Ms_E Posted October 15, 2012 ID:607189 Share Posted October 15, 2012 DDS (Ver_2012-10-14.05) - NTFS_AMD64Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2Run by RAC at 13:16:17 on 2012-10-14Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1787.916 [GMT -5:00].AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}.============== Running Processes ===============.C:\windows\system32\wininit.exeC:\windows\system32\lsm.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\windows\system32\atiesrxx.exeC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k LocalServiceC:\windows\system32\atieclxx.exeC:\windows\system32\svchost.exe -k NetworkServiceC:\windows\system32\Dwm.exeC:\windows\Explorer.EXEC:\windows\System32\spoolsv.exeC:\windows\system32\svchost.exe -k LocalServiceNoNetworkC:\windows\system32\taskhost.exeC:\windows\SysWOW64\svchost.exe -k AkamaiC:\Program Files\DebugDiag\DbgSvc.exeC:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exeC:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exeC:\windows\system32\svchost.exe -k imgsvcC:\Windows\system32\TODDSrv.exeC:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exeC:\windows\system32\SearchIndexer.exeC:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exeC:\windows\system32\dllhost.exec:\Program Files\Microsoft Security Client\NisSrv.exeC:\windows\System32\msdtc.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\TOSHIBA\Power Saver\TPwrMain.exeC:\Program Files\TOSHIBA\SmoothView\SmoothView.exeC:\Program Files\TOSHIBA\FlashCards\TCrdMain.exeC:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exeC:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Users\RAC\AppData\Local\Akamai\netsession_win.exeC:\Users\RAC\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\OpenOffice.org 3\program\soffice.exeC:\Program Files (x86)\OpenOffice.org 3\program\soffice.binC:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exeC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exeC:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exeC:\windows\system32\svchost.exe -k SDRSVCC:\windows\System32\svchost.exe -k LocalServicePeerNetC:\windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exeC:\windows\system32\SearchProtocolHost.exeC:\windows\system32\SearchFilterHost.exeC:\windows\system32\conhost.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNAuDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNAmStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNAmDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNAuProxyOverride = 127.0.0.1:9421;<local>mWinlogon: Userinit = userinit.exe,BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dlluRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"uRun: [ctfmon.exe] C:\windows\System32\ctfmon.exeuRun: [Akamai NetSession Interface] "C:\Users\RAC\AppData\Local\Akamai\netsession_win.exe"uRun: [speech Recognition] "C:\windows\Speech\Common\sapisvr.exe" -SpeechUX -StartupmRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDEDmRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exemRun: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exemRun: [AT&T Communication Manager] "C:\Program Files (x86)\AT&T\Communication Manager\ATTCM.exe" -amRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"StartupFolder: C:\Users\RAC\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exeuPolicies-Explorer: HideSCAHealth = dword:1mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 192.168.2.1TCP: Interfaces\{04F984FB-0A00-407E-9DDC-0DC4C93E85A6} : DHCPNameServer = 192.168.2.1TCP: Interfaces\{04F984FB-0A00-407E-9DDC-0DC4C93E85A6}\D43727964716D27657563747 : DHCPNameServer = 97.64.183.164 97.64.209.37SSODL: WebCheck - <orphaned>x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /tx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXEx64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exex64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exex64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exex64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exex64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exex64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exex64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\disynu2c.default\FF - prefs.js: network.proxy.type - 0FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dllFF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dllFF - plugin: C:\windows\SysWOW64\npdeployJava1.dllFF - plugin: C:\windows\SysWOW64\npmproxy.dll.---- FIREFOX POLICIES ----FF - user.js: network.cookie.cookieBehavior - 0FF - user.js: privacy.clearOnShutdown.cookies - falseFF - user.js: security.warn_viewing_mixed - falseFF - user.js: security.warn_viewing_mixed.show_once - falseFF - user.js: security.warn_submit_insecure - falseFF - user.js: security.warn_submit_insecure.show_once - false.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-30 228768]R1 acedrv09;acedrv09;C:\windows\System32\drivers\acedrv09.sys [2012-9-25 134880]R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\System32\drivers\vwififlt.sys [2009-7-13 59904]R2 Akamai;Akamai NetSession Interface;C:\windows\System32\svchost.exe -k Akamai [2009-7-13 27136]R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-4-13 202752]R2 DbgSvc;Debug Diagnostic Service;C:\Program Files\DebugDiag\DbgSvc.exe [2011-7-12 451848]R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2010-10-24 128456]R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [2012-10-12 131512]R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2011-4-13 126392]R3 amdkmdag;amdkmdag;C:\windows\System32\drivers\atipmdag.sys [2011-4-13 6403072]R3 amdkmdap;amdkmdap;C:\windows\System32\drivers\atikmpag.sys [2011-4-13 188928]R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-4-13 9216]R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-3-4 75816]R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-4-13 51512]R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-14 135664]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-25 250808]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-14 135664]S3 mbamchameleon;mbamchameleon;C:\windows\System32\drivers\mbamchameleon.sys [2012-10-12 36680]S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-13 113120]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-4-13 232992]S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-4-20 1255736].=============== Created Last 30 ================.2012-10-13 17:42:56 -------- d-----w- C:\symcache2012-10-13 17:33:05 -------- d-----w- C:\Program Files\DebugDiag2012-10-13 15:58:07 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3D67B86-327A-4158-A01D-30E180D4B6B8}\offreg.dll2012-10-13 15:30:48 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3D67B86-327A-4158-A01D-30E180D4B6B8}\mpengine.dll2012-10-13 04:54:27 -------- d-----w- C:\Users\RAC\AppData\Local\Chromium2012-10-13 03:16:23 -------- d-----w- C:\Program Files (x86)\PC Checkup2012-10-12 18:38:03 -------- d-----w- C:\Users\RAC\AppData\Roaming\Malwarebytes2012-10-12 18:37:48 -------- d-----w- C:\ProgramData\Malwarebytes2012-10-12 18:37:45 25928 ----a-w- C:\windows\System32\drivers\mbam.sys2012-10-12 18:37:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-10-12 18:37:29 36680 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys2012-10-12 13:15:55 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-10-08 20:56:11 10220472 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe2012-10-05 16:20:38 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{85E46D21-9B6E-46B2-A3B7-E91058F1F2DD}\gapaengine.dll2012-09-25 23:48:49 134880 ----a-w- C:\windows\System32\drivers\acedrv09.sys2012-09-25 23:48:48 89312 ----a-w- C:\windows\SysWow64\acedrv09.dll2012-09-25 23:11:59 -------- d-----w- C:\Users\RAC\AppData\Roaming\McGraw-HillLicensing2012-09-24 13:59:07 95208 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll.==================== Find3M ====================.2012-10-08 20:56:34 73656 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-10-08 20:56:34 696760 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe2012-09-24 13:58:53 821736 ----a-w- C:\windows\SysWow64\npdeployJava1.dll2012-09-24 13:58:52 746984 ----a-w- C:\windows\SysWow64\deployJava1.dll2012-09-14 19:19:29 2048 ----a-w- C:\windows\System32\tzres.dll2012-09-14 18:28:53 2048 ----a-w- C:\windows\SysWow64\tzres.dll2012-08-31 03:03:48 228768 ----a-w- C:\windows\System32\drivers\MpFilter.sys2012-08-31 03:03:48 128456 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys2012-08-30 18:03:45 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe2012-08-30 17:12:02 3968880 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe2012-08-30 17:12:02 3914096 ----a-w- C:\windows\SysWow64\ntoskrnl.exe2012-08-24 18:05:07 220160 ----a-w- C:\windows\System32\wintrust.dll2012-08-24 16:57:48 172544 ----a-w- C:\windows\SysWow64\wintrust.dll2012-08-24 10:31:32 2312704 ----a-w- C:\windows\System32\jscript9.dll2012-08-24 10:21:18 1392128 ----a-w- C:\windows\System32\wininet.dll2012-08-24 10:20:11 1494528 ----a-w- C:\windows\System32\inetcpl.cpl2012-08-24 10:14:45 173056 ----a-w- C:\windows\System32\ieUnatt.exe2012-08-24 10:13:29 599040 ----a-w- C:\windows\System32\vbscript.dll2012-08-24 10:09:42 2382848 ----a-w- C:\windows\System32\mshtml.tlb2012-08-24 06:59:17 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll2012-08-24 06:51:27 1129472 ----a-w- C:\windows\SysWow64\wininet.dll2012-08-24 06:51:02 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl2012-08-24 06:47:26 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe2012-08-24 06:47:12 420864 ----a-w- C:\windows\SysWow64\vbscript.dll2012-08-24 06:43:58 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb2012-08-22 18:12:50 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys2012-08-22 18:12:40 376688 ----a-w- C:\windows\System32\drivers\netio.sys2012-08-22 18:12:33 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS2012-08-11 00:56:03 715776 ----a-w- C:\windows\System32\kerberos.dll2012-08-10 23:56:14 542208 ----a-w- C:\windows\SysWow64\kerberos.dll2012-07-18 18:15:06 3148800 ----a-w- C:\windows\System32\win32k.sys.============= FINISH: 13:16:57.55 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-10-14.05).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 4/13/2011 5:04:25 PMSystem Uptime: 10/14/2012 3:35:28 AM (10 hours ago).Motherboard: TOSHIBA | | Portable PCProcessor: AMD V120 Processor | Socket S1G4 | 2200/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 288 GiB total, 233.777 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP247: 10/5/2012 11:14:46 AM - Windows UpdateRP248: 10/8/2012 3:50:57 PM - Windows UpdateRP249: 10/10/2012 12:27:32 PM - Windows UpdateRP250: 10/13/2012 10:17:36 AM - Windows UpdateRP251: 10/13/2012 12:30:32 PM - Installed Debug Diagnostics 1.2RP252: 10/14/2012 3:00:15 AM - Windows Update.==== Installed Programs ======================.µTorrentAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader 9.5.1Akamai NetSession InterfaceAkamai NetSession Interface ServiceAmazon LinksAmazon MP3 Downloader 1.0.12AT&T Communication ManagerAtheros Communications Inc.® AR81Family Gigabit/Fast Ethernet DriverAtheros Driver Installation ProgramATI Catalyst Install ManagerAudacity 1.2.6Audacity 1.3.14 (Unicode)Avi to Dvd Free Converter v5.7.0.191Bejeweled 2 DeluxeBlackBerry Desktop Software 6.1Catalyst Control Center - BrandingCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Graphics Previews CommonCatalyst Control Center Graphics Previews VistaCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-core-staticccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishChuzzle DeluxeCognitive TutorCompatibility Pack for the 2007 Office systemConexant HD AudioCoupon Printer for WindowsDebug Diagnostics 1.2Dell Driver Download ManagerEscape Rosecliff IslandFATE - The Traitor SoulFreeStar Free AMR MP3 Converter 1.0.7Google Toolbar for Internet ExplorerGoogle Update HelperInstallIQ UpdaterJava 7 Update 7Java Auto UpdaterJewel Quest 3Junk Mail filter updateK-Lite Mega Codec Pack 7.1.0Label@Once 1.0Malwarebytes Anti-Malware version 1.65.0.1400Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Choice GuardMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Home and Student 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office PowerPoint Viewer 2007 (English)Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Suite Activation AssistantMicrosoft Office Word MUI (English) 2007Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft WorksMozilla Firefox 14.0.1 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)NirSoft BlueScreenViewNorton PC CheckupOpenOffice.org 3.3Penguins!PhotoScapePlayReady PC Runtime amd64Polar BowlerQuickbooks Financial CenterRealtek USB 2.0 Card ReaderSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596672) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596754) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596856) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597162) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687314) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687441) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2687315) 32-Bit EditionSkype LauncherSynaptics Pointing Device DriverTOSHIBA Application InstallerTOSHIBA AssistTOSHIBA Bulletin BoardTOSHIBA Disc CreatorTOSHIBA Hardware SetupTOSHIBA HDD/SSD AlertToshiba Laptop CheckupTOSHIBA Media ControllerTOSHIBA Media Controller Plug-inToshiba Online BackupTOSHIBA Quality ApplicationTOSHIBA Recovery Media CreatorTOSHIBA ReelTimeTOSHIBA Service StationTOSHIBA Supervisor PasswordTOSHIBA Value Added PackageToshibaRegistrationUpdate for 2007 Microsoft Office System (KB967642)Update Installer for WildTangent Games AppVirtual FamiliesVirtual Villagers - The Secret CityWildTangent GamesWildTangent Games App (Toshiba Games)Windows Live CallWindows Live Communications PlatformWindows Live EssentialsWindows Live MailWindows Live MessengerWindows Live Movie MakerWindows Live Photo GalleryWindows Live Sign-in AssistantWindows Live SyncWindows Live Upload ToolWindows Live WriterXvid MPEG-4 Video CodecZuma's Revenge.