My computer shutdown while running RootRepeal, it had been running for about 5 mins and had listed a file (hs... .sys) before my comp shutdown all of a sudden. When I tried to run RootRepeal again, the comp shutdown again, twice. A blue screen came up and the text included "IrqL not less or Equal" and "Windows did not shutdown successfully..."
Installed Vista Service Pack 2 about an hour ago.
Appreciate any assistance.
DDS (Ver_09-12-01.01) - NTFSx86
Run by Family room 2 at 1:55:52.01 on 25/01/2010
Internet Explorer: 8.0.6001.18882
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.1918.763 [GMT -5:00]
AV: Rogers Online Protection Anti-Virus *On-access scanning disabled* (Updated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
AV: Norton Security Online *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Security Online *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Rogers Online Protection Anti-Spyware *disabled* (Updated) {307352C6-1CBD-11DB-8AF6-B622A1EF5492}
FW: Rogers Online Protection Firewall *disabled* {80593BF4-D969-4EC5-ADAE-A22F2DFC7A22}
FW: Norton Security Online *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\brsvc01a.exe
C:\Windows\system32\brss01a.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\program files\Rogers\SelfHealing\RogersSelfHelpService.exe
C:\Program Files\Rogers\Update Manager\RogersUpdateManager.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Rogers\SelfHealing\shs.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\notepad.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Rogers Online Protection\Rogers Online Protection\RPS.exe
C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe
C:\Program Files\Rogers Online Protection\Rogers Online Protection\Kav\Bin\ScanningProcess.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Family room 2\Desktop\dds.scr
C:\Windows\system32\conime.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://sharenews.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=81&bd=Pavilion&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=81&bd=Pavilion&pf=desktop
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6261\SiteAdv.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: PopKill Class: {3c060ea2-e6a9-4e49-a530-d4657b8c449a} - c:\program files\rogers online protection\rogers online protection\pkR.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6261\SiteAdv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Power2GoExpress]
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [winntR1] c:\winnt_\winntR1.exe
uRun: [winntR2] c:\winnt_\winntR2.exe
uRun: [winnt2] c:\winnt_\winnt2.exe
uRun: [winnt3] c:\winnt_\winnt3.exe
uRun: [winnt4] c:\winnt_\winnt4.exe
uRun: [winnt5] c:\winnt_\winnt5.exe
uRun: [winnt6] c:\winnt_\winnt6.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [<NO NAME>]
mRun: [SiteAdvisor] "c:\program files\siteadvisor\6261\SiteAdv.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Rogers SHS] c:\program files\rogers\selfhealing\shs.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [RogersServicepointAgent.exe] "c:\program files\rogers online protection\rogers servicepoint agent\RogersServicepointAgent.exe" /AUTORUN
mRun: [RtHDVCpl] RtHDVCpl.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6261\SiteAdv.dll
============= SERVICES / DRIVERS ===============
=============== Created Last 30 ================
2010-01-25 05:01:33 0 d-----w- c:\windows\system32\vi-VN
2010-01-25 05:01:33 0 d-----w- c:\windows\system32\eu-ES
2010-01-25 05:01:33 0 d-----w- c:\windows\system32\ca-ES
2010-01-25 01:34:34 0 d-----w- c:\users\family room 2\Tracing
2010-01-25 01:24:29 0 d-----w- c:\program files\Microsoft
2010-01-25 01:24:15 0 d-----w- c:\program files\Windows Live SkyDrive
2010-01-25 01:20:11 0 d-----w- c:\program files\common files\Windows Live
2010-01-24 17:49:52 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-24 17:21:10 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-01-24 17:21:09 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-01-24 17:21:09 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-01-24 17:18:11 243712 ----a-w- c:\windows\system32\rastls.dll
2010-01-24 17:10:57 0 d-----w- c:\programdata\Real
2010-01-19 16:22:07 0 d-----w- c:\users\family~1\appdata\roaming\WildTangent
==================== Find3M ====================
2010-01-25 06:56:17 637007648 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-01-25 05:05:51 51200 ----a-w- c:\windows\inf\infpub.dat
2010-01-25 05:05:51 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-01-25 05:05:51 143360 ----a-w- c:\windows\inf\infstor.dat
2010-01-25 05:03:04 8505728 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-01-25 05:01:30 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-01-25 04:56:21 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2010-01-02 06:38:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32:33 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32:33 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-10-29 09:17:42 2048 ----a-w- c:\windows\system32\tzres.dll
2008-04-05 03:57:26 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-10-21 13:32:19 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-08-18 04:23:57 16384 --sha-w- c:\windows\temp\cookies\index.dat
2009-08-18 04:23:57 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2009-08-18 04:23:57 32768 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat
2007-01-05 17:49:34 8192 --sha-w- c:\windows\users\default\NTUSER.DAT
============= FINISH: 1:59:39.18 ===============