..\Run: [EPSON Artisan 730 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHQA.EXE /FU "C:\Users\Gerry\AppData\Local\Temp\E_SE723.tmp" /EF "HKCU" O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: QuickSet.lnk = ? O4 - Global Startup: Tenda Wireless Utility.lnk = C:\Program Files\Tenda\Common\RaUI.exe O10 - Broken Internet access because of LSP chain gap (#2 in chain of 22 missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O11 - Options group: [iNTERNATIONAL] International O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing) O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: RalinkRegistryWriter - Ralink Technology, Corp. - C:\Program Files\Tenda\Common\RaRegistry.exe O23 - Service: RaMediaServer - Unknown owner - C:\Program Files\Tenda\Common\RaMediaServer.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe Any help in resolving this issue is appreciated. I'll await a response and will follow your instructions to the best of my ability.. Thanks closer2u
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.