Jump to content

Reposting for screen317: Problems with laptop


Recommended Posts

(This got deleted a while back when there was a problem with the servers here on the forums. I'm just now getting a chance to repost. User screen317 was assisting me when the thread got deleted. I have sent him a link to this thread.)

We were in the process of ruling out any kind of malware. Suspect I may just need a new computer.

Issues: Slow, Flash player freezing & crashing often, even though I just updated to the newest version, can't install or use some programs like Kaspersky or Spywareblaster, often get the error message that I don't have permissions to access files & folders. Always have a zillion (ok, not a zillion) svchost.exe processes running.

Actions: Have run Norton, Malwarebytes, Ccleaner, nothing of interest found. Have used PC Pitstop to try to find fixes but hasn't helped much.

Turned off my Norton Auto-Protect to run the scan, don't know if it makes a difference or not!

DDS (Ver_2012-10-19.01) - NTFS_x86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.9.2

Run by mom's toy at 12:48:43 on 2012-11-12

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2813.1264 [GMT -7:00]

.

AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe

C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k swprv

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.swagbucks.com/

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vb32&d=1208&m=aspire_5515

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Virtual Account Numbers Helper: {17424104-1444-4810-85D7-B4DA413C5A9A} - c:\program files\virtual account numbers\CitiVANHelper.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360\engine\20.2.0.19\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton 360\engine\20.2.0.19\ips\ipsbho.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - c:\program files\common files\simple adblock\SimpleAdblock.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Virtual Account Numbers: {7A21A046-B886-4A62-9D69-EF2059B0A27B} - c:\program files\virtual account numbers\CitiVANToolbar.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360\engine\20.2.0.19\coieplg.dll

EB: {4A62FAC4-1670-430B-8C6B-9C7B53F51798} - <orphaned>

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/PCMagnum/controls/PCPitstop2.dll

TCP: NameServer = 216.136.95.2 64.163.94.250

TCP: Interfaces\{1D69327A-41BE-45F5-9F83-B01C419E94E5} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{D00B9979-42B9-4910-94EB-250C116767D1} : DHCPNameServer = 216.136.95.2 64.163.94.250

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\mom's toy\appdata\roaming\mozilla\firefox\profiles\ppe7dvih.default-1345356610650\

FF - prefs.js: browser.search.selectedEngine - Swagbucks

FF - prefs.js: browser.startup.homepage - hxxp://www.swagbucks.com/

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\emusic download manager\plugin\npemusic.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1167637.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - ExtSQL: 2012-11-10 10:53; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\coFFPlgn

FF - ExtSQL: !HIDDEN! 2010-06-06 14:08; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1402000.013\symds.sys [2012-10-25 368288]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1402000.013\symefa.sys [2012-10-25 927904]

R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\bashdefs\20121030.002\BHDrvx86.sys [2012-11-5 995488]

R1 ccSet_MCLIENT;Norton Management Settings Manager;c:\windows\system32\drivers\mclient\0302000.013\ccsetx86.sys [2012-10-26 134304]

R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\1402000.013\ccsetx86.sys [2012-10-25 134304]

R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\ipsdefs\20121109.001\IDSvix86.sys [2012-11-9 386720]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1402000.013\ironx86.sys [2012-10-25 175264]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\1402000.013\symtdiv.sys [2012-10-25 350368]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]

R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2008-3-3 16384]

R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2008-12-13 24576]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 KSS;Kaspersky Security Scan Service;"c:\program files\kaspersky lab\kaspersky security scan 2.0\kss.exe" -r --> c:\program files\kaspersky lab\kaspersky security scan 2.0\kss.exe [?]

R2 MCLIENT;Norton Management;c:\program files\norton management\engine\3.2.0.19\ccsvchst.exe [2012-10-26 143928]

R2 N360;Norton 360;c:\program files\norton 360\engine\20.2.0.19\ccsvchst.exe [2012-10-25 143928]

R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-4-25 45056]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-4-25 131072]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-10-8 106656]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-11-11 250808]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-8 115168]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-11-12 05:55:59 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-11-12 05:55:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-11-09 17:36:41 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c6048bc1-7b26-41f4-a880-f038a690d8ae}\mpengine.dll

2012-10-28 02:52:28 -------- d-sh--w- C:\$RECYCLE.BIN

2012-10-28 02:52:20 -------- d-----w- c:\users\mom's toy\appdata\local\temp

2012-10-28 02:25:05 98816 ----a-w- c:\windows\sed.exe

2012-10-28 02:25:05 256000 ----a-w- c:\windows\PEV.exe

2012-10-28 02:25:05 208896 ----a-w- c:\windows\MBR.exe

2012-10-27 06:47:59 96224 ----a-w- c:\program files\mozilla firefox\updated\nssdbm3.dll

2012-10-26 08:31:49 134304 ----a-w- c:\windows\system32\drivers\mclient\0302000.013\ccsetx86.sys

2012-10-26 08:31:45 -------- d-----w- c:\windows\system32\drivers\mclient\0302000.013

2012-10-26 02:01:46 927904 ----a-w- c:\windows\system32\drivers\n360\1402000.013\symefa.sys

2012-10-26 02:01:46 350368 ----a-w- c:\windows\system32\drivers\n360\1402000.013\symtdiv.sys

2012-10-26 02:01:46 338592 ----a-w- c:\windows\system32\drivers\n360\1402000.013\symnets.sys

2012-10-26 02:01:46 21400 ----a-r- c:\windows\system32\drivers\n360\1402000.013\symelam.sys

2012-10-26 02:01:45 586400 ----a-w- c:\windows\system32\drivers\n360\1402000.013\srtsp.sys

2012-10-26 02:01:45 368288 ----a-w- c:\windows\system32\drivers\n360\1402000.013\symds.sys

2012-10-26 02:01:45 32888 ----a-r- c:\windows\system32\drivers\n360\1402000.013\srtspx.sys

2012-10-26 02:01:45 175264 ----a-w- c:\windows\system32\drivers\n360\1402000.013\ironx86.sys

2012-10-26 02:01:45 134304 ----a-w- c:\windows\system32\drivers\n360\1402000.013\ccsetx86.sys

2012-10-26 02:01:22 9103 ----a-w- c:\windows\system32\drivers\n360\1402000.013\symvtcer.dat

2012-10-26 02:01:22 -------- d-----w- c:\windows\system32\drivers\n360\1402000.013

2012-10-20 19:10:06 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-10-19 22:48:14 -------- d-----w- c:\program files\Kaspersky Lab

.

==================== Find3M ====================

.

2012-09-30 01:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-21 04:33:06 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-09-13 13:28:08 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-06 03:52:56 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-09-06 03:52:56 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-29 11:27:41 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-08-29 11:27:41 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-24 15:53:29 172544 ----a-w- c:\windows\system32\wintrust.dll

2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-23 20:48:58 319456 ----a-w- c:\windows\DIFxAPI.dll

2012-08-21 19:01:22 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-08-21 19:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll

2012-08-09 18:20:09 3255248 ----a-w- c:\program files\spywareblastersetup46.exe

.

============= FINISH: 12:49:10.83 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-10-19.01)

.

Microsoft® Windows Vista™ Home Basic

Boot Device: \Device\HarddiskVolume2

Install Date: 12/13/2008 1:01:52 PM

System Uptime: 11/12/2012 9:03:44 AM (3 hours ago)

.

Motherboard: Acer | | Nile

Processor: AMD Athlon Processor 2650e | Socket M2/S1G1 | 1600/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 70 GiB total, 24.817 GiB free.

D: is FIXED (NTFS) - 70 GiB total, 69.155 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP720: 10/26/2012 3:36:00 AM - Scheduled Checkpoint

RP721: 10/28/2012 2:15:57 PM - Scheduled Checkpoint

RP722: 10/30/2012 2:15:17 PM - Windows Update

RP723: 11/3/2012 7:46:24 PM - Windows Update

RP724: 11/9/2012 10:29:16 AM - Windows Update

RP725: 11/10/2012 1:19:45 PM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

3600_Help

Acer Assist

Acer Empowering Technology

Acer eRecovery Management

Acer Registration

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

Adobe Shockwave Player 11.6

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

Auslogics Disk Defrag

Bonjour

BPD_Scan

BPDSoftware

BPDSoftware_Ini

BufferChm

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization Chinese Standard

Catalyst Control Center Localization Chinese Traditional

Catalyst Control Center Localization Czech

Catalyst Control Center Localization Danish

Catalyst Control Center Localization Dutch

Catalyst Control Center Localization Finnish

Catalyst Control Center Localization French

Catalyst Control Center Localization German

Catalyst Control Center Localization Greek

Catalyst Control Center Localization Hungarian

Catalyst Control Center Localization Italian

Catalyst Control Center Localization Japanese

Catalyst Control Center Localization Korean

Catalyst Control Center Localization Norwegian

Catalyst Control Center Localization Polish

Catalyst Control Center Localization Portuguese

Catalyst Control Center Localization Russian

Catalyst Control Center Localization Spanish

Catalyst Control Center Localization Swedish

Catalyst Control Center Localization Thai

Catalyst Control Center Localization Turkish

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Compatibility Pack for the 2007 Office system

CustomerResearchQFolder

Destinations

DeviceManagementQFolder

DocProc

DocProcQFolder

eMusic Download Manager 4.1.4

eSupportQFolder

Fax

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Customer Participation Program 8.0

HP Imaging Device Functions 8.0

HP OCR Software 8.0

HP Officejet J3600 Series

HP Photosmart Essential

HP Product Assistant

HP Smart Web Printing 4.60

HP Solution Center 8.0

HP Update

HPProductAssistant

HPSSupply

InterVideo WinDVD 8

iTunes

J3600

Java 7 Update 9

Java Auto Updater

Kaspersky Security Scan

Launch Manager

LightScribe 1.4.142.1

Malwarebytes Anti-Malware version 1.65.1.1000

MarketResearch

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft IntelliPoint 6.2

Microsoft Office File Validation Add-In

Microsoft Office Professional Edition 2003

Microsoft Office Suite Activation Assistant

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox 16.0.2 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 and SOAP Toolkit 3.0

Norton 360

Norton Management

NTI Backup Now 5

NTI Backup Now Standard

NTI Media Maker 8

OGA Notifier 2.0.0048.0

ProductContext

QuickTime

Realtek 8169 8168 8101E 8102E Ethernet Driver

Realtek High Definition Audio Driver

Rhapsody

Scan

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Simple Adblock

Skins

SmartWebPrinting

SolutionCenter

Status

swMSM

Synaptics Pointing Device Driver

Toolbox

TrayApp

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Virtual Account Numbers

WebReg

World's Best Word Games

Yahoo! Messenger

Yahoo! Software Update

.

==== Event Viewer Messages From Past Week ========

.

11/9/2012 5:07:34 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

11/9/2012 10:11:47 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.

11/8/2012 5:01:45 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ETService service.

11/12/2012 10:31:19 AM, Error: Schannel [36874] - An SSL connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

11/11/2012 11:44:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the KSS service.

11/11/2012 10:53:40 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/11/2012 10:52:06 PM, Error: volmgr [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi superwow_rl,

Let's look for malware again, just to be sure.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.12.07

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

mom's toy :: NIPPERS [administrator]

11/12/2012 1:47:38 PM

mbam-log-2012-11-12 (13-47-38).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 230146

Time elapsed: 10 minute(s), 55 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

At about Stage 30 of ComboFix, Windows popped up saying PEV.exe was not working, & had to be closed. I waited until all 50 stages were done, & I was waiting for the log to pop up, when I finally clicked OK on the Windows box to close the PEV error. I don't know how that affects the scan, but nothing would open until I restarted my computer. Every icon I clicked on, I got an error message saying "Illegal operation, Registry key has been marked for deletion" (or something really similar). I had to restart, & then run DDS.

