Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Older Vista Running Slow


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
No idea. Haven't used Norton in about 10 years. I would think that if you right click on the Norton icon in the systray that there might be an option or just open Norton. Should be there somewhere.
  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
http://www.combofix....ubscription.php

Also if you remove it make sure it doesn't have automatic renewal or they will still have to pay for it.
  • 0

#18
flyboy1565

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c27dcb3253a47741bb48e97004144f2b
# engine=13141
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-13 07:45:00
# local_time=2013-02-12 11:45:00 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776573 100 100 0 197349028 0 0
# scanned=184503
# found=0
# cleaned=0
# scan_time=8112
  • 0

#19
flyboy1565

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Wed Feb 13 17:16:52 2013
Machine ID: C08BB565

C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll - could not be accessed
--> Process HPAdvisor.exe (3932)


No infection found.
-------------------



Processes
---------
Google Chrome 500 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 5672 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 5420 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 2948 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 2952 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 4828 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 3464 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 3564 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 3576 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 3744 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\chrome.exe
HD Audio Control Panel 3712 C:\Windows\RtHDVCpl.exe
Hewlett-Packard Company KBD EXE 3704 C:\hp\KBD\kbd.exe
HP Connections 4060 C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
hp digital imaging - hp all-in-one seri 5000 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
hp digital imaging - hp all-in-one seri 4068 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
hp digital imaging - hp all-in-one seri 3720 C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
HP Total Care Advisor 3932 C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
hpsysdrv 3696 C:\hp\support\hpsysdrv.exe
iTunes 3908 C:\Program Files\iTunes\iTunesHelper.exe
Mavis Beacon Personal Coach v 2.0 4076 C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
McciTrayApp 3876 C:\Program Files\ATT-SST\pcTrayApp.exe
Microsoft Office OneNote 2340 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Microsoft® Windows® Operating System 3924 C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System 3272 C:\Windows\explorer.exe
Microsoft® Windows® Operating System 3892 C:\Windows\System32\rundll32.exe
Microsoft® Windows® Operating System 3168 C:\Windows\System32\taskeng.exe
Nikon Transfer 3772 C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
Norton Security Status Provider 6120 C:\Program Files\Hewlett-Packard\HP Advisor\SSDK04.exe
Symantec Security Technologies 3728 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
(verified) GoogleToolbarNotifier 2888 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(verified) Microsoft® Windows® Operating System 1460 C:\Program Files\Windows Media Player\wmpnscfg.exe
(verified) Microsoft® Windows® Operating System 3100 C:\Windows\ehome\ehmsas.exe
(verified) Microsoft® Windows® Operating System 3952 C:\Windows\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System 3188 C:\Windows\System32\dwm.exe
(verified) Windows Defender 1520 C:\Program Files\Windows Defender\MSASCui.exe


Network activity
----------------
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 74.125.224.68
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 74.125.224.103
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.129.121
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.129.95
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.129.95
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.224.110
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.224.44
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 206.204.54.252
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 206.204.54.252
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 206.204.54.252
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 206.204.54.252
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 206.204.54.252
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 206.204.54.252
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 74.125.224.94
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 165.254.156.98
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.224.58
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.224.39
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.224.121
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.224.145
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 74.125.224.41
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 74.125.224.42
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 74.125.224.101
Process chrome.exe (2952) connected on port 443 (HTTP over SSL) --> 74.125.224.108
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.129.121
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.224.74
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.224.74
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.224.74
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.224.108
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.224.108
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.129.95
Process chrome.exe (2952) connected on port 80 (HTTP) --> 74.125.129.121
Process chrome.exe (2952) connected on port 80 (HTTP) --> 198.172.88.27



Autoruns and critical files
---------------------------
Adobe Acrobat C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Adobe Update Manager C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
HD Audio Control Panel C:\Windows\RtHDVCpl.exe
Hewlett-Packard Company KBD EXE C:\hp\KBD\kbd.exe
HP Connections C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
hp digital imaging - hp all-in-one seri C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
hp digital imaging - hp all-in-one seri C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
HP Total Care Advisor C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
hpsysdrv C:\hp\support\hpsysdrv.exe
iTunes C:\Program Files\iTunes\iTunesHelper.exe
LiveUpdate Notice C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
Mavis Beacon Personal Coach v 2.0 C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
McciTrayApp C:\Program Files\ATT-SST\pcTrayApp.exe
Microsoft Office OneNote C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Microsoft® Windows® Operating System C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System C:\Windows\system32\BROWSEUI.dll
Microsoft® Windows® Operating System C:\Windows\system32\oobefldr.dll
Microsoft® Windows® Operating System C:\Windows\system32\Ribbons.scr
Nikon Transfer C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
Norton AntiVirus c:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe
NVIDIA Compatible Windows Vista Display C:\Windows\system32\NvCpl.dll
NVIDIA Media Center Library C:\Windows\system32\NvMcTray.dll
QuickTime C:\Program Files\QuickTime\QTTask.exe
soft thinks Launcher C:\Windows\SMINST\launcher.exe
Symantec Security Technologies C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Symantec Shared Component c:\Program Files\Norton Internet Security\osCheck.exe
Windows® Internet Explorer c:\windows\system32\webcheck.dll
(verified) Google Update C:\Users\Theresa\AppData\Local\Google\Update\GoogleUpdate.exe
(verified) GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(verified) Microsoft® Windows® Operating System C:\Program Files\Windows Media Player\wmpnscfg.exe
(verified) Microsoft® Windows® Operating System C:\Windows\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
(verified) Windows Defender C:\Program Files\Windows Defender\MSASCui.exe


Browser plugins
---------------
AcroIEHelper Library c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
Bitdefender QuickScan C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Google Toolbar for Internet Explorer c:\program files\google\google toolbar\googletoolbar_32.dll
Google Update C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
Google Update C:\Users\Theresa\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
HP Smart Web Printing c:\program files\hewlett-packard\smart web printing\hpswp_framework.dll
InstallShield Update Service C:\Windows\Downloaded Program Files\isusweb.dll
Motive Management Plug-in C:\Program Files\Common Files\Motive\npMotiveRequest.dll
Motive Plugin C:\Program Files\Common Files\Motive\npMotive.dll
Norton Confidential c:\program files\common files\symantec shared\coshared\browser\1.0\nppbho.dll
Norton Confidential c:\program files\common files\symantec shared\coshared\browser\1.0\uibho.dll
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32.dll C:\Windows\system32\Macromed\Flash\NPSWF32.dll
QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
Windows Presentation Foundation c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\Windows\system32\ieframe.dll
(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.dll
(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.exe
(verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll


Scan
----
MD5: 308c9ddbd043903534514b097396e017 C:\hp\KBD\aol.dll
MD5: 6cf34b0f4dfbf541db299ccfac445a04 C:\hp\KBD\cfg.dll
MD5: c81be1b951c36e97d3da90da745da5f7 C:\hp\KBD\kbd.exe
MD5: f68a3f0d63be926ed65ed1c8c5b03a3d C:\hp\KBD\led.dll
MD5: bf475cc947c0cd6b2aedf4a2bed4f0d5 C:\hp\KBD\msg.dll
MD5: 57d46fedf6bf2dde8cd4746f0684be58 C:\HP\KBD\MSIKBDIF.DLL
MD5: bcab1694df88bf3dbeef30bd731f3c3e C:\hp\KBD\onl.dll
MD5: 56aa2f99855ab9fb4e7600030e36858a C:\hp\KBD\osd.dll
MD5: 1f847ceb90df6bf6e0edaed904b1e7c8 C:\hp\KBD\ps2.dll
MD5: 17f1cff37cb423ea05264f7174d84d60 C:\hp\KBD\sct.dll
MD5: 996fc333026a68a66078a4ab6c9ea54c C:\hp\KBD\url.dll
MD5: 29012814c2a868047ed659ccd919bea4 C:\hp\KBD\USB.dll
MD5: 85b8925f1a477df7aec93cabbeb04f1f C:\hp\support\hpsysdrv.exe
MD5: 4ea3a6cd9d20584ffafdb1e47dbf0e20 c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
MD5: 43f3f6d33c793089a7c32b45da16094b C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
MD5: 43362b96870ce8649f4f2ec893da93f0 C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
MD5: 9b31f1060090087c6d2d631e79a8ac15 C:\Program Files\ATT-SST\pcTrayApp.exe
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 9aef11dc5c7ae1b486f1d30eb41354cc C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\KeyHook.dll
MD5: af89540732e13aeafaa1819979befbee C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
MD5: c26b09276755e0698b31cf0bae0bf182 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
MD5: f6fd367c9eaaedf90cd7a7952ae0b336 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: cf3126a2ff45aa224fc541bc543c2d9c C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: ef8cd3c64ee9c08980d6d06ccce46c68 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 43a0a24cd12b110dc93462d6b035c961 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: ff9831030678c7b6d70bac00f68f8976 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 9abb7cdac0914579c86990048771b1b4 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: d47913f993a0e3a0c9f1e88fd02e98c6 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: c3c8d359d1fcb72941f75f8a302bfbde C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 78865abc5f5d13190f8b35bd9044714a C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: 62169bdd927a67c360a35f4526429b01 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: 8a1cbae63fc06edaedcce1b23e9c9267 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: 58b61578d5704e9fc8b8a9861a85069d C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: a5299d04ed225d64cf07a568a3e1bf8c C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: ab781c0e4c09e08f464081d17c0f6184 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: 6e5dac168d1ff9843e84a59d51d31107 c:\Program Files\Common Files\LightScribe\LSSrvc.exe
MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
MD5: b73b5999d47cd9727264f557626bce3a C:\Program Files\Common Files\Motive\npMotive.dll
MD5: 56ed4deceb5a1bc5dd3dc93463f66755 C:\Program Files\Common Files\Motive\npMotiveRequest.dll
MD5: 2d97f6be32cdf8f86b9568442f044a82 C:\Program Files\Common Files\Motive\pcCMService.exe
MD5: 1e0b5b353fa8bbd1dfe61976a920d583 C:\Program Files\Common Files\Motive\pcContextDetectorEmail_DSR.dll
MD5: 44d1878184a8afde81d62e4f91c51fa2 C:\Program Files\Common Files\Motive\pcContextDetectorWin32_DSR.dll
MD5: e5eddd079cd8bc0bab8e5b80c2927b31 C:\Program Files\Common Files\Motive\pcContextHook_DSR.dll
MD5: a88b2a6a57ceac2213a564419865f3d8 C:\Program Files\Common Files\Motive\pcContextX.dll
MD5: a792405e6c84c3debc02b1cf29a928f0 C:\Program Files\Common Files\Motive\pcServiceHost.exe
MD5: ce6892cf204645111347e008cc8c99db C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
MD5: d4ce4d370a26ae1bf41be9f69d24d049 c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
MD5: ee31ee72caa20608d256cb34c6d911e0 c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll
MD5: 45dd1618620987e7dac06b99b39993bb c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll
MD5: c4043d9634efd72e8cedb170114c4b36 c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMail.dll
MD5: a2950479efcd2bedd470ee83c6400c6b c:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll
MD5: 1f12f89dbd2553096395189d26ed4fe2 c:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll
MD5: 4987563cb82ad92e98e1a857734408e4 c:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll
MD5: 2fe779b1a07747fed8074c433c3c4604 c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
MD5: 677eadf3ffdc14df5044d7f16b0ce558 C:\Program Files\Common Files\Symantec Shared\ccAlert.dll
MD5: 25be770865658cb79100117112819a7c C:\Program Files\Common Files\Symantec Shared\ccApp.exe
MD5: e7f15d691f91240901e8b7961da08043 C:\Program Files\Common Files\Symantec Shared\ccEmlPxy.dll
MD5: d5991b5bec31095bae1fde461d517bd9 c:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll
MD5: 6e22bcdfae1cc274baf429075fb5b54a c:\Program Files\Common Files\Symantec Shared\ccL60U.dll
MD5: 595175d2e7f77a1440de360eec20fa7d C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
MD5: db4bdb90903edf5914b2155df2967c76 c:\Program Files\Common Files\Symantec Shared\ccProSub.dll
MD5: a8d524895ddc6e238324627c4359a747 c:\Program Files\Common Files\Symantec Shared\ccSet.dll
MD5: 9df03f00f9ac2cfc7bbd9528b917281d c:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
MD5: a39ef96b7c3ca17b9da1a9a132471d72 c:\Program Files\Common Files\Symantec Shared\ccSvc.dll
MD5: fe69c498b922ce835e2e2123fbd0a272 c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
MD5: bbe96b8c41f5a00070a00b51a8ae4757 c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
MD5: c6e8a239a25a85d892c565a5ec7ea54f c:\Program Files\Common Files\Symantec Shared\CF\cfEPack.dll
MD5: 9c004ddad2b588ed05ff97df5707d053 c:\Program Files\Common Files\Symantec Shared\CF\cfV2Pack.dll
MD5: 84caf892d379a2259eea35369a63b0f2 c:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll
MD5: 6052639c2334387fa73072e907374dbd c:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll
MD5: 57e8cf524aff1d945aabd65b9aaa8075 c:\program files\common files\symantec shared\coshared\browser\1.0\nppbho.dll
MD5: 668e3888e866469602b42b42f9cf6eee c:\program files\common files\symantec shared\coshared\browser\1.0\uibho.dll
MD5: 1ae9adb6ecec107e3639ed9c3454c42a c:\Program Files\Common Files\Symantec Shared\NcoItf.dll
MD5: 5ebab427c2c213031635035fe2c3be62 c:\Program Files\Common Files\Symantec Shared\NPC\DataPvdr.dll
MD5: 0e8142779f2d62e0cd1dfefbac8afa29 c:\Program Files\Common Files\Symantec Shared\NPC\npcTRAY.dll
MD5: fe4c1dc1179af65122fbde2f2ab2f1a4 c:\Program Files\Common Files\Symantec Shared\NPC\npcWmiCl.dll
MD5: fd4bfcc5eee6175c15ae3c168b2ea4cf c:\Program Files\Common Files\Symantec Shared\NPC\npcWmiDt.dll
MD5: 7d723d09dd187c295e8397c792228bba c:\Program Files\Common Files\Symantec Shared\NPC\NSCHlpr2.dll
MD5: a411997ca9d7e84452f8a53388e764a5 c:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL
MD5: 6a2517b28ca802547ccbec3cfdc30dcf c:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll
MD5: 6b76ccc2daf54a6d3c749e2bb42a62fc c:\Program Files\Common Files\Symantec Shared\NPC\PEPEvnt.dll
MD5: 501bd8daf257fb31117f72f195bf570d c:\Program Files\Common Files\Symantec Shared\NPC\UICntnr.dll
MD5: 85d6f4c36d20fff6904e07a498be4292 c:\Program Files\Common Files\Symantec Shared\NPC\uiLicPlg.dll
MD5: 792308a6098867509023d9dc2edadf13 c:\Program Files\Common Files\Symantec Shared\Options\VTCache.dll
MD5: 81a1312ccf521cfa56fb28b097e0c722 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll
MD5: 85553a46b1370b21aaaf9243b02feaa2 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertUi.dll
MD5: 2d1389e05a807d956829f44bd4b60389 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
MD5: 1b733cf4593c043df17e29665bcb1242 C:\Program Files\Common Files\Symantec Shared\rcAlert.dll
MD5: e208e40f1bf0c3b55cbf369fd176841d C:\Program Files\Common Files\Symantec Shared\rcEmlPxy.dll
MD5: 905782bcf15b6e5af9905b77923c7fa2 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
MD5: 461fd0d987a90549950d20ce7dbef7b3 c:\Program Files\Common Files\Symantec Shared\SymHTML\1.0\SymHTML.DLL
MD5: 749aba9c6e9d5cd0fbcba8820f0b8b5c c:\Program Files\Common Files\Symantec Shared\SymNeti.dll
MD5: 3cc5076730cf551242eb8182998a4e85 c:\Program Files\Common Files\Symantec Shared\SymRedir.dll
MD5: 7ce352882828c12dd7632b172253a02c c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
MD5: 951f36219c7384c6ed6c9f44d45c5235 C:\Program Files\Common Files\System\Ole DB\oledb32.dll
MD5: 892125b60ba6c2a66f485a89c4a6b918 C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL
MD5: 5d4bc124faae6730ac002cdb67bf1a1c C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
MD5: b9497c5acaea521663bffbb321dd3afa c:\program files\google\google toolbar\googletoolbar_32.dll
MD5: e0ff893763ba82baabb869a351f0c455 C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
MD5: 4534b919b89b56655d3a2c22e34f933b C:\Program Files\Hewlett-Packard\Digital Imaging\bin\crm\hpqcrmcm.dll
MD5: a7a0371c6c7f0a02b5668a0f504a23cb C:\Program Files\Hewlett-Packard\Digital Imaging\bin\crm\xmlparse.dll
MD5: 6906658f82de4c3f9538b189d93597c2 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\crm\xmltok.dll
MD5: cdc71d9902d36f3b7b8c72a441518e98 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpodio08.dll
MD5: e5098d864bef8822a1879a7f7282d79e C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotra08.dll
MD5: 7e1da97e3e188411ad25d5180e5e5cf1 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotra08.rsc
MD5: 070456a1041bb432e5a669dfba17f1a1 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotradd.dll
MD5: 7e7882073b5cbe571f37240a8766418d C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcob08.dll
MD5: af81f7ba6a09119006fe041a2f2f3ece C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll
MD5: 00328f10d94e30dd1206923ed2f9400c C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddcmn.dll
MD5: 7244f63db8ea883b3dc8e730c645d073 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll
MD5: 20e4cb0079b6dd5d14f44e51d1ac35bd C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddusr.dll
MD5: cdbd3317d329e4f724d7f1fdf2d84380 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqmfc10.dll
MD5: 0e983bc4924cbe36e56d53ece0e29ca8 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqmif08.dll
MD5: fe181f58353fbe4d6d96276ce523d2cb C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqrif08.dll
MD5: 99352d5990a991c3ccc3c63d4a0a91bf C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqsem08.rsc
MD5: 85e7bb8a103644085c5c665481022e56 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
MD5: 859e490f95ce4f3674ee0b72910ff257 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.rsc
MD5: e2e02bb0b3afecfbe489d07c1c3a28dc C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqsti08.dll
MD5: 5fabaa91cfaa5d86ee398bb38a59454b C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqstp08.dll
MD5: b768327a1b2f192caa67267a89af3a31 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtao08.dll
MD5: aed4cf5fdd02e0c8c3c0f4f756e07b3e C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtap08.dll
MD5: 1ba45cdef852381da4a95d056ddb4b48 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
MD5: 4a36e63080922a2377c3ab4b313d97b6 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.rsc
MD5: 354d0d3fa5cd831509ce97daff2174d5 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpquio08.dll
MD5: e2b8f1ef9a74a83157427225873f5331 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqusg.dll
MD5: 00c52faf10ac367f4071b6ab9e2b419f C:\Program Files\Hewlett-Packard\HP Advisor\BackWeb.dll
MD5: cc7b776edb6b446a060dabb6f2040427 C:\Program Files\Hewlett-Packard\HP Advisor\CeeWrtier.dll
MD5: a568125e9011589213328d94f28746bc C:\Program Files\Hewlett-Packard\HP Advisor\Content.dll
MD5: 66e65b71a7e4c8fa16a6866fe4e375d3 C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.Common.Windows.dll
MD5: 5a5254f84a01fecc2c92138d5fbb8468 C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
MD5: 4f359e9e0439d7b7ac5a587dcc128794 C:\Program Files\Hewlett-Packard\HP Advisor\InterfaceServices.dll
MD5: 8ec7975f5abb196f1e9d2ba89b5a990e C:\Program Files\Hewlett-Packard\HP Advisor\Interop.BACKWEBCOMMANDERLib.dll
MD5: c1159b4013ef10e1a89e9ed31eb5772d C:\Program Files\Hewlett-Packard\HP Advisor\Interop.BackWebLib.dll
MD5: 0d139015909be90657c8d76fa59324b4 C:\Program Files\Hewlett-Packard\HP Advisor\Interop.NetFwTypeLib.dll
MD5: 603ed0e09cea8fe6ed47e2756a6f469e C:\Program Files\Hewlett-Packard\HP Advisor\Interop.RulesEngineLib.dll
MD5: c3c65cf6303f5217f9a4d6e6e3a5c4af C:\Program Files\Hewlett-Packard\HP Advisor\Interop.TaskScheduler.dll
MD5: eaa21e8536c1d942ec7812e52cb0477a C:\Program Files\Hewlett-Packard\HP Advisor\Interop.WUApiLib.dll
MD5: 5e8893481a1e40bd25159c9fb98d8677 C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
MD5: fe72f70bdbd88d5306bf8aa8be3017a4 C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MD5: d06b697355108a5394d86c1690dfbbc7 C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MD5: 9e248b8368d882afa5048dab528d2c2d C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
MD5: 70542dd48423c999b5799de6b744c3c6 C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\Market\Interop.MLDeskBand.dll
MD5: 11c8906467b643dc4a96358df513a86e C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\Market\MarketPillar.dll
MD5: 5b1be4813e248a7b0e94b4a1c30461e0 C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MD5: 44a1c5b86b2798e772dd6a1e0809d06b C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCHealthSecurity\PCHealthSecurityPillar.dll
MD5: 48a2b8277258dff44dd2e3553e303aca C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCHelp\HowToPillar.dll
MD5: 9401b10f41725f84ea0755bdca46323a C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
MD5: abd3355c033d222b8ca80a5e2915d139 C:\Program Files\Hewlett-Packard\HP Advisor\SecurityStatusServer.dll
MD5: 42bb5676661c1a9d301c0e3e473f1000 C:\Program Files\Hewlett-Packard\HP Advisor\SSDK04.exe
MD5: 784a09b590a82a9e24d6db88a381169b C:\Program Files\Hewlett-Packard\HP Advisor\SSDK04PS.dll
MD5: 3ea0b5bb78eafb57547775cd3a4d9631 C:\Program Files\Hewlett-Packard\HP Advisor\SystemStatus.dll
MD5: b93c4070f24e46b0097648c276b5039e C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
MD5: a40456de4ef7e318104955361c72ac9d c:\program files\hewlett-packard\smart web printing\hpswp_framework.dll
MD5: 9194518fe98c858b03754955c00b6ee6 C:\Program Files\HP Connections\6811507\6.3.2.139-6811507\Program\BackWeb.dll
MD5: 4054a39d12f44a6f108ca71a6df57ab9 C:\Program Files\HP Connections\6811507\6.3.2.139-6811507\Program\BWCmndr.dll
MD5: 5fa1b0808c346d2562cf63255b140968 C:\Program Files\HP Connections\6811507\6.3.2.139-6811507\Program\BWfiles.dll
MD5: d8ac6ce62bb189582482af4bed9f186f C:\Program Files\HP Connections\6811507\6.3.2.139-6811507\Program\bwsec.dll
MD5: 4eeaf3231479635f9273eeb8a2bbf3e9 C:\Program Files\HP Connections\6811507\6.3.2.139-6811507\Program\clntutil.dll
MD5: 89edb559947dcdada4c0d74ab783713b C:\Program Files\HP Connections\6811507\6.3.2.139-6811507\Program\EN\ClientRc.dll
MD5: c8c8a407f96dbb620fea17efaf3d8e9e C:\Program Files\HP Connections\6811507\6.3.2.139-6811507\Program\frext.dll
MD5: 030806a4721102ea916b11f10557b097 C:\Program Files\HP Connections\6811507\Program\BWCmndr-6811507.dll
MD5: 030806a4721102ea916b11f10557b097 C:\Program Files\HP Connections\6811507\Program\BWfiles-6811507.dll
MD5: 030806a4721102ea916b11f10557b097 C:\Program Files\HP Connections\6811507\Program\frext-6811507.dll
MD5: 3754f4c688bfd04bc886112bd6566a9b C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
MD5: df5bb9395568a18f6cf9f339345e3f80 C:\Program Files\HP Connections\6811507\Program\HPClientExt.dll
MD5: 19d335420c8943fade12d575cf662940 C:\Program Files\Hp\Common\HPeDiag.dll
MD5: 801e6a05397b1b07e199917ce7b44123 C:\Program Files\Hp\Common\HPScripting.dll
MD5: 824f1106fcd2e9ce5f3b1011c1c25699 C:\Program Files\Hp\Common\RulesEngine.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: e8a39d41474be42fd8830ced32932d6c C:\Program Files\iPod\bin\iPodService.exe
MD5: c85eccbaa179719e658ffdbf99221e1e C:\Program Files\iTunes\iTunesHelper.dll
MD5: e4401cf27225c1d6e664e86195978562 C:\Program Files\iTunes\iTunesHelper.exe
MD5: 9df319f1c2d4b80d8ce8214ea4899adf C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: 814a169c40b55178bd8e1f79d1ada649 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: 3fcf47bd73094fa62d81373515f46110 C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: 1843e81fa7acfff4344a7dd4328d7da0 C:\Program Files\Microsoft Office\Office12\1033\ONINTL.DLL
MD5: 711a2e6a55ec7bfd59b5f649d58b704b c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
MD5: e9af8b12cffc04c0f4399ed8e4d3826e C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
MD5: ca6b4720748f463f266a066e0a3c814c C:\Program Files\Norton Internet Security\AlertRes.dll
MD5: 7dcf3bca9d7a4db8c0cd1349b5f4203d c:\Program Files\Norton Internet Security\fwAlert.dll
MD5: 5aa0fe77f54de479f1b70fcacd98cd33 c:\Program Files\Norton Internet Security\fwAlRes.dll
MD5: 7d8d22faf477ac7653b0129addf4fb88 c:\Program Files\Norton Internet Security\fwEvent.dll
MD5: 62aa1d2915f9c8715909a1dec22fc990 c:\Program Files\Norton Internet Security\IMCfg.dll
MD5: 8a3c117c2c17774efadccebdd762e96b c:\Program Files\Norton Internet Security\ISDataCl.dll
MD5: 757a12ae80e116cf7edd9a2a111f9221 c:\Program Files\Norton Internet Security\isError.dll
MD5: 0e859cf307f6aa5408bf4561c4d3f4ae C:\Program Files\Norton Internet Security\ISLAlert.dll
MD5: 36474fde02f8422b8b1a52ead9894dbc c:\Program Files\Norton Internet Security\isPwdSvc.exe
MD5: 1fd2984e6871a671f49f671fa57b85e3 c:\Program Files\Norton Internet Security\isStatus.dll
MD5: 21cb1dc67db2e5eb9de7923a10cf9473 C:\Program Files\Norton Internet Security\NisTray.dll
MD5: ad90825f42caa065201ef8a9aa07fafc C:\Program Files\Norton Internet Security\NISTrRes.dll
MD5: 632d5aa7f3da24641be0eaa6eaa5d124 C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.dll
MD5: d4b93d9895e4c1c8dab67fa0319fc334 C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.loc
MD5: 511c1117554d5da9cf975264d664a637 C:\Program Files\Norton Internet Security\Norton AntiVirus\DefAlert.dll
MD5: 23d68f9c0cddb5c97901795b7c651e09 c:\Program Files\Norton Internet Security\Norton AntiVirus\navevent.dll
MD5: f8a7645cd0efc872d1b99fd5bfd9a476 c:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe
MD5: f2b4e04e99a4285f166cc951e6bfea88 c:\Program Files\Norton Internet Security\Norton AntiVirus\OfficeAV.dll
MD5: 9ad73f11ec25b976e4bf69234100b3d7 c:\Program Files\Norton Internet Security\Norton AntiVirus\rcOffcAV.dll
MD5: 9f9169ba9b0e44b6c86a5247cec2cdee c:\Program Files\Norton Internet Security\osCheck.exe
MD5: 63dec0b35eb63a2e71fc3b29b93a73e3 c:\Program Files\Norton Internet Security\SetEvtHp.dll
MD5: 8dda2b606279753601f9415da503ca63 C:\Program Files\QuickTime\QTTask.exe
MD5: b5d974c1fd078a68c7536c561b031d39 C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
MD5: b7dc98f6f4e7611a9c0849945fb28fb9 C:\Program Files\Windows Defender\MpOav.dll
MD5: 9bd4dcb5412921864a7aacdedfbd1923 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
MD5: 07c02c892e8e1a72d6bf35004f0e9c5e C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
MD5: a97eeb81f05bce3d7aa6c81f04ef39a4 C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
MD5: 6104fea48a108984e40e8ae1c765c364 C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20070828.001\IDSvix86.sys
MD5: 699c290f8a12f092d83caf3bfd5b742b C:\Users\Theresa\AppData\Local\CrossLoop\CrossLoopService.exe
MD5: 7694dca064d0b7e0d1a6972bb9c71b39 C:\Users\Theresa\AppData\Local\CrossLoop\tvnserver.exe
MD5: 6b97b815716415e0b5dd1a1d4c8b8521 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\24.0.1312.57\chrome.dll
MD5: 1c9b45e87528b8bb8cfa884ea0099a85 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\24.0.1312.57\d3dcompiler_43.dll
MD5: 86e39e9161c3d930d93822f1563c280d C:\Users\Theresa\AppData\Local\Google\Chrome\Application\24.0.1312.57\d3dx9_43.dll
MD5: a5b66f56d5994fca083de44dfda3c038 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MD5: 56c546924accef03eaf101fa2b0b4061 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\24.0.1312.57\icudt.dll
MD5: b12f5eed5b2c59df9fc1466f458f939c C:\Users\Theresa\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll
MD5: 7ebb572149de6ff2ae529de1d4044884 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll
MD5: 94097d7604ccc99982d13d945d875f94 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
MD5: 10921a9733a6dee90f98b059e278fbfe C:\Users\Theresa\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
MD5: 0654e4c1f597fc07d6fc7443d4f94840 C:\Users\Theresa\AppData\Local\Google\Chrome\Application\chrome.exe
MD5: 853e987a635c0008f53e3cc13290af6b C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
MD5: e0ff893763ba82baabb869a351f0c455 C:\Users\Theresa\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
MD5: d6804f089cbb6749e95124e7c4d80900 C:\Windows\AppPatch\AcLayers.DLL
MD5: 8607a3ae9c287a8e3cdf6e410a1426a7 C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MD5: 61e69498b2724fd093b23c87ed90cc9a C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MD5: 70891f0ed183ac39be4c5e43666a35c7 C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MD5: 296aacae51a6995d2016c2c3e4774d81 C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MD5: b74bb4fa1cb68892caf2e3a586a55e23 C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MD5: 5528a1b5fe430c6d24e828b817ea9a20 C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll
MD5: 0378cc8c7b47eeb225b45eafbb02f186 C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MD5: 42eea3753cee067fbd197cf27bdc84a4 C:\Windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
MD5: 811e32ae27520592a7d710aa02ad8196 C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MD5: 17a282bd98312c835dc9f9429688b93c C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MD5: 1cd379dea582b44d5a367f73eeb79a81 C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MD5: 6cb31d67efba7cf52452d40d3f752c20 C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MD5: ed6b87ba6deac501c34bacb1c79a8f4e C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MD5: 555967564d4e979f4fc83683ccc2cc31 C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MD5: 3f4413dcd8d3bbabf08f68f25e6d60e1 C:\Windows\Downloaded Program Files\isusweb.dll
MD5: a8e2f76f136a0e664b68a48028d4af93 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: 4e289c24e5beb5ff9cf5b118ab96fdb0 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: 35a936c7c029a5b705d3ffd40518d660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
MD5: 41826f4a4fcddfcad0a66cf004a67be8 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: f5df6846f30e9f54ea60ccaeb3fb2055 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: a503a47a5e7ea8024379a8cc6059b74a C:\Windows\RtHDVCpl.exe
MD5: dbeb9ee2a13d9aa0d5f180757b5a2c26 C:\Windows\SMINST\launcher.exe
MD5: 928c90e02e05244d2290c1551df732c8 C:\Windows\system32\AVICAP32.dll
MD5: 74f26fc01b180d4a99a168ed69c30a53 C:\Windows\system32\cmd.exe
MD5: b0f9073be86c6d4edd4eba674251e699 C:\Windows\system32\CRYPT32.dll
MD5: 09469b8edd2755143fda06867aad7e73 C:\Windows\system32\cryptnet.dll
MD5: f1e8c34892336d33eddcdfe44e474f64 C:\Windows\system32\cryptsvc.dll
MD5: e9b39c81c87e5b790fce121da9e02701 C:\Windows\system32\d2d1.dll
MD5: 8b02d2ecc7ef6e1f6af08459e3f741f6 C:\Windows\system32\d3d10.dll
MD5: 5256383d1d266a9eefcdb270340c0e5c C:\Windows\system32\d3d10_1.dll
MD5: a441f5b43eaf4bd4e3acfbe38841b46b C:\Windows\system32\d3d10_1core.dll
MD5: 9c7094f537782a82b6a29b4a7172e180 C:\Windows\system32\d3d10core.dll
MD5: 4a4c71376eca305d6dea021f1a44816d C:\Windows\system32\D3D10Warp.dll
MD5: cb1f79a5b3551273e55f69dddcb919e3 C:\Windows\system32\dispex.dll
MD5: 85e861d0b88db2b54acb0839654c09f7 C:\Windows\system32\DNSAPI.dll
MD5: 57d762f6f5974af0da2be88a3349baaa C:\Windows\System32\dnsrslvr.dll
MD5: 062373995eae5f0eac9eaa9192136bfb C:\Windows\system32\dnssd.dll
MD5: 3911b972b55fea0478476b2e777b29fa C:\Windows\system32\drivers\afd.sys
MD5: 35f376253f687bde63976ccb3f2108ca C:\Windows\system32\DRIVERS\bowser.sys
MD5: 82b8c91d327cfecf76cb58716f7d4997 C:\Windows\system32\drivers\compbatt.sys
MD5: 622c41a07ca7e6dd91770f50d532cb6c C:\Windows\System32\Drivers\dfsc.sys
MD5: 4f59c172c094e1a1d46463a8dc061cbd C:\Windows\system32\DRIVERS\Dot4.sys
MD5: 80bf3ba09f6f2523c8f6b7cc6dbf7bd5 C:\Windows\system32\DRIVERS\Dot4Prt.sys
MD5: c55004ca6b419b6695970dfe849b122f C:\Windows\system32\DRIVERS\dot4usb.sys
MD5: c68ac676b0ef30cfbb1080adce49eb1f C:\Windows\System32\drivers\dxgkrnl.sys
MD5: 185ada973b5020655cee342059a86cbb C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
MD5: 72cc6a8ca7891031d6380db5025c773c C:\Windows\system32\DRIVERS\HSX_CNXT.sys
MD5: 88749fbf8beb18c90e7d6626c8c1910b C:\Windows\system32\DRIVERS\HSX_DP.sys
MD5: fe440536bd98af772130dc3a6fe1915f C:\Windows\system32\DRIVERS\HSXHWBS2.sys
MD5: 97469037714070e45194ed318d636401 C:\Windows\system32\drivers\intelide.sys
MD5: ce44cc04262f28216dd4341e9e36a16f C:\Windows\system32\DRIVERS\intelppm.sys
MD5: 4a1445efa932a3baf5bdb02d7131ee20 C:\Windows\System32\Drivers\ksecdd.sys
MD5: 1e94971c4b446ab2290deb71d01cf0c2 C:\Windows\system32\DRIVERS\mrxsmb.sys
MD5: 4fccb34d793b116423209c0f8b7a3b03 C:\Windows\system32\DRIVERS\mrxsmb10.sys
MD5: c3cb1b40ad4a0124d617a1199b0b9d7c C:\Windows\system32\DRIVERS\mrxsmb20.sys
MD5: fbba09782f2fac5a57619df378ba9372 C:\Windows\system32\DRIVERS\nvlddmkm.sys
MD5: d958a2b5f6ad5c3b8ccdc4d7da62466c C:\Windows\system32\DRIVERS\nvmfdx32.sys
MD5: 4a5fcab82d9bf6af8a023a66802fe9e9 C:\Windows\system32\DRIVERS\nvstor.sys
MD5: 7eba6c9a0a295b1559efb9062e701218 C:\Windows\system32\DRIVERS\nvstor32.sys
MD5: b9c2b89f08670e159f7181891e449cd9 C:\Windows\System32\drivers\partmgr.sys
MD5: 1636d43f10416aeb483bc6001097b26c C:\Windows\system32\drivers\pciide.sys
MD5: 390c204ced3785609ab24e9c52054a84 C:\Windows\system32\DRIVERS\PS2.sys
MD5: feffcfdc528764a04c8ed63d5fa6e711 C:\Windows\System32\Drivers\PxHelp20.sys
MD5: 103b79418da647736ee95645f305f68a C:\Windows\system32\drivers\sffdisk.sys
MD5: 9cfa05fcfcb7124e69cfc812b72f9614 C:\Windows\system32\drivers\sffp_sd.sys
MD5: ed5e9f3bf11d0bb770f652b22ec26465 C:\Windows\System32\Drivers\SRTSP.SYS
MD5: c70a2581e35e03c85f29aa1bc723659a C:\Windows\System32\Drivers\SRTSPL.SYS
MD5: 05f2db228922e6b8a001ed83ee4d1153 C:\Windows\System32\Drivers\SRTSPX.SYS
MD5: 41987f9fc0e61adf54f581e15029ad91 C:\Windows\System32\DRIVERS\srv.sys
MD5: ff33aff99564b1aa534f58868cbe41ef C:\Windows\System32\DRIVERS\srv2.sys
MD5: 7605c0e1d01a08f3ecd743f38b834a44 C:\Windows\System32\DRIVERS\srvnet.sys
MD5: 55a216212c89de109bde71a5f440593c C:\Windows\System32\Drivers\SYMDNS.SYS
MD5: 403bd24fa5c55fc648abdd039629a954 C:\Windows\system32\Drivers\SYMEVENT.SYS
MD5: 3f72da2a613ae5da86c7002737fe56b3 C:\Windows\System32\Drivers\SYMFW.SYS
MD5: cf88c0fa1fb45fd49fa1f4adf6251ea6 C:\Windows\System32\Drivers\SYMIDS.SYS
MD5: 105f0717ab5049a0a40d55c524b4c2e5 C:\Windows\System32\Drivers\SYMNDISV.SYS
MD5: 7f4011a719bf30e3dbd84d3a0a45c91c C:\Windows\System32\Drivers\SYMREDRV.SYS
MD5: 2f03cbdb0f22278d05d5d616c993ab58 C:\Windows\System32\Drivers\SYMTDI.SYS
MD5: 74e2d020c47bb2b2fccba29a518a7eb4 C:\Windows\System32\drivers\tcpip.sys
MD5: 325dbbacb8a36af9988ccf40eac228cc C:\Windows\system32\DRIVERS\usbuhci.sys
MD5: 786db5771f05ef300390399f626bf30a C:\Windows\system32\drivers\volsnap.sys
MD5: a840213f1acdcc175b4d1d5aaeac0d7a C:\Windows\system32\drivers\Wdf01000.sys
MD5: 701a9f884a294327e9141d73746ee279 C:\Windows\system32\drivers\wmiacpi.sys
MD5: 06e6f32c8d0a3f66d956f57b43a2e070 C:\Windows\system32\drivers\WudfPf.sys
MD5: 867c301e8b790040ae9cf6486e8041df C:\Windows\system32\DRIVERS\WUDFRd.sys
MD5: cd5f291a1161f15896d1a4d63daff5df C:\Windows\system32\DRIVERS\xaudio.exe
MD5: dab33cfa9dd24251aaa389ff36b64d4b C:\Windows\system32\DRIVERS\xaudio.sys
MD5: cabd1b34bd05c986b4dbc18bc0e947ee C:\Windows\system32\DWrite.dll
MD5: aaae543c535ed596ecad2ab8761c2c6f C:\Windows\system32\dxgi.dll
MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\system32\Dxtmsft.dll
MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\system32\Dxtrans.dll
MD5: 254c64b570a99f10952aca71f24a2236 C:\Windows\system32\expsrv.dll
MD5: 8ce364388c8eca59b14b539179276d44 C:\Windows\system32\FntCache.dll
MD5: 26ae2ca34fa4342749ec1157cb1fe954 C:\Windows\system32\hpzidr12.dll
MD5: 51c6d8bfbd4ea5b62a1ba7f4469250d3 C:\Windows\system32\HPZinw12.dll
MD5: 79834aa2fbf9fe81eebb229024f6f7fc C:\Windows\system32\HPZipm12.dll
MD5: af880166dac5880219f748ed83902cb2 C:\Windows\system32\hpzipr12.dll
MD5: 0e816ea3c5dce94c95099e8b38e75e67 C:\Windows\system32\ieframe.dll
MD5: d171eaa745a2c0c583cdda13d9088ee4 C:\Windows\system32\iertutil.dll
MD5: eb49faa5ebbc06356fb12476438781b9 C:\Windows\system32\imagehlp.dll
MD5: 12e8a79644955a6d1d371cbd7da7c871 C:\Windows\system32\inetmib1.dll
MD5: 8843b6a1b8e102841b2dff02805c5cec C:\Windows\system32\jscript.dll
MD5: c079169e6a07fc4412475c02969eb9ce C:\Windows\System32\jscript9.dll
MD5: dc3105cc925a0d47f61b54e66ab730fc C:\Windows\system32\kernel32.dll
MD5: a3e186b4b935905b829219502557314e C:\Windows\system32\lsass.exe
MD5: 67d16247c56c26a4f0d79d1a7f272b8f C:\Windows\system32\mf.dll
MD5: ef24642d5fb52a1eef56de9e47cbb993 C:\Windows\system32\MFC42.DLL
MD5: bf142d4f8c61ed3629a9cdd7ba867900 C:\Windows\system32\MFPlat.DLL
MD5: 554ed6988e44fdf18941429e8b2cb652 C:\Windows\system32\MSDART.DLL
MD5: cbc39cad3421ab71966bdd98abf847e0 C:\Windows\system32\msfeeds.dll
MD5: c97434c851c4821bd92d2831fdf1ecbe C:\Windows\system32\mshtml.dll
MD5: 2955a48be10fd1f7a112b0a890a6271d C:\Windows\system32\MSISIP.DLL
MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll
MD5: 9d1ee179965f9ddf964a9ea99d1d70a1 C:\Windows\system32\msmpeg2vdec.dll
MD5: ff41e1ac301f51e16f61ad7c0f45467c C:\Windows\System32\msshsq.dll
MD5: 2310a32bb0164552a311bfa02102a3d6 C:\Windows\system32\MSVCP60.dll
MD5: 17af64d727545f2804f6e6d998327e3f C:\Windows\system32\msvcrt.dll
MD5: 6abd253226770eae1292b4c945ed4b4b C:\Windows\System32\msxml3.dll
MD5: 13cc59c1b04e9f20a87987c68cd4be3f C:\Windows\system32\ncrypt.dll
MD5: 98b656eaf128cd06f625b09c84d959e1 C:\Windows\system32\NETAPI32.dll
MD5: dda770bbd7c2ed024d6f50e279d90e5b C:\Windows\system32\ntdll.dll
MD5: c0a2442be61f72822a438daf23bba878 C:\Windows\System32\nvapi.dll
MD5: fb15fe55c4b02089a31ea9c63a6c260a C:\Windows\system32\NvCpl.dll
MD5: 65c15783c836be91ecc88a74742d9e18 C:\Windows\system32\nvd3dum.dll
MD5: 625e173870538418a3c66c18338ce358 C:\Windows\system32\NvMcTray.dll
MD5: cf7769f13b3ecc5e2bf1b3d1c5831ae8 C:\Windows\system32\nvvsvc.exe
MD5: 862363973dcbcc31dd161ef41a69153c C:\Windows\system32\ODBC32.dll
MD5: 9586e7cb2255a8b097a7e4538202585e C:\Windows\system32\ole32.dll
MD5: dc15ab7168c0309d8f04fd95b6240422 C:\Windows\system32\OLEACC.dll
MD5: b218342214d9bba0f54ea12ba2e9278c C:\Windows\system32\OLEAUT32.dll
MD5: 5a32d90a3d3d63e9011869a07a720ab3 C:\Windows\system32\Ribbons.scr
MD5: 4b555106290bd117334e9a08761c035a C:\Windows\System32\rundll32.exe
MD5: 50e3e76b0901bb4fc029bb88bfa5ce79 C:\Windows\system32\schannel.dll
MD5: 1a58069db21d05eb2ab58ee5753ebe8d C:\Windows\system32\schedsvc.dll
MD5: d602fedbd9155fc2ded6863fb60c950f C:\Windows\system32\Secur32.dll
MD5: 167ac31450c0c53a01fa1491e94d7678 C:\Windows\system32\shdocvw.dll
MD5: aaf101900a23d75ae1ae00840fa6f3b8 C:\Windows\system32\SHELL32.dll
MD5: 420b075cd71ab9e58d15dd258958fba3 C:\Windows\system32\SHLWAPI.dll
MD5: c7230fbee14437716701c15be02c27b8 C:\Windows\System32\shsvcs.dll
MD5: 8554097e5136c3bf9f69fe578a1b35f4 C:\Windows\System32\spoolsv.exe
MD5: 1bf5eebfd518dd7298434d8c862f825d C:\Windows\system32\srvsvc.dll
MD5: b5950df243837d8217f4e597919b224a C:\Windows\system32\stobject.dll
MD5: 3d50c4b10352367d5cb20ed1f50f8da2 C:\Windows\System32\taskeng.exe
MD5: 52e129522c1775dbb8cc252e7a0655c7 C:\Windows\system32\taskschd.dll
MD5: e1102cedf0c818984c2aca2a666d4c5f C:\Windows\system32\unicows.dll
MD5: be157c3800da3010efc48280ecf81c16 C:\Windows\system32\urlmon.dll
MD5: 80fff14f1757b9af8be9d314fc1ae88b C:\Windows\system32\USP10.dll
MD5: 4995b131f6b4da0f8f7d2191e37054bd C:\Windows\system32\VBAJET32.DLL
MD5: df1f51d2938a403bfe671b13a12fa434 C:\Windows\system32\VDMDBG.DLL
MD5: 83c2f5076e1b4a63c04f2b14ee7cad47 C:\Windows\system32\wbem\wbemdisp.dll
MD5: 2c3b09e586bda2cc49a292be7badc589 C:\Windows\system32\wbem\wmiutils.dll
MD5: 5193de33f3284c447e0d31dafbf92570 c:\windows\system32\webcheck.dll
MD5: 7943a80f1a6fd37969aacd411b511f91 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll
MD5: dbd02e3e6f061ebbbf9b99a9d7cba30b C:\Windows\system32\WINHTTP.dll
MD5: b49b56b64f57699a1a663d2cf7d0a56f C:\Windows\system32\WININET.dll
MD5: 14ff750efe13b0c21e5a06507c3a97b1 C:\Windows\system32\WINMM.dll
MD5: 3fcb7347d2de38488c85a31ea7838a3c C:\Windows\system32\WinSATAPI.dll
MD5: 5ec8fb83f31aa2d6f421f02c3f4f4475 C:\Windows\system32\WINSPOOL.DRV
MD5: b2e569ef26dac9d6994a2aff4f601b7a C:\Windows\system32\WINTRUST.dll
MD5: a9662bcf218bc76869a8d91635d5f93a C:\Windows\System32\Wpc.dll
MD5: 9c50130e941a24805a608e6f3d2a3c8f C:\Windows\system32\wshext.dll
MD5: 1a617835452eee5060976c9b9f5fe635 C:\Windows\system32\wuapi.dll
MD5: fc3ec24fce372c89423e015a2ac1a31e C:\Windows\system32\wuaueng.dll
MD5: fe47b7bc8ea320c2d9b5e5bf6e303765 C:\Windows\System32\WUDFSvc.dll
MD5: 1908cc7673f72601affdca022689cedf C:\Windows\system32\XmlLite.dll
MD5: d5e459bed3db9cf7fc6cc1455f177d2d C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: 1f5afd468eb5e09e9ed75a087529eab5 C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
MD5: 28a09777d2d952122567a8a82f1a2c7b C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
MD5: 35acd5ea63d75e97dd0e9a1629e582b2 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll
MD5: be3c082837866c4c291adaf163c10ea6 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MD5: 76eaef4ddebbc7c38853f586c0e91dce C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll


No file uploaded.

Scan finished - communication took 2 sec
Total traffic - 0.02 MB sent, 1.91 KB recvd
Scanned 878 files and modules - 70 seconds

==============================================================================
  • 0

#20
flyboy1565

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc /scannow


(This will check your critical system files. With Vista it always complains that it can't fix everything. Usually it's just a .ini file which makes no sense.)


Actually it found and repair something, and says changes will take effect on next boot.
  • 0

#21
flyboy1565

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 13/02/2013 5:52:49 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 14/02/2013 1:28:23 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: i8042prt

Log: 'System' Date/Time: 14/02/2013 1:28:23 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 14/02/2013 1:21:56 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: i8042prt

Log: 'System' Date/Time: 14/02/2013 1:21:56 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 13/02/2013 11:33:04 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: i8042prt

Log: 'System' Date/Time: 13/02/2013 11:33:04 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 13/02/2013 11:04:46 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 13/02/2013 11:04:46 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Log: 'System' Date/Time: 13/02/2013 11:04:46 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 13/02/2013 11:04:46 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Log: 'System' Date/Time: 13/02/2013 11:04:45 AM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 13/02/2013 3:48:24 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: i8042prt

Log: 'System' Date/Time: 13/02/2013 3:48:24 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 10/02/2013 4:34:47 AM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Log: 'System' Date/Time: 10/02/2013 4:32:39 AM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Log: 'System' Date/Time: 08/02/2013 11:18:17 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: i8042prt

Log: 'System' Date/Time: 08/02/2013 11:18:17 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 08/02/2013 5:36:18 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x800f020b: HP - Display - HP w19b/w19e Wide LCD Monitor.

Log: 'System' Date/Time: 08/02/2013 4:29:52 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {60C70E11-2B08-4798-B366-C8450CDA7B1A} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 08/02/2013 4:26:55 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: i8042prt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 14/02/2013 1:39:06 AM
Type: Warning Category: 0
Event: 3004 Source: Microsoft-Windows-Windows Defender
Windows Defender Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. Windows Defender can't undo changes that you allow. For more information please see the following: Not Applicable Scan ID: {BC8F065F-B1ED-4A71-97BE-E9019ED54BCA} User: Theresa-PC\Theresa Name: Unknown ID: Severity ID: Category ID: Path Found: regkey:HKCU@S-1-5-21-2514306935-2398294903-2158801995-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Oajkjy;runkey:HKCU@S-1-5-21-2514306935-2398294903-2158801995-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Oajkjy;file:C:\Users\Theresa\AppData\Roaming\Oajkjy.exe Alert Type: Unclassified software Detection Type:

Log: 'System' Date/Time: 13/02/2013 11:07:17 AM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB2789646(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 13/02/2013 11:07:17 AM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB2789646(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 13/02/2013 11:07:17 AM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB2789646(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 13/02/2013 11:07:17 AM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB2789646(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 13/02/2013 11:07:16 AM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB2789646(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 13/02/2013 11:07:06 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:06 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:06 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:05 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:05 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:05 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:05 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:05 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:05 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:04 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:04 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:04 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:04 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system

Log: 'System' Date/Time: 13/02/2013 11:07:04 AM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2789646(Security Update) is not applicable for this system
  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
No malware in the scans but something odd in the error logs:

14/02/2013 1:39:06 AM
HKCU@S-1-5-21-2514306935-2398294903-2158801995-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Oajkjy;runkey:
HKCU@S-1-5-21-2514306935-2398294903-2158801995-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Oajkjy;
file:C:\Users\Theresa\AppData\Roaming\Oajkjy.exe

Oajkjy.exe is a random named file so probably malware that you just picked up.

.

This error:

Log: 'System' Date/Time: 08/02/2013 4:29:52 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {60C70E11-2B08-4798-B366-C8450CDA7B1A} did not register with DCOM within the required timeout.


Is something left over from Norton.

A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.


Right click on (My) Computer and select Manage (Continue) then Services and Applications then Services. Find Windows Search and right click on it and select Properties. Then change the startup type to Disabled. OK.

Repeat for Apple Mobile Device or just uninstall it.

That will speed up the boot a bit.

We can do a little more with Autoruns:

Get autoruns from
http://live.sysinter...om/autoruns.exe

Download Save and Run the program by right clicking and Run As Admin.

Find and uncheck

i8042prt

parvdm (Parallel Port Driver)

Close Autoruns then clear the alarms and reboot. Run VEW again.
  • 0

#23
flyboy1565

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
ComboFix 13-02-13.02 - Theresa 02/13/2013 18:09:21.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1918.1123 [GMT -8:00]
Running from: c:\users\Theresa\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-01-14 to 2013-02-14 )))))))))))))))))))))))))))))))
.
.
2013-02-14 02:16 . 2013-02-14 02:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-14 01:38 . 2011-04-18 01:43 167940 ------w- c:\users\Theresa\AppData\Roaming\Oajkjy.exe
2013-02-14 01:16 . 2013-02-14 01:16 -------- d-----w- c:\users\Theresa\AppData\Roaming\QuickScan
2013-02-13 10:19 . 2013-02-13 10:19 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E32A340D-B343-4F59-BA53-3B9AE440C2E5}\offreg.dll
2013-02-13 09:03 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 09:03 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 09:03 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 09:02 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 09:02 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-13 08:56 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E32A340D-B343-4F59-BA53-3B9AE440C2E5}\mpengine.dll
2013-02-13 05:19 . 2013-02-13 05:19 -------- d-----w- c:\program files\ESET
2013-02-13 03:56 . 2013-02-13 03:56 -------- d-----w- c:\program files\Speccy
2013-02-10 04:38 . 2012-08-21 21:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-02-10 04:37 . 2013-02-10 04:37 -------- d-----w- c:\program files\iPod
2013-02-10 04:37 . 2013-02-10 04:38 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-02-10 04:37 . 2013-02-10 04:38 -------- d-----w- c:\program files\iTunes
2013-02-10 04:27 . 2013-02-10 04:27 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2013-02-10 04:27 . 2013-02-10 04:27 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2013-02-10 04:27 . 2013-02-10 04:27 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-02-10 04:27 . 2013-02-10 04:27 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-02-10 04:27 . 2013-02-10 04:27 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-02-10 04:27 . 2013-02-10 04:27 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-02-10 04:27 . 2013-02-10 04:27 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-02-10 04:27 . 2013-02-10 04:27 -------- d-----w- c:\program files\QuickTime
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-17 09:28 . 2009-10-02 16:29 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-16 13:12 . 2012-12-22 11:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-22 11:01 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-11-20 04:22 . 2013-01-09 03:05 204288 ----a-w- c:\windows\system32\ncrypt.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2006-11-16 1480296]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-31 313472]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-26 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Oajkjy"="c:\users\Theresa\AppData\Roaming\Oajkjy.exe" [2011-04-18 167940]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 115816]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-10-26 22696]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-30 583048]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-02-25 479232]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"ATT-SST_McciTrayApp"="c:\program files\ATT-SST\pcTrayApp.exe" [2012-06-07 1939968]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-23 13539872]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-23 92704]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-25 44136]
.
c:\users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
HP Connections.lnk - c:\program files\HP Connections\6811507\Program\HP Connections.exe [2006-12-9 34520]
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
MiniMavis.lnk - c:\program files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe [2009-12-13 2392064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - COMHOST
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 00:58]
.
2013-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 00:58]
.
2013-02-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2514306935-2398294903-2158801995-1000Core.job
- c:\users\Theresa\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-07 04:05]
.
2013-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2514306935-2398294903-2158801995-1000UA.job
- c:\users\Theresa\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-07 04:05]
.
2013-02-10 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Theresa.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-07 17:48]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://att.yahoo.com
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://my.netzero.net/s/search?r=minisearch
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: $talisma_url$
Trusted Zone: netzero.com
Trusted Zone: netzero.net
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-13 18:16
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-02-13 18:19:02
ComboFix-quarantined-files.txt 2013-02-14 02:18
.
Pre-Run: 223,169,691,648 bytes free
Post-Run: 223,343,239,168 bytes free
.
- - End Of File - - 1AD50CB1CB281618EB1537803ACE3930
  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

DirLook::
C:\Program Files\Common
%user%\library

File::
c:\users\Theresa\AppData\Roaming\Oajkjy.exe
c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Theresa.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Oajkjy"=-

******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag CFScript.txt over to Combofix and let go Combofix should start on its own.

Post the new log.
  • 0

#25
flyboy1565

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
norton has been trying to uninstall for like 60min.

c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Theresa.job

Since i started uninstalling norton, I'll wait for you to tell me what to do, I am downloading avast free.

Edited by flyboy1565, 13 February 2013 - 10:16 PM.

  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Can you just reboot and then run the norton Removal Tool?

Perhaps if you run msconfig and tell it to do a diagnostic start it will make things easier.

Also the free Revo uninstaller is sometimes very useful:

http://www.revounins...e_download.html
  • 0

#27
flyboy1565

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts

Can you just reboot and then run the norton Removal Tool?


Which tool was that? I think i missed that.
  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Download and save the norton removal tool
ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe
Run the Norton Removal tool by right clicking and run as Admin.
  • 0

#29
flyboy1565

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
:thumbsup: alright the tool worked great. So where are we at? What do you want me to run now? :D
  • 0

#30
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Do Post #24
http://www.geekstogo...ost__p__2262166

then run OTL, Quickscan and post the log.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP