Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help with a Netbook


  • This topic is locked This topic is locked
9 replies to this topic

#1 Ontabok

Ontabok

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 08 November 2012 - 12:45 PM

Below is the info I have so far. I ran these scans I found from another Tech site. Anyway, can you take a look at these and tell me what to do about a computer that locks up at random times. Internet Explorer is the worst!! It locks everything up when it freezes. Malwarebytes scans clean. Also, Norton 360 says it's clean. Here are some logs:

Hijack This:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:52:38 AM, on 11/7/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Norton 360\Engine\20.2.0.19\Navw32.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=27b51109k515l0344ww75w4772r218
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=27b51109k515l0344ww75w4772r218
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=27b51109k515l0344ww75w4772r218
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.2.0.19\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.2.0.19\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.2.0.19\coIEPlg.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [RDVCHG] "C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Sprint Con App Svc (CASprint) - SmithMicro Inc. - C:\Program Files\Sprint\Sprint SmartView\ConAppsSvc.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Acer Games\Acer Game Console\GameConsoleService.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files\Acer\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Sprint RcAppSvc (SprintRcAppSvc) - SmithMicro Inc. - C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\Program Files\Stardock\MyColors\VistaSrv.exe

--
End of file - 8339 bytes


aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-08 11:16:20
-----------------------------
11:16:20.812 OS Version: Windows 6.1.7601 Service Pack 1
11:16:20.812 Number of processors: 2 586 0x1C02
11:16:20.828 ComputerName: TAWNYA-PC UserName: Tawnya
11:16:28.458 Initialize success
11:18:30.798 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
11:18:30.813 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
11:18:30.923 Disk 0 MBR read successfully
11:18:30.923 Disk 0 MBR scan
11:18:30.938 Disk 0 Windows 7 default MBR code
11:18:31.016 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
11:18:31.047 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 25173855
11:18:31.079 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 140232 MB offset 25382700
11:18:31.157 Disk 0 scanning sectors +312579760
11:18:31.547 Disk 0 scanning C:\Windows\system32\drivers
11:19:24.634 Service scanning
11:19:54.854 Modules scanning
11:21:01.145 Disk 0 trace - called modules:
11:21:01.207 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
11:21:01.769 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84d60648]
11:21:01.800 3 CLASSPNP.SYS[87b7a59e] -> nt!IofCallDriver -> [0x8435c3f8]
11:21:01.831 5 ACPI.sys[8722d3d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84325028]
11:21:01.862 Scan finished successfully
11:23:23.716 Disk 0 MBR has been saved successfully to "C:\Users\Tawnya\Desktop\Utilities\MBR.dat"
11:23:23.763 The log file has been saved successfully to "C:\Users\Tawnya\Desktop\Utilities\aswMBR.txt"


gmer:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-11-08 11:14:23
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD16 rev.11.0
Running: rq095iyw.exe; Driver: C:\Users\Tawnya\AppData\Local\Temp\fwdiipog.sys


---- System - GMER 1.0.15 ----

SSDT 85608440 ZwAlertResumeThread
SSDT 85608520 ZwAlertThread
SSDT 85607130 ZwAllocateVirtualMemory
SSDT 850099F0 ZwAlpcConnectPort
SSDT 856F7BE8 ZwAssignProcessToJobObject
SSDT 85608190 ZwCreateMutant
SSDT 856F7908 ZwCreateSymbolicLinkObject
SSDT 85607578 ZwCreateThread
SSDT 856F79F8 ZwCreateThreadEx
SSDT 856F7CC8 ZwDebugActiveProcess
SSDT 856072C0 ZwDuplicateObject
SSDT 85608EF0 ZwFreeVirtualMemory
SSDT 85608280 ZwImpersonateAnonymousToken
SSDT 85608360 ZwImpersonateThread
SSDT 85004228 ZwLoadDriver
SSDT 85608DF0 ZwMapViewOfSection
SSDT 856080B0 ZwOpenEvent
SSDT 85607460 ZwOpenProcess
SSDT 85607200 ZwOpenProcessToken
SSDT 856F7EF0 ZwOpenSection
SSDT 85607390 ZwOpenThread
SSDT 856F7AF8 ZwProtectVirtualMemory
SSDT 85608600 ZwResumeThread
SSDT 856088A0 ZwSetContextThread
SSDT 85608980 ZwSetInformationProcess
SSDT 856F7DA8 ZwSetSystemInformation
SSDT 856F7FD0 ZwSuspendProcess
SSDT 856086E0 ZwSuspendThread
SSDT 85607658 ZwTerminateProcess
SSDT 856087C0 ZwTerminateThread
SSDT 85608D10 ZwUnmapViewOfSection
SSDT 85608FC0 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!ZwRollbackEnlistment + 1401 81C3E9C9 1 Byte [06]
.text ntoskrnl.exe!KiDispatchInterrupt + 5A2 81C5E4E2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntoskrnl.exe!KeRemoveQueueEx + 13A3 81C65760 8 Bytes [40, 84, 60, 85, 20, 85, 60, ...]
.text ntoskrnl.exe!KeRemoveQueueEx + 13BB 81C65778 4 Bytes [30, 71, 60, 85]
.text ntoskrnl.exe!KeRemoveQueueEx + 13C7 81C65784 4 Bytes [F0, 99, 00, 85]
.text ntoskrnl.exe!KeRemoveQueueEx + 141B 81C657D8 4 Bytes CALL D24BC758
.text ntoskrnl.exe!KeRemoveQueueEx + 1497 81C65854 4 Bytes [90, 81, 60, 85]
.text ...
.text sechost.dll!LsaLookupGetDomainInfo 75D44D57 7 Bytes [E9, B4, B4, 4A, 8A, EB, F9] {JMP 0xffffffff8a4ab4b9; JMP 0x0}
.text sechost.dll!SetServiceObjectSecurity + CE 75D4524F 7 Bytes [E9, 84, B1, 4A, 8A, EB, F9] {JMP 0xffffffff8a4ab189; JMP 0x0}
.text sechost.dll!ChangeServiceConfigA + 17C 75D453D0 7 Bytes [E9, AF, B2, 4A, 8A, EB, F9] {JMP 0xffffffff8a4ab2b4; JMP 0x0}
.text sechost.dll!ChangeServiceConfig2W + 95 75D45677 7 Bytes [E9, 40, AE, 4A, 8A, EB, F9] {JMP 0xffffffff8a4aae45; JMP 0x0}
.text sechost.dll!CreateServiceA + 21E 75D4589A 7 Bytes [E9, 8D, A8, 4A, 8A, EB, F9] {JMP 0xffffffff8a4aa892; JMP 0x0}
.text sechost.dll!CreateServiceW + 17E 75D45A1D 7 Bytes [E9, 2A, AE, 4A, 8A, EB, F9] {JMP 0xffffffff8a4aae2f; JMP 0x0}
.text sechost.dll!QueryServiceConfigW + 172 75D45C9B 7 Bytes [E9, 00, A9, 4A, 8A, EB, F9] {JMP 0xffffffff8a4aa905; JMP 0x0}
.text sechost.dll!ControlServiceExA + E7 75D45D87 7 Bytes [E9, DC, A9, 4A, 8A, EB, F9] {JMP 0xffffffff8a4aa9e1; JMP 0x0}
.text sechost.dll!I_ScValidatePnPService + 5A9 75D47146 7 Bytes [E9, FD, 8E, 4A, 8A, EB, F9] {JMP 0xffffffff8a4a8f02; JMP 0x0}
.text sechost.dll!I_ScBroadcastServiceControlMessage + 7B 75D47240 7 Bytes [E9, AF, 90, 4A, 8A, EB, F9] {JMP 0xffffffff8a4a90b4; JMP 0x0}
.text user32.dll!RecordShutdownReason + 372 758206C2 7 Bytes [E9, 69, 02, 9D, 8A, EB, F9] {JMP 0xffffffff8a9d026e; JMP 0x0}

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Acer\Acer VCM\RS_Service.exe[396] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Acer\Acer VCM\RS_Service.exe[396] user32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 000F0930
.text C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe[928] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe[928] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 001F0048
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[1216] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[1216] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 00200930
.text C:\Program Files\Stardock\MyColors\VistaSrv.exe[1220] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Stardock\MyColors\VistaSrv.exe[1220] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 001F0930
.text C:\Program Files\Stardock\MyColors\WBVista.exe[1244] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Stardock\MyColors\WBVista.exe[1244] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 002F0930
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1696] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1696] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 00200930
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1732] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1732] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 00080930
.text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1760] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1760] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 002F0930
.text C:\Program Files\Bonjour\mDNSResponder.exe[1788] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Bonjour\mDNSResponder.exe[1788] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 000F0930
.text C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe[1848] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 001E004C
.text C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe[1848] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 00200930
.text C:\Program Files\Acer\Registration\GregHSRW.exe[1916] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Acer\Registration\GregHSRW.exe[1916] user32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 001E0930
.text C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe[2020] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 003B004C
.text C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe[2020] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 003D0AF4
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2588] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2588] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 00180930
.text C:\Program Files\iTunes\iTunesHelper.exe[2836] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\iTunes\iTunesHelper.exe[2836] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 000F0930
.text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3128] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3128] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 001F0930
.text C:\Program Files\iPod\bin\iPodService.exe[3344] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\iPod\bin\iPodService.exe[3344] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 000F0930
.text C:\Program Files\Launch Manager\LManager.exe[3408] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0039004C
.text C:\Program Files\Launch Manager\LManager.exe[3408] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 003B0930
.text C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe[3428] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0024004C
.text C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe[3428] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 00260930
.text C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[3436] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0056004C
.text C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[3436] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 00580AF4
.text C:\Windows\system32\igfxext.exe[3652] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Windows\system32\igfxext.exe[3652] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 001F0930
.text C:\Windows\System32\igfxtray.exe[3660] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 001E004C
.text C:\Windows\System32\igfxtray.exe[3660] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 00300930
.text C:\Windows\System32\hkcmd.exe[3720] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 001E004C
.text C:\Windows\System32\hkcmd.exe[3720] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 00200930
.text C:\Windows\System32\igfxpers.exe[3752] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Windows\System32\igfxpers.exe[3752] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 001F0930
.text C:\Windows\system32\igfxsrvc.exe[3848] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Windows\system32\igfxsrvc.exe[3848] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 001F0930
.text C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3956] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 000F004C
.text C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3956] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 00110930
.text C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe[4044] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe[4044] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 001F0930
.text C:\Users\Tawnya\Desktop\Utilities\rq095iyw.exe[4564] ntdll.dll!NtTerminateThread 773068D8 5 Bytes JMP 0002004C
.text C:\Users\Tawnya\Desktop\Utilities\rq095iyw.exe[4564] USER32.dll!RecordShutdownReason + 372 758206C2 7 Bytes JMP 001F0930

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[2780] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001ED0] C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.)
IAT C:\Windows\Explorer.EXE[2780] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [10002A90] C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.)
IAT C:\Windows\Explorer.EXE[2780] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [100011D0] C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp tcpipBM.SYS (Bytemobile Kernel Network Provider/Bytemobile, Inc.)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\00000064 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

---- Threads - GMER 1.0.15 ----

Thread System [4:4400] AC085F2E

---- EOF - GMER 1.0.15 ----


DDS:

DDS (Ver_2012-10-14.05) - NTFS_x86
Internet Explorer: 9.0.8112.16421
Run by Tawnya at 11:24:22 on 2012-11-08
#Option Extended Search is enabled.
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1014.280 [GMT -6:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Stardock\MyColors\VistaSrv.exe
C:\Program Files\Stardock\MyColors\WBVista.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files\Acer\Registration\GregHSRW.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxext.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=27b51109k515l0344ww75w4772r218
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=27b51109k515l0344ww75w4772r218
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=27b51109k515l0344ww75w4772r218
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360\engine\20.2.0.19\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton 360\engine\20.2.0.19\ips\IPSBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360\engine\20.2.0.19\CoIEPlg.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [Acer ePower Management] c:\program files\acer\acer epower management\ePowerTray.exe
mRun: [mwlDaemon] c:\program files\egistec\mywinlocker 3\x86\mwlDaemon.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [EgisTecLiveUpdate] "c:\program files\egistec egis software update\EgisUpdate.exe"
mRun: [RDVCHG] "c:\program files\sprint\sprint smartview\RDVCHG.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: bmnet.dll
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
TCP: NameServer = 12.127.16.67 12.127.16.68
TCP: Interfaces\{46145F86-AD78-430A-92B0-95A9BEBEBB67} : DHCPNameServer = 12.127.16.67 12.127.16.68
TCP: Interfaces\{46145F86-AD78-430A-92B0-95A9BEBEBB67}\2456C6B696E6F574F575962756C6563737F5 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{46145F86-AD78-430A-92B0-95A9BEBEBB67}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1 192.168.2.2
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\acer\acer vcm\Skype4COM.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - <orphaned>
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1402000.013\SymDS.sys [2012-11-6 368288]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1402000.013\SymEFA.sys [2012-11-6 927904]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.2.0.19\definitions\bashdefs\20121030.002\BHDrvx86.sys [2012-10-24 995488]
R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\1402000.013\ccSetx86.sys [2012-11-6 134304]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.2.0.19\definitions\ipsdefs\20121107.002\IDSvix86.sys [2012-11-8 386720]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-8-18 214664]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2009-6-2 18992]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2009-6-2 16432]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2009-6-2 60976]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1402000.013\Ironx86.sys [2012-11-6 175264]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\n360\1402000.013\symnets.sys [2012-11-6 338592]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 ePowerSvc;Acer ePower Service;c:\program files\acer\acer epower management\ePowerSvc.exe [2009-8-18 727584]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-11-7 106656]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-8-18 51712]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-5 250808]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CASprint;Sprint Con App Svc;c:\program files\sprint\sprint smartview\ConAppsSvc.exe [2009-5-26 124160]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-8-18 79816]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-8-18 35272]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-8-18 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-8-18 40552]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-7 14848]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-8-18 167424]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-7 49664]
.
=============== Created Last 60 ================
.
2012-11-07 21:25:04 247808 ----a-w- c:\windows\system32\schannel.dll
2012-11-07 21:25:03 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-07 21:25:03 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-07 21:25:03 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-07 21:25:03 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-07 21:24:14 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-11-07 19:12:10 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-11-07 19:12:09 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-11-07 19:12:09 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-11-07 19:10:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-11-07 19:10:16 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-07 19:07:50 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-11-07 19:06:48 102912 ----a-w- c:\windows\system32\browser.dll
2012-11-07 19:06:47 41984 ----a-w- c:\windows\system32\browcli.dll
2012-11-07 19:06:45 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-11-07 19:06:35 400896 ----a-w- c:\windows\system32\srcore.dll
2012-11-07 19:06:33 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-11-07 19:06:33 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-11-07 19:06:33 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-07 19:06:30 2342400 ----a-w- c:\windows\system32\msi.dll
2012-11-07 19:04:38 769024 ----a-w- c:\windows\system32\localspl.dll
2012-11-07 18:57:04 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-11-07 18:55:39 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-11-07 18:52:26 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-07 18:52:24 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-11-07 18:52:24 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-11-07 18:52:24 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-11-07 18:52:22 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-11-07 18:31:00 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-11-07 18:30:43 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-11-07 18:30:21 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-11-07 18:30:21 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-11-06 22:11:13 -------- d-----w- c:\users\tawnya\appdata\roaming\Malwarebytes
2012-11-06 22:10:56 -------- d-----w- c:\programdata\Malwarebytes
2012-11-06 22:05:20 388096 ----a-r- c:\users\tawnya\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-11-06 22:05:20 -------- d-----w- c:\program files\Trend Micro
2012-11-06 20:11:13 927904 ----a-r- c:\windows\system32\drivers\n360\1402000.013\SymEFA.sys
2012-11-06 20:11:13 368288 ----a-r- c:\windows\system32\drivers\n360\1402000.013\SymDS.sys
2012-11-06 20:11:13 338592 ----a-r- c:\windows\system32\drivers\n360\1402000.013\symnets.sys
2012-11-06 20:11:13 32888 ----a-r- c:\windows\system32\drivers\n360\1402000.013\srtspx.sys
2012-11-06 20:11:13 21400 ----a-r- c:\windows\system32\drivers\n360\1402000.013\SymELAM.sys
2012-11-06 20:11:11 586400 ----a-r- c:\windows\system32\drivers\n360\1402000.013\srtsp.sys
2012-11-06 20:11:11 175264 ----a-r- c:\windows\system32\drivers\n360\1402000.013\Ironx86.sys
2012-11-06 20:11:11 134304 ----a-r- c:\windows\system32\drivers\n360\1402000.013\ccSetx86.sys
2012-11-06 20:10:14 9103 ----a-r- c:\windows\system32\drivers\n360\1402000.013\SymVTcer.dat
2012-11-06 20:10:13 -------- d-----w- c:\windows\system32\drivers\n360\1402000.013
2012-11-06 19:35:10 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-11-06 19:33:36 -------- d-----w- c:\program files\iPod
2012-11-06 19:33:23 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-11-06 19:33:23 -------- d-----w- c:\program files\iTunes
2012-10-18 04:36:33 9575864 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-09-22 22:12:02 -------- d-----w- c:\program files\GUM2E89.tmp
.
==================== Find6M ====================
.
2012-11-06 20:12:10 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-10-18 04:36:49 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-18 04:36:49 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-31 17:18:09 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 17:12:02 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-23 15:52:09 3072 ----a-w- c:\windows\system32\drivers\en-us\tsusbflt.sys.mui
2012-08-23 14:48:14 221184 ----a-w- c:\windows\system32\rdpudd.dll
2012-08-23 14:44:32 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-08-23 14:40:25 49664 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-08-23 14:10:40 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-08-23 14:10:04 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-08-23 13:52:25 12800 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-08-23 13:47:20 46592 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2012-08-23 13:46:20 16896 ----a-w- c:\windows\system32\wksprtPS.dll
2012-08-23 13:32:59 32768 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2012-08-23 13:18:14 37376 ----a-w- c:\windows\system32\tsgqec.dll
2012-08-23 11:40:43 56320 ----a-w- c:\windows\system32\TSWbPrxy.exe
2012-08-23 11:32:48 317440 ----a-w- c:\windows\system32\wksprt.exe
2012-08-23 11:15:57 269312 ----a-w- c:\windows\system32\aaclient.dll
2012-08-23 11:12:17 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll
2012-08-23 10:39:24 1048064 ----a-w- c:\windows\system32\mstsc.exe
2012-08-23 10:08:49 2739712 ----a-w- c:\windows\system32\rdpcorets.dll
2012-08-23 08:19:01 4916224 ----a-w- c:\windows\system32\mstscax.dll
2012-08-22 17:16:46 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-21 20:12:27 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 19:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-08-20 17:40:31 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 17:40:01 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 15:33:28 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-10 23:56:14 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-07-04 19:45:31 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-06-07 02:59:42 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll
.
============= FINISH: 11:26:21.83 ===============


Attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-14.05)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 11/25/2009 9:51:13 AM
System Uptime: 11/8/2012 9:12:16 AM (2 hours ago)
.
Motherboard: Acer | | Aspire one
Processor: Intel® Atom™ CPU N270 @ 1.60GHz | CPU | 1600/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 137 GiB total, 93.516 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP138: 7/4/2012 1:11:51 PM - Norton 360 Registry Clean
RP139: 7/5/2012 12:41:34 PM - Removed Windows Live Sync
RP140: 7/5/2012 12:47:09 PM - Removed Microsoft Works
RP141: 11/6/2012 12:41:12 PM - Removed Norton Online Backup
RP142: 11/6/2012 2:58:12 PM - Removed Norton Online Backup
RP143: 11/6/2012 3:14:49 PM - Norton 360 Registry Clean
RP144: 11/6/2012 3:58:50 PM - Installed HiJackThis
RP145: 11/6/2012 4:02:34 PM - Installed HiJackThis
RP146: 11/7/2012 12:29:38 PM - Windows Update
RP147: 11/7/2012 1:14:55 PM - Windows Update
RP148: 11/7/2012 3:25:28 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acer Assist
Acer Crystal Eye webcam Ver:1.1.81.402
Acer ePower Management
Acer eRecovery Management
Acer Games
Acer Registration
Acer ScreenSaver
Acer Updater
Acer VCM
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Bonjour
Compatibility Pack for the 2007 Office system
eSobi v2
GEAR driver installer for x86 and x64
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Identity Card
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
Junk Mail filter update
Launch Manager
LogonStudio
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Works
MSVCRT
MyWinLocker
Norton 360
OGA Notifier 2.0.0048.0
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
SP45575 - Wallpaper Picture Position Enabler for Windows 7
Sprint SmartView
Stardock MyColors
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Welcome Center
Windows 7 Upgrade Advisor
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
11/7/2012 9:59:44 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 ccSet_N360 DfsC discache eeCtrl IDSVix86 mfehidk mwlPSDFilter mwlPSDNServ mwlPSDVDisk NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tcpipBM tdx vwififlt Wanarpv6 WfpLwf ws2ifsl
11/7/2012 9:59:43 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/7/2012 9:59:43 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/7/2012 9:59:43 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
11/7/2012 9:59:43 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/7/2012 9:59:43 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/7/2012 9:59:43 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
11/7/2012 9:59:43 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/7/2012 9:59:43 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/7/2012 9:59:43 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/7/2012 9:59:43 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/7/2012 3:47:28 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
11/7/2012 10:01:42 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
11/7/2012 10:01:20 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/7/2012 10:01:20 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/7/2012 10:01:20 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/7/2012 10:01:20 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
11/7/2012 10:01:19 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/7/2012 10:01:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/6/2012 3:53:14 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
11/6/2012 1:28:02 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.
11/6/2012 1:27:02 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/6/2012 1:26:11 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
.
==== End Of File ===========================


I'm really stumped about what to do next. Can someone help?

Thanks,
Ontabok :ranting:

Edited by hamluis, 08 November 2012 - 05:21 PM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:21 AM

Posted 12 November 2012 - 08:21 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 Ontabok

Ontabok
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 November 2012 - 10:01 AM

Thanks for the help!!! I'm subscribed and ready!!

Ontabok :clapping:

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:21 AM

Posted 13 November 2012 - 08:12 PM

Your logs all look good. Let's run a deep but very detailed scan to look for any evidence of attack

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • Copy and paste the resulting log in your next reply
If no log is generated that means nothing was found. Please let me know if this happens.

If you think a log should have been generated then go to C:\Program Files\ESET\ESET Online Scanner\log.txt to find it.
Posted Image
m0le is a proud member of UNITE

#5 Ontabok

Ontabok
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 14 November 2012 - 03:04 PM

ESET found nothing. Could it be possible for a RAM upgrade and new battery/power supply would help? It has a battery with an X on it most of the time. Also, it's only running 1GB of ram (stock). Anyway, I don't know what else to try...the only problem I really have is that internet explorer freezes sometimes and freezes everything. Just wanted to know if it was worth fixing or just better to buy a new one. Any other suggestions?

Ontabok

#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:21 AM

Posted 14 November 2012 - 09:22 PM

Does another browser do the same thing?
Posted Image
m0le is a proud member of UNITE

#7 Ontabok

Ontabok
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 15 November 2012 - 04:23 PM

I haven't tried. It's my wife's and she doesn't necessarily want to switch. I could try it and see. Maybe have her use one temporarily to see if performance improves. Also, I believe I'm going to do a RAM upgrade to 2GB. Also, I'm going to get a new battery too.

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:21 AM

Posted 15 November 2012 - 08:20 PM

I would temporarily download another browser. If it's a browser issue it will be obvious (and will save you unnecessary expenditure too)
Posted Image
m0le is a proud member of UNITE

#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:21 AM

Posted 18 November 2012 - 08:55 PM

How is that going?
Posted Image
m0le is a proud member of UNITE

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:21 AM

Posted 20 November 2012 - 08:57 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users