ComboFix 12-11-12.03 - mom's toy 11/12/2012 17:57:34.3.1 - x86

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2813.1780 [GMT -7:00]

Running from: c:\users\mom's toy\Desktop\ComboFix.exe

AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2012-10-13 to 2012-11-13 )))))))))))))))))))))))))))))))

.

.

2012-11-13 01:09 . 2012-11-13 01:09 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-11-13 01:09 . 2012-11-13 01:09 -------- d-----w- c:\users\mom's toy\AppData\Local\temp

2012-11-13 01:09 . 2012-11-13 01:09 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-11-13 01:09 . 2012-11-13 01:09 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2012-11-12 05:55 . 2012-11-12 05:55 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-11-12 05:55 . 2012-11-12 05:55 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-11-09 17:36 . 2012-10-17 08:32 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C6048BC1-7B26-41F4-A880-F038A690D8AE}\mpengine.dll

2012-10-27 06:47 . 2012-10-13 01:26 2106216 ----a-w- c:\program files\Mozilla Firefox\updated\D3DCompiler_43.dll

2012-10-27 06:47 . 2012-10-13 01:26 1998168 ----a-w- c:\program files\Mozilla Firefox\updated\d3dx9_43.dll

2012-10-27 06:47 . 2012-10-13 01:26 770384 ----a-w- c:\program files\Mozilla Firefox\updated\msvcr100.dll

2012-10-27 06:47 . 2012-10-13 01:26 421200 ----a-w- c:\program files\Mozilla Firefox\updated\msvcp100.dll

2012-10-27 06:47 . 2009-02-24 00:59 7521112 ----a-w- c:\program files\Mozilla Firefox\updated\Firefox Setup 3.0.6.exe

2012-10-27 06:47 . 2012-10-27 06:48 73696 ----a-w- c:\program files\Mozilla Firefox\updated\breakpadinjector.dll

2012-10-27 06:47 . 2012-10-27 06:48 261600 ----a-w- c:\program files\Mozilla Firefox\updated\components\browsercomps.dll

2012-10-27 06:47 . 2012-10-27 06:48 18912 ----a-w- c:\program files\Mozilla Firefox\updated\AccessibleMarshal.dll

2012-10-27 06:47 . 2012-10-27 06:48 116192 ----a-w- c:\program files\Mozilla Firefox\updated\crashreporter.exe

2012-10-26 08:31 . 2012-10-26 08:31 -------- d-----w- c:\windows\system32\drivers\MCLIENT\0302000.013

2012-10-26 02:01 . 2012-10-26 04:59 -------- d-----w- c:\windows\system32\drivers\N360\1402000.013

2012-10-20 19:10 . 2012-09-25 05:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-10-19 22:48 . 2012-10-19 22:48 -------- d-----w- c:\program files\Kaspersky Lab

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-30 01:54 . 2011-06-02 23:58 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-21 04:33 . 2009-10-11 04:23 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-09-13 13:28 . 2012-10-10 05:59 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-06 03:52 . 2012-06-14 20:58 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-09-06 03:52 . 2010-04-19 14:19 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-29 11:27 . 2012-10-10 05:57 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-08-29 11:27 . 2012-10-10 05:57 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-24 15:53 . 2012-10-10 05:59 172544 ----a-w- c:\windows\system32\wintrust.dll

2012-08-24 06:59 . 2012-09-22 00:54 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 06:51 . 2012-09-22 00:54 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 06:51 . 2012-09-22 00:54 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 06:47 . 2012-09-22 00:54 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 06:47 . 2012-09-22 00:54 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 06:43 . 2012-09-22 00:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-23 20:48 . 2008-12-04 12:31 319456 ----a-w- c:\windows\DIFxAPI.dll

2012-08-21 19:01 . 2012-09-15 22:02 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-08-21 19:01 . 2009-10-11 04:23 106928 ----a-w- c:\windows\system32\GEARAspi.dll

2012-08-09 18:20 . 2012-08-09 18:20 3255248 ----a-w- c:\program files\spywareblastersetup46.exe

2012-10-27 17:53 . 2012-08-08 18:29 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Assist Launcher]

2007-11-19 22:17 1261568 ----a-w- c:\program files\Acer\Acer Assist\launcher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2012-08-28 03:32 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]

2008-04-26 05:36 28672 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2006-12-11 03:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]

2007-08-31 19:01 1037736 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2012-09-10 05:30 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

2008-07-23 03:05 846344 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

2008-01-21 20:17 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

2008-02-22 03:50 1037608 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]

2011-03-25 17:18 114176 ----a-w- c:\windows\System32\advpack.dll

.

Contents of the 'Scheduled Tasks' folder

.

2012-11-13 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-12 05:55]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.swagbucks.com/

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vb32&d=1208&m=aspire_5515

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\users\mom's toy\AppData\Roaming\Mozilla\Firefox\Profiles\ppe7dvih.default-1345356610650\

FF - prefs.js: browser.search.selectedEngine - Swagbucks

FF - prefs.js: browser.startup.homepage - hxxp://www.swagbucks.com/

FF - prefs.js: network.proxy.type - 0

FF - ExtSQL: 2012-11-10 10:53; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn

FF - ExtSQL: !HIDDEN! 2010-06-06 14:08; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-11-12 18:10

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

[0] 0x418B2404

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MCLIENT]

"ImagePath"="\"c:\program files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe\" /s \"MCLIENT\" /m \"c:\program files\Norton Management\Engine\3.2.0.19\diMaster.dll\" /prefetch:1"

--

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\N360]

"ImagePath"="\"c:\program files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.2.0.19\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,

7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de

"{7A21A046-B886-4A62-9D69-EF2059B0A27B}"=hex:51,66,7a,6c,4c,1d,38,12,28,a3,32,

7e,b4,f6,0c,0f,e2,7f,ac,60,5c,ee,e6,6f

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,

27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,

eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c

"{D84A64A0-F2B2-4975-B264-3A3BCE8D57D6}"=hex:51,66,7a,6c,4c,1d,38,12,ce,67,59,

dc,80,bc,1b,0c,cd,72,79,7b,cb,d3,13,c2

"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,

06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64

"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,

07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75

"{17424104-1444-4810-85D7-B4DA413C5A9A}"=hex:51,66,7a,6c,4c,1d,38,12,6a,42,51,

13,76,5a,7e,0d,fa,c1,f7,9a,44,62,1e,8e

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,

64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c

"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,

69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18

"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,

ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3

"{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,

ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49

"{D93EC24D-8741-4D41-B83D-A5793B998416}"=hex:51,66,7a,6c,4c,1d,38,12,23,c1,2d,

dd,73,c9,2f,08,c7,2b,e6,39,3e,c7,c0,02

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{E08861FE-8847-4B2A-8EC2-08EDB20E4020}"=hex:51,66,7a,6c,4c,1d,38,12,90,62,9b,

e4,75,c6,44,0e,f1,d4,4b,ad,b7,50,04,34

"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,

f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95

"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,

fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42

"{2E5E800E-6AC0-411E-940A-369530A35E43}"=hex:51,66,7a,6c,4c,1d,38,12,60,83,4d,

2a,f2,24,70,04,eb,1c,75,d5,35,fd,1a,57

"{32004B8A-44A9-43E7-84E9-808838809519}"=hex:51,66,7a,6c,4c,1d,38,12,e4,48,13,

36,9b,0a,89,06,fb,ff,c3,c8,3d,de,d1,0d

"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,

51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:9d,a3,08,fe,4c,ee,cb,01

.

Completion time: 2012-11-12 18:14:35

ComboFix-quarantined-files.txt 2012-11-13 01:14

ComboFix2.txt 2012-10-28 02:52

ComboFix3.txt 2012-08-07 22:20

.

Pre-Run: 26,460,778,496 bytes free

Post-Run: 26,406,305,792 bytes free

.

- - End Of File - - 7D3CFCFBA7EA27266D310B833390A9C5

DDS (Ver_2012-10-19.01) - NTFS_x86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.9.2

Run by mom's toy at 18:22:45 on 2012-11-12

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2813.1723 [GMT -7:00]

.

AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe

C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\Dwm.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.swagbucks.com/

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vb32&d=1208&m=aspire_5515

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Virtual Account Numbers Helper: {17424104-1444-4810-85D7-B4DA413C5A9A} - c:\program files\virtual account numbers\CitiVANHelper.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360\engine\20.2.0.19\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton 360\engine\20.2.0.19\ips\ipsbho.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - c:\program files\common files\simple adblock\SimpleAdblock.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Virtual Account Numbers: {7A21A046-B886-4A62-9D69-EF2059B0A27B} - c:\program files\virtual account numbers\CitiVANToolbar.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360\engine\20.2.0.19\coieplg.dll

EB: {4A62FAC4-1670-430B-8C6B-9C7B53F51798} - <orphaned>

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/PCMagnum/controls/PCPitstop2.dll

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{1D69327A-41BE-45F5-9F83-B01C419E94E5} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{D00B9979-42B9-4910-94EB-250C116767D1} : DHCPNameServer = 216.136.95.2 64.163.94.250

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\mom's toy\appdata\roaming\mozilla\firefox\profiles\ppe7dvih.default-1345356610650\

FF - prefs.js: browser.search.selectedEngine - Swagbucks

FF - prefs.js: browser.startup.homepage - hxxp://www.swagbucks.com/

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\emusic download manager\plugin\npemusic.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1167637.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - ExtSQL: 2012-11-10 10:53; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\coFFPlgn

FF - ExtSQL: !HIDDEN! 2010-06-06 14:08; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1402000.013\symds.sys [2012-10-25 368288]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1402000.013\symefa.sys [2012-10-25 927904]

R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\bashdefs\20121030.002\BHDrvx86.sys [2012-11-5 995488]

R1 ccSet_MCLIENT;Norton Management Settings Manager;c:\windows\system32\drivers\mclient\0302000.013\ccsetx86.sys [2012-10-26 134304]

R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\1402000.013\ccsetx86.sys [2012-10-25 134304]

R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\ipsdefs\20121110.003\IDSvix86.sys [2012-11-12 386720]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1402000.013\ironx86.sys [2012-10-25 175264]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\1402000.013\symtdiv.sys [2012-10-25 350368]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]

R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2008-3-3 16384]

R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2008-12-13 24576]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 KSS;Kaspersky Security Scan Service;"c:\program files\kaspersky lab\kaspersky security scan 2.0\kss.exe" -r --> c:\program files\kaspersky lab\kaspersky security scan 2.0\kss.exe [?]

R2 MCLIENT;Norton Management;c:\program files\norton management\engine\3.2.0.19\ccsvchst.exe [2012-10-26 143928]

R2 N360;Norton 360;c:\program files\norton 360\engine\20.2.0.19\ccsvchst.exe [2012-10-25 143928]

R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-4-25 45056]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-4-25 131072]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-10-8 106656]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-11-11 250808]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-8 115168]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-11-13 01:14:39 -------- d-----w- c:\users\mom's toy\appdata\local\temp

2012-11-13 01:12:03 -------- d-sh--w- C:\$RECYCLE.BIN

2012-11-12 05:55:59 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-11-12 05:55:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-11-09 17:36:41 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c6048bc1-7b26-41f4-a880-f038a690d8ae}\mpengine.dll

2012-10-28 02:25:05 98816 ----a-w- c:\windows\sed.exe

2012-10-28 02:25:05 256000 ----a-w- c:\windows\PEV.exe

2012-10-28 02:25:05 208896 ----a-w- c:\windows\MBR.exe

2012-10-27 06:47:59 96224 ----a-w- c:\program files\mozilla firefox\updated\nssdbm3.dll

2012-10-26 08:31:49 134304 ----a-w- c:\windows\system32\drivers\mclient\0302000.013\ccsetx86.sys

2012-10-26 08:31:45 -------- d-----w- c:\windows\system32\drivers\mclient\0302000.013

2012-10-26 02:01:46 927904 ----a-w- c:\windows\system32\drivers\n360\1402000.013\symefa.sys

2012-10-26 02:01:46 350368 ----a-w- c:\windows\system32\drivers\n360\1402000.013\symtdiv.sys

2012-10-26 02:01:46 338592 ----a-w- c:\windows\system32\drivers\n360\1402000.013\symnets.sys

2012-10-26 02:01:46 21400 ----a-r- c:\windows\system32\drivers\n360\1402000.013\symelam.sys

2012-10-26 02:01:45 586400 ----a-w- c:\windows\system32\drivers\n360\1402000.013\srtsp.sys

2012-10-26 02:01:45 368288 ----a-w- c:\windows\system32\drivers\n360\1402000.013\symds.sys

2012-10-26 02:01:45 32888 ----a-r- c:\windows\system32\drivers\n360\1402000.013\srtspx.sys

2012-10-26 02:01:45 175264 ----a-w- c:\windows\system32\drivers\n360\1402000.013\ironx86.sys

2012-10-26 02:01:45 134304 ----a-w- c:\windows\system32\drivers\n360\1402000.013\ccsetx86.sys

2012-10-26 02:01:22 9103 ----a-w- c:\windows\system32\drivers\n360\1402000.013\symvtcer.dat

2012-10-26 02:01:22 -------- d-----w- c:\windows\system32\drivers\n360\1402000.013

2012-10-20 19:10:06 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-10-19 22:48:14 -------- d-----w- c:\program files\Kaspersky Lab

.

==================== Find3M ====================

.

2012-09-30 01:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-21 04:33:06 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-09-13 13:28:08 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-06 03:52:56 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-09-06 03:52:56 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-29 11:27:41 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-08-29 11:27:41 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-24 15:53:29 172544 ----a-w- c:\windows\system32\wintrust.dll

2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-23 20:48:58 319456 ----a-w- c:\windows\DIFxAPI.dll

2012-08-21 19:01:22 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-08-21 19:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll

2012-08-09 18:20:09 3255248 ----a-w- c:\program files\spywareblastersetup46.exe

.

============= FINISH: 18:24:43.34 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-10-19.01)

.

Microsoft® Windows Vista™ Home Basic

Boot Device: \Device\HarddiskVolume2

Install Date: 12/13/2008 1:01:52 PM

System Uptime: 11/12/2012 6:19:08 PM (0 hours ago)

.

Motherboard: Acer | | Nile

Processor: AMD Athlon Processor 2650e | Socket M2/S1G1 | 1600/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 70 GiB total, 24.677 GiB free.

D: is FIXED (NTFS) - 70 GiB total, 69.155 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

3600_Help

Acer Assist

Acer Empowering Technology

Acer eRecovery Management

Acer Registration

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

Adobe Shockwave Player 11.6

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

Auslogics Disk Defrag

Bonjour

BPD_Scan

BPDSoftware

BPDSoftware_Ini

BufferChm

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization Chinese Standard

Catalyst Control Center Localization Chinese Traditional

Catalyst Control Center Localization Czech

Catalyst Control Center Localization Danish

Catalyst Control Center Localization Dutch

Catalyst Control Center Localization Finnish

Catalyst Control Center Localization French

Catalyst Control Center Localization German

Catalyst Control Center Localization Greek

Catalyst Control Center Localization Hungarian

Catalyst Control Center Localization Italian

Catalyst Control Center Localization Japanese

Catalyst Control Center Localization Korean

Catalyst Control Center Localization Norwegian

Catalyst Control Center Localization Polish

Catalyst Control Center Localization Portuguese

Catalyst Control Center Localization Russian

Catalyst Control Center Localization Spanish

Catalyst Control Center Localization Swedish

Catalyst Control Center Localization Thai

Catalyst Control Center Localization Turkish

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Compatibility Pack for the 2007 Office system

CustomerResearchQFolder

Destinations

DeviceManagementQFolder

DocProc

DocProcQFolder

eMusic Download Manager 4.1.4

eSupportQFolder

Fax

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Customer Participation Program 8.0

HP Imaging Device Functions 8.0

HP OCR Software 8.0

HP Officejet J3600 Series

HP Photosmart Essential

HP Product Assistant

HP Smart Web Printing 4.60

HP Solution Center 8.0

HP Update

HPProductAssistant

HPSSupply

InterVideo WinDVD 8

iTunes

J3600

Java 7 Update 9

Java Auto Updater

Kaspersky Security Scan

Launch Manager

LightScribe 1.4.142.1

Malwarebytes Anti-Malware version 1.65.1.1000

MarketResearch

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft IntelliPoint 6.2

Microsoft Office File Validation Add-In

Microsoft Office Professional Edition 2003

Microsoft Office Suite Activation Assistant

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox 16.0.2 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 and SOAP Toolkit 3.0

Norton 360

Norton Management

NTI Backup Now 5

NTI Backup Now Standard

NTI Media Maker 8

OGA Notifier 2.0.0048.0

ProductContext

QuickTime

Realtek 8169 8168 8101E 8102E Ethernet Driver

Realtek High Definition Audio Driver

Rhapsody

Scan

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Simple Adblock

Skins

SmartWebPrinting

SolutionCenter

Status

swMSM

Synaptics Pointing Device Driver

Toolbox

TrayApp

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Virtual Account Numbers

WebReg

World's Best Word Games

Yahoo! Messenger

Yahoo! Software Update

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi,

Run TFC by OldTimer to clear temporary files:

  • Please download TFC from here and save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Export the threats found (if any), and post them here.

Next, please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

Next, download my Security Check from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

Had trouble with the TDSS....once I clicked OK to reboot, it started to shut down, & eventually got to a black screen, where it stayed. It never finished shutting down or started up again. I had to force it to shut down. When I restarted, TDSS started itself again. I checked the C: drive & 2 logs were there, one from my actually running the program & one from where it was starting up again.

19:20:27.0320 6020 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

19:20:29.0332 6020 ============================================================

19:20:29.0332 6020 Current date / time: 2012/11/14 19:20:29.0332

19:20:29.0332 6020 SystemInfo:

19:20:29.0332 6020

19:20:29.0332 6020 OS Version: 6.0.6002 ServicePack: 2.0

19:20:29.0332 6020 Product type: Workstation

19:20:29.0332 6020 ComputerName: NIPPERS

19:20:29.0332 6020 UserName: mom's toy

19:20:29.0332 6020 Windows directory: C:\Windows

19:20:29.0332 6020 System windows directory: C:\Windows

19:20:29.0332 6020 Processor architecture: Intel x86

19:20:29.0332 6020 Number of processors: 1

19:20:29.0332 6020 Page size: 0x1000

19:20:29.0332 6020 Boot type: Normal boot

19:20:29.0332 6020 ============================================================

19:20:30.0923 6020 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

19:20:30.0923 6020 ============================================================

19:20:30.0923 6020 \Device\Harddisk0\DR0:

19:20:30.0923 6020 MBR partitions:

19:20:30.0923 6020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1402800, BlocksNum 0x8B0C000

19:20:30.0923 6020 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9F0E800, BlocksNum 0x8B0A800

19:20:30.0923 6020 ============================================================

19:20:30.0939 6020 C: <-> \Device\Harddisk0\DR0\Partition1

19:20:30.0986 6020 D: <-> \Device\Harddisk0\DR0\Partition2

19:20:30.0986 6020 ============================================================

19:20:30.0986 6020 Initialize success

19:20:30.0986 6020 ============================================================

19:20:55.0462 4300 ============================================================

19:20:55.0462 4300 Scan started

19:20:55.0462 4300 Mode: Manual;

19:20:55.0462 4300 ============================================================

19:20:56.0024 4300 ================ Scan system memory ========================

19:20:56.0024 4300 System memory - ok

19:20:56.0024 4300 ================ Scan services =============================

19:20:56.0242 4300 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys

19:20:56.0242 4300 ACPI - ok

19:20:56.0367 4300 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

19:20:56.0398 4300 AdobeARMservice - ok

19:20:56.0492 4300 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:20:56.0570 4300 AdobeFlashPlayerUpdateSvc - ok

19:20:56.0617 4300 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

19:20:56.0617 4300 adp94xx - ok

19:20:56.0663 4300 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys

19:20:56.0663 4300 adpahci - ok

19:20:56.0695 4300 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

19:20:56.0710 4300 adpu160m - ok

19:20:56.0726 4300 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

19:20:56.0741 4300 adpu320 - ok

19:20:56.0788 4300 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

19:20:56.0788 4300 AeLookupSvc - ok

19:20:56.0819 4300 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys

19:20:56.0835 4300 AFD - ok

19:20:56.0866 4300 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys

19:20:56.0866 4300 agp440 - ok

19:20:56.0913 4300 [ 4FA58A158C9D3769FF9248675B53D6A7 ] ahcix86s C:\Windows\system32\DRIVERS\ahcix86s.sys

19:20:56.0913 4300 ahcix86s - ok

19:20:56.0944 4300 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys

19:20:56.0944 4300 aic78xx - ok

19:20:56.0975 4300 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe

19:20:56.0975 4300 ALG - ok

19:20:56.0991 4300 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys

19:20:56.0991 4300 aliide - ok

19:20:57.0022 4300 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys

19:20:57.0022 4300 amdagp - ok

19:20:57.0038 4300 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys

19:20:57.0053 4300 amdide - ok

19:20:57.0069 4300 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

19:20:57.0069 4300 AmdK7 - ok

19:20:57.0100 4300 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

19:20:57.0100 4300 AmdK8 - ok

19:20:57.0131 4300 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll

19:20:57.0131 4300 Appinfo - ok

19:20:57.0209 4300 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:20:57.0241 4300 Apple Mobile Device - ok

19:20:57.0287 4300 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys

19:20:57.0303 4300 arc - ok

19:20:57.0334 4300 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys

19:20:57.0350 4300 arcsas - ok

19:20:57.0584 4300 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

19:20:57.0584 4300 aspnet_state - ok

19:20:57.0615 4300 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

19:20:57.0615 4300 AsyncMac - ok

19:20:57.0662 4300 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys

19:20:57.0662 4300 atapi - ok

19:20:57.0709 4300 [ 4604DB6D5ECA6362873CC3A76D2204BA ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe

19:20:57.0709 4300 Ati External Event Utility - ok

19:20:57.0833 4300 [ 47DCF5D78C395159D72C65C25129FC44 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

19:20:57.0927 4300 atikmdag - ok

19:20:57.0958 4300 [ 5A1465AD2E7C1BC39CDA12A355329096 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys

19:20:57.0958 4300 AtiPcie - ok

19:20:57.0989 4300 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

19:20:58.0005 4300 AudioEndpointBuilder - ok

19:20:58.0036 4300 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll

19:20:58.0036 4300 Audiosrv - ok

19:20:58.0099 4300 [ C38077D14ADF896EE1E1DBBCBCF77E14 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys

19:20:58.0114 4300 BCM43XX - ok

19:20:58.0130 4300 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys

19:20:58.0130 4300 Beep - ok

19:20:58.0177 4300 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll

19:20:58.0177 4300 BFE - ok

19:20:58.0395 4300 [ 9DFFCB249663AA3C2ECB67202280054E ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx86.sys

19:20:58.0411 4300 BHDrvx86 - ok

19:20:58.0457 4300 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll

19:20:58.0473 4300 BITS - ok

19:20:58.0504 4300 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

19:20:58.0520 4300 blbdrive - ok

19:20:58.0582 4300 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

19:20:58.0582 4300 Bonjour Service - ok

19:20:58.0629 4300 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys

19:20:58.0629 4300 bowser - ok

19:20:58.0691 4300 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

19:20:58.0691 4300 BrFiltLo - ok

19:20:58.0723 4300 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

19:20:58.0723 4300 BrFiltUp - ok

19:20:58.0754 4300 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll

19:20:58.0769 4300 Browser - ok

19:20:58.0816 4300 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

19:20:58.0816 4300 Brserid - ok

19:20:58.0847 4300 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

19:20:58.0847 4300 BrSerWdm - ok

19:20:58.0879 4300 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

19:20:58.0879 4300 BrUsbMdm - ok

19:20:58.0894 4300 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

19:20:58.0894 4300 BrUsbSer - ok

19:20:58.0925 4300 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

19:20:58.0925 4300 BTHMODEM - ok

19:20:58.0988 4300 [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

19:20:58.0988 4300 BUNAgentSvc - ok

19:20:59.0113 4300 catchme - ok

19:20:59.0175 4300 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_MCLIENT C:\Windows\system32\drivers\MCLIENT\0302000.013\ccSetx86.sys

19:20:59.0175 4300 ccSet_MCLIENT - ok

19:20:59.0269 4300 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360 C:\Windows\system32\drivers\N360\1402000.013\ccSetx86.sys

19:20:59.0269 4300 ccSet_N360 - ok

19:20:59.0315 4300 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

19:20:59.0315 4300 cdfs - ok

19:20:59.0362 4300 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

19:20:59.0362 4300 cdrom - ok

19:20:59.0393 4300 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll

19:20:59.0393 4300 CertPropSvc - ok

19:20:59.0425 4300 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys

19:20:59.0425 4300 circlass - ok

19:20:59.0471 4300 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys

19:20:59.0471 4300 CLFS - ok

19:20:59.0534 4300 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:20:59.0549 4300 clr_optimization_v2.0.50727_32 - ok

19:20:59.0581 4300 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:20:59.0581 4300 clr_optimization_v4.0.30319_32 - ok

19:20:59.0612 4300 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

19:20:59.0612 4300 CmBatt - ok

19:20:59.0643 4300 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys

19:20:59.0643 4300 cmdide - ok

19:20:59.0674 4300 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

19:20:59.0674 4300 Compbatt - ok

19:20:59.0690 4300 COMSysApp - ok

19:20:59.0705 4300 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

19:20:59.0705 4300 crcdisk - ok

19:20:59.0737 4300 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys

19:20:59.0737 4300 Crusoe - ok

19:20:59.0783 4300 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll

19:20:59.0783 4300 CryptSvc - ok

19:20:59.0846 4300 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll

19:20:59.0877 4300 DcomLaunch - ok

19:20:59.0893 4300 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys

19:20:59.0893 4300 DfsC - ok

19:21:00.0002 4300 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe

19:21:00.0049 4300 DFSR - ok

19:21:00.0111 4300 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll

19:21:00.0111 4300 Dhcp - ok

19:21:00.0158 4300 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys

19:21:00.0158 4300 disk - ok

19:21:00.0189 4300 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys

19:21:00.0189 4300 DKbFltr - ok

19:21:00.0220 4300 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll

19:21:00.0220 4300 Dnscache - ok

19:21:00.0267 4300 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll

19:21:00.0267 4300 dot3svc - ok

19:21:00.0329 4300 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

19:21:00.0329 4300 Dot4 - ok

19:21:00.0361 4300 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

19:21:00.0361 4300 Dot4Print - ok

19:21:00.0392 4300 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

19:21:00.0392 4300 dot4usb - ok

19:21:00.0423 4300 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll

19:21:00.0439 4300 DPS - ok

19:21:00.0470 4300 [ 5C918D413F5837E67A85775C9873775E ] DritekPortIO C:\PROGRA~1\LAUNCH~1\DPortIO.sys

19:21:00.0470 4300 DritekPortIO - ok

19:21:00.0517 4300 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

19:21:00.0517 4300 drmkaud - ok

19:21:00.0563 4300 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

19:21:00.0579 4300 DXGKrnl - ok

19:21:00.0610 4300 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

19:21:00.0610 4300 E1G60 - ok

19:21:00.0657 4300 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll

19:21:00.0657 4300 EapHost - ok

19:21:00.0688 4300 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys

19:21:00.0704 4300 Ecache - ok

19:21:00.0782 4300 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

19:21:00.0797 4300 eeCtrl - ok

19:21:00.0829 4300 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys

19:21:00.0844 4300 elxstor - ok

19:21:00.0907 4300 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

19:21:00.0922 4300 EMDMgmt - ok

19:21:00.0953 4300 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

19:21:00.0953 4300 EraserUtilRebootDrv - ok

19:21:00.0985 4300 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys

19:21:00.0985 4300 ErrDev - ok

19:21:01.0047 4300 [ F25247D0E011A643EE60052CE23BE05E ] ETService C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

19:21:01.0047 4300 ETService - ok

19:21:01.0078 4300 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll

19:21:01.0094 4300 EventSystem - ok

19:21:01.0125 4300 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys

19:21:01.0125 4300 exfat - ok

19:21:01.0172 4300 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys

19:21:01.0172 4300 fastfat - ok

19:21:01.0203 4300 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys

19:21:01.0203 4300 fdc - ok

19:21:01.0250 4300 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll

19:21:01.0250 4300 fdPHost - ok

19:21:01.0265 4300 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll

19:21:01.0265 4300 FDResPub - ok

19:21:01.0297 4300 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

19:21:01.0297 4300 FileInfo - ok

19:21:01.0328 4300 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys

19:21:01.0328 4300 Filetrace - ok

19:21:01.0343 4300 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

19:21:01.0343 4300 flpydisk - ok

19:21:01.0390 4300 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

19:21:01.0390 4300 FltMgr - ok

19:21:01.0453 4300 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll

19:21:01.0484 4300 FontCache - ok

19:21:01.0546 4300 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

19:21:01.0546 4300 FontCache3.0.0.0 - ok

19:21:01.0577 4300 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

19:21:01.0577 4300 Fs_Rec - ok

19:21:01.0609 4300 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

19:21:01.0609 4300 gagp30kx - ok

19:21:01.0640 4300 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

19:21:01.0640 4300 GEARAspiWDM - ok

19:21:01.0687 4300 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll

19:21:01.0702 4300 gpsvc - ok

19:21:01.0733 4300 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

19:21:01.0749 4300 HdAudAddService - ok

19:21:01.0796 4300 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

19:21:01.0811 4300 HDAudBus - ok

19:21:01.0827 4300 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys

19:21:01.0843 4300 HidBth - ok

19:21:01.0858 4300 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys

19:21:01.0858 4300 HidIr - ok

19:21:01.0889 4300 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll

19:21:01.0889 4300 hidserv - ok

19:21:01.0921 4300 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

19:21:01.0921 4300 HidUsb - ok

19:21:01.0967 4300 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll

19:21:01.0967 4300 hkmsvc - ok

19:21:01.0999 4300 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

19:21:01.0999 4300 HpCISSs - ok

19:21:02.0108 4300 [ AF81F7BA6A09119006FE041A2F2F3ECE ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

19:21:02.0123 4300 hpqcxs08 - ok

19:21:02.0155 4300 [ 7244F63DB8EA883B3DC8E730C645D073 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

19:21:02.0155 4300 hpqddsvc - ok

19:21:02.0201 4300 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys

19:21:02.0201 4300 HTTP - ok

19:21:02.0248 4300 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys

19:21:02.0248 4300 i2omp - ok

19:21:02.0279 4300 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

19:21:02.0279 4300 i8042prt - ok

19:21:02.0342 4300 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

19:21:02.0342 4300 iaStorV - ok

19:21:02.0404 4300 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:21:02.0420 4300 idsvc - ok

19:21:02.0513 4300 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20121114.001\IDSvix86.sys

19:21:02.0529 4300 IDSVix86 - ok

19:21:02.0545 4300 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

19:21:02.0560 4300 iirsp - ok

19:21:02.0638 4300 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll

19:21:02.0654 4300 IKEEXT - ok

19:21:02.0701 4300 [ 58FF11C95C3681C9250914521CB9F036 ] int15 C:\Windows\system32\drivers\int15.sys

19:21:02.0701 4300 int15 - ok

19:21:02.0841 4300 [ 303129C4432D58DE0A56CF6F25512956 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

19:21:02.0935 4300 IntcAzAudAddService - ok

19:21:02.0950 4300 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys

19:21:02.0950 4300 intelide - ok

19:21:02.0981 4300 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

19:21:02.0981 4300 intelppm - ok

19:21:03.0028 4300 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

19:21:03.0028 4300 IPBusEnum - ok

19:21:03.0059 4300 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:21:03.0059 4300 IpFilterDriver - ok

19:21:03.0106 4300 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

19:21:03.0106 4300 iphlpsvc - ok

19:21:03.0122 4300 IpInIp - ok

19:21:03.0169 4300 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

19:21:03.0169 4300 IPMIDRV - ok

19:21:03.0200 4300 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

19:21:03.0200 4300 IPNAT - ok

19:21:03.0231 4300 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

19:21:03.0231 4300 IRENUM - ok

19:21:03.0278 4300 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys

19:21:03.0278 4300 isapnp - ok

19:21:03.0309 4300 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

19:21:03.0325 4300 iScsiPrt - ok

19:21:03.0356 4300 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

19:21:03.0356 4300 iteatapi - ok

19:21:03.0387 4300 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys

19:21:03.0387 4300 iteraid - ok

19:21:03.0434 4300 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

19:21:03.0434 4300 IviRegMgr - ok

19:21:03.0449 4300 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

19:21:03.0449 4300 kbdclass - ok

19:21:03.0481 4300 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

19:21:03.0481 4300 kbdhid - ok

19:21:03.0527 4300 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe

19:21:03.0527 4300 KeyIso - ok

19:21:03.0574 4300 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

19:21:03.0590 4300 KSecDD - ok

19:21:03.0652 4300 [ E47FFCA0909871AC1BFF0D446FF63CA9 ] KSS C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

19:21:03.0652 4300 Suspicious file (NoAccess): C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe. md5: E47FFCA0909871AC1BFF0D446FF63CA9

19:21:03.0652 4300 KSS ( LockedFile.Multi.Generic ) - warning

19:21:03.0652 4300 KSS - detected LockedFile.Multi.Generic (1)

19:21:03.0699 4300 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll

19:21:03.0715 4300 KtmRm - ok

19:21:03.0777 4300 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll

19:21:03.0777 4300 LanmanServer - ok

19:21:03.0839 4300 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

19:21:03.0839 4300 LanmanWorkstation - ok

19:21:03.0902 4300 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe

19:21:03.0902 4300 LightScribeService - ok

19:21:03.0933 4300 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

19:21:03.0933 4300 lltdio - ok

19:21:03.0964 4300 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

19:21:03.0980 4300 lltdsvc - ok

19:21:03.0995 4300 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

19:21:04.0011 4300 lmhosts - ok

19:21:04.0042 4300 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

19:21:04.0042 4300 LSI_FC - ok

19:21:04.0089 4300 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

19:21:04.0089 4300 LSI_SAS - ok

19:21:04.0105 4300 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

19:21:04.0120 4300 LSI_SCSI - ok

19:21:04.0136 4300 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys

19:21:04.0136 4300 luafv - ok

19:21:04.0229 4300 [ 4A9258B9597A31DB68EC9740F3A8A70B ] MCLIENT C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe

19:21:04.0229 4300 MCLIENT - ok

19:21:04.0261 4300 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys

19:21:04.0261 4300 megasas - ok

19:21:04.0292 4300 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys

19:21:04.0307 4300 MegaSR - ok

19:21:04.0354 4300 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll

19:21:04.0354 4300 MMCSS - ok

19:21:04.0385 4300 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys

19:21:04.0385 4300 Modem - ok

19:21:04.0417 4300 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

19:21:04.0417 4300 monitor - ok

19:21:04.0432 4300 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

19:21:04.0432 4300 mouclass - ok

19:21:04.0463 4300 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

19:21:04.0463 4300 mouhid - ok

19:21:04.0479 4300 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

19:21:04.0479 4300 MountMgr - ok

19:21:04.0526 4300 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

19:21:04.0541 4300 MozillaMaintenance - ok

19:21:04.0573 4300 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys

19:21:04.0573 4300 mpio - ok

19:21:04.0619 4300 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

19:21:04.0619 4300 mpsdrv - ok

19:21:04.0666 4300 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll

19:21:04.0666 4300 MpsSvc - ok

19:21:04.0697 4300 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

19:21:04.0697 4300 Mraid35x - ok

19:21:04.0744 4300 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

19:21:04.0744 4300 MRxDAV - ok

19:21:04.0775 4300 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

19:21:04.0791 4300 mrxsmb - ok

19:21:04.0822 4300 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:21:04.0822 4300 mrxsmb10 - ok

19:21:04.0853 4300 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:21:04.0853 4300 mrxsmb20 - ok

19:21:04.0885 4300 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys

19:21:04.0885 4300 msahci - ok

19:21:04.0916 4300 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys

19:21:04.0916 4300 msdsm - ok

19:21:04.0963 4300 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe

19:21:04.0963 4300 MSDTC - ok

19:21:04.0994 4300 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

19:21:05.0009 4300 Msfs - ok

19:21:05.0025 4300 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

19:21:05.0025 4300 msisadrv - ok

19:21:05.0056 4300 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

19:21:05.0072 4300 MSiSCSI - ok

19:21:05.0087 4300 msiserver - ok

19:21:05.0119 4300 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

19:21:05.0119 4300 MSKSSRV - ok

19:21:05.0150 4300 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

19:21:05.0150 4300 MSPCLOCK - ok

19:21:05.0165 4300 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

19:21:05.0181 4300 MSPQM - ok

19:21:05.0212 4300 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

19:21:05.0228 4300 MsRPC - ok

19:21:05.0243 4300 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

19:21:05.0243 4300 mssmbios - ok

19:21:05.0275 4300 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

19:21:05.0275 4300 MSTEE - ok

19:21:05.0290 4300 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys

19:21:05.0290 4300 Mup - ok

19:21:05.0477 4300 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe

19:21:05.0477 4300 N360 - ok

19:21:05.0540 4300 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll

19:21:05.0540 4300 napagent - ok

19:21:05.0587 4300 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

19:21:05.0602 4300 NativeWifiP - ok

19:21:05.0680 4300 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20121114.008\NAVENG.SYS

19:21:05.0680 4300 NAVENG - ok

19:21:05.0743 4300 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20121114.008\NAVEX15.SYS

19:21:05.0774 4300 NAVEX15 - ok

19:21:05.0821 4300 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys

19:21:05.0836 4300 NDIS - ok

19:21:05.0867 4300 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

19:21:05.0867 4300 NdisTapi - ok

19:21:05.0883 4300 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

19:21:05.0883 4300 Ndisuio - ok

19:21:05.0930 4300 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

19:21:05.0930 4300 NdisWan - ok

19:21:05.0961 4300 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

19:21:05.0961 4300 NDProxy - ok

19:21:05.0992 4300 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

19:21:05.0992 4300 Net Driver HPZ12 - ok

19:21:06.0008 4300 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

19:21:06.0008 4300 NetBIOS - ok

19:21:06.0055 4300 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

19:21:06.0055 4300 netbt - ok

19:21:06.0086 4300 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe

19:21:06.0086 4300 Netlogon - ok

19:21:06.0117 4300 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll

19:21:06.0133 4300 Netman - ok

19:21:06.0164 4300 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:21:06.0179 4300 NetMsmqActivator - ok

19:21:06.0211 4300 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:21:06.0211 4300 NetPipeActivator - ok

19:21:06.0242 4300 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll

19:21:06.0242 4300 netprofm - ok

19:21:06.0257 4300 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:21:06.0257 4300 NetTcpActivator - ok

19:21:06.0273 4300 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:21:06.0273 4300 NetTcpPortSharing - ok

19:21:06.0304 4300 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

19:21:06.0320 4300 nfrd960 - ok

19:21:06.0351 4300 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll

19:21:06.0351 4300 NlaSvc - ok

19:21:06.0398 4300 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys

19:21:06.0398 4300 Npfs - ok

19:21:06.0445 4300 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll

19:21:06.0445 4300 nsi - ok

19:21:06.0476 4300 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

19:21:06.0491 4300 nsiproxy - ok

19:21:06.0554 4300 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

19:21:06.0585 4300 Ntfs - ok

19:21:06.0632 4300 [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

19:21:06.0632 4300 NTIBackupSvc - ok

19:21:06.0647 4300 [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys

19:21:06.0647 4300 NTIDrvr - ok

19:21:06.0694 4300 [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

19:21:06.0694 4300 NTISchedulerSvc - ok

19:21:06.0725 4300 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

19:21:06.0725 4300 ntrigdigi - ok

19:21:06.0772 4300 [ E8717D9B0D1919CADAFD8896A8E23E17 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys

19:21:06.0772 4300 NuidFltr - ok

19:21:06.0788 4300 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys

19:21:06.0788 4300 Null - ok

19:21:06.0819 4300 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys

19:21:06.0835 4300 nvraid - ok

19:21:06.0866 4300 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys

19:21:06.0866 4300 nvstor - ok

19:21:06.0897 4300 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

19:21:06.0897 4300 nv_agp - ok

19:21:06.0913 4300 NwlnkFlt - ok

19:21:06.0928 4300 NwlnkFwd - ok

19:21:06.0959 4300 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

19:21:06.0959 4300 ohci1394 - ok

19:21:07.0037 4300 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:21:07.0037 4300 ose - ok

19:21:07.0100 4300 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll

19:21:07.0100 4300 p2pimsvc - ok

19:21:07.0147 4300 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll

19:21:07.0147 4300 p2psvc - ok

19:21:07.0178 4300 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys

19:21:07.0178 4300 Parport - ok

19:21:07.0225 4300 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

19:21:07.0225 4300 partmgr - ok

19:21:07.0256 4300 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys

19:21:07.0256 4300 Parvdm - ok

19:21:07.0271 4300 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll

19:21:07.0287 4300 PcaSvc - ok

19:21:07.0334 4300 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys

19:21:07.0334 4300 pci - ok

19:21:07.0365 4300 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys

19:21:07.0365 4300 pciide - ok

19:21:07.0396 4300 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

19:21:07.0396 4300 pcmcia - ok

19:21:07.0443 4300 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

19:21:07.0443 4300 PEAUTH - ok

19:21:07.0583 4300 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll

19:21:07.0630 4300 pla - ok

19:21:07.0661 4300 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll

19:21:07.0677 4300 PlugPlay - ok

19:21:07.0708 4300 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

19:21:07.0708 4300 Pml Driver HPZ12 - ok

19:21:07.0755 4300 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

19:21:07.0755 4300 PNRPAutoReg - ok

19:21:07.0802 4300 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll

19:21:07.0802 4300 PNRPsvc - ok

19:21:07.0833 4300 [ 437827D69040C0C2565D47B024ED5372 ] Point32 C:\Windows\system32\DRIVERS\point32k.sys

19:21:07.0849 4300 Point32 - ok

19:21:07.0895 4300 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

19:21:07.0895 4300 PolicyAgent - ok

19:21:07.0942 4300 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

19:21:07.0942 4300 PptpMiniport - ok

19:21:07.0973 4300 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys

19:21:07.0973 4300 Processor - ok

19:21:08.0020 4300 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll

19:21:08.0020 4300 ProfSvc - ok

19:21:08.0051 4300 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe

19:21:08.0051 4300 ProtectedStorage - ok

19:21:08.0098 4300 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys

19:21:08.0098 4300 PSched - ok

19:21:08.0161 4300 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

19:21:08.0176 4300 ql2300 - ok

19:21:08.0207 4300 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

19:21:08.0207 4300 ql40xx - ok

19:21:08.0254 4300 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll

19:21:08.0254 4300 QWAVE - ok

19:21:08.0285 4300 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

19:21:08.0285 4300 QWAVEdrv - ok

19:21:08.0317 4300 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

19:21:08.0317 4300 RasAcd - ok

19:21:08.0332 4300 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll

19:21:08.0332 4300 RasAuto - ok

19:21:08.0363 4300 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

19:21:08.0363 4300 Rasl2tp - ok

19:21:08.0410 4300 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll

19:21:08.0410 4300 RasMan - ok

19:21:08.0441 4300 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

19:21:08.0457 4300 RasPppoe - ok

19:21:08.0488 4300 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

19:21:08.0488 4300 RasSstp - ok

19:21:08.0566 4300 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

19:21:08.0566 4300 rdbss - ok

19:21:08.0597 4300 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

19:21:08.0597 4300 RDPCDD - ok

19:21:08.0660 4300 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

19:21:08.0675 4300 rdpdr - ok

19:21:08.0675 4300 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

19:21:08.0691 4300 RDPENCDD - ok

19:21:08.0738 4300 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

19:21:08.0738 4300 RDPWD - ok

19:21:08.0785 4300 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys

19:21:08.0785 4300 regi - ok

19:21:08.0816 4300 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll

19:21:08.0816 4300 RemoteAccess - ok

19:21:08.0863 4300 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll

19:21:08.0863 4300 RemoteRegistry - ok

19:21:08.0909 4300 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe

19:21:08.0909 4300 RpcLocator - ok

19:21:08.0941 4300 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll

19:21:08.0956 4300 RpcSs - ok

19:21:08.0972 4300 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

19:21:08.0987 4300 rspndr - ok

19:21:09.0019 4300 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys

19:21:09.0034 4300 RTL8169 - ok

19:21:09.0050 4300 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe

19:21:09.0050 4300 SamSs - ok

19:21:09.0081 4300 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

19:21:09.0081 4300 sbp2port - ok

19:21:09.0112 4300 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll

19:21:09.0128 4300 SCardSvr - ok

19:21:09.0175 4300 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll

19:21:09.0206 4300 Schedule - ok

19:21:09.0237 4300 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll

19:21:09.0237 4300 SCPolicySvc - ok

19:21:09.0268 4300 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

19:21:09.0268 4300 SDRSVC - ok

19:21:09.0299 4300 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

19:21:09.0299 4300 secdrv - ok

19:21:09.0346 4300 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll

19:21:09.0346 4300 seclogon - ok

19:21:09.0377 4300 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll

19:21:09.0377 4300 SENS - ok

19:21:09.0409 4300 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys

19:21:09.0409 4300 Serenum - ok

19:21:09.0471 4300 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys

19:21:09.0471 4300 Serial - ok

19:21:09.0518 4300 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys

19:21:09.0518 4300 sermouse - ok

19:21:09.0611 4300 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll

19:21:09.0611 4300 SessionEnv - ok

19:21:09.0674 4300 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

19:21:09.0674 4300 sffdisk - ok

19:21:09.0705 4300 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

19:21:09.0705 4300 sffp_mmc - ok

19:21:09.0721 4300 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

19:21:09.0721 4300 sffp_sd - ok

19:21:09.0752 4300 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

19:21:09.0752 4300 sfloppy - ok

19:21:09.0814 4300 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll

19:21:09.0814 4300 SharedAccess - ok

19:21:09.0877 4300 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

19:21:09.0892 4300 ShellHWDetection - ok

19:21:09.0923 4300 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys

19:21:09.0923 4300 sisagp - ok

19:21:09.0986 4300 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

19:21:09.0986 4300 SiSRaid2 - ok

19:21:10.0001 4300 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

19:21:10.0017 4300 SiSRaid4 - ok

19:21:10.0126 4300 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe

19:21:10.0189 4300 slsvc - ok

19:21:10.0235 4300 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll

19:21:10.0251 4300 SLUINotify - ok

19:21:10.0298 4300 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys

19:21:10.0298 4300 Smb - ok

19:21:10.0345 4300 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

19:21:10.0345 4300 SNMPTRAP - ok

19:21:10.0360 4300 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys

19:21:10.0360 4300 spldr - ok

19:21:10.0407 4300 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe

19:21:10.0407 4300 Spooler - ok

19:21:10.0547 4300 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\Windows\System32\Drivers\N360\1402000.013\SRTSP.SYS

