Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus vs. Hardware Failure? Can't Tell, Scans Won't Complete

Started by Birdgirl123 , Mar 17 2012 04:42 PM

  • This topic is locked This topic is locked

#1
Birdgirl123
Posted 17 March 2012 - 04:42 PM

Birdgirl123

    New Member

  • Member
  • Pip
  • 2 posts
Good Day Geeks - I hope you can help with the following:

I have two major issues going on and have thus far sought out help from the Norton 360 help desk at Symantec, from the geeks that work at Office Depot, and still cannot resolve my issues:

1) I cannot complete a Full Scan on Norton 360, v 6.1.1.8. Quick scan comes up okay with the only things being fixed are tracking cookies, the number of which recently seems to be growing. When I try to run a Full Scan, my computer freezes and I have to hard boot it back on, which I hate to do. I have run the Norton "Power Eraser" program from their website, which shows no problems found.

2) I experience Internet Explorer freezes without any seemingly coherent pattern, also requiring hard boots to get the system back up. I have taken the cpu to Office Depot (where it was bought several years ago) and had them run virus programs (which discovered nothing) and even had the entire drive erased and re-installed. When they checked the hardware on system, no problems were found. All drivers were brought up to date. They had unit for days and said it never experienced any freezes, but when I got it home, same old problem exists. Sometimes programs and Internet will run smoothly, sometimes it freezes/crashes on me several times within an hour. I tried running Mozilla Firefox, but crashes increased with it, so tried to uninstall, but seems not all files wiped out and don't know how to get the rest out.

I am a moderate user and not familiar with a lot of the technical stuff, and don't know where to start. I am following the steps as indicated on this website in search of help or an answer to my problems. I think may be graphics driver failing as most of the errors I see in logs related to Windows Media Manager? How can I rule out a virus/malware/etc. as the cause of this problem? Following is OTL.txt file, I hope someone can help me (PS, crashed in the middle of first run, so wiped that out and tried again):

OTL logfile created on: 3/17/2012 2:39:47 PM - Run 2
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\Donna\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.44 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 62.86% Memory free
3.82 Gb Paging File | 2.89 Gb Available in Paging File | 75.55% Paging File free
Paging file location(s): c:\pagefile.sys 1500 1500 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 226.09 Gb Total Space | 146.35 Gb Free Space | 64.73% Space Free | Partition Type: NTFS

Computer Name: DONNA-PC | User Name: Donna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/17 14:06:48 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Desktop\OTL.exe
PRC - [2012/01/16 23:18:36 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Norton 360\Engine\6.1.1.8\ccsvchst.exe
PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 00:33:12 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\inetinfo.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/07/10 12:56:04 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (getPlus® Helper) getPlus®
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2012/01/16 23:18:36 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Norton 360\Engine\6.1.1.8\ccSvcHst.exe -- (N360)
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/11 11:19:28 | 000,174,656 | ---- | M] () [Disabled | Stopped] -- C:\Windows\System32\psiservice.exe -- (ProtexisLicensing)
SRV - [2011/04/07 22:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/24 10:21:40 | 000,118,784 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/04/21 10:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/04/21 10:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/04/10 23:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/20 11:36:40 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Disabled | Stopped] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 00:34:43 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
SRV - [2008/01/19 00:33:40 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\WMSvc.exe -- (WMSvc)
SRV - [2008/01/19 00:33:12 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/11/29 17:56:34 | 000,722,232 | ---- | M] (Lenovo Group Limited) [Disabled | Stopped] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/07/10 12:56:04 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2006/11/19 22:10:04 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Disabled | Stopped] -- C:\Windows\System32\IPSSVC.EXE -- (IPSSVC)
SRV - [2006/11/15 16:20:46 | 000,634,988 | ---- | M] (Diskeeper Corporation) [Disabled | Stopped] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2006/11/02 05:36:18 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (SYMNDISV)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (SYMFW)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2012/03/10 07:59:16 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/03/03 05:03:30 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120316.005\IDSvix86.sys -- (IDSVix86)
DRV - [2012/03/02 11:58:02 | 000,820,856 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120302.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/03/02 02:00:00 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120316.035\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/03/02 02:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120316.035\NAVENG.SYS -- (NAVENG)
DRV - [2012/02/04 06:44:14 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/11/23 19:23:47 | 000,905,336 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0601010.008\symefa.sys -- (SymEFA)
DRV - [2011/11/23 19:23:20 | 000,035,960 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2011/11/23 18:50:26 | 000,574,584 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\0601010.008\srtsp.sys -- (SRTSP)
DRV - [2011/11/23 18:50:26 | 000,032,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0601010.008\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/11/16 20:37:59 | 000,345,208 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0601010.008\symtdiv.sys -- (SYMTDIv)
DRV - [2011/11/16 20:17:48 | 000,149,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0601010.008\ironx86.sys -- (SymIRON)
DRV - [2011/11/04 16:59:35 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0601010.008\ccsetx86.sys -- (ccSet_N360)
DRV - [2011/08/15 23:51:40 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\0601010.008\symds.sys -- (SymDS)
DRV - [2011/04/07 22:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/04/09 02:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009/04/10 21:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2009/01/02 09:47:43 | 000,030,144 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2008/01/18 23:08:49 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/12/13 20:32:08 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2006/11/08 00:54:02 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/11/08 00:52:58 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DPV)
DRV - [2006/11/06 01:23:24 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006/11/02 01:55:05 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2006/11/02 00:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/10/14 09:56:46 | 000,014,592 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELUSBLF.SYS -- (pelusblf)
DRV - [2006/09/14 10:48:58 | 000,016,768 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELMOUSE.SYS -- (pelmouse)
DRV - [2002/10/22 04:58:06 | 000,040,448 | ---- | M] (Susteen Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SUSCOM.SYS -- (SUSCOM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://news.yahoo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {E5EC5385-E278-4FE0-802E-FC9F10287AAD}
IE - HKLM\..\SearchScopes\{0744D727-FF1F-4F7E-9AB1-75DF513EC8DA}: "URL" = http://shopping.yaho...Terms}&fr=yie7c
IE - HKLM\..\SearchScopes\{2FA2DE9B-3883-4199-A67E-86AACF35A043}: "URL" = http://video.yahoo.c...Terms}&fr=yie7c
IE - HKLM\..\SearchScopes\{90011AE4-8966-43D2-8014-36A588B13190}: "URL" = http://images.search...Terms}&fr=yie7c
IE - HKLM\..\SearchScopes\{9D0A7D45-9E84-4953-95D0-1AE359756E66}: "URL" = http://news.search.y...Terms}&fr=yie7c
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKLM\..\SearchScopes\{E1E57275-5682-4E46-97E8-F83E47959163}: "URL" = http://answers.yahoo...Terms}&fr=yie7c
IE - HKLM\..\SearchScopes\{E5EC5385-E278-4FE0-802E-FC9F10287AAD}: "URL" = http://search.yahoo....Terms}&fr=yie7c
IE - HKLM\..\SearchScopes\{FEB0F0D2-4631-44DB-A98F-0AE8A1C09AEA}: "URL" = http://local.yahoo.c...Terms}&fr=yie7c

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://news.yahoo.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {3DA94979-9383-41D0-9114-74147B1B8D12}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0F1896D1-AA7C-4B08-9A29-700B13DC9E0D}: "URL" = http://answers.yahoo...Terms}&fr=yie7c
IE - HKCU\..\SearchScopes\{39911358-E6FA-45A6-9F00-555A5E9ECE77}: "URL" = http://images.search...Terms}&fr=yie7c
IE - HKCU\..\SearchScopes\{3DA94979-9383-41D0-9114-74147B1B8D12}: "URL" = http://search.yahoo....Terms}&ei=utf-8
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...r={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...il&geo=US&ver=6
IE - HKCU\..\SearchScopes\{C0DCE191-3B45-45FC-A654-CC33FDA9494C}: "URL" = http://video.yahoo.c...Terms}&fr=yie7c
IE - HKCU\..\SearchScopes\{CC405945-441A-46ED-8A11-3DD76FF184F3}: "URL" = http://shopping.yaho...Terms}&fr=yie7c
IE - HKCU\..\SearchScopes\{E1D7F976-3943-4026-8A8C-3E1A3E91F117}: "URL" = http://news.search.y...Terms}&fr=yie7c
IE - HKCU\..\SearchScopes\{E84EFDB5-10E6-481C-A425-7EACC624D266}: "URL" = http://local.yahoo.c...Terms}&fr=yie7c
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/01/21 17:37:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\IPSFFPlgn\ [2012/03/03 05:19:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\coFFPlgn\ [2012/03/17 14:33:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

File not found (No name found) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\COFFPLGN_2011_7_3_6
File not found (No name found) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\IPSFFPLGN
File not found (No name found) -- C:\USERS\DONNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CTZPH1QV.DEFAULT\EXTENSIONS\[email protected]

O1 HOSTS File: ([2009/04/09 18:02:42 | 000,000,742 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Suggest) - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll (Yahoo! Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Norton 360\Engine\6.1.1.8\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Norton 360\Engine\6.1.1.8\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online. )
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Norton 360\Engine\6.1.1.8\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online. )
O3 - HKLM\..\Toolbar: (Verizon Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online. )
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support....veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} http://sp4pat.dyndns.../AVC_AX_742.cab (AMCCtrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: vzTCPConfig http://my.verizon.co...vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.238.64.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84F14C9D-14A0-41A0-9BAC-9003704793A2}: DhcpNameServer = 192.168.1.1 68.238.64.12
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Donna\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Donna\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1f57cb03-6d96-11dd-ba56-0019db7d7548}\Shell - "" = AutoRun
O33 - MountPoints2\{9c2556e1-e72b-11de-8cd0-0019db7d7548}\Shell\Auto\command - "" = D:\launcher.exe
O33 - MountPoints2\{9c2556e1-e72b-11de-8cd0-0019db7d7548}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/17 14:06:42 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\Donna\Desktop\OTL.exe
[2012/03/17 06:45:43 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Microsoft Corporation
[2012/03/17 06:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2012/03/03 05:16:18 | 000,035,960 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SymIMV.sys
[2012/02/26 06:49:35 | 000,000,000 | ---D | C] -- C:\B
[2012/02/26 06:49:35 | 000,000,000 | ---D | C] -- \B
[2012/02/25 09:53:09 | 000,000,000 | ---D | C] -- C:\f55a0601f71b3c5b008869ffb485
[2012/02/25 09:53:09 | 000,000,000 | ---D | C] -- \f55a0601f71b3c5b008869ffb485
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/17 14:29:56 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Free File Viewer Update Checker.job
[2012/03/17 14:29:50 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/17 14:29:50 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/17 14:29:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/17 14:06:48 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Desktop\OTL.exe
[2012/03/17 09:29:32 | 000,002,280 | ---- | M] () -- C:\{468F8E1C-224C-48CC-A3AD-C7A575A5C30E}
[2012/03/17 06:07:45 | 000,725,296 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/17 06:07:45 | 000,148,130 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/17 05:09:29 | 002,300,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/03/17 05:02:24 | 002,379,685 | ---- | M] () -- C:\Windows\System32\drivers\N360\0601010.008\Cat.DB
[2012/03/17 04:45:45 | 000,008,727 | ---- | M] () -- C:\Windows\System32\drivers\N360\0601010.008\VT20120301.009
[2012/03/10 08:08:55 | 000,002,234 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/03/10 07:59:16 | 000,141,944 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012/03/10 07:59:16 | 000,007,468 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012/03/10 07:59:16 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012/03/06 15:55:58 | 000,000,106 | ---- | M] () -- C:\Windows\VaultMediaClient.INI
[2012/03/03 05:16:40 | 000,000,884 | ---- | M] () -- C:\Users\Donna\Desktop\Norton Installation Files.lnk
[2012/02/25 09:52:52 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012/02/25 09:52:52 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012/02/25 09:52:39 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/02/24 23:27:11 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\0601010.008\isolate.ini