==== Event Viewer Messages From Past Week ========.10/14/2012 3:36:00 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00a1c5000, 0x0000000000000000, 0xfffff880019b2c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101412-25396-01.10/14/2012 2:04:37 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a0102b7000, 0x0000000000000000, 0xfffff88001844c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101412-16255-01.10/14/2012 1:13:20 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-214099353510/14/2012 1:13:20 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-214099353510/14/2012 1:13:20 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.10/13/2012 12:52:39 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00d728000, 0x0000000000000000, 0xfffff88003a42c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101312-27892-01.10/13/2012 12:16:12 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a009d4c000, 0x0000000000000000, 0xfffff88001982c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101312-24788-01.10/12/2012 8:58:34 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00c84f000, 0x0000000000000000, 0xfffff880011d0c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-15475-01.10/12/2012 8:16:22 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a0018f8000, 0x0000000000000000, 0xfffff880011c8c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-15849-01.10/12/2012 7:48:10 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a0103af000, 0x0000000000000000, 0xfffff88001076c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-18267-01.10/12/2012 7:44:36 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.10/12/2012 7:31:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}10/12/2012 7:31:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}10/12/2012 7:31:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}10/12/2012 7:31:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}10/12/2012 7:31:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}10/12/2012 7:31:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}10/12/2012 7:30:55 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00eece000, 0x0000000000000000, 0xfffff88001861c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-21528-01.10/12/2012 7:30:53 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: acedrv09 AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.10/12/2012 6:54:23 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00d94f000, 0x0000000000000000, 0xfffff8800189fc02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-19406-01.10/12/2012 6:27:53 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00d591000, 0x0000000000000000, 0xfffff88001811c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-30342-01.10/12/2012 4:48:49 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00eb5c000, 0x0000000000000000, 0xfffff880010c0c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-15724-01.10/12/2012 4:05:34 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00b526000, 0x0000000000000000, 0xfffff880019b8c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-16395-01.10/11/2012 6:24:29 AM, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.10/11/2012 6:05:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.10/11/2012 2:19:47 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: After starting, the service hung in a start-pending state.10/11/2012 2:19:44 PM, Error: Service Control Manager [7022] - The Peer Name Resolution Protocol service hung on starting..==== End Of File =========================== Link to post Share on other sites More sharing options...
Staff screen317 Posted October 17, 2012 Staff ID:608220 Share Posted October 17, 2012 Hi and welcome to Malwarebytes.Does the BSoD occur during the scanning of a particular file? How about during a Quick Scan? What about a Full Scan in Safe Mode? Link to post Share on other sites More sharing options...
Ms_E Posted October 18, 2012 Author ID:608409 Share Posted October 18, 2012 Hello MBAM Sentinel,I'm unsure of the particular file that sets it off--as it happens so quickly and re-boots. The Quick Scan works without giving the BSOD, and I've also been able to do a Full Scan in Safe Mode. Link to post Share on other sites More sharing options...
Staff screen317 Posted October 18, 2012 Staff ID:608544 Share Posted October 18, 2012 Great, thank you. That'll help narrow down where the problem is.Let's see what the blue screen said exactly:'Download BlueScreenView and save it to your Desktop.Double click on BlueScreenView.exe file to run the program.When it finishes scanning, click Edit --> Select All.Click File --> Save Selected ItemsSave the report as BSOD.txt to your Desktop.Post the contents of BSOD.txtin your next reply.Generally, if a Full Scan works in Safe Mode but not Normal Mode, then a program running at startup is generally to blame. Often, this is security software. Have you ever set exclusions between Norton and MBAM before? Link to post Share on other sites More sharing options...
Staff screen317 Posted November 28, 2012 Staff ID:617874 Share Posted November 28, 2012 Are you still with us? This topic will be closed in a few days if we do not hear back from you. Link to post Share on other sites More sharing options...
Staff screen317 Posted December 19, 2012 Staff ID:624822 Share Posted December 19, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts