Jump to content


Photo

PC Running Badly


  • This topic is locked This topic is locked
22 replies to this topic

#1 alyndin

alyndin

    Member

  • Full Member
  • Pip
  • 40 posts

Posted 11 May 2012 - 03:33 PM

Hey there.
I'm not sure if anyone on here can help with this but I've requested help with problems in the past and the people who have helped me have been excellent so I thought I would try.
Basically my PC is not working very well. It blue screens , hangs, crashes and loads slowly constantly and is becoming very annoying. It takes ages to startup and programs constantly say not responding. It is about 3 years old. Im using windows Vista 64 bit home premium service pack 2. The PC is an HP p6047uk. 4.00 GB RAM, Intel Core Quad CPU Q8200 @ 2.33GHz 2.33GHz.
As per the instructions here is the logs that you request.

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.11.08

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Mark :: MARK-PC [administrator]

11/05/2012 23:13:02
mbam-log-2012-05-11 (23-13-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224084
Time elapsed: 6 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Mark at 23:21:34 on 2012-05-11
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.4094.2053 [GMT 2:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\NETGEAR\WPN111\wpn111.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\SysWOW64\DllHost.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.wow-europe.com/en/index.xml
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=92&bd=Pavilion&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=92&bd=Pavilion&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=92&bd=Pavilion&pf=cndt
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\IPS\IPSBHO.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
mRun: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
StartupFolder: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WPN111\wpn111.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {15105F6B-80FF-40d3-B239-AEC9E0E93ACD} - C:\Program Files (x86)\PokerStars.DK\PokerStarsUpdate.exe
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: candystand.com\www
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{4A8BC84A-CEEF-47C4-8B02-A3EB0FDC063E} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{C5A695F5-8072-4B9A-AFCA-55E5F6571B05} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{F860BC48-99AA-461C-996D-9DEF203FE93B} : DhcpNameServer = 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll
TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun-x64: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun-x64: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun-x64: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
mRun-x64: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce-x64: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
IE-X64: {15105F6B-80FF-40d3-B239-AEC9E0E93ACD} - C:\Program Files (x86)\PokerStars.DK\PokerStarsUpdate.exe
Hosts: 127.0.0.1 www.spywareinfo.com
Hosts: 62.189.6.78 _sip._tls.sip1.callserve.com
Hosts: 62.189.6.78 _sip._ssl.sip1.callserve.com
Hosts: 62.189.6.79 _sip._tls.sip2.callserve.com
Hosts: 62.189.6.79 _sip._ssl.sip2.callserve.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\sumjizwx.default\
FF - prefs.js: browser.startup.homepage - hxxp://eu.battle.net/wow/en/
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Users\Mark\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1307000.009\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1307000.009\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1307000.009\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1307000.009\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120507.001\BHDrvx64.sys [2012-5-9 1160824]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1307000.009\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1307000.009\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120510.001\IDSviA64.sys [2012-5-11 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1307000.009\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1307000.009\Ironx64.SYS [?]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\NISx64\1307000.009\SYMTDIV.SYS --> C:\Windows\system32\Drivers\NISx64\1307000.009\SYMTDIV.SYS [?]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/04/30 01:55:00];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-4-30 146928]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccsvchst.exe [2012-4-24 138232]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-5-27 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
R2 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-4-22 296320]
R2 TVSched;TV Task Scheduler (TVTS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-4-22 116104]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-4-17 138360]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech Webcam 300(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;C:\Windows\system32\Drivers\PCASp50a64.sys --> C:\Windows\system32\Drivers\PCASp50a64.sys [?]
R3 rzudd;Razer Keyboard Driver;C:\Windows\system32\DRIVERS\rzudd.sys --> C:\Windows\system32\DRIVERS\rzudd.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;C:\Windows\system32\DRIVERS\WPN111vx.sys --> C:\Windows\system32\DRIVERS\WPN111vx.sys [?]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-2-25 2348352]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 257696]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\system32\DRIVERS\lvpopf64.sys --> C:\Windows\system32\DRIVERS\lvpopf64.sys [?]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 129976]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;C:\Windows\system32\Drivers\PCAMp50a64.sys --> C:\Windows\system32\Drivers\PCAMp50a64.sys [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]
S3 RzSynapse;Razer Naga Driver;C:\Windows\system32\DRIVERS\RzSynapse.sys --> C:\Windows\system32\DRIVERS\RzSynapse.sys [?]
S3 SaiK0836;SaiK0836;C:\Windows\system32\DRIVERS\SaiK0836.sys --> C:\Windows\system32\DRIVERS\SaiK0836.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-24 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-05-11 21:12:09 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-11 21:12:09 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-10 21:44:59 196096 ----a-w- C:\Windows\System32\d3d10_1.dll
2012-05-10 21:44:59 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2012-05-10 21:44:58 72576 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-10 21:44:54 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-10 21:44:54 2766848 ----a-w- C:\Windows\System32\win32k.sys
2012-05-10 14:19:13 -------- d-----w- C:\Program Files (x86)\Sportradar
2012-05-05 12:52:18 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-05-02 22:08:45 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-05-02 22:08:43 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-05-02 22:08:43 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-26 15:08:04 -------- d-----w- C:\ProgramData\IAHGames
2012-04-26 11:47:48 71680 ----a-w- C:\Windows\System32\frapsv64.dll
2012-04-26 11:47:46 65536 ----a-w- C:\Windows\SysWow64\frapsvid.dll
2012-04-25 21:09:06 -------- d-----w- C:\Users\Mark\AppData\Roaming\Unity
2012-04-24 10:12:18 445560 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\symtdiv.sys
2012-04-24 10:12:18 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\symnets.sys
2012-04-24 10:12:18 1092728 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\symefa64.sys
2012-04-24 10:12:17 737912 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\srtsp64.sys
2012-04-24 10:12:17 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1307000.009\symds64.sys
2012-04-24 10:12:17 37496 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\srtspx64.sys
2012-04-24 10:12:17 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\ironx64.sys
2012-04-24 10:12:17 167048 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\ccsetx64.sys
2012-04-24 10:12:02 -------- d-----w- C:\Windows\System32\drivers\NISx64\1307000.009
2012-04-19 19:47:16 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2012-04-12 22:52:28 -------- d-----w- C:\ProgramData\Battle.net
.
==================== Find3M ====================
.
2012-05-05 12:52:23 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 12:52:23 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-03-30 12:45:03 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-23 15:32:23 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-03-04 16:01:57 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-03-01 15:39:45 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll
2012-03-01 14:46:01 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2012-02-29 21:00:22 3089728 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-02-29 21:00:09 6074176 ----a-w- C:\Windows\System32\nvcpl.dll
2012-02-29 20:59:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-02-29 20:59:47 63296 ----a-w- C:\Windows\System32\nvshext.dll
2012-02-29 20:59:47 118080 ----a-w- C:\Windows\System32\nvmctray.dll
2012-02-29 15:37:41 5632 ----a-w- C:\Windows\System32\wmi.dll
2012-02-29 15:37:38 219136 ----a-w- C:\Windows\System32\wintrust.dll
2012-02-29 15:35:44 78848 ----a-w- C:\Windows\System32\imagehlp.dll
2012-02-29 15:11:45 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-29 15:11:42 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-02-29 15:09:53 157696 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-02-29 14:40:31 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll
2012-02-29 14:09:35 834048 ----a-w- C:\Windows\System32\d2d1.dll
2012-02-29 14:08:47 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2012-02-29 14:06:08 1556480 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-29 13:52:46 16384 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-02-29 13:44:50 683008 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-02-29 13:41:40 1069056 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-29 12:26:56 416064 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 23:23:13.90 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 24/03/2009 14:22:44
System Uptime: 11/05/2012 22:56:02 (1 hours ago)
.
Motherboard: PEGATRON CORPORATION | | Benicia
Processor: Intel® Core™2 Quad CPU Q8200 @ 2.33GHz | CPU 1 | 2333/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 918 GiB total, 684.933 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.907 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Nokia 6500s-1
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 6500s-1
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
.
==== Hosts File Hijack ======================
.
Hosts: 127.0.0.1 www.spywareinfo.com
Hosts: 62.189.6.78 _sip._tls.sip1.callserve.com
Hosts: 62.189.6.78 _sip._ssl.sip1.callserve.com
Hosts: 62.189.6.79 _sip._tls.sip2.callserve.com
Hosts: 62.189.6.79 _sip._ssl.sip2.callserve.com
Hosts: 62.189.6.85 _sip._tls.sip5.phoneserve.com
Hosts: 62.189.6.85 _sip._ssl.sip5.phoneserve.com
Hosts: 62.189.6.84 _sip._tls.abcd.winnerip.com
Hosts: 62.189.6.84 _sip._ssl.abcd.winnerip.com
Hosts: 62.189.6.81 _sip._tls.efgh.winnerip.com
Hosts: 62.189.6.81 _sip._ssl.efgh.winnerip.com
Hosts: 62.189.6.83 _sip._tls.ijkl.winnerip.com
Hosts: 62.189.6.83 _sip._ssl.ijkl.winnerip.com
.
==== Installed Programs ======================
.
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Belkin Wireless USB Adapter Setup
CameraHelperMsi
Compatibility Pack for the 2007 Office system
CrimeCraft
Curse Client
CyberLink DVD Suite Deluxe
D3DX10
DirectX for Managed Code Update (Summer 2004)
DJ_SF_05_D2600_Software_Min
Enhanced Multimedia Keyboard Solution
erLT
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Advisor
HP Customer Experience Enhancements
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP MediaSmart TV
HP Odometer
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Support Information
HP Total Care Setup
HP Update
HPAsset component for HP Active Support Library
HPDiagnosticAlert
Internet Telephone
Java Auto Updater
Java™ 6 Update 31
LightScribe System Software
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.61.0.1400
Messenger Companion
Microsoft Flight Simulator X
Microsoft Office Click-to-Run 2010
Microsoft Office Home and Business 2010 - English
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Mozilla Firefox 12.0 (x86 en-GB)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
My HP Games
Naga Firmware Updater 1.13
neroxml
NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111
Norton Internet Security
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Pando Media Booster
PC Connectivity Solution
Power2Go
PowerDirector
Python 2.6 pywin32-212
Python 2.6.1
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Segoe UI
Skype Click to Call
Skype™ 5.8
sp43204
sp44626
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
swMSM
Toolbox
UE3Redist
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
VCRedistSetup
Ventrilo Client
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Vyke PC
Vyke PC 1.0.14
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Movie Maker 2.6
.
==== Event Viewer Messages From Past Week ========
.
11/05/2012 23:03:31, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/05/2012 23:03:31, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
11/05/2012 23:01:04, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
11/05/2012 22:59:58, Error: Service Control Manager [7000] - The lirsgt service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
11/05/2012 22:59:58, Error: Service Control Manager [7000] - The atksgt service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
11/05/2012 22:57:21, Error: EventLog [6008] - The previous system shutdown at 22:54:17 on 11/05/2012 was unexpected.
11/05/2012 20:04:40, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
11/05/2012 20:04:10, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.
11/05/2012 13:56:56, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
10/05/2012 03:01:29, Error: EventLog [6008] - The previous system shutdown at 02:58:43 on 10/05/2012 was unexpected.
08/05/2012 14:29:30, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
.
==== End Of File ===========================


Results of screen317's Security Check version 0.99.32
Windows Vista x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

MVPS Hosts File
Spybot - Search & Destroy
Java™ 6 Update 31
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (12.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
Spybot Teatimer.exe is disabled!
``````````End of Log````````````

Edited by alyndin, 11 May 2012 - 03:43 PM.


#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 13 May 2012 - 06:27 AM

Hello, Welcome to SpywareInfoForum
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingc...to-use-combofix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingc...opic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingc...opic114351.html
===

Third party programs if not up to date can be an open door for an infection

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Please post the logs for my review.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 alyndin

alyndin

    Member

  • Full Member
  • Pip
  • 40 posts

Posted 13 May 2012 - 09:28 AM

ComboFix 12-05-13.03 - Mark 13/05/2012 16:53:52.1.4 - x64
Microsoft Windows Vista Home Premium 6.0.6002.2.1252.44.1033.18.4094.2314 [GMT 2:00]
Running from: c:\users\Mark\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Mark\AppData\Local\assembly\tmp
c:\windows\SysWow64\regobj.dll
c:\windows\SysWow64\SET40CA.tmp
c:\windows\SysWow64\SETC86F.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-04-13 to 2012-05-13 )))))))))))))))))))))))))))))))
.
.
2012-05-13 15:07 . 2012-05-13 15:07 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-05-13 15:07 . 2012-05-13 15:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-11 21:12 . 2012-05-11 21:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-11 21:12 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-10 21:44 . 2012-03-01 15:39 196096 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-10 21:44 . 2012-03-01 14:46 160768 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-05-10 21:44 . 2012-03-20 23:34 72576 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-10 21:44 . 2012-04-03 08:22 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-10 21:44 . 2012-04-02 13:59 2766848 ----a-w- c:\windows\system32\win32k.sys
2012-05-10 14:19 . 2012-05-10 14:19 -------- d-----w- c:\program files (x86)\Sportradar
2012-05-05 12:52 . 2012-05-05 12:52 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-02 22:08 . 2012-05-02 22:08 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-05-02 22:08 . 2012-05-02 22:08 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-05-02 22:08 . 2012-05-02 22:08 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-26 15:08 . 2012-04-26 23:26 -------- d-----w- c:\programdata\IAHGames
2012-04-26 11:47 . 2012-04-26 11:47 71680 ----a-w- c:\windows\system32\frapsv64.dll
2012-04-26 11:47 . 2012-04-26 11:47 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
2012-04-25 21:09 . 2012-04-25 21:09 -------- d-----w- c:\users\Mark\AppData\Roaming\Unity
2012-04-24 10:12 . 2012-04-25 09:47 -------- d-----w- c:\windows\system32\drivers\NISx64\1307000.009
2012-04-19 19:47 . 2012-04-21 08:42 -------- d-----w- c:\program files (x86)\Common Files\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 12:52 . 2012-04-07 16:22 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 12:52 . 2011-05-20 11:12 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-23 15:32 . 2009-06-03 12:46 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-03-04 16:01 . 2010-05-23 13:13 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-01 00:02 . 2012-03-15 14:08 9717568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-03-01 00:02 . 2012-03-15 14:08 8008000 ----a-w- c:\windows\system32\nvcuda.dll
2012-03-01 00:02 . 2012-03-15 14:08 68928 ----a-w- c:\windows\system32\OpenCL.dll
2012-03-01 00:02 . 2012-03-15 14:08 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-03-01 00:02 . 2012-03-15 14:08 5892928 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-03-01 00:02 . 2012-03-15 14:08 2872640 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-03-01 00:02 . 2012-03-15 14:08 2672448 ----a-w- c:\windows\system32\nvcuvid.dll
2012-03-01 00:02 . 2012-03-15 14:08 25543488 ----a-w- c:\windows\system32\nvoglv64.dll
2012-03-01 00:02 . 2012-03-15 14:08 25222976 ----a-w- c:\windows\system32\nvcompiler.dll
2012-03-01 00:02 . 2012-03-15 14:08 2517312 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-03-01 00:02 . 2012-03-15 14:08 2437440 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-03-01 00:02 . 2012-03-15 14:08 19444544 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-03-01 00:02 . 2012-03-15 14:08 17543488 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-03-01 00:02 . 2012-03-15 14:08 13626688 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-03-01 00:02 . 2012-02-25 12:05 7713088 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-03-01 00:02 . 2012-02-25 12:05 2301248 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-03-01 00:02 . 2011-08-10 14:53 1737536 ----a-w- c:\windows\system32\nvdispco64.dll
2012-03-01 00:02 . 2011-08-10 14:53 1466176 ----a-w- c:\windows\system32\nvgenco64.dll
2012-03-01 00:02 . 2011-07-26 10:57 15009600 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-03-01 00:02 . 2009-03-13 15:40 2660160 ----a-w- c:\windows\system32\nvapi64.dll
2012-03-01 00:02 . 2009-03-13 15:40 17642816 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-02-29 21:00 . 2011-01-07 19:49 3089728 ----a-w- c:\windows\system32\nvsvc64.dll
2012-02-29 21:00 . 2011-01-07 19:50 6074176 ----a-w- c:\windows\system32\nvcpl.dll
2012-02-29 20:59 . 2011-01-07 19:49 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-02-29 20:59 . 2011-01-07 19:49 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-02-29 20:59 . 2009-06-26 16:00 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-02-29 15:37 . 2012-04-10 23:47 5632 ----a-w- c:\windows\system32\wmi.dll
2012-02-29 15:37 . 2012-04-10 23:47 219136 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 15:35 . 2012-04-10 23:47 78848 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 15:11 . 2012-04-10 23:47 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-29 15:11 . 2012-04-10 23:47 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-02-29 15:09 . 2012-04-10 23:47 157696 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-02-29 13:52 . 2012-04-10 23:47 16384 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-02-29 12:26 . 2012-02-29 12:26 416064 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-02-28 06:56 . 2012-04-10 23:47 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-10 23:47 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-10 23:47 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-10 23:47 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-10 23:47 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-10 23:47 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-10 23:47 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-10 23:47 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-04 75016]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
"UpdatePDIRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2008-11-26 210216]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-12-15 1152296]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-15 189736]
"TVAgent"="c:\program files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-04-22 206120]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2009-09-09 1148200]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2011-9-13 0]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WPN111 Smart Wizard.lnk - c:\program files (x86)\NETGEAR\WPN111\wpn111.exe [2011-2-24 999424]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 12:52]
.
2012-04-25 c:\windows\Tasks\HPCeeScheduleForMark.job
- c:\program files (x86)\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-03-13 20:01]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-11-03 182808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.wow-europe.com/en/index.xml
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=92&bd=Pavilion&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{15105F6B-80FF-40d3-B239-AEC9E0E93ACD} - c:\program files (x86)\PokerStars.DK\PokerStarsUpdate.exe
Trusted Zone: candystand.com\www
TCP: DhcpNameServer = 192.168.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\sumjizwx.default\
FF - prefs.js: browser.startup.homepage - hxxp://eu.battle.net/wow/en/
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
Wow6432Node-HKLM-Run-NBKeyScan - c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-sp43204 - c:\hp\Softpaq\sp43204\sp43204.exe
AddRemove-sp44626 - c:\hp\Softpaq\sp44626\sp44626.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.7.0.9\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe
c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\program files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe
c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe
c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
.
**************************************************************************
.
Completion time: 2012-05-13 17:19:11 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-13 15:19
.
Pre-Run: 734,868,733,952 bytes free
Post-Run: 735,116,754,944 bytes free
.
- - End Of File - - CEDCE3EB1A455C25D38BEA2939C92F08

Results of screen317's Security Check version 0.99.32
Windows Vista x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Spybot - Search & Destroy
Java™ 6 Update 31
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (12.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
Spybot Teatimer.exe is disabled!
``````````End of Log````````````

#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 14 May 2012 - 06:19 AM

Important security issue

http://support.micro...a=WINDOWS vista
Support for Windows Vista without any service packs has ended on April 13, 2010.
Windows Vista Service Pack 1 support ended on 12/07/2011

For continued security support from Microsoft get the Service Pack 2.
http://support.microsoft.com/kb/935791

As indicated on the Microsoft page SP1 must be installed before proceeding to install SP2.
You will find the necessary link on the page.
===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Include in your download" this is not required. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
===

Please let me know of any remaining issues?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#5 alyndin

alyndin

    Member

  • Full Member
  • Pip
  • 40 posts

Posted 14 May 2012 - 07:52 AM

My PC seems to have service pack 2 allready installed.

But i went onto the service pack 2 link you gave me and it wouldn't install it because it was the 32 bit version and I am using the 64 bit version and i couldn't see any link for the 64 bit version download.

#6 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 15 May 2012 - 06:17 AM

Check your computer and find out what is presently ,installed.

If no Service Pack as reported by the SecurityCheck tool get these and install sp1 restart the computer if all is well install SP2.
It may just be that the Tool not reporting correctly on a 64 bit system.
Please keep me posted.

Windows Vista Service Pack 1 Five Language Standalone for x64-based Systems (KB936330)
http://www.microsoft...s.aspx?id=21299

Windows Server 2008 Service Pack 2 and Windows Vista Service Pack 2 - Five Language Standalone for x64-based systems (KB948465)
http://www.microsoft...s.aspx?id=17669
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#7 alyndin

alyndin

    Member

  • Full Member
  • Pip
  • 40 posts

Posted 17 May 2012 - 12:34 PM

All of my problems are fixed except it still blue screens a lot.

#8 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 18 May 2012 - 05:45 AM

We Need to Diagnose Your BlueScreen (BSOD)

1. When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter

Safe Mode

2. Select "Disable Automatic Restart on System Failure", as shown here:

Posted Image

When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:

Posted Image

A file name might be listed too. Please report this in your next post
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#9 alyndin

alyndin

    Member

  • Full Member
  • Pip
  • 40 posts

Posted 18 May 2012 - 06:01 AM

Regarding the service pack issue, i tried both of those links, downloaded what was there but when i go to install them they say service pack 2 allready installed.

I will make a note of the next blue screen message and post it when it happens. Is there anyway to view a history of previous BSOD messages?

Edited by alyndin, 18 May 2012 - 06:03 AM.


#10 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 18 May 2012 - 12:29 PM

Quoted from post no 1.

11/05/2012 23:03:31, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/05/2012 23:03:31, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
11/05/2012 23:01:04, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
11/05/2012 22:59:58, Error: Service Control Manager [7000] - The lirsgt service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
11/05/2012 22:59:58, Error: Service Control Manager [7000] - The atksgt service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
11/05/2012 22:57:21, Error: EventLog [6008] - The previous system shutdown at 22:54:17 on 11/05/2012 was unexpected.
11/05/2012 20:04:40, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
11/05/2012 20:04:10, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.
11/05/2012 13:56:56, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
10/05/2012 03:01:29, Error: EventLog [6008] - The previous system shutdown at 02:58:43 on 10/05/2012 was unexpected.
08/05/2012 14:29:30, Error: Service Control Manager [7022] - The Windows Update service hung on starting.


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#11 alyndin

alyndin

    Member

  • Full Member
  • Pip
  • 40 posts

Posted 21 May 2012 - 12:50 AM

Are you able to use that to give a diagnostics as to why its BSOD'ing?

Typical my pc hasn't blue screened in a few days lol.

#12 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 21 May 2012 - 05:25 AM

ComboFix may have reset some of the default settings.

If all is well:

Time for some housekeeping

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall
===

Delete the other tools we used.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#13 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 29 May 2012 - 06:49 AM

Since the issue appears to be resolved this Topic is closed.


[Reopened]

Everyone else please begin a New Topic.

Edited by cnm, 09 June 2012 - 11:48 AM.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#14 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 09 June 2012 - 11:47 AM

Reopened at request of topic owner.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#15 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 10 June 2012 - 05:29 AM

alyndin

I'm listening.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#16 alyndin

alyndin

    Member

  • Full Member
  • Pip
  • 40 posts

Posted 10 June 2012 - 06:41 AM

Ok, got a blue screen today after a few weeks of it running fine.

BUGCODE_USB_DRIVER

**** STOP: 0X000000FE (0X0000000000000006, 0XFFFFFA80092866AO, 0X0000000066725045, 0X0000000000000000

#17 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 11 June 2012 - 06:34 AM

Is this the issue?
Error message when you try to put a Windows Vista-based computer to sleep or into hibernation: "STOP 0x000000FE BUGCODE_USB_DRIVER"
http://support.microsoft.com/kb/930568

If you have the latest SP 2 for vista you should check the properties of the files listed in the article.
Make sure you have the correct version of the files.

This Microsoft article may also give you some leads.
http://answers.micro...60-9b4666b84900

You may have to contact Microsoft if the issues persists.
http://support.micro...tus/?ws=support (http://support.micro...tus/?ws=support)
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#18 alyndin

alyndin

    Member

  • Full Member
  • Pip
  • 40 posts

Posted 11 June 2012 - 08:08 AM

It happens randomly like the person in the 2nd link says.

#19 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 12 June 2012 - 05:55 AM

The BSOD creates a .dmp file. Do a search for *.dmp if found open the file with Notepad and post the most recent first 50 lines of the file for me review. I may be able to find out which file is causing this problem.

What do you have connected to a USB port.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#20 alyndin

alyndin

    Member

  • Full Member
  • Pip
  • 40 posts

Posted 12 June 2012 - 09:43 AM

I have a webcam which i use as a mic for talking on skype, mouse, keyboard and wirless adapter in my usb ports.

Also i dont think this is what your looking for but its the latest .dmp crash report i can find but its for the middle of may.

MDMPl
O@  $ T  `1  
   8      r  7  GenuineIntelw 뿷a݇ A
O       r  R o m a n c e S t a n d a r d T i m e
  R o m a n c e D a y l i g h t T i m e    C  5]   0X  > ~ X  S  Z A ~ ! T   ] DB p~ I  O   ` > ~ n (
  `c TB ~ p~    ,f C ~ X    h ,C `~ X  /  k 4C 0~     n B  ~ P&   \q XB ~ t    (t B  ~ #    v C ~ @ " ?  y B ~   <  | C ~ @  >  X B  P~  X ?@  $  ~ @  A  C ~  T WC  HA `~ (~  F  ; 0~ <  H  T B ~ X  GJ  B ~ < K  C ~ 4
+M  u @ c _H Q~O8    
  
 ?   l ~w   Nt8    mHr  mHr?    # ju  z  2zM8    Hr  Hr?    &  v
tb
%8I8    UFr  UFr?    $ 9 {u  #8I<9    UFr  UFr?    # ] 7u ` s 7I|9    UFr  UFr?    % v 
[I9    hFr  hFr?    $ 0u  W( N:    mHr  mHr?    % ə r P + IEH:    @p  @p?    $ v 0 Ie 8I:    UFr  UFr?    %  v

ZN:    wHr  wH!?    # 7 u  lP ̵9M;    Gr  Gr?    $ Z ds  q c$}LX;  
 Gr  Gr?    % ~ u  ǵ9MR<    Gr  Gr?    $ u  f ^8M<    Gr  Gr?     % ǚ )t   SG<    PFq  PFq?    # v P  >(L=    eGr  eGr?    "  u   tVN^=    LHr  LHr?    % 1 v  U G=    PFq  PFq?    # V {w ` t G=    PFq  PFq?     y u  [ )LO">   ;@ ;@?    $ v 0 BIEf>    @p  @p?    % u  J (LO>   ;@ ;@?    % u  T )LO>   ;@ ;@?    #  $u m 8I4?    UFr  UFr?    $ * s  q ]Nx?    `Hr  `Hr?    " N s  " tVN?    LHr  LHr?    # p p  X 7I?    UFr  UFr?    $ p  TG N>@    mHr  mHr?    $ +t  :/ IE@    @p  @p?    $ ۜ r  d 6I@    UFr  UFr?    $ s  M? \oM
A    Gr  Gr?    % # u   8IPA    UFr  UFr?    $ H s @ D ]7IA    UFr  UFr?    l u   #8IA    UFr  UFr?    # ]u 4 7IB    UFr  UFr?    " 6u _ $8IPB    UFr  UFr?    ! ѝ u  ƥ KB   r DGrr DGr?    " t  E GB    PFq  PFq?    %  Kr @ f 8IC       ?   % 9 u @ j oGVC   PF  PFq?    $ ^ r   7IC    UFr  UFr?    # s  .n 7IC    UFr  UFr?    % tr P }E 7I"D    UFr  UFr?    % ʞ r  @ fnMhD    Gr  Gr?    # r p GD    PFq  PFq?    #  qr   7ID    UFr  UFr?    & 5 s @  KK4E    <Gr  <Gr?    % [ p P GzE    PFq  PFq?    % fn   7IE    UFr  UFr?    % dn @ N UGF    PFq  PFq?    # ʟ s ` j 7IHF    UFr  UFr?    % v p Ț IEF    @p  @p?    "  `n  ~ ѽIEF    @p  @p?    # 4 p 8* LG    bGr  bGr?    $ W
u  2 $8ITG    UFr  UFr?    $ { u  ! JG    Fr  Fr?    # Jr p  iGG    PFq  PFq?    $   5r p  uNH    mHr  mHr?    % t ` o ֽIEdH    @p  @p?    $ p 7 FGH    PFq  PFq?    # / \q ` IEH    @p  @p?    % R u  U 38I0I    UFr  UFr?    $ w u   ~8ItI    UFr  UFr?    $ u   7II    UFr  UFr?    # r P GI    PFq  PFq?    # p E G<J    PFq  PFq?    $  p  i8 pGJ    PFq  PFq?    $ ) p X8IJ    UFr  UFr?    # M t 9 8IK    UFr  UFr?    % p r  I {GVK    PFq  PFq?    % hq   8IK    UFr  UFr?    $ p ,'
)7IK    UFr  UFr?    % ޢ cq  ] G:L    PFq  PFq?    $  k ` 2 ,LO~L   ;@ ;@?    $ ' h `  GL    PFq  PFq?    ( K Du  5 7IM    UFr  UFr?    % s .t IETM    @p  @p?    % r 7IM    UFr  UFr?    $ 2k  H ]8MM    Gr  Gr?    $
r  d 8I"N    UFr  UFr?    #  Br @ IEdN    @p  @p?    # ( r  p _7IN    UFr  UFr?    % K t p & UGN    PFq  PFq?    ! p u   @NO*O    Hr  Hr?    % v   @NOpO    Hr  Hr?    % r  J 7IO    UFr  UFr?    % ۤ r `  7IO    UFr  UFr?    % ;r FJ x7IBP    UFr  UFr?     $ % zq @ 7 GP    PFq  PFq?     $ I :r p o 7IP    UFr  UFr?     $ m kq  A+ gGQ    PFq  PFq?    ]n  I ᦑGJQ    PFq  PFq?    " l vQ 3LOQ   ;@ ;@?    # ӥ Un ~ 7IQ    UFr  UFr?    # m  tz q+LOR   ;@ ;@?    %  n
> +NOTR    Hr  Hr?    ! > m  & +NOR    Hr  Hr?    # _ m  s N^8MR    -Xr  -Xr?    ! t U GS    PFq  PFq?    # n  N9 OOTS    Yr  Yr?    $ Ʀ m   OOS    Yr  Yr?    ( j @J = _KS  
 -
 - ?    m    7IHT    UFr  UFr?    " m  Ґ $vMT  
 ]
 ?
  # ç n @  {&JT    Fr  Fr?     * dl 0 b %JU    Fr  Fr?     -  ?n  X GJpU       ?    # = m `  GU    PFq  PFq?    # ` m P ! 7IU    UFr  UFr?    # xr ` 2 #8I6V    UFr  UFr?    # n P  ,7IxV    UFr  UFr?    " ɨ m   7IV    UFr  UFr?    n   qGV    PFq  PFq?    % t P  =G:W    PFq  PFq?    $ 0 j   4gK~W    y  y ?     $ T aq   8IW    UFr  UFr?    % x  S e r v i c e P a c k 2 h C : \ U s e r s \ P u b l i c \ G a m e s \ W o r l d o f W a r c r a f t \ L a u n c h e r . e x e : C : \ W i n d o w s \ S y s W O W 6 4 \ n t d l l . d l l @ C : \ W i n d o w s \ S y s W O W 6 4 \ k e r n e l 3 2 . d l l < C : \ W i n d o w s \ S y s W O W 6 4 \ u s e r 3 2 . d l l : C : \ W i n d o w s \ S y s W O W 6 4 \ g d i 3 2 . d l l @ C : \ W i n d o w s \ S y s W O W 6 4 \ a d v a p i 3 2 . d l l < C : \ W i n d o w s \ S y s W O W 6 4 \ r p c r t 4 . d l l > C : \ W i n d o w s \ S y s W O W 6 4 \ s e c u r 3 2 . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ m s i m g 3 2 . d l l @ C : \ W i n d o w s \ S y s W O W 6 4 \ c o m d l g 3 2 . d l l < C : \ W i n d o w s \ S y s W O W 6 4 \ m s v c r t . d l l > C : \ W i n d o w s \ S y s W O W 6 4 \ s h l w a p i . d l l C : \ W i n d o w s \ w i n s x s \ x 8 6 _ m i c r o s o f t . w i n d o w s . c o m m o n - c o n t r o l s _ 6 5 9 5 b 6 4 1 4 4 c c f 1 d f _ 6 . 0 . 6 0 0 2 . 1 8 3 0 5 _ n o n e _ 5 c b 7 2 f 2 a 0 8 8 b 0 e d 3 \ c o m c t l 3 2 . d l l > C : \ W i n d o w s \ S y s W O W 6 4 \ s h e l l 3 2 . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ w i n s p o o l . d r v < C : \ W i n d o w s \ S y s t e m 3 2 \ o l e d l g . d l l : C : \ W i n d o w s \ S y s W O W 6 4 \ o l e 3 2 . d l l @ C : \ W i n d o w s \ S y s W O W 6 4 \ o l e a u t 3 2 . d l l < C : \ W i n d o w s \ S y s W O W 6 4 \ w s 2 _ 3 2 . d l l 6 C : \ W i n d o w s \ S y s W O W 6 4 \ n s i . d l l > C : \ W i n d o w s \ S y s W O W 6 4 \ w i n i n e t . d l l @ C : \ W i n d o w s \ S y s W O W 6 4 \ n o r m a l i z . d l l @ C : \ W i n d o w s \ S y s W O W 6 4 \ i e r t u t i l . d l l < C : \ W i n d o w s \ S y s W O W 6 4 \ u r l m o n . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ v e r s i o n . d l l : C : \ W i n d o w s \ S y s t e m 3 2 \ w i n m m . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ o l e a c c . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ m s w s o c k . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ w i n h t t p . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ s h i m e n g . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ a p p h e l p . d l l @ C : \ W i n d o w s \ A p p P a t c h \ A c L a y e r s . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ u s e r e n v . d l l 6 C : \ W i n d o w s \ S y s t e m 3 2 \ m p r . d l l : C : \ W i n d o w s \ S y s t e m 3 2 \ i m m 3 2 . d l l : C : \ W i n d o w s \ S y s W O W 6 4 \ m s c t f . d l l 6 C : \ W i n d o w s \ S y s W O W 6 4 \ l p k . d l l : C : \ W i n d o w s \ S y s W O W 6 4 \ u s p 1 0 . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ u x t h e m e . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ r i c h e d 2 0 . d l l > C : \ W i n d o w s \ S y s W O W 6 4 \ c l b c a t q . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ r s a e n h . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ I P H L P A P I . D L L @ C : \ W i n d o w s \ S y s t e m 3 2 \ d h c p c s v c . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ d n s a p i . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ w i n n s i . d l l B C : \ W i n d o w s \ S y s t e m 3 2 \ d h c p c s v c 6 . D L L @ C : \ W i n d o w s \ S y s t e m 3 2 \ a s y c f i l t . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ W S H T C P I P . D L L @ C : \ W i n d o w s \ S y s t e m 3 2 \ r a s a p i 3 2 . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ r a s m a n . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ n e t a p i 3 2 . d l l : C : \ W i n d o w s \ S y s W O W 6 4 \ p s a p i . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ t a p i 3 2 . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ r t u t i l s . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ c r y p t 3 2 . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ m s a s n 1 . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ c r e d s s p . d l l @ C : \ W i n d o w s \ S y s W O W 6 4 \ s c h a n n e l . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ S e n s A p i . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ n l a a p i . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ r a s a d h l p . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ n t m a r t a . d l l > C : \ W i n d o w s \ S y s W O W 6 4 \ W l d a p 3 2 . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ s a m l i b . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ w s h i p 6 . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ N a p i N S P . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ p n r p n s p . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ w i n r n r . d l l J C : \ W i n d o w s \ S y s t e m 3 2 \ w b e m \ w b e m p r o x . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ w b e m c o m n . d l l H C : \ W i n d o w s \ S y s t e m 3 2 \ w b e m \ w b e m s v c . d l l J C : \ W i n d o w s \ S y s t e m 3 2 \ w b e m \ f a s t p r o x . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ n t d s a p i . d l l > C : \ W i n d o w s \ S y s W O W 6 4 \ i e f r a m e . d l l F C : \ W i n d o w s \ S y s W O W 6 4 \ F i r e w a l l A P I . d l l @ C : \ W i n d o w s \ S y s W O W 6 4 \ s e t u p a p i . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ l i n k i n f o . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ p r o p s y s . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ s h d o c v w . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ w d m a u d . d r v < C : \ W i n d o w s \ S y s t e m 3 2 \ k s u s e r . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ M M D e v A P I . d l l 8 C : \ W i n d o w s \ S y s t e m 3 2 \ a v r t . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ w i n t r u s t . d l l @ C : \ W i n d o w s \ S y s W O W 6 4 \ i m a g e h l p . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ A u d i o S e s . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ A u d i o E n g . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ m s a c m 3 2 . d r v > C : \ W i n d o w s \ S y s t e m 3 2 \ m s a c m 3 2 . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ m i d i m a p . d l l 6 C : \ W i n d o w s \ S y s t e m 3 2 \ s x s . d l l : C : \ W i n d o w s \ S y s t e m 3 2 \ m l a n g . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ m s h t m l . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ m s i m t f . d l l @ C : \ W i n d o w s \ S y s W O W 6 4 \ j s c r i p t 9 . d l l 8 C : \ W i n d o w s \ S y s t e m 3 2 \ d 2 d 1 . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ D W r i t e . d l l 8 C : \ W i n d o w s \ S y s t e m 3 2 \ d x g i . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ d w m a p i . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ d 3 d 1 0 _ 1 . d l l F C : \ W i n d o w s \ S y s t e m 3 2 \ d 3 d 1 0 _ 1 c o r e . d l l ^ C : \ W i n d o w s \ S y s W O W 6 4 \ M a c r o m e d \ F l a s h \ F l a s h 1 0 e . o c x : C : \ W i n d o w s \ S y s t e m 3 2 \ m s c m s . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ m s l s 3 1 . d l l J C : \ W i n d o w s \ S y s t e m 3 2 \ w i n d o w s c o d e c s . d l l P C : \ W i n d o w s \ S y s t e m 3 2 \ w i n d o w s c o d e c s e x t . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ m s x m l 6 . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ d s s e n h . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ n c r y p t . d l l < C : \ W i n d o w s \ S y s t e m 3 2 \ b c r y p t . d l l : C : \ W i n d o w s \ S y s t e m 3 2 \ g p a p i . d l l 6 C : \ W i n d o w s \ S y s t e m 3 2 \ S L C . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ c r y p t n e t . d l l > C : \ W i n d o w s \ S y s t e m 3 2 \ c a b i n e t . d l l f C : \ U s e r s \ P u b l i c \ G a m e s \ W o r l d o f W a r c r a f t \ d b g h e l p . d l l @ C : \ W i n d o w s \ S y s t e m 3 2 \ p o w r p r o f . d l l ?   ]c # + @ U? + S + + h,h, @5] # F +  ]c # +  @ U? ?   @ Y[k# + ? w+ S + +   ՛w#  \ +   ?    ]c # ! + @@ ? w+ S + + !  ! -w#  ! +   ?   w+ S + + xII I%w#  I+   ?   w+ S + + n0u @n-w#  n+   ?   w+ S + + 3 ~w#  t~+   ?   w+ S + + H   Ʒw#  \+   ?    wm xm w+ S + + H   Ʒw#  \+   ?   w+ S + + ΄w
w՛w#  +   ?   w+ S + + T &%w#  T&+   ?   w+ S + + w#  x+   ?   w+ S + + #՛w#  #+   ?   ]c # + @ U? w+ S + + w#  D+  ]c # +  @ U? ?   w+ S + + e mu w#  +   ?   @ G # + w+ S + + @ l%w#  D+   ?   ҄r# L+ w+ S + +  D՛w#  +   ?   w+ S + + ح" ح" l%w#  D+   ?   w+ S + + PT w#  +   ?   + S + +  ~՛w#  ,~+   ?   {`m# N+ @+ S + +  w#  @+   ?   + S + + U  Ʒw#  \ +   ?   + S + + 4  5 u` ՛w#  +   ?   + S + +  D6w#  8+   RSDSM
tmRDZ_S
 D:\BuildServer\1\work-trunk\core-repository\trunk\Launcher\Release-WoW\Launcher.pdb RSDSu4:I{HJoD4 wntdll.pdb RSDS B]2OFn~ wkernel32.pdb RSDS\^[=EBH wuser32.pdb RSDSzJZ wgdi32.pdb RSDSmfMJGQ
 advapi32.pdb RSDS3@~A'31 wrpcrt4.pdb RSDS7oX CFzU wsecur32.pdb RSDSrXGg!-l  msimg32.pdb RSDS-
8&D C comdlg32.pdb RSDSܬEs 8S# msvcrt.pdb RSDSCMEkD[/t shlwapi.pdb RSDS%_rJC{ib comctl32.pdb RSDShRC8>0E shell32.pdb RSDS5e@NԲG winspool.pdb RSDS)fFAeů oledlg.pdb RSDSqDgZesј ole32.pdb RSDST #J%8ׂ oleaut32.pdb RSDS{F}FM] ws2_32.pdb RSDSt7]_K9+ nsi.pdb RSDSDL¨홹I 8 wininet.pdb RSDS6ؚ[@
*I normaliz.pdb RSDS~7m!Kyv~ iertutil.pdb RSDS+*=gH/L urlmon.pdb RSDSחG6t5 version.pdb RSDS<.pKC( winmm.pdb RSDSK\@ˡv֢o oleacc.pdb RSDS@g< @AU mswsock.pdb RSDS-?_I5" winhttp.pdb RSDS
]G kR ShimEng.pdb RSDS֎mAK5 >T apphelp.pdb RSDShEC AcLayers.pdb RSDSVԶ
-G@ userenv.pdb RSDS7S5EK v
 mpr.pdb RSDSsNKx謨 wimm32.pdb RSDSeũsKw7  msctf.pdb RSDSK d_ wlpk.pdb RSDS6 ;IH& usp10.pdb RSDS,kLE` wuxtheme.pdb RSDSrX)Cň0 riched20.pdb RSDS~ {F3 : CLBCatQ.pdb RSDS1fH*v(Nc~ rsaenh.pdb RSDSFouǵ;Nf iphlpapi.pdb RSDS28 Eeľ dhcpcsvc.pdb RSDS
$Fz¿O dnsapi.pdb RSDSLP winnsi.pdb RSDSKzQIgZ dhcpcsvc6.pdb RSDSj>nIZh asycfilt.pdb RSDSBJ; wshtcpip.pdb RSDS-B*@#>T$ rasapi32.pdb RSDS1^K$s rasman.pdb RSDS`۠H)c<8 netapi32.pdb RSDS9WҜFyZٹ psapi.pdb RSDS;4LqT tapi32.pdb RSDS;+C{-" rtutils.pdb RSDSDXEAThA crypt32.pdb RSDSef1FS`] msasn1.pdb RSDSu,J>gыB credssp.pdb RSDSҟmg;Aa schannel.pdb RSDS[_ xJCe SensApi.pdb RSDS 3EI_ؓs nlaapi.pdb RSDS|LG<@c# rasadhlp.pdb RSDSŞCqoGOYIOX ntmarta.pdb RSDS
HL2G wldap32.pdb RSDSM!@yut5 samlib.pdb RSDSoGL y` wship6.pdb RSDS/s@8CꘇL{H NapiNSP.pdb RSDSpx BϬ{/ pnrpnsp.pdb RSDS{GAҼh winrnr.pdb RSDS5cMBx wbemprox.pdb RSDSj&{DteRe wbemcomn.pdb RSDSV?~rC~n wbemsvc.pdb RSDSQ^[ChQk fastprox.pdb RSDS>:
LQz_n ntdsapi.pdb RSDS υCGA"q ieframe.pdb RSDSɄ:B9* FirewallAPI.pdb RSDS"+;ubAaa4<  setupapi.pdb RSDS+*?H.)Dm linkinfo.pdb RSDS <GҊ2t propsys.pdb RSDSsÂmHAkr' shdocvw.pdb RSDSK\^MLDm wdmaud.pdb RSDSWI1B Έ ksuser.pdb RSDSy/EcI7/S MMDevAPI.pdb RSDS ߀^sF̻( avrt.pdb RSDSfȋJ/lC wintrust.pdb RSDS!L B,F imagehlp.pdb RSDS0sA]y4OBZ@9 AudioSes.pdb RSDS R{@ AUDIOENG.pdb RSDS7-xG?t msacm32.pdb RSDSi7hE zTB msacm32.pdb RSDSML`A midimap.pdb RSDS&>;` A]KQm sxs.pdb RSDS)#H6Y mlang.pdb RSDSpo{VG mshtml.pdb RSDS,f`I̷n msimtf.pdb RSDSaqKy2Lex8"j jscript9.pdb RSDSm#`C DI d2d1.pdb RSDS7K D*/E DWrite.pdb RSDS0'w6Mtu dxgi.pdb RSDS~oM=! - dwmapi.pdb RSDSFdEs3 d3d10_1.pdb RSDS1@Oz%yG d3d10_1core.pdb RSDSuv[{iCGJ 5 c:\flashfarm\depot\main\player\branches\FlashPlayer\FlashPlayer10_Marlin\platform\win32\obj\Flash5AX\Release\Flash.pdb RSDS6@rz mscms.pdb RSDS*#6BE> msls31.pdb RSDS
J]
 WindowsCodecs.pdb RSDSё~IL&
H? WindowsCodecsExt.pdb RSDSՑ7WH 7Q
 msxml6.pdb RSDSY<IFd<Cp dssenh.pdb RSDS7J;gCyo ncrypt.pdb RSDS sMNx} bcrypt.pdb RSDS"-IpGY gpapi.pdb RSDS'&CC
 SLC.pdb RSDSy ^BCOB cryptnet.pdb RSDSmjSK5 cabinet.pdb RSDS}$1f@!4 dbghelp.pdb RSDSC?u"
Iw powrprof.pdb Launcher-WoW: (build 2736) ~  }  x& '  u A}  a `$  u x$  u h%  u (    F  p4  K p;  K `%  K   K \ K   /   /  L h     & (    3 M  3  Pz  3 `  ;  ;    '!   '%    ')  '- ?  2 L  6 X1 @ :  @   A \ D ~ N 4  N  X rS 5 X Z p  "_ D  *c   g K  k ! n "  o K  r h ~v   nw (&  Zz ]  Z~   Z P~  * `1g  * Pz  * 8ճ  * ۳  2   2 +  2 +  2 `      \ H  f, \  k  F h F   6 -w x " w   I  8)i  ~ x  Uw   L-   J   w   Fw   )     lfw   6' 2  A   0O   ]   n    P  2  |
 `j  | /K  | K   K  & K  * T .  H / @ D 0 x/  5   9   =  8 A 4  F U  J PW  N 35)  6R Hw 
6V l  >` % h >d   h  o 0 p 4  t   u  x   y  3 |    -u  ̓ .  ͇ .  l T4 P l T   PT   n  dy  
   f0   U D     X's      0 .  P  ν P2  v x  ~  
 -0   (L      pu               ( m  @  `j   \  D~    @#
  =  $  5 t !    p
  ! $
  A 8  A  {x H A$ X6   ( A  h , ha   1 e  0 5 $
  != p   !A   @ 1E   qJ   qN  X qR _~  V   Z    ^ !
e ~  p 0y  t ()!  x .!  E} (g!  E    8!  - ! L - @  y h"  y    ="       0  J  ո   ۼ  @  Y l  "   Ф    @   Rn
  #   #   #   o~   @   X  S ! T  I  O  n (
 p~   X   X  /    P&  t   #   @ " ?   < @  >  X ?@ @  A  T WC (~  F <  H X  GJ < K 4
+M m g ~  n X^  " @ w @w v T $w ~
~ ~(~P~ m     W  w r     $w   
~  `D  ( " U$w     s)   \l54`s g .i_ w o w - e u r o p e . c o m .i_ 9 .i_  .i_ .i_ 4 st: www.google-analytics.com .i_ .i_  .i_ hqg .i_ BE}pe 2)i_ dhHee ?)i_ cept-Encoding: gzip, deflate 8)i_  u2u | } -u4sp.z )i_ 8yg {g@!}r))i_Y {u,~Ug w|)i_x }g 0g!}1X)i_~ x3u{̐T+  )i_V !}g }Qg6ŝ)i_ {u,~Ug yjkû8)i_ `!}g !}y0Y)i_ B P{  _ g a t A)i_  D{  _ g a q )i_{ / _ _ u t m . g i f )i_B] "},z Q  )y    @ A U  l H 0 0 ($&9&7wKww 9 kuH&+fp 2fpXPpXPp X&hepMZ   @  !L!This program cannot be run in DOS mode.

$ -TٽL:L:L:FL:BL:RichL: PE L IE !          0  /  @      
 .rsrc     @ @.reloc   @ B  Vx  XАi_L  I 4Yn 6Y `1 (E(s7  pA}t  Yx  [Đi_ / p a g e a d / v i e w t h r o u g h c o n v e r s i o n / 1 0 3 2 6 6 9 7 2 2 / f+Q Q4 \l54:gH{s }_N  E R N E L 3 2 . D L L }_v oNK=wv$oNK=wv}_
 }d} i}L  }_L   Da Da K} C}}_A   @} }_ 3z4 XM}xz }_`C % DNdC}B} @} }_ * WL ,  L ,  }_ / } C}LSDNC}C} }_ 4 i}L ,  }_, 9 L L hL} D}LSDND}}_ Z   4 `xiL , 5u4 hPg), , L} l~LSDNp~C} @} k}L ,  L ,    L} \l%4s0s D%i_  tp:launcher.wow-europe.com A%i_  w.google-analytics.com J%i_  .m   gw%i_   ( ( (5_ k () 2)
B) Q) 5_W) r d) m) q) )5_) gZ ) ) ) ) *
*
 ;z   `$x+ (! ~Z `$ * .ku P h%! + " 8! +  H! ,+ 0++ H  {+ + + + + + , `j!X! x$$$h! <-(j"""C x!N- Y"Z"Z"!- - $ - -  - -  ! """ X$ '. ( / 4. 8.+  .
 . .  ! đ .  !/ %=w J/@ 9hb l@ 8(
O
O XS Yj3q    Z / /   0      B qu +X0ށ 

#21 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 13 June 2012 - 05:56 AM

I do not have the expertise and the program to read your .dmp file in that format.

It sure looks like your USB drivers are the culprit.

I suggest that you start a new topic in this the External Hardware forum.
http://www.bleepingc...s/forum138.html

I'm sure some expert will be able to identify the culprit.

I will leave this topic open for 5 days. If you need to return please do so.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#22 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 19 June 2012 - 05:45 AM

Time for some housekeeping

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall
===

Delete the other tools we used.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#23 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,326 posts

Posted 26 June 2012 - 05:41 AM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button