19:21:10.0547 4300 SRTSP - ok

19:21:10.0610 4300 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\Windows\system32\drivers\N360\1402000.013\SRTSPX.SYS

19:21:10.0610 4300 SRTSPX - ok

19:21:10.0657 4300 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys

19:21:10.0657 4300 srv - ok

19:21:10.0703 4300 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

19:21:10.0703 4300 srv2 - ok

19:21:10.0750 4300 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

19:21:10.0750 4300 srvnet - ok

19:21:10.0797 4300 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

19:21:10.0797 4300 SSDPSRV - ok

19:21:10.0813 4300 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll

19:21:10.0828 4300 SstpSvc - ok

19:21:10.0875 4300 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll

19:21:10.0891 4300 stisvc - ok

19:21:10.0922 4300 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

19:21:10.0922 4300 swenum - ok

19:21:10.0969 4300 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll

19:21:10.0969 4300 swprv - ok

19:21:11.0000 4300 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

19:21:11.0000 4300 Symc8xx - ok

19:21:11.0047 4300 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\Windows\system32\drivers\N360\1402000.013\SYMDS.SYS

19:21:11.0062 4300 SymDS - ok

19:21:11.0109 4300 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\Windows\system32\drivers\N360\1402000.013\SYMEFA.SYS

19:21:11.0109 4300 SymEFA - ok

19:21:11.0156 4300 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS

19:21:11.0156 4300 SymEvent - ok

19:21:11.0171 4300 SYMFW - ok

19:21:11.0218 4300 [ 3DAAD401453F5A46CAE076F9D9D1458E ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys

19:21:11.0218 4300 SymIM - ok

19:21:11.0265 4300 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\Windows\system32\drivers\N360\1402000.013\Ironx86.SYS

19:21:11.0265 4300 SymIRON - ok

19:21:11.0281 4300 SYMNDISV - ok

19:21:11.0327 4300 [ 93DE018EC6FBAA9A58FF9F2EB9198092 ] SYMTDIv C:\Windows\System32\Drivers\N360\1402000.013\SYMTDIV.SYS

19:21:11.0327 4300 SYMTDIv - ok

19:21:11.0359 4300 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

19:21:11.0359 4300 Sym_hi - ok

19:21:11.0374 4300 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

19:21:11.0390 4300 Sym_u3 - ok

19:21:11.0421 4300 [ 32E8B307F0E9F72B66B518FD62EAB91E ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

19:21:11.0421 4300 SynTP - ok

19:21:11.0483 4300 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll

19:21:11.0515 4300 SysMain - ok

19:21:11.0546 4300 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll

19:21:11.0561 4300 TabletInputService - ok

19:21:11.0655 4300 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll

19:21:11.0671 4300 TapiSrv - ok

19:21:11.0702 4300 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll

19:21:11.0702 4300 TBS - ok

19:21:11.0764 4300 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

19:21:11.0780 4300 Tcpip - ok

19:21:11.0827 4300 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

19:21:11.0827 4300 Tcpip6 - ok

19:21:11.0873 4300 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

19:21:11.0873 4300 tcpipreg - ok

19:21:11.0905 4300 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

19:21:11.0905 4300 TDPIPE - ok

19:21:11.0936 4300 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

19:21:11.0936 4300 TDTCP - ok

19:21:11.0967 4300 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

19:21:11.0967 4300 tdx - ok

19:21:11.0998 4300 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

19:21:11.0998 4300 TermDD - ok

19:21:12.0029 4300 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll

19:21:12.0061 4300 TermService - ok

19:21:12.0107 4300 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll

19:21:12.0107 4300 Themes - ok

19:21:12.0123 4300 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll

19:21:12.0139 4300 THREADORDER - ok

19:21:12.0170 4300 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll

19:21:12.0170 4300 TrkWks - ok

19:21:12.0232 4300 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

19:21:12.0232 4300 TrustedInstaller - ok

19:21:12.0263 4300 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

19:21:12.0263 4300 tssecsrv - ok

19:21:12.0295 4300 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

19:21:12.0295 4300 tunmp - ok

19:21:12.0326 4300 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

19:21:12.0326 4300 tunnel - ok

19:21:12.0373 4300 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys

19:21:12.0373 4300 uagp35 - ok

19:21:12.0404 4300 [ F763E070843EE2803DE1395002B42938 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys

19:21:12.0404 4300 UBHelper - ok

19:21:12.0435 4300 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

19:21:12.0451 4300 udfs - ok

19:21:12.0482 4300 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

19:21:12.0482 4300 UI0Detect - ok

19:21:12.0513 4300 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

19:21:12.0513 4300 uliagpkx - ok

19:21:12.0544 4300 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys

19:21:12.0544 4300 uliahci - ok

19:21:12.0575 4300 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys

19:21:12.0591 4300 UlSata - ok

19:21:12.0607 4300 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

19:21:12.0622 4300 ulsata2 - ok

19:21:12.0685 4300 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

19:21:12.0685 4300 umbus - ok

19:21:12.0716 4300 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll

19:21:12.0731 4300 upnphost - ok

19:21:12.0763 4300 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys

19:21:12.0778 4300 USBAAPL - ok

19:21:12.0825 4300 [ CC412CF1A6697C82A481AF4E9601A412 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

19:21:12.0825 4300 usbccgp - ok

19:21:12.0856 4300 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys

19:21:12.0856 4300 usbcir - ok

19:21:12.0887 4300 [ 153E8515CB86F8BB5D1A8B478EBF4BB2 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

19:21:12.0887 4300 usbehci - ok

19:21:12.0919 4300 [ E0E4FB937C8501791FBDE57E12C7B20E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

19:21:12.0919 4300 usbhub - ok

19:21:12.0950 4300 [ D457EBD0C3A8B3A3A144355B5EE91CBC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

19:21:12.0950 4300 usbohci - ok

19:21:12.0981 4300 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

19:21:12.0997 4300 usbprint - ok

19:21:13.0028 4300 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

19:21:13.0028 4300 usbscan - ok

19:21:13.0075 4300 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:21:13.0075 4300 USBSTOR - ok

19:21:13.0106 4300 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

19:21:13.0106 4300 usbuhci - ok

19:21:13.0121 4300 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

19:21:13.0137 4300 usbvideo - ok

19:21:13.0168 4300 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll

19:21:13.0168 4300 UxSms - ok

19:21:13.0215 4300 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe

19:21:13.0231 4300 vds - ok

19:21:13.0262 4300 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

19:21:13.0262 4300 vga - ok

19:21:13.0293 4300 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys

19:21:13.0293 4300 VgaSave - ok

19:21:13.0324 4300 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys

19:21:13.0340 4300 viaagp - ok

19:21:13.0355 4300 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys

19:21:13.0355 4300 ViaC7 - ok

19:21:13.0387 4300 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys

19:21:13.0387 4300 viaide - ok

19:21:13.0418 4300 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys

19:21:13.0418 4300 volmgr - ok

19:21:13.0465 4300 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

19:21:13.0465 4300 volmgrx - ok

19:21:13.0496 4300 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys

19:21:13.0496 4300 volsnap - ok

19:21:13.0527 4300 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

19:21:13.0543 4300 vsmraid - ok

19:21:13.0589 4300 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe

19:21:13.0605 4300 VSS - ok

19:21:13.0683 4300 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll

19:21:13.0683 4300 W32Time - ok

19:21:13.0714 4300 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

19:21:13.0730 4300 WacomPen - ok

19:21:13.0745 4300 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

19:21:13.0761 4300 Wanarp - ok

19:21:13.0761 4300 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

19:21:13.0761 4300 Wanarpv6 - ok

19:21:13.0823 4300 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll

19:21:13.0823 4300 wcncsvc - ok

19:21:13.0870 4300 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

19:21:13.0870 4300 WcsPlugInService - ok

19:21:13.0901 4300 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys

19:21:13.0901 4300 Wd - ok

19:21:13.0948 4300 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys

19:21:13.0948 4300 WDC_SAM - ok

19:21:13.0995 4300 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

19:21:13.0995 4300 Wdf01000 - ok

19:21:14.0026 4300 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll

19:21:14.0026 4300 WdiServiceHost - ok

19:21:14.0042 4300 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll

19:21:14.0042 4300 WdiSystemHost - ok

19:21:14.0089 4300 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll

19:21:14.0089 4300 WebClient - ok

19:21:14.0135 4300 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll

19:21:14.0135 4300 Wecsvc - ok

19:21:14.0151 4300 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll

19:21:14.0167 4300 wercplsupport - ok

19:21:14.0213 4300 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll

19:21:14.0213 4300 WerSvc - ok

19:21:14.0291 4300 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

19:21:14.0291 4300 WinDefend - ok

19:21:14.0323 4300 WinHttpAutoProxySvc - ok

19:21:14.0369 4300 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

19:21:14.0385 4300 Winmgmt - ok

19:21:14.0447 4300 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll

19:21:14.0463 4300 WinRM - ok

19:21:14.0525 4300 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll

19:21:14.0557 4300 Wlansvc - ok

19:21:14.0603 4300 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

19:21:14.0603 4300 WmiAcpi - ok

19:21:14.0681 4300 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

19:21:14.0697 4300 wmiApSrv - ok

19:21:14.0775 4300 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

19:21:14.0806 4300 WMPNetworkSvc - ok

19:21:14.0837 4300 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll

19:21:14.0837 4300 WPCSvc - ok

19:21:14.0869 4300 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

19:21:14.0884 4300 WPDBusEnum - ok

19:21:14.0962 4300 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

19:21:14.0978 4300 WPFFontCache_v0400 - ok

19:21:14.0993 4300 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

19:21:14.0993 4300 ws2ifsl - ok

19:21:15.0025 4300 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll

19:21:15.0040 4300 wscsvc - ok

19:21:15.0056 4300 WSearch - ok

19:21:15.0149 4300 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll

19:21:15.0196 4300 wuauserv - ok

19:21:15.0243 4300 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

19:21:15.0243 4300 WUDFRd - ok

19:21:15.0290 4300 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll

19:21:15.0290 4300 wudfsvc - ok

19:21:15.0383 4300 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

19:21:15.0383 4300 YahooAUService - ok

19:21:15.0415 4300 ================ Scan global ===============================

19:21:15.0461 4300 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll

19:21:15.0508 4300 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

19:21:15.0539 4300 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

19:21:15.0586 4300 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe

19:21:15.0586 4300 [Global] - ok

19:21:15.0602 4300 ================ Scan MBR ==================================

19:21:15.0633 4300 [ EF9CDC51B437D322D54016B68F003416 ] \Device\Harddisk0\DR0

19:21:19.0720 4300 \Device\Harddisk0\DR0 - ok

19:21:19.0736 4300 ================ Scan VBR ==================================

19:21:19.0736 4300 [ 63F327A36223D433B39752A6BEED9C0C ] \Device\Harddisk0\DR0\Partition1

19:21:19.0736 4300 \Device\Harddisk0\DR0\Partition1 - ok

19:21:19.0783 4300 [ 4BB58CD61F4BCB8602DA72ADBD346982 ] \Device\Harddisk0\DR0\Partition2

19:21:19.0783 4300 \Device\Harddisk0\DR0\Partition2 - ok

19:21:19.0783 4300 ============================================================

19:21:19.0783 4300 Scan finished

19:21:19.0783 4300 ============================================================

19:21:19.0814 6008 Detected object count: 1

19:21:19.0814 6008 Actual detected object count: 1

19:21:53.0744 6008 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe - copied to quarantine

19:21:53.0744 6008 HKLM\SYSTEM\ControlSet002\services\KSS - will be deleted on reboot

19:21:53.0775 6008 HKLM\SYSTEM\ControlSet004\services\KSS - will be deleted on reboot

19:21:53.0806 6008 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe - will be deleted on reboot

19:21:53.0806 6008 KSS ( LockedFile.Multi.Generic ) - User select action: Delete

19:21:59.0750 6124 Deinitialize success

# AdwCleaner v2.007 - Logfile created 11/14/2012 at 22:39:27

# Updated 06/11/2012 by Xplode

# Operating system : Windows Vista Home Basic Service Pack 2 (32 bits)

# User : mom's toy - NIPPERS

# Boot Mode : Normal

# Running from : C:\Users\mom's toy\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Compete

Key Found : HKCU\Software\AppDataLow\Software\CompeteInc

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FunLink Toolbar

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

Key Found : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

Key Found : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default

File : C:\Users\mom's toy\AppData\Roaming\Mozilla\Firefox\Profiles\5f99k94n.default\prefs.js

[OK] File is clean.

Profile name : default-1345356610650 [Profil par défaut]

File : C:\Users\mom's toy\AppData\Roaming\Mozilla\Firefox\Profiles\ppe7dvih.default-1345356610650\prefs.js

[OK] File is clean.

Profile name : default

File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\q88jkc8f.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [34884 octets] - [18/08/2012 12:07:19]

AdwCleaner[R2].txt - [1337 octets] - [29/08/2012 14:17:18]

AdwCleaner[R3].txt - [1622 octets] - [30/10/2012 17:16:17]

AdwCleaner[R4].txt - [1782 octets] - [14/11/2012 22:39:27]

AdwCleaner[s1].txt - [48618 octets] - [20/08/2012 13:57:22]

########## EOF - C:\AdwCleaner[R4].txt - [1903 octets] ##########

Your link for your Security Check does not work. Please advise. Thank you.

Link to post
Share on other sites

Results of screen317's Security Check version 0.99.54

Windows Vista Service Pack 2 x86 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Disabled!

Norton 360

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.65.1.1000

Java 7 Update 9

Adobe Flash Player 11.5.502.110

Adobe Reader X (10.1.4)

Mozilla Firefox (16.0.2)

````````Process Check: objlist.exe by Laurent````````

Norton ccSvcHst.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 4 % Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

Link to post
Share on other sites

  • Staff

Hi,

My apologies for the delay. I wasn't notified of your reply.

Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstall

This uninstalls all of ComboFix's components.

Delete SecurityCheck.

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number

Reboot. How are things running now?

Link to post
Share on other sites

Overall, I think my computer is running worse. Shutting down in particular often does not work correctly, & I often have to force close the computer. The other day I set my computer down after choosing Shut Down from the menu, & I walked away. I came back later, & it was still on the "Shutting down" screen, but my computer was so hot I'm surprised it wasn't melting all over my floor. I force closed it & left it alone for an hour, & it rebooted normally.

The one thing that has gotten significantly worse is Flash. It crashes multiple times daily now. It used to only crash after playing a Facebook game for a couple of hours or so. Now, anytime I try to load a page that has even a single video on it, Flash player will crash. I even uninstalled it & updated it, but it works worse than ever. It is often consuming more than 1.5 million KB in the Task Manager. It's consuming more memory than ever before.

Despite Flash having its own Firefox plugin, which is supposed to prevent Firefox crashing, I have experienced both freezes AND crashes with Firefox. Actually, I guess it is fair to say that Firefox, although I just updated to version 17, is also working fairly poorly as well. & once Firefox freezes, I notice that if I have a Word or Excel document open, I usually can't use those, either. Same for Task Manager. :( :(

:(

# AdwCleaner v2.007 - Logfile created 11/23/2012 at 21:53:57

# Updated 06/11/2012 by Xplode

# Operating system : Windows Vista Home Basic Service Pack 2 (32 bits)

# User : mom's toy - NIPPERS

# Boot Mode : Normal

# Running from : C:\Users\mom's toy\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Compete

Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FunLink Toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

Key Deleted : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

Key Deleted : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0 (en-US)

Profile name : default

File : C:\Users\mom's toy\AppData\Roaming\Mozilla\Firefox\Profiles\5f99k94n.default\prefs.js

[OK] File is clean.

Profile name : default-1345356610650 [Profil par défaut]

File : C:\Users\mom's toy\AppData\Roaming\Mozilla\Firefox\Profiles\ppe7dvih.default-1345356610650\prefs.js

[OK] File is clean.

Profile name : default

File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\q88jkc8f.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [34884 octets] - [18/08/2012 12:07:19]

AdwCleaner[R2].txt - [1337 octets] - [29/08/2012 14:17:18]

AdwCleaner[R3].txt - [1622 octets] - [30/10/2012 17:16:17]

AdwCleaner[R4].txt - [1972 octets] - [14/11/2012 22:39:27]

AdwCleaner[s1].txt - [48618 octets] - [20/08/2012 13:57:22]

AdwCleaner[s2].txt - [1913 octets] - [23/11/2012 21:53:57]

########## EOF - C:\AdwCleaner[s2].txt - [1973 octets] ##########

Link to post
Share on other sites

  • Staff

Hi,

Okay let's see if we can find the root of the problem.

Next, please run the PCPitstop Full Tests here (NOT the PCMatic scan or any other scan-- do not download any programs; simply register with the box on the left and you will be taken to the Full Tests/Overdrive Test). When the tests are complete, a results page will pop up. Copy and paste the URL of the Results screen and post it here for me.

Link to post
Share on other sites

  • Staff

Hi,

Don't worry about the driver part.

PCPitStop noted several things that you can do to improve the shape your computer is in.

Pay particular attention to these items:

• Delete Temporary Files:

Please download CCleaner and save it to your desktop.

  • Run the CCleaner installer.
  • During installation process, please UNCHECK "Add CCleaner Yahoo! Toolbar".
  • Please do NOT run a scan yet!

Now, open CCleaner:

  • Click the "Windows" tab.
  • Select the following:
    • Check everything under the "Internet Explorer" section.
    • Check everything under the "Windows Explorer" section.
    • Check everything under the "System" section.
    • Check ONLY "Old Prefetch data" under the "Advanced" section.

    [*]Then, click the "Applications" tab:

    • CHECK everything there.

    [*]Next, click the "Options" button in the left pane, then click the "Advanced" button:

    • CHECK : "Only delete files in Windows Temp folders older than 48 hours".

    [*]Next, click the "Cleaner" button in the left pane, then click the "Run Cleaner" button (bottom right), click "OK" at the prompt.

    [*]When done, please exit CCleaner.

CAUTION: Please do NOT use the "Issues" button in the left pane. This is a built-in registry cleaner. If you don’t know how to use it, you may cause irreparable damage to your system.

• Reduce System Restore space (Drive C):

Right click My Computer and click Properties. Select the System Restore tab, and move the slider to 3%. You're pretty much wasting disk space otherwise.

• Defragment Drive C:

Defragmenting is a must. It's one of the large reasons for system slowdowns. I use Defraggler to defragment. It is free to download and you can use it forever. I recommend installing it and defragmenting as soon as possible.

Also take the time to take a look at the other tips PCPitStop reported. I've just highlighted some of the more important ones.

Link to post
Share on other sites

I ran CCleaner.

I don't have a My Computer icon, & I couldn't figure out how else to change the System Restore space, so I can't do anything about that.

It looks like PC Pitstop is saying I have 29% fragmentation on my hard drive, is that right? I have Auslogics, & it says it's only 4% fragmented & doesn't need to be defragmented. I've defragged it anyway.

Other than that, I don't see that it has any other performance recommendations...do you have any others?

Link to post
Share on other sites

  • Staff

Hi,

What you did is fine.

Hi,

Click Start and type in cmd.exe; right-click cmd.exe and click Run as Admin...

In the black box that appears, enter this command exactly as shown:

chkdsk>"%userprofile%\desktop\chkdsk.txt"

Press Enter. When prompted, type Y and press Enter. Upon restart, a disk check will commence. Allow it to finish and note any messages it gives.

-screen317

Link to post
Share on other sites

The type of the file system is NTFS.

Volume label is ACER.

WARNING! F parameter not specified.

Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...

0 percent complete. (0 of 188288 file records processed)

0 percent complete. (3160 of 188288 file records processed)

0 percent complete. (18561 of 188288 file records processed)

1 percent complete. (18829 of 188288 file records processed)

1 percent complete. (24819 of 188288 file records processed)

1 percent complete. (27181 of 188288 file records processed)

2 percent complete. (37658 of 188288 file records processed)

2 percent complete. (49793 of 188288 file records processed)

3 percent complete. (56487 of 188288 file records processed)

4 percent complete. (75316 of 188288 file records processed)

5 percent complete. (94144 of 188288 file records processed)

6 percent complete. (112973 of 188288 file records processed)

7 percent complete. (131802 of 188288 file records processed)

8 percent complete. (150631 of 188288 file records processed)

9 percent complete. (169460 of 188288 file records processed)

188288 file records processed.

File verification completed.

788 large file records processed.

0 bad file records processed.

0 EA records processed.

73 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...

10 percent complete. (7170 of 252526 index entries processed)

11 percent complete. (8160 of 252526 index entries processed)

12 percent complete. (16607 of 252526 index entries processed)

12 percent complete. (24144 of 252526 index entries processed)

13 percent complete. (25054 of 252526 index entries processed)

13 percent complete. (32386 of 252526 index entries processed)

14 percent complete. (33501 of 252526 index entries processed)

15 percent complete. (41948 of 252526 index entries processed)

15 percent complete. (47177 of 252526 index entries processed)

16 percent complete. (50394 of 252526 index entries processed)

17 percent complete. (58841 of 252526 index entries processed)

18 percent complete. (67288 of 252526 index entries processed)

19 percent complete. (75735 of 252526 index entries processed)

20 percent complete. (84182 of 252526 index entries processed)

21 percent complete. (92629 of 252526 index entries processed)

22 percent complete. (101075 of 252526 index entries processed)

23 percent complete. (109522 of 252526 index entries processed)

24 percent complete. (117969 of 252526 index entries processed)

25 percent complete. (126416 of 252526 index entries processed)

26 percent complete. (134863 of 252526 index entries processed)

27 percent complete. (143309 of 252526 index entries processed)

28 percent complete. (151756 of 252526 index entries processed)

29 percent complete. (160203 of 252526 index entries processed)

30 percent complete. (168650 of 252526 index entries processed)

31 percent complete. (177097 of 252526 index entries processed)

32 percent complete. (185544 of 252526 index entries processed)

32 percent complete. (188291 of 252526 index entries processed)

32 percent complete. (188299 of 252526 index entries processed)

32 percent complete. (188530 of 252526 index entries processed)

32 percent complete. (188718 of 252526 index entries processed)

32 percent complete. (189014 of 252526 index entries processed)

32 percent complete. (189015 of 252526 index entries processed)

32 percent complete. (189016 of 252526 index entries processed)

32 percent complete. (189017 of 252526 index entries processed)

32 percent complete. (189020 of 252526 index entries processed)

32 percent complete. (189021 of 252526 index entries processed)

32 percent complete. (189022 of 252526 index entries processed)

32 percent complete. (189023 of 252526 index entries processed)

32 percent complete. (189025 of 252526 index entries processed)

32 percent complete. (189026 of 252526 index entries processed)

32 percent complete. (189029 of 252526 index entries processed)

32 percent complete. (189030 of 252526 index entries processed)

32 percent complete. (189032 of 252526 index entries processed)

32 percent complete. (189033 of 252526 index entries processed)

32 percent complete. (189034 of 252526 index entries processed)

32 percent complete. (189035 of 252526 index entries processed)

32 percent complete. (189602 of 252526 index entries processed)

32 percent complete. (190345 of 252526 index entries processed)

32 percent complete. (190757 of 252526 index entries processed)

32 percent complete. (191103 of 252526 index entries processed)

32 percent complete. (191554 of 252526 index entries processed)

32 percent complete. (191788 of 252526 index entries processed)

32 percent complete. (192222 of 252526 index entries processed)

32 percent complete. (192434 of 252526 index entries processed)

32 percent complete. (192873 of 252526 index entries processed)

32 percent complete. (193158 of 252526 index entries processed)

33 percent complete. (193990 of 252526 index entries processed)

33 percent complete. (194860 of 252526 index entries processed)

33 percent complete. (195208 of 252526 index entries processed)

33 percent complete. (195292 of 252526 index entries processed)

33 percent complete. (195594 of 252526 index entries processed)

33 percent complete. (195765 of 252526 index entries processed)

33 percent complete. (195826 of 252526 index entries processed)

33 percent complete. (196043 of 252526 index entries processed)

33 percent complete. (196265 of 252526 index entries processed)

33 percent complete. (196369 of 252526 index entries processed)

33 percent complete. (196608 of 252526 index entries processed)

33 percent complete. (196692 of 252526 index entries processed)

33 percent complete. (197113 of 252526 index entries processed)

33 percent complete. (198316 of 252526 index entries processed)

33 percent complete. (199059 of 252526 index entries processed)

33 percent complete. (199922 of 252526 index entries processed)

33 percent complete. (200480 of 252526 index entries processed)

33 percent complete. (201234 of 252526 index entries processed)

33 percent complete. (201708 of 252526 index entries processed)

33 percent complete. (201926 of 252526 index entries processed)

33 percent complete. (202191 of 252526 index entries processed)

34 percent complete. (202437 of 252526 index entries processed)

34 percent complete. (202967 of 252526 index entries processed)

34 percent complete. (203227 of 252526 index entries processed)

34 percent complete. (203664 of 252526 index entries processed)

34 percent complete. (204018 of 252526 index entries processed)

34 percent complete. (204387 of 252526 index entries processed)

34 percent complete. (204676 of 252526 index entries processed)

34 percent complete. (205020 of 252526 index entries processed)

34 percent complete. (205447 of 252526 index entries processed)

34 percent complete. (205898 of 252526 index entries processed)

34 percent complete. (206255 of 252526 index entries processed)

34 percent complete. (206331 of 252526 index entries processed)

34 percent complete. (206373 of 252526 index entries processed)

34 percent complete. (206426 of 252526 index entries processed)

34 percent complete. (206463 of 252526 index entries processed)

34 percent complete. (206468 of 252526 index entries processed)

34 percent complete. (206715 of 252526 index entries processed)

34 percent complete. (206952 of 252526 index entries processed)

34 percent complete. (208210 of 252526 index entries processed)

34 percent complete. (208762 of 252526 index entries processed)

34 percent complete. (209587 of 252526 index entries processed)

34 percent complete. (209744 of 252526 index entries processed)

34 percent complete. (209936 of 252526 index entries processed)

34 percent complete. (210281 of 252526 index entries processed)

34 percent complete. (210711 of 252526 index entries processed)

35 percent complete. (210884 of 252526 index entries processed)

35 percent complete. (211386 of 252526 index entries processed)

35 percent complete. (211593 of 252526 index entries processed)

35 percent complete. (212125 of 252526 index entries processed)

35 percent complete. (212866 of 252526 index entries processed)

35 percent complete. (213579 of 252526 index entries processed)

35 percent complete. (213849 of 252526 index entries processed)

35 percent complete. (214414 of 252526 index entries processed)

35 percent complete. (214975 of 252526 index entries processed)

35 percent complete. (215308 of 252526 index entries processed)

35 percent complete. (216211 of 252526 index entries processed)

35 percent complete. (217005 of 252526 index entries processed)

35 percent complete. (217417 of 252526 index entries processed)

35 percent complete. (217617 of 252526 index entries processed)

35 percent complete. (217780 of 252526 index entries processed)

35 percent complete. (218287 of 252526 index entries processed)

35 percent complete. (218627 of 252526 index entries processed)

35 percent complete. (219001 of 252526 index entries processed)

35 percent complete. (219142 of 252526 index entries processed)

36 percent complete. (219331 of 252526 index entries processed)

36 percent complete. (219550 of 252526 index entries processed)

36 percent complete. (219701 of 252526 index entries processed)

36 percent complete. (219935 of 252526 index entries processed)

36 percent complete. (220043 of 252526 index entries processed)

36 percent complete. (220124 of 252526 index entries processed)

36 percent complete. (220210 of 252526 index entries processed)

36 percent complete. (220389 of 252526 index entries processed)

252526 index entries processed.

Index verification completed.

0 unindexed files processed.

CHKDSK is verifying security descriptors (stage 3 of 3)...

39 percent complete. (0 of 188288 descriptors processed)

40 percent complete. (1775 of 188288 descriptors processed)

40 percent complete. (13825 of 188288 descriptors processed)

40 percent complete. (25977 of 188288 descriptors processed)

41 percent complete. (27116 of 188288 descriptors processed)

41 percent complete. (48325 of 188288 descriptors processed)

42 percent complete. (52456 of 188288 descriptors processed)

42 percent complete. (74703 of 188288 descriptors processed)

43 percent complete. (77797 of 188288 descriptors processed)

43 percent complete. (100865 of 188288 descriptors processed)

44 percent complete. (103137 of 188288 descriptors processed)

44 percent complete. (121526 of 188288 descriptors processed)

45 percent complete. (128477 of 188288 descriptors processed)

45 percent complete. (146689 of 188288 descriptors processed)

46 percent complete. (153818 of 188288 descriptors processed)

47 percent complete. (179158 of 188288 descriptors processed)

188288 security descriptors processed.

Security descriptor verification completed.

32120 data files processed.

CHKDSK is verifying Usn Journal...

99 percent complete. (0 of 33573904 USN bytes processed)

99 percent complete. (12677120 of 33573904 USN bytes processed)

99 percent complete. (24473600 of 33573904 USN bytes processed)

100 percent complete. (33570816 of 33573904 USN bytes processed)

33573904 USN bytes processed.

Usn Journal verification completed.

Windows found problems with the file system.

Run CHKDSK with the /F (fix) option to correct these.

72900607 KB total disk space.

48786628 KB in 116064 files.

68588 KB in 32121 indexes.

1024 KB in bad sectors.

299379 KB in use by the system.

65536 KB occupied by the log file.

23744988 KB available on disk.

4096 bytes in each allocation unit.

18225151 total allocation units on disk.

5936247 allocation units available on disk.

Link to post
Share on other sites

  • Staff

My suspicions appear to be correct. The hard drive is showing signs of corruption. We can try to run the repair command, but generally the hard drive's health will continue to decline.

Click Start and type in cmd.exe; right-click cmd.exe and click Run as Admin...

In the black box that appears, enter this command exactly as shown:

chkdsk /r

Press Enter. When prompted, type Y and press Enter. Upon restart, a disk check will commence. Allow it to finish and note any messages it gives.

-screen317

Link to post
Share on other sites

Hi! I ran the chkdsk/r & went to lunch. I did some Google work & found where to get the log info. Hope this is helpful.

Log Name: Application

Source: Microsoft-Windows-Wininit

Date: 12/8/2012 2:03:15 PM

Event ID: 1001

Task Category: None

Level: Information

Keywords: Classic

User: N/A

Computer: nippers

Description:

Checking file system on C:

The type of the file system is NTFS.

Volume label is ACER.

A disk check has been scheduled.

Windows will now check the disk.

Cleaning up instance tags for file 0x2b9fa.

188288 file records processed.

787 large file records processed.

0 bad file records processed.

0 EA records processed.

73 reparse records processed.

252814 index entries processed.

0 unindexed files processed.

188288 security descriptors processed.

Cleaning up 265 unused index entries from index $SII of file 0x9.

Cleaning up 265 unused index entries from index $SDH of file 0x9.

Cleaning up 265 unused security descriptors.

32264 data files processed.

CHKDSK is verifying Usn Journal...

36070472 USN bytes processed.

Usn Journal verification completed.

CHKDSK is verifying file data (stage 4 of 5)...

188272 files processed.

File data verification completed.

CHKDSK is verifying free space (stage 5 of 5)...

5714873 free clusters processed.

Free space verification is complete.

Windows has made corrections to the file system.

72900607 KB total disk space.

49670144 KB in 121873 files.

68520 KB in 32265 indexes.

1024 KB in bad sectors.

301423 KB in use by the system.

65536 KB occupied by the log file.

22859496 KB available on disk.

4096 bytes in each allocation unit.

18225151 total allocation units on disk.

5714874 allocation units available on disk.

Internal Info:

80 df 02 00 24 5a 02 00 4c fd 03 00 00 00 00 00 ....$Z..L.......

54 06 00 00 49 00 00 00 00 00 00 00 00 00 00 00 T...I...........

42 00 00 00 a2 73 53 77 a8 ec 13 00 a8 e4 13 00 B....sSw........

Windows has finished checking your disk.

Please wait while your computer restarts.

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

<System>

<Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />

<EventID Qualifiers="16384">1001</EventID>

<Version>0</Version>

<Level>4</Level>

<Task>0</Task>

<Opcode>0</Opcode>

<Keywords>0x80000000000000</Keywords>

<TimeCreated SystemTime="2012-12-08T21:03:15.000Z" />

<EventRecordID>50554</EventRecordID>

<Correlation />

<Execution ProcessID="0" ThreadID="0" />

<Channel>Application</Channel>

<Computer>nippers</Computer>

<Security />

</System>

<EventData>

<Data>

Checking file system on C:

The type of the file system is NTFS.

Volume label is ACER.

A disk check has been scheduled.

Windows will now check the disk.

Cleaning up instance tags for file 0x2b9fa.

188288 file records processed.

787 large file records processed.

0 bad file records processed.

0 EA records processed.

73 reparse records processed.

252814 index entries processed.

0 unindexed files processed.

188288 security descriptors processed.

Cleaning up 265 unused index entries from index $SII of file 0x9.

Cleaning up 265 unused index entries from index $SDH of file 0x9.

Cleaning up 265 unused security descriptors.

32264 data files processed.

CHKDSK is verifying Usn Journal...

36070472 USN bytes processed.

Usn Journal verification completed.

CHKDSK is verifying file data (stage 4 of 5)...

188272 files processed.

File data verification completed.

CHKDSK is verifying free space (stage 5 of 5)...

5714873 free clusters processed.

Free space verification is complete.

Windows has made corrections to the file system.

72900607 KB total disk space.

49670144 KB in 121873 files.

68520 KB in 32265 indexes.

1024 KB in bad sectors.

301423 KB in use by the system.

65536 KB occupied by the log file.

22859496 KB available on disk.

4096 bytes in each allocation unit.

18225151 total allocation units on disk.

5714874 allocation units available on disk.

Internal Info:

80 df 02 00 24 5a 02 00 4c fd 03 00 00 00 00 00 ....$Z..L.......

54 06 00 00 49 00 00 00 00 00 00 00 00 00 00 00 T...I...........

42 00 00 00 a2 73 53 77 a8 ec 13 00 a8 e4 13 00 B....sSw........

Windows has finished checking your disk.

Please wait while your computer restarts.

</Data>

</EventData>

</Event>

Link to post
Share on other sites

Did the chkdsk actually repair anything, can you tell? It doesn't seem like it on my end, unfortunately.

It's running the same. Flash & Firefox are still consuming tons of memory, Itunes doesn't work, I have shortcuts that don't go anywhere, programs I can't uninstall, & just yesterday it wouldn't shut down again. I had to force it to shut down after about 20 minutes. That really stinks that the repair function didn't help at all. :(

Link to post
Share on other sites

  • Staff

Hi,

It said it fixed some things, though it leaves out specific details. It looks as though it was not able to fix everything.

At this point I suggest backing up your data, formatting the hard drive, and reinstalling Windows. Since the health of the hard drive is deteriorating though, I suggest getting a new hard drive to begin with.

Please let me know if you have any additional questions.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.