Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: malware or not?


(!)

nittiley's Avatar
Account Disabled with 2,667 posts.
THREAD STARTER
 
Join Date: Aug 2011
Experience: Beginner
13-Oct-2011, 11:14 AM #76
hi dvk01, Thanks very much for the info!! I'm sure she'll be relieved to hear that it's probably wiped out.

-----
hey eddie, figured i