Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Upgraded to Windows 8, now constant disk access


  • Please log in to reply
31 replies to this topic

#1 silverpony

silverpony

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 18 December 2012 - 07:07 PM

Hello all,

I just recently upgraded my laptop from W7 to W8 a few days ago. Every since then, my hard drive light for activity keeps blinking constantly. This happens even while the computer is just sitting there and I'm not using it. This wasn't an issue in W7, the light would go dark if I wasn't doing anything. I tried to figure out if something was running in the background using task manager, process monitor, and process exporer, but couldn't come up with anything. Any help would be appreciated. Thank you.

R

BC AdBot (Login to Remove)

 


#2 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:31 AM

Posted 19 December 2012 - 11:56 AM

Hello silverpony and welcome to Bleepingcomputer forum.

I'd suggest you provide a few items of information:
Did you do the upgrade by use of a retail-box upgrade or via the online MS Win8 upgrade offer?
Did you uninstall your antvirus program prior to the "upgrade"?
What antvirus program is currently resident-monitor ?
Is the system a notebook/laptop OR typical tower system?

If you will run DDS, you can get & post a basic report back here, for review. Do these steps from the Desktop side of Windows 8.
Download DDS and save it to your desktop from http://download.bleepingcomputer.com/sUBs/dds.com here
or http://download.bleepingcomputer.com/sUBs/dds.scr or
http://www.infospyware.net/sUBs/dds

Disable any script blocker if your antivirus/antimalware has it.
Then RIGHT click dds.scr & select Run as Administrator to run the tool.
DDS will run in a command prompt window and will take 3 to 4 minutes or so.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.
Please Copy & Paste contents of the following logs in your next reply:
DDS.txt
Attach.txt

Edited by Maurice Naggar, 19 December 2012 - 11:57 AM.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#3 silverpony

silverpony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 20 December 2012 - 06:19 PM

Hello silverpony and welcome to Bleepingcomputer forum.

I'd suggest you provide a few items of information:
Did you do the upgrade by use of a retail-box upgrade or via the online MS Win8 upgrade offer?
Did you uninstall your antvirus program prior to the "upgrade"?
What antvirus program is currently resident-monitor ?
Is the system a notebook/laptop OR typical tower system?

If you will run DDS, you can get & post a basic report back here, for review. Do these steps from the Desktop side of Windows 8.
Download DDS and save it to your desktop from http://download.bleepingcomputer.com/sUBs/dds.com here
or http://download.bleepingcomputer.com/sUBs/dds.scr or
http://www.infospyware.net/sUBs/dds

Disable any script blocker if your antivirus/antimalware has it.
Then RIGHT click dds.scr & select Run as Administrator to run the tool.
DDS will run in a command prompt window and will take 3 to 4 minutes or so.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.
Please Copy & Paste contents of the following logs in your next reply:
DDS.txt
Attach.txt



I'd suggest you provide a few items of information:
Did you do the upgrade by use of a retail-box upgrade or via the online MS Win8 upgrade offer? Win8 Upgrade Offer
Did you uninstall your antvirus program prior to the "upgrade"? No, but I did uninstall it after to see if that was causing any issues, but have reinstalled it now.
What antvirus program is currently resident-monitor ? Norton Security Suite
Is the system a notebook/laptop OR typical tower system? Laptop, specifically Acer Aspire 5560-sb613


Here are the logs:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453 BrowserJavaVersion: 10.9.2
Run by Ryan at 17:15:41 on 2012-12-20
Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1252.1.1033.18.3558.1933 [GMT -6:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\WLANExt.exe
C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\AdminService.exe
C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\svchost.exe -k HPService
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskeng.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Dolby PCEE4\pcee4.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll
uRun: [Google Update] "C:\Users\Ryan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{D40A39C4-4E99-4303-A8FA-3740F0B13BA8} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F8019F3E-B3AC-41FC-8C32-1EA1ABA0EA1B} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://acer.msn.com
x64-mDefault_Page_URL = hxxp://acer.msn.com
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} - hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v490.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\WINDOWS\System32\Drivers\N360x64\0604000.009\symds64.sys [2012-12-13 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\System32\Drivers\N360x64\0604000.009\symefa64.sys [2012-12-13 1129120]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121130.005\BHDrvx64.sys [2012-11-30 1384608]
R1 ccSet_N360;Norton Security Suite Settings Manager;C:\WINDOWS\System32\Drivers\N360x64\0604000.009\ccsetx64.sys [2012-12-13 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121218.001\IDSviA64.sys [2012-12-19 513184]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\Drivers\N360x64\0604000.009\ironx64.sys [2012-12-13 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\Drivers\N360x64\0604000.009\symnets.sys [2012-12-13 405624]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2012-12-12 239616]
R2 AtherosSvc;AtherosSvc;C:\WINDOWS\System32\AdminService.exe [2012-8-29 208384]
R2 BrcmCardReader;Broadcom Card Reader Service;C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-8-31 176640]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-12-12 365680]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-10-26 872552]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-10 399432]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccsvchst.exe [2012-12-13 138272]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-23 256832]
R2 Start8;Stardock Start8;C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2012-10-9 143024]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\Drivers\AtihdW86.sys [2012-12-12 98472]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\WINDOWS\System32\Drivers\b57xdbd.sys [2012-8-13 72280]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\WINDOWS\System32\Drivers\b57xdmp.sys [2012-8-13 21080]
R3 bScsiMSa;bScsiMSa;C:\WINDOWS\System32\Drivers\bScsiMSa.sys [2012-6-18 55384]
R3 bScsiSDa;bScsiSDa;C:\WINDOWS\System32\Drivers\bScsiSDa.sys [2012-8-14 70744]
R3 BtFilter;BtFilter;C:\WINDOWS\System32\Drivers\btfilter.sys [2012-8-29 565760]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-12-13 138912]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\WINDOWS\System32\Drivers\k57nd60a.sys [2012-6-2 425472]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2012-7-11 25928]
R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\Drivers\usbfilter.sys [2012-12-12 57000]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-10 676936]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 amd_sata;amd_sata;C:\WINDOWS\System32\Drivers\amd_sata.sys [2011-10-26 79488]
S3 amd_xata;amd_xata;C:\WINDOWS\System32\Drivers\amd_xata.sys [2011-10-26 40064]
S3 amdiox64;AMD IO Driver;C:\WINDOWS\System32\Drivers\amdiox64.sys [2012-5-26 46136]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\WINDOWS\System32\Drivers\AthDfu.sys [2012-8-22 55336]
S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-12-19 01:30:46 43640 ----a-r- C:\WINDOWS\System32\drivers\SymIMV.sys
2012-12-16 18:37:58 1172992 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll
2012-12-16 18:37:57 929792 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll
2012-12-16 18:37:57 850944 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
2012-12-16 18:37:57 677888 ----a-w- C:\WINDOWS\System32\mfnetcore.dll
2012-12-16 18:37:57 673280 ----a-w- C:\WINDOWS\System32\mfmpeg2srcsnk.dll
2012-12-16 18:37:57 568832 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll
2012-12-16 18:37:57 513024 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
2012-12-16 18:37:57 1048064 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll
2012-12-16 18:35:58 757760 ----a-w- C:\WINDOWS\System32\FirewallAPI.dll
2012-12-13 23:07:55 737952 ----a-w- C:\WINDOWS\System32\drivers\N360x64\0604000.009\srtsp64.sys
2012-12-13 23:07:55 451192 ----a-r- C:\WINDOWS\System32\drivers\N360x64\0604000.009\symds64.sys
2012-12-13 23:07:55 405624 ----a-r- C:\WINDOWS\System32\drivers\N360x64\0604000.009\symnets.sys
2012-12-13 23:07:55 37536 ----a-w- C:\WINDOWS\System32\drivers\N360x64\0604000.009\srtspx64.sys
2012-12-13 23:07:55 190072 ----a-r- C:\WINDOWS\System32\drivers\N360x64\0604000.009\ironx64.sys
2012-12-13 23:07:55 167072 ----a-w- C:\WINDOWS\System32\drivers\N360x64\0604000.009\ccsetx64.sys
2012-12-13 23:07:55 1129120 ----a-w- C:\WINDOWS\System32\drivers\N360x64\0604000.009\symefa64.sys
2012-12-13 23:07:47 -------- d-----w- C:\WINDOWS\System32\drivers\N360x64\0604000.009
2012-12-13 23:03:55 175736 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS
2012-12-13 23:03:55 -------- d-----w- C:\Program Files\Symantec
2012-12-13 23:03:55 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2012-12-13 23:03:02 -------- d-----w- C:\WINDOWS\System32\drivers\N360x64
2012-12-13 23:03:01 -------- d-----w- C:\Program Files (x86)\Norton Security Suite
2012-12-13 22:58:52 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-12-13 01:13:59 866304 ----a-w- C:\WINDOWS\System32\WinTypes.dll
2012-12-13 01:12:54 76288 ----a-w- C:\WINDOWS\System32\newdev.exe
2012-12-13 01:12:54 75264 ----a-w- C:\WINDOWS\System32\ndadmin.exe
2012-12-13 01:12:54 74240 ----a-w- C:\WINDOWS\SysWow64\newdev.exe
2012-12-13 01:12:54 73728 ----a-w- C:\WINDOWS\SysWow64\ndadmin.exe
2012-12-13 01:12:54 68608 ----a-w- C:\WINDOWS\System32\wwanprotdim.dll
2012-12-13 01:12:54 446976 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2012-12-13 01:12:54 301568 ----a-w- C:\WINDOWS\System32\newdev.dll
2012-12-13 01:12:54 275968 ----a-w- C:\WINDOWS\SysWow64\newdev.dll
2012-12-13 01:06:32 11459584 ----a-w- C:\WINDOWS\System32\glcndFilter.dll
2012-12-13 01:05:55 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys
2012-12-12 21:13:38 -------- d-----w- C:\temp2
2012-12-12 18:27:49 17888 ----a-w- C:\WINDOWS\System32\msvcr100_clr0400.dll
2012-12-12 18:27:46 17888 ----a-w- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll
2012-12-12 18:04:49 -------- d-----w- C:\ProgramData\Stardock
2012-12-12 18:04:44 -------- d-----w- C:\Program Files (x86)\Stardock
2012-12-12 17:54:01 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Synaptics
2012-12-12 17:42:06 -------- d-----w- C:\Program Files (x86)\Launch Manager
2012-12-12 17:42:02 284240 ----a-w- C:\WINDOWS\UNINSTLMv4.EXE
2012-12-12 17:40:44 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2012-12-12 17:40:44 -------- d-----w- C:\Program Files (x86)\AMD AVT
2012-12-12 17:40:42 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-12-12 17:39:47 57000 ----a-w- C:\WINDOWS\System32\drivers\usbfilter.sys
2012-12-12 17:38:20 -------- d-----w- C:\Program Files\ATI
2012-12-12 17:38:16 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2012-12-12 17:36:36 -------- d-----w- C:\Program Files\Synaptics
2012-12-12 17:35:51 448312 ----a-w- C:\WINDOWS\System32\drivers\SynTP.sys
2012-12-12 17:35:51 228664 ----a-w- C:\WINDOWS\System32\SynTPAPI.dll
2012-12-12 17:35:51 177976 ----a-w- C:\WINDOWS\System32\SynTPCo13.dll
2012-12-12 17:35:51 113976 ----a-w- C:\WINDOWS\SysWow64\SynTPCOM.dll
2012-12-12 17:35:47 171320 ----a-w- C:\WINDOWS\System32\SynGlwPadShlExt.dll
2012-12-12 17:35:46 535864 ----a-w- C:\WINDOWS\SysWow64\SynCOM.dll
2012-12-12 17:35:46 1048576 ----a-w- C:\WINDOWS\System32\syndata.bin
2012-12-12 17:35:46 1046328 ----a-w- C:\WINDOWS\System32\SynCOM.dll
2012-12-12 17:32:48 6822984 ----a-w- C:\WINDOWS\System32\drivers\BCMWL63a.SYS
2012-12-12 17:32:48 4395008 ----a-w- C:\WINDOWS\System32\bcmihvsrv64.dll
2012-12-12 17:32:48 3659264 ----a-w- C:\WINDOWS\System32\bcmihvui64.dll
2012-12-12 11:00:02 18528 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin
2012-12-12 09:16:04 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2012-12-12 09:16:03 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2012-12-12 05:38:06 144384 ----a-w- C:\WINDOWS\System32\tssdisai.dll
2012-12-12 05:38:06 135680 ----a-w- C:\WINDOWS\System32\appserverai.dll
2012-12-12 05:38:06 126976 ----a-w- C:\WINDOWS\System32\RDWebAI.dll
2012-12-12 05:38:06 122880 ----a-w- C:\WINDOWS\System32\VmHostAI.dll
2012-12-12 05:38:05 148480 ----a-w- C:\WINDOWS\System32\poqexec.exe
2012-12-12 05:38:05 132608 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
2012-12-12 05:38:04 94208 ----a-w- C:\WINDOWS\System32\synceng.dll
2012-12-12 05:38:04 72192 ----a-w- C:\WINDOWS\SysWow64\synceng.dll
2012-12-12 05:03:07 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2012-12-12 04:55:50 -------- d-----w- C:\Users\Ryan\AppData\Local\Packages
2012-12-12 04:55:48 -------- d-----w- C:\ProgramData\PRICache
2012-12-12 04:16:37 0 ----a-w- C:\WINDOWS\ativpsrm.bin
2012-12-12 04:09:10 -------- d-----w- C:\WINDOWS\SysWow64\BestPractices
2012-12-12 04:09:10 -------- d-----w- C:\WINDOWS\System32\msmq
2012-12-12 04:09:10 -------- d-----w- C:\WINDOWS\System32\BestPractices
2012-12-12 04:09:10 -------- d-----w- C:\inetpub
2012-12-12 04:02:33 1166440 ----a-r- C:\WINDOWS\System32\PresentationNative_v0300.dll
2012-12-12 04:02:24 35400 ----a-r- C:\WINDOWS\System32\TsWpfWrp.exe
2012-12-12 04:02:16 124040 ----a-r- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2012-12-12 04:02:04 35400 ----a-r- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2012-12-12 04:01:58 102528 ----a-r- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2012-12-12 04:01:47 778856 ----a-r- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2012-12-12 03:20:09 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2012-12-12 03:10:56 -------- d-----w- C:\WINDOWS\Panther
2012-12-12 02:49:44 -------- d-----w- C:\temp
.
==================== Find3M ====================
.
2012-12-12 17:29:46 518896 ----a-w- C:\WINDOWS\System32\SRSTSX64.dll
2012-11-29 23:06:06 80736 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2012-11-29 23:06:06 695648 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2012-11-28 04:21:17 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll
2012-11-20 08:00:23 6971624 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2012-11-20 05:24:19 1164800 ----a-w- C:\WINDOWS\SysWow64\Display.dll
2012-11-20 05:24:17 36352 ----a-w- C:\WINDOWS\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:23 1184256 ----a-w- C:\WINDOWS\System32\Display.dll
2012-11-20 05:17:20 49152 ----a-w- C:\WINDOWS\System32\DevDispItemProvider.dll
2012-11-20 05:02:46 6656 ----a-w- C:\WINDOWS\SysWow64\KBDKURD.DLL
2012-11-20 04:59:26 7168 ----a-w- C:\WINDOWS\System32\KBDKURD.DLL
2012-11-20 04:56:27 27136 ----a-w- C:\WINDOWS\System32\drivers\usbohci.sys
2012-11-20 04:56:11 83456 ----a-w- C:\WINDOWS\System32\drivers\hidclass.sys
2012-11-20 04:54:31 39936 ----a-w- C:\WINDOWS\System32\drivers\hidi2c.sys
2012-11-15 06:08:41 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2012-11-13 04:20:30 1120768 ----a-w- C:\WINDOWS\System32\msctf.dll
2012-11-13 04:19:23 890880 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2012-11-13 04:19:14 707584 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2012-11-13 04:19:14 1131520 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2012-11-09 04:49:51 2048 ----a-w- C:\WINDOWS\System32\tzres.dll
2012-11-09 04:03:48 2048 ----a-w- C:\WINDOWS\SysWow64\tzres.dll
2012-11-08 04:25:36 523776 ----a-w- C:\WINDOWS\SysWow64\WSShared.dll
2012-11-08 04:25:36 143872 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
2012-11-08 04:25:36 124928 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:25:35 1775104 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2012-11-08 04:24:27 2881536 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2012-11-08 04:24:22 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll
2012-11-08 04:24:22 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll
2012-11-08 04:24:19 75776 ----a-w- C:\WINDOWS\SysWow64\fontsub.dll
2012-11-08 04:24:06 10752 ----a-w- C:\WINDOWS\SysWow64\dciman32.dll
2012-11-08 04:23:55 35328 ----a-w- C:\WINDOWS\SysWow64\atmlib.dll
2012-11-08 04:22:21 641536 ----a-w- C:\WINDOWS\System32\WSShared.dll
2012-11-08 04:22:20 198656 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.dll
2012-11-08 04:22:20 163840 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:22:19 2246656 ----a-w- C:\WINDOWS\System32\wininet.dll
2012-11-08 04:22:12 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll
2012-11-08 04:21:00 3966464 ----a-w- C:\WINDOWS\System32\jscript9.dll
2012-11-08 04:20:56 67072 ----a-w- C:\WINDOWS\System32\iesetup.dll
2012-11-08 04:20:56 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll
2012-11-08 04:20:50 96256 ----a-w- C:\WINDOWS\System32\fontsub.dll
2012-11-08 04:20:37 14336 ----a-w- C:\WINDOWS\System32\dciman32.dll
2012-11-08 04:20:26 46080 ----a-w- C:\WINDOWS\System32\atmlib.dll
2012-11-08 04:02:16 3072 ----a-w- C:\WINDOWS\System32\lpk.dll
2012-11-08 04:01:40 3072 ----a-w- C:\WINDOWS\SysWow64\lpk.dll
2012-11-08 04:00:59 362496 ----a-w- C:\WINDOWS\System32\atmfd.dll
2012-11-08 04:00:11 300032 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll
2012-11-08 03:59:49 4056576 ----a-w- C:\WINDOWS\System32\win32k.sys
2012-11-08 01:56:52 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll
2012-11-06 07:52:07 445160 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2012-11-06 07:52:04 277736 ----a-w- C:\WINDOWS\System32\drivers\msiscsi.sys
2012-11-06 07:36:23 69864 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2012-11-06 07:36:14 96488 ----a-w- C:\WINDOWS\System32\drivers\wfplwfs.sys
2012-11-06 07:35:31 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys
2012-11-06 07:33:46 522640 ----a-w- C:\WINDOWS\System32\AUDIOKSE.dll
2012-11-06 07:33:46 253512 ----a-w- C:\WINDOWS\System32\audiodg.exe
2012-11-06 07:33:45 490064 ----a-w- C:\WINDOWS\System32\AudioEng.dll
2012-11-06 07:33:45 447792 ----a-w- C:\WINDOWS\System32\AudioSes.dll
2012-11-06 07:33:30 1566432 ----a-w- C:\WINDOWS\System32\ole32.dll
2012-11-06 05:00:06 463768 ----a-w- C:\WINDOWS\SysWow64\AUDIOKSE.dll
2012-11-06 05:00:06 427568 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll
2012-11-06 05:00:06 324344 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll
2012-11-06 04:54:13 2205696 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2012-11-06 04:48:27 1150160 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2012-11-06 04:19:59 470016 ----a-w- C:\WINDOWS\System32\wlanmsm.dll
2012-11-06 04:18:58 84992 ----a-w- C:\WINDOWS\SysWow64\fdWCN.dll
2012-11-06 04:17:58 110080 ----a-w- C:\WINDOWS\System32\dafWCN.dll
2012-11-06 04:17:44 718848 ----a-w- C:\WINDOWS\System32\BFE.DLL
2012-11-06 04:17:43 2302464 ----a-w- C:\WINDOWS\System32\authui.dll
2012-11-06 04:17:42 785920 ----a-w- C:\WINDOWS\System32\audiosrv.dll
2012-11-06 04:17:41 169472 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll
2012-11-06 04:17:35 2146816 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2012-11-06 04:17:33 322560 ----a-w- C:\WINDOWS\System32\aaclient.dll
2012-11-06 04:17:32 212992 ----a-w- C:\WINDOWS\System32\bthprops.cpl
2012-11-06 04:00:44 99328 ----a-w- C:\WINDOWS\System32\wushareduxresources.dll
2012-11-06 04:00:17 16384 ----a-w- C:\WINDOWS\System32\iscsilog.dll
2012-11-06 03:58:53 9728 ----a-w- C:\WINDOWS\System32\wlanhlp.dll
2012-11-06 03:56:35 9728 ----a-w- C:\WINDOWS\SysWow64\wlanhlp.dll
2012-11-06 03:55:44 22528 ----a-w- C:\WINDOWS\System32\drivers\fxppm.sys
2012-11-06 03:55:09 212992 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys
2012-11-06 03:55:02 90624 ----a-w- C:\WINDOWS\System32\drivers\amdk8.sys
2012-11-06 03:55:02 89088 ----a-w- C:\WINDOWS\System32\drivers\intelppm.sys
2012-11-06 03:55:02 88064 ----a-w- C:\WINDOWS\System32\drivers\amdppm.sys
2012-11-06 03:55:02 87552 ----a-w- C:\WINDOWS\System32\drivers\processr.sys
2012-11-06 03:54:40 74752 ----a-w- C:\WINDOWS\System32\drivers\BTHUSB.SYS
2012-11-06 03:54:09 859136 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2012-11-06 03:53:56 51712 ----a-w- C:\WINDOWS\System32\drivers\bthenum.sys
2012-11-06 03:53:44 560640 ----a-w- C:\WINDOWS\System32\drivers\afd.sys
2012-11-06 03:53:12 1171968 ----a-w- C:\WINDOWS\System32\drivers\bthport.sys
2012-11-06 03:52:49 366080 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2012-11-06 03:51:47 665600 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2012-11-03 05:26:59 132096 ----a-w- C:\WINDOWS\System32\sysreset.exe
2012-11-03 05:26:40 34816 ----a-w- C:\WINDOWS\System32\dpnsvr.exe
2012-11-03 05:26:12 32256 ----a-w- C:\WINDOWS\SysWow64\dpnsvr.exe
2012-11-03 05:25:40 945152 ----a-w- C:\WINDOWS\System32\resetengmig.dll
2012-11-03 05:25:40 375808 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2012-11-03 05:25:40 1009664 ----a-w- C:\WINDOWS\System32\reseteng.dll
2012-11-03 05:25:39 443392 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2012-11-03 05:24:34 8192 ----a-w- C:\WINDOWS\SysWow64\dpnhupnp.dll
.
============= FINISH: 17:17:18.23 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Pro with Media Center
Boot Device: \Device\HarddiskVolume2
Install Date: 12/11/2012 10:55:19 PM
System Uptime: 12/16/2012 1:35:59 PM (100 hours ago)
.
Motherboard: Acer | | Aspire 5560
Processor: AMD A8-3500M APU with Radeon™ HD Graphics | Socket FS1 | 1500/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 285.303 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2: 12/12/2012 7:16:23 PM - Windows Update
RP3: 12/16/2012 1:22:40 PM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
64 Bit HP CIO Components Installer
Acer Backup Manager
Acer Crystal Eye Webcam
Acer ePower Management
Acer eRecovery Management
Adobe AIR
Adobe Reader X (10.1.4) MUI
Age of Empires Online
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD System Monitor
AMD VISION Engine Control Center
B209a-m
Backup Manager V3
Battlefield Heroes
Broadcom Card Reader Driver Installer
Broadcom Gigabit NetLink Controller
Broadcom Wireless Utility
BufferChm
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
clear.fi
clear.fi Client
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
Diablo III
Dolby Advanced Audio v2
Dragon Age Legends
Dropbox
FileZilla Client 3.5.3
Galerie de photos Windows Live
Game Room
Google Chrome
Google Drive
Google Talk Plugin
Google Update Helper
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
HP Imaging Device Functions 13.0
HP Photosmart Plus B209a-m All-In-One Driver Software 13.0 Rel .6
HPPhotoGadget
hpWLPGInstaller
Identity Card
Java 7 Update 9
Java Auto Updater
JavaFX 2.1.1
Junk Mail filter update
Launch Manager
Live Updater
Malwarebytes Anti-Malware version 1.65.1.1000
Mesh Runtime
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Flight
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Help Viewer 1.1
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network64
Norton Security Suite
NTI Media Maker 9
PS_AIO_06_B209a-m_SW_Min
PunkBuster Services
Realtek High Definition Audio Driver
Scan
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Skype™ 5.10
Star Trek Online
Star Wars: The Old Republic
Start8
Status
Steam
Synaptics Pointing Device Driver
Tinker
Toolbox
TrayApp
Unity Web Player
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VLC media player 2.0.3
WebReg
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.11 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
12/20/2012 5:10:03 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
12/18/2012 5:53:01 PM, Error: Service Control Manager [7001] - The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/13/2012 4:27:04 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Norton Security Suite service, but this action failed with the following error: An instance of the service is already running.
12/13/2012 4:25:04 PM, Error: Service Control Manager [7031] - The Norton Security Suite service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
.
==== End Of File ===========================


Thank you.

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,503 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:31 AM

Posted 20 December 2012 - 11:21 PM

Also when the disk thrashing occurs, how much free memory do you have?

#5 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:31 AM

Posted 21 December 2012 - 12:50 PM

@silverpony
Also, I would ask that you Uninstall uTorrent and then restart Windows fresh.

You apparently have Process Explorer installed. When you are not running heavy usage applications of your own AND you notice "constant disk access", bring up Process Explorer see what is taking the most CPU usage % ....besides the "System Idle Process".

Save and close any work documents, close any apps that you started.

Temporarily turn off (disable) your Norton antivirus program
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Start your MBAM MalwareBytes' Anti-Malware.
Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.
Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.
Do a Full Scan. Posted Image

When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

When all done, Copy & paste the MBAM scan log into a new reply.
Tell me, How is the system ?

Re-enable your antivirus program.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#6 silverpony

silverpony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 22 December 2012 - 05:51 PM

@silverpony
Also, I would ask that you Uninstall uTorrent and then restart Windows fresh.

You apparently have Process Explorer installed. When you are not running heavy usage applications of your own AND you notice "constant disk access", bring up Process Explorer see what is taking the most CPU usage % ....besides the "System Idle Process".

Save and close any work documents, close any apps that you started.

Temporarily turn off (disable) your Norton antivirus program
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Start your MBAM MalwareBytes' Anti-Malware.
Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.
Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.
Do a Full Scan. Posted Image

When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

When all done, Copy & paste the MBAM scan log into a new reply.
Tell me, How is the system ?

Re-enable your antivirus program.



Uninstalled utorrent, disabled antivirus, and ran the anti malware program. It said nothing was detected. I'll post the log below. Still getting the HDD light constantly blinking. I'll attach a screen shot of process explorer as well.

www.malwarebytes.org

Database version: v2012.12.22.06

Windows 7 x64 NTFS
Internet Explorer 9.10.9200.16453
Ryan :: RYAN-LAPTOP [administrator]

12/22/2012 3:24:19 PM
mbam-log-2012-12-22 (15-24-19).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 411638
Time elapsed: 1 hour(s), 13 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Attached File  Capture.PNG   46.09KB   2 downloads

#7 silverpony

silverpony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 22 December 2012 - 05:53 PM

Also when the disk thrashing occurs, how much free memory do you have?



It's pretty constant when it happens, but for example right now I have 1.7gb/3.5gb and it's going on.

#8 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:31 AM

Posted 23 December 2012 - 11:02 AM

@Silverpony
Give this a try. Close all (any) user programs you have open on the Desktop side.
Then put the system into Sleep mode, and then wait a bit, then take a look at the HDD activity indicator light.

Press Windows-key+I-key to get settings Charm, and then click Power, then select Sleep.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#9 silverpony

silverpony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 24 December 2012 - 09:38 PM

@Silverpony
Give this a try. Close all (any) user programs you have open on the Desktop side.
Then put the system into Sleep mode, and then wait a bit, then take a look at the HDD activity indicator light.

Press Windows-key+I-key to get settings Charm, and then click Power, then select Sleep.



Happy Holidays everyone!

Putting it into sleep mode, I noticed no disk activity while it was sleeping. However, just a few minutes ago, my norton pop up a high disk process warning. I had not used the machine for about 40 - 45 minutes when this occurred. I'll post the log below if that helps at all.

Full Path: c:\windows\system32\svchost.exe
____________________________
____________________________
Developers Microsoft Corporation
Version 6.2.9200.16420
Identified 12/13/2012 at 4:05:17 PM
Last Used 12/24/2012 at 8:21:12 PM
Startup Item Yes
____________________________
____________________________
Reliable
With typical use this program crashes very infrequently.
____________________________
Many Users
Hundreds of thousands of users in the Norton Community have used this file.
____________________________
Mature
This file was released 3 months ago.
____________________________
Trusted
Norton has given this file a trusted rating.
____________________________
Source File:
svchost.exe
____________________________
Performance

Avg. Resource Usage:Low
Avg. CPU Usage:Low
Avg. Memory Usage:Low
____________________________
Performance Alert
Time:
12/24/2012 8:21:03 PM

Process ID 920
CPU Normal
Memory Normal
Handles Count Normal
Disk Read Activity Normal
Disk Write Activity 20 MB (total for this process).
____________________________
File Thumbprint - SHA:
4ae0c5191fe9d93e1be2b99c0c64bf3ca43272cd66003139476192f946f0bec4
____________________________
File Thumbprint - MD5:
ede27eace742ee2888c5dd36400a2ec0
____________________________

Thanks

#10 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:31 AM

Posted 25 December 2012 - 09:33 AM

I wouldn't suspect the svchost file. I would suggest you check into minimizing what your Norton is "monitoring". Trim back what it monitors, over & beyond Antivirus duty.
I suggest you run Windows' System File Checker.
On the Start-screen, type in
cmd.exe
then when the box shows up, do a Right Click and look at the bottom bar, and click on Run as Administrator.

When the command-prompt-window opens, it should be an elevated command prompt. Start an immediate scan by typing
sfc /scannow


then press Enter

Posted Image

Edited by Maurice Naggar, 25 December 2012 - 09:53 AM.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#11 silverpony

silverpony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 25 December 2012 - 01:13 PM

I wouldn't suspect the svchost file. I would suggest you check into minimizing what your Norton is "monitoring". Trim back what it monitors, over & beyond Antivirus duty.
I suggest you run Windows' System File Checker.
On the Start-screen, type in

cmd.exe
then when the box shows up, do a Right Click and look at the bottom bar, and click on Run as Administrator.

When the command-prompt-window opens, it should be an elevated command prompt. Start an immediate scan by typing
sfc /scannow


then press Enter

Posted Image


Microsoft Windows [Version 6.2.9200]
© 2012 Microsoft Corporation. All rights reserved.

C:\WINDOWS\system32>sfc /scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

C:\WINDOWS\system32>

#12 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:31 AM

Posted 25 December 2012 - 01:22 PM

There it is. System File Checker had an excellent run. Did you trim back on Norton?

Posted Image
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#13 silverpony

silverpony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 26 December 2012 - 11:03 PM

There it is. System File Checker had an excellent run. Did you trim back on Norton?

Posted Image


I uninstalled Norton just to see what that would do. Had it like that all day. Still get constant disk access. My HDD light just keeps blinking all day. Disabled wireless, same deal. Still stumped what is going on. Ran process monitor for about 10 minutes to see what was going on. Can anyone make anything of this?

Attached Files



#14 Tominko

Tominko

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 27 December 2012 - 08:08 PM

Okay so, the same thing is happening to me, but i found out that when i open the dvd drive and close it, it stops blinking for a while. But then it starts doing it again! So i found a temponary workaround, just disable your dvd drive in the Device Manager and it will stop (at least it did for me and i have an acer laptop aswell).

Hope i helped :lol:

#15 silverpony

silverpony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 27 December 2012 - 08:35 PM

Okay so, the same thing is happening to me, but i found out that when i open the dvd drive and close it, it stops blinking for a while. But then it starts doing it again! So i found a temponary workaround, just disable your dvd drive in the Device Manager and it will stop (at least it did for me and i have an acer laptop aswell).

Hope i helped :lol:



Wow, that's pretty crazy. That actually worked! I guess now to figure out why the DVD drive causes this. Thanks!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users