Go Back   WorldStart Tech & Computer Help Forums > PC Ask and Answer Questions

Reply
 
Thread Tools Display Modes
  #1  
Old 03-29-2012, 09:01 PM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
Unhappy Computer Not Responding also long script running

I have been having severe problems with my computer freezing I do good to get to read 3 emails a day for waiting to get through it tells me not responding. And it tells me from time to time a long script is running. I paid $89 for a register booster thinking it would solve my problem and no it hasn't helped at all. Please if anyone can help me I would very much appreciate it. Thank You
Reply With Quote
  #2  
Old 03-29-2012, 09:24 PM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,770
We need a whole lot more information. Operating system is the first thing.
Full computer specs.
How are you connected to the internet?
Computer make and model would help also.
What anti-virus program do you run?
Firewall?
Have you run any scans for infections? If so, what were the results? It would help if you could post the logs from most recent scans run.
What is the exact name of the Registry booster? Most of those are "junk" as you have found.
Where exactly did you get this registry booster?
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.2, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #3  
Old 03-30-2012, 05:37 PM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
Unhappy Information you requested

Charter Cable Comm/Cable

Hewlitt Packard Pavilion g6-1A19wm notebook pc 64 bit
bought one year ago brand new

Internet Explorer 9

Micosoft Security Essentials

Windows Firewall

Scans for infections
Housecall none
Malwarebytes none

Register Booster Power Suite
recommended from Dear Webby under tools

I have been having this problem for well over 4 months I thought it was due to my fan going out and over heating from what I had read the fan did go bad and had it replaced was still under warranty. But once I got computer back still having the not responding constantly and from time to time a message comes up saying long script running. I go to task manager and nothing shows that shouldn't be running.

I will consider joining once I am financially able I am disabled I have cancer and between my medical bills and gas back and forth for treatments my financial situation is in bad shape.
Thank You
Cindy
Reply With Quote
  #4  
Old 03-30-2012, 05:51 PM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,770
Thanks! First of all there is NO CHARGE to join here, in fact you already joined because you cannot post without being a member. I say again...this site is FREE all help given is FREE. So no worries about payments because NONE ARE OWED.

You are a member and Welcome!

So obviously the operating system is Windows 7 since you bought it one year ago and it is a 64bit running IE 9.

Sorry to tell you what you probably have already figured out, that
Register Booster Power Suite by Uniblue is generally considered to be "junk" on most legitimate computer help sites.
One problem with programs from that company is they make them very hard to uninstall, which you should do...but Don't worry about that now, we will get to that later.

What I would like you to do is run a scan with the DDS scanner. This scan is not a fixer program but it will give a pretty clear picture of what may be going on with the computer. The scan takes just a very few minutes. You don't have to be online to do it so you can download it and go offline to run it if you wish. It can be run in safe mode but normal mode is preferable if possible.
Here are the instructions, if you cannot download using the affected computer you can download it to another computer and move it to the affected computer using a flash drive or burn it to a cd and take that to the affected computer.
Here are the instructions:

Download DDS by sUBs and save it to your Desktop.

http://www.bleepingcomputer.com/download/anti-virus/dds

Be sure follow the instructions below carefully

• DoubleClick on dds.scr to run the tool
* A command box will open, displaying added information for your reading pleasure while DDS completes its scan.
* Upon completion, a Dialog Box should open instructing you to save and post the TWO resulting logs (DDS.txt & Attach.txt).
Copy&Paste both the DDS.txt and the DDS Attach.txt into your post for assistance.
Notice I say copy/paste BOTH logs. The Attach.txt log says at the top to attach it, please do not attach it but copy/paste it also
Both of these logs are very long and because of that will take multiple replies in order to post them here. Please split the logs carefully as each and every line must be seen.
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.2, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #5  
Old 03-31-2012, 12:21 AM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
DDS Part 1

DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/2/2011 1:20:03 PM
System Uptime: 3/30/2012 9:59:54 PM (1 hours ago)
.
Motherboard: Hewlett-Packard | | 1697
Processor: AMD Athlon(tm) II P360 Dual-Core Processor | Socket S1G4 | 2300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 234.279 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 2.039 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.087 GiB free.
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Symantec Iron Driver
Device ID: ROOT\LEGACY_SYMIRON\0000
Manufacturer:
Name: Symantec Iron Driver
PNP Device ID: ROOT\LEGACY_SYMIRON\0000
Service: SymIRON
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: BHDrvx64
Device ID: ROOT\LEGACY_BHDRVX64\0000
Manufacturer:
Name: BHDrvx64
PNP Device ID: ROOT\LEGACY_BHDRVX64\0000
Service: BHDrvx64
.
==== System Restore Points ===================
.
RP871: 3/20/2012 8:15:52 AM - Windows Update
RP872: 3/21/2012 3:00:10 AM - Windows Update
RP873: 3/22/2012 3:00:11 AM - Windows Update
RP874: 3/23/2012 3:00:11 AM - Windows Update
RP875: 3/24/2012 10:42:44 AM - Windows Update
RP876: 3/27/2012 2:54:28 AM - Windows Update
RP877: 3/27/2012 8:56:47 PM - Installed Microsoft Fix it 50403
RP878: 3/27/2012 11:16:14 PM - Windows Backup
RP879: 3/27/2012 11:46:45 PM - Windows Update
RP880: 3/29/2012 8:25:34 AM - Removed FixCleaner
RP881: 3/29/2012 3:25:14 PM - DriverScanner - 3/29/2012 3:25:08 PM
RP882: 3/30/2012 4:22:01 AM - Removed FixCleaner
RP883: 3/30/2012 5:23:14 AM - Removed FixCleaner
RP884: 3/30/2012 2:21:30 PM - Removed FixCleaner
Reply With Quote
  #6  
Old 03-31-2012, 12:24 AM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
DDS Part 2 Installed Programs

==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
aioscnnr
AMD VISION Engine Control Center
Atheros Driver Installation Program
Blio
C4USelfUpdater
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
center
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink DVD Suite
CyberLink YouCam
D3DX10
Energy Star Digital Logo
essentials
ESU for Microsoft Windows 7
Hewlett-Packard ACLM.NET v1.1.2.0
HP CloudDrive
HP Customer Experience Enhancements
HP Documentation
HP MovieStore
HP On Screen Display
HP Power Manager
HP Product Detection
HP Quick Launch
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
Itibiti RTC
Java Auto Updater
Java(TM) 6 Update 30
Junk Mail filter update
KODAK AiO Software
LabelPrint
LightScribe System Software
Mesh Runtime
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 3.0 Runtime
Mozilla Firefox 6.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton Internet Security
Norton PC Checkup
ocr
Octoshape add-in for Adobe Flash Player
PlayReady PC Runtime x86
Power2Go
PreReq
QuickTime
Recovery Manager
RoboForm 7-6-3 (All Users)
RoxioNow Player
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Swag Bucks Toolbar
Uniblue DriverScanner
Uniblue PowerSuite
Uniblue RegistryBooster
Uniblue SpeedUpMyPC
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Reply With Quote
  #7  
Old 03-31-2012, 12:31 AM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
DDS Part 3 Event Viewer Message

==== Event Viewer Messages From Past Week ========
.
3/30/2012 8:42:25 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
3/30/2012 6:29:56 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
3/30/2012 2:43:23 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
3/30/2012 2:43:21 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
3/30/2012 2:43:21 AM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/30/2012 2:27:23 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.
3/30/2012 10:01:54 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 SymIRON
3/30/2012 10:01:54 PM, Error: Service Control Manager [7022] - The Client Virtualization Handler service hung on starting.
3/29/2012 7:59:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
3/29/2012 7:45:00 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD External Events Utility service.
3/29/2012 7:37:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the fdPHost service.
3/29/2012 10:51:47 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
3/28/2012 9:44:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
3/28/2012 2:40:27 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
3/28/2012 11:58:58 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.489.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80072ee2 Error description: The operation timed out
3/28/2012 11:33:03 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000006, 0xfffffa8004bb6640). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 032812-50513-01.
3/27/2012 4:44:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.
3/26/2012 8:57:13 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
3/26/2012 5:25:30 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.123.430.0).
3/26/2012 5:25:21 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.340.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80070643 Error description: Fatal error during installation.
3/26/2012 3:49:58 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.
3/26/2012 10:26:55 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Support Assistant Service service.
3/26/2012 10:24:58 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Wireless Assistant Service service.
3/25/2012 8:51:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
3/25/2012 3:59:08 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
3/25/2012 3:53:02 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
3/25/2012 3:44:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
3/25/2012 3:44:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error: An instance of the service is already running.
3/25/2012 3:44:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
3/25/2012 3:43:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 3:42:41 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 11:59:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wlidsvc service.
3/25/2012 11:59:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
3/23/2012 1:46:04 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.62.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
3/23/2012 1:46:03 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.62.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
.
==== End Of File ===========================
Reply With Quote
  #8  
Old 03-31-2012, 12:39 AM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
DDS Part 4 Internet Explorer

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by cindy at 22:55:23 on 2012-03-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.887 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spool\drivers\x64\3\EKAiO2MUI. exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_Ac tiveX.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
Reply With Quote
  #9  
Old 03-31-2012, 12:41 AM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
DDS Part 5 Pseudo HJT Report

============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.coupons.com/
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
uWindow Title = Windows Internet Explorer provided by Yahoo!
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa0.dll
mURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa0.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TBSB07898 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa0.dll
TB: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Coupons.com CouponBar: {8660e5b3-6c41-44de-8503-98d99bbecd41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
uRun: [PowerSuite] "C:\PROGRA~2\Uniblue\POWERS~1\launcher.exe" delay 20000 -m
mRun: [Conime] %windir%\system32\conime.exe
mRun: [EKAiO2StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI. exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 24.177.176.38 71.92.29.130 24.217.201.67
TCP: Interfaces\{7C413551-5001-4EBE-9365-9DFA8947F2D4} : DhcpNameServer = 24.177.176.38 71.92.29.130 24.217.201.67
TCP: Interfaces\{7C413551-5001-4EBE-9365-9DFA8947F2D4}\2375942554135343 : DhcpNameServer = 192.168.1.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO-X64: RoboForm BHO - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa0.dll
BHO-X64: Swag Bucks - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
BHO-X64: Panda Security Toolbar - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
BHO-X64: TBSB07898 - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
TB-X64: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa0.dll
TB-X64: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
TB-X64: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
mRun-x64: [Conime] %windir%\system32\conime.exe
mRun-x64: [EKAiO2StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI. exe
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE-X64: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
Reply With Quote
  #10  
Old 03-31-2012, 12:43 AM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
DDS Part 6 Firefox

================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\cindy\AppData\Roaming\Mozilla\Firefox\Pro files\u63ooxgt.default\
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc -
.
============= SERVICES / DRIVERS ===============
.
R?2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_ sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_ xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1206000.0 1D\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYM DS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1206 000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYM EFA64.SYS [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20 110701.051\IDSviA64.sys [2011-7-2 488056]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1206000. 01D\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1206000.01D\SYM NETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-7-5 227384]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2011-3-9 366000]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe [2011-5-9 130008]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atik mdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atik mpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sy s --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftpla ylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftr edirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh .sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\2 0110616.003\BHDrvx64.sys [2011-6-16 1143416]
S1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1206000. 01D\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\Iro nx64.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam_x64.sys --> C:\Windows\system32\DRIVERS\ManyCam_x64.sys [?]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-1-9 4925184]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VS TAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VS TDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVER S\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsus bflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-5 365568]
S4 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-8-5 681528]
S4 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
S4 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe [2011-6-8 123320]
Reply With Quote
  #11  
Old 03-31-2012, 12:45 AM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
DDS Part 7 Created Last 30

=============== Created Last 30 ================
.
2012-03-31 03:15:25 -------- d-----w- C:\Users\cindy\AppData\Local\{006CB2F0-5C6B-4D4F-9F38-1DFB9A106CF3}
2012-03-31 02:25:33 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{572AB3E9-3074-429B-B171-EEE0C57B8341}\mpengine.dll
2012-03-31 00:20:58 -------- d-----w- C:\Users\cindy\AppData\Roaming\Systweak
2012-03-31 00:20:38 18816 ----a-w- C:\Windows\System32\roboot64.exe
2012-03-30 04:58:49 -------- d-----w- C:\Users\cindy\AppData\Roaming\Malwarebytes
2012-03-30 04:58:29 -------- d-----w- C:\ProgramData\Malwarebytes
2012-03-30 04:48:21 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
2012-03-29 20:25:55 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-03-29 20:25:55 676968 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-03-29 06:38:00 -------- d-----w- C:\Users\cindy\AppData\Roaming\FixCleaner
2012-03-29 06:37:28 -------- d-----w- C:\Program Files (x86)\FixCleaner
2012-03-28 05:30:19 -------- d-----w- C:\Users\cindy\AppData\Local\{AF88789E-19F1-4313-B3C4-E93C4E748D42}
2012-03-28 05:29:43 -------- d-----w- C:\Users\cindy\AppData\Local\{321FAE44-9E34-40FE-A6FF-20BB20309B36}
2012-03-26 21:34:19 -------- d-----w- C:\Temp
2012-03-26 03:43:20 -------- d-----w- C:\Users\cindy\EASTER - EnVELOPES - Standard Size Envelope_files
2012-03-22 01:14:14 -------- d-----w- C:\Users\cindy\AppData\Local\{A91B7C54-194D-42CD-ADB4-AD6E34A3B265}
2012-03-22 01:13:41 -------- d-----w- C:\Users\cindy\AppData\Local\{78C5BF5C-F99E-494F-AD15-B1F7EA0E9862}
2012-03-18 22:07:57 -------- d-----w- C:\Users\cindy\AppData\Local\{A25DAB75-9D35-4069-9C53-F1228093F349}
2012-03-18 22:04:45 -------- d-----w- C:\Users\cindy\AppData\Local\{B3E7B0E0-CE46-47A3-A16B-DF5D504C7DD3}
2012-03-18 19:18:28 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientU X\UpdateableMarkup-3\markup.dll
2012-03-15 18:24:58 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-15 18:24:56 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-15 18:24:55 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-15 10:39:18 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-15 10:39:15 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-15 10:39:15 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-15 10:39:12 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-15 10:39:12 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-15 10:39:12 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-15 10:38:56 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-15 10:38:55 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-15 10:38:55 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-15 10:38:55 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-10 21:07:13 -------- d-----w- C:\Users\cindy\AppData\Local\{D4574D4F-DAB0-4743-A551-43FCD60FC34E}
2012-03-10 21:07:01 -------- d-----w- C:\Users\cindy\AppData\Local\{7593D55A-7BDB-47B8-8E90-9C586652DEB1}
2012-03-09 22:26:11 -------- d-----w- C:\ProgramData\W3i
2012-03-09 22:26:11 -------- d-----w- C:\Program Files (x86)\W3i
2012-03-09 22:26:10 -------- d-----w- C:\Users\cindy\AppData\Local\I Want This
2012-03-04 19:13:43 651264 ------w- C:\Windows\System32\stapi64.dll
2012-03-04 19:13:19 -------- d-----w- C:\Program Files\IDT
2012-03-04 19:13:18 564224 ----a-w- C:\Windows\System32\idt64mp1.exe
2012-03-04 19:13:18 524800 ----a-w- C:\Windows\sttray64.exe
2012-03-04 19:13:18 4594176 ----a-w- C:\Windows\System32\stlang64.dll
2012-03-04 19:13:18 438784 ----a-w- C:\Windows\System32\IDTNC64.cpl
2012-03-01 22:38:23 -------- d-----w- C:\Users\cindy\AppData\Local\{AC2FBAB5-C65D-4424-9811-2F05BFF6970F}
.
==================== Find3M ====================
.
2012-03-29 20:25:55 107624 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-02-21 19:19:43 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
.
============= FINISH: 22:58:38.18 ===============
Reply With Quote
  #12  
Old 03-31-2012, 12:48 AM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
Hi as you can see I accidently down loaded the wrong thing when I went to the site I clicked on a download on the sidebar a fixit cleaner or something like that but I deleted and did not clean anything so that you could get all the information.

I hope I did this right if there is anything else you need feel free to let me know.
Thanks
Cindy
Reply With Quote
  #13  
Old 03-31-2012, 09:51 AM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,770
Your first big problem is you have two anti-virus programs/suites, including the Norton Firewall installed and running on the computer. Microsoft Security Essentials and Norton Internet Security a huge no-no. You should never have two anti-virus programs or two firewalls running on the same computer. The Norton "says" it is disabled, but it is not fully disabled, parts of it are running at boot time and then running all the time.
Only portions of the MSE program are also running so it is likely damaged, especially because it does not show in installed programs but does show in other parts of the log as Enabled. So some of it is there someplace. This also means that possibly the Windows Firewall is also running, or at least some of its files. These things alone will cause major problems, one of those being computer freezes. They would also cause major problems with any other programs you attempt to use.

The Norton program includes multiple toolbars, you also have a Panda Security Toolbar installed and while it is generally considered good, with all these others it likely isn't working correctly and/or has been damaged also.

The first thing you must do is remove Norton and MSE.

You need to use these two tools to do this. Download them and save them to the Desktop. Run the tools one at a time, rebooting the computer after using each one. For the moment don't worry about getting another security program, we will do this once the clean up is finished. We have to know absolutely that all of these programs are 100% gone before attempting to install another. If these aren't fully removed then another one won't work correctly either.

Norton Tool
http://majorgeeks.com/Norton_Removal...NRT_d4749.html When you get to that page click on the Download Locations in the yellow print. The .exe file will pop up, save it to the desktop.

MSE Tool
http://go.microsoft.com/fwlink/?linkid=81699 Clicking on this will give you the OneCareCleanup .exe removal tool. Same it to the desk top.

Once you have both of those on the desk top run each one at a time, rebooting After each tool runs.

You also have known bad programs installed and at least one malware type toolbar and all of these must be uninstalled using Add/Remove after doing the removals of those security programs.

Swag Bucks Toolbar
Uniblue DriverScanner
Uniblue PowerSuite
Uniblue RegistryBooster
Uniblue SpeedUpMyPC

Reboot the computer after uninstalling each one. Once all of the above are uninstalled then run the DDS scanner again. Post back with the NEW logs.

If you have difficulty with any of the above come back immediately and let me know with full information about the difficulty, any error messages, etc.

Don't do ANYTHING else on the computer until given the ok to do so. No email, nothing. After doing all of the above then there will be malware scans that you will need to do and I'll give you those programs to use then. You can't do those until the above items are removed.
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.2, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #14  
Old 03-31-2012, 04:46 PM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
Removing Norton

How long should this take it shows running in task manager but no box or anything in the task bar?
Reply With Quote
  #15  
Old 03-31-2012, 04:49 PM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,770
How long should what take??? I gave you two different files to run.
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.2, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #16  
Old 03-31-2012, 05:06 PM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
Remove Norton

How long does it take to remove the norton programs I am a bit confused please forgive me? I thought it would run and remove the programs and show me a box that it was complete.
Reply With Quote
  #17  
Old 03-31-2012, 05:10 PM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,770
I cannot give you a time frame. But it shouldn't take long. But since you didn't say how long it has been running there is no way I can possibly give an estimate.

Instead please do the following:

Stop the Norton file that I believe you mean is running by ending it in the Task manager.

Then shut down the computer.

Reboot in Safe Mode. Do it this way:

Restart your computer.
When the computer starts you will see your computer's hardware being listed. When you see this information start to gently tap the F8 key on your keyboard repeatedly until you are presented with the Windows 7 Advanced Boot Options screen
Using the arrow keys, select the Safe Mode
Then press the enter key on your keyboard to boot into Windows 7 Safe Mode.

Run the first tool, if it asks to reboot, allow it to do so. This will be a boot to Normal Mode.

Then shut down the computer again and then again boot to Safe Mode and run the second tool.

Reboot to Normal Mode.

Shut down, Reboot again to Safe Mode and Uninstall all of the programs I listed that should be removed. Once all of that is done then reboot, come back here and tell me if you have completed all of the above.

I will then give you the next steps.
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.2, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #18  
Old 03-31-2012, 05:10 PM
MikeN.
Guest
 
Posts: n/a
[quote=cbcotton;1656508]How long does it take to remove the norton programs I am a bit confused please forgive me? I thought it would run and remove the programs and show me a box that it was complete.[/QUOT


Should take a minute or two to uninstall each of those programs Judy listed. Again, use the tools provided to remove Norton, reboot, use the next tool to remove MSE, reboot then uninstall all the Uniblue crap and reboot again. Come back for more directions as you will not have an antivirus installed after doing these steps.

Judy you must be on invis, didnt see you there

Last edited by MikeN.; 03-31-2012 at 05:11 PM. Reason: added info
Reply With Quote
  #19  
Old 03-31-2012, 06:46 PM
cbcotton cbcotton is offline
Senior Member
 
Join Date: Mar 2012
Posts: 518
It will not let me connect to the internet in safe mode we are having storm in our area so I thought this may be the problem with connecting to the internet in safe mode but finally I tried connecting not in safe mode and no problem.
So what do I do about this?

also I kept getting a pop up asking to allow or not allow toolbarH application from conduit LTD I keep clicking not allow and it repeatly comes up to where I cannot go forward. and with the freezes it is taking alot of time. I just hope you understand I am not doing anything but trying to accomplish the task at hand.
Reply With Quote
  #20  
Old 03-31-2012, 06:47 PM
MikeN.
Guest
 
Posts: n/a
Quote:
Originally Posted by cbcotton View Post
It will not let me connect to the internet in safe mode we are having storm in our area so I thought this may be the problem with connecting to the internet in safe mode but finally I tried connecting not in safe mode and no problem.
So what do I do about this?

also I kept getting a pop up asking to allow or not allow toolbarH application from conduit LTD I keep clicking not allow and it repeatly comes up to where I cannot go forward. and with the freezes it is taking alot of time. I just hope you understand I am not doing anything but trying to accomplish the task at hand.
Have you downloaded either of those tools?
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 07:05 AM.


Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 2000-2011 WorldStart, Inc