[2012/02/18 08:54:12 | 000,131,074 | ---- | M] () -- C:\Users\Donna\Desktop\Equifax_FACT_Rpt_02182012.pdf
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/17 09:29:30 | 000,002,280 | ---- | C] () -- C:\{468F8E1C-224C-48CC-A3AD-C7A575A5C30E}
[2012/03/17 09:29:30 | 000,002,280 | ---- | C] () -- \{468F8E1C-224C-48CC-A3AD-C7A575A5C30E}
[2012/03/17 06:45:02 | 000,002,006 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
[2012/03/10 08:08:55 | 000,002,234 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/02/25 09:52:39 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/02/18 08:54:10 | 000,131,074 | ---- | C] () -- C:\Users\Donna\Desktop\Equifax_FACT_Rpt_02182012.pdf
[2011/07/30 13:52:36 | 000,017,408 | ---- | C] () -- \psapi.dll
[2011/06/11 11:19:28 | 000,174,656 | ---- | C] () -- C:\Windows\System32\psiservice.exe
[2011/05/29 15:29:17 | 000,110,602 | ---- | C] () -- C:\Windows\System32\xcdsfx32.bin
[2011/05/19 17:15:08 | 000,012,288 | ---- | C] () -- C:\Users\Donna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/01 09:29:37 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011/05/01 09:29:37 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011/05/01 09:29:37 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011/05/01 09:29:37 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011/05/01 09:29:37 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011/05/01 09:29:37 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011/05/01 09:29:37 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011/05/01 09:29:37 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011/05/01 09:29:37 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011/05/01 09:29:37 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011/05/01 09:29:37 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011/05/01 09:29:37 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011/05/01 09:29:37 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011/05/01 09:29:37 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011/05/01 09:29:37 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011/05/01 09:29:37 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011/04/02 07:04:26 | 000,000,106 | ---- | C] () -- C:\Windows\VaultMediaClient.INI
[2011/02/05 08:30:46 | 000,005,632 | ---- | C] () -- C:\Windows\System32\AVC_AP_SCALE.dll
[2011/02/05 08:30:45 | 000,176,128 | ---- | C] () -- C:\Windows\System32\AVC_AP_H264.dll
[2011/02/05 08:30:45 | 000,018,432 | ---- | C] () -- C:\Windows\System32\AVC_AP_JPEG.dll
[2011/02/05 08:30:43 | 000,323,584 | ---- | C] () -- C:\Windows\System32\Deinterlace.dll
[2011/02/05 08:30:37 | 000,176,128 | ---- | C] () -- C:\Windows\System32\AVC_H264.dll
[2011/02/05 08:30:37 | 000,018,432 | ---- | C] () -- C:\Windows\System32\AVC_JPEG.dll
[2010/07/06 20:03:06 | 000,176,128 | ---- | C] () -- C:\Windows\System32\AVC_AX_742_H264.dll
[2010/07/06 19:55:36 | 000,018,432 | ---- | C] () -- C:\Windows\System32\AVC_AX_742_JPEG.dll
[2010/07/06 19:51:56 | 000,005,632 | ---- | C] () -- C:\Windows\System32\AVC_AX_742_SCALE.dll
[2010/06/17 18:07:24 | 000,159,251 | ---- | C] () -- C:\Windows\System32\swscale-0.11.0.dll
[2010/06/17 18:07:24 | 000,070,163 | ---- | C] () -- C:\Windows\System32\avutil-50.19.0.dll
[2010/06/17 18:07:22 | 000,798,739 | ---- | C] () -- C:\Windows\System32\avcodec-52.77.0.dll
[2010/06/17 18:07:22 | 000,085,504 | ---- | C] () -- C:\Windows\System32\avformat-52.68.0.dll
[2010/06/11 18:47:58 | 000,135,168 | ---- | C] () -- C:\Windows\System32\utf8_2_font.dll

========== LOP Check ==========

[2012/03/17 14:29:56 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\Free File Viewer Update Checker.job
[2012/03/17 07:22:48 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:C3A4217C
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:9E22BBE8
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:FC420CE6
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:93EB7685

< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 24 March 2012 - 10:25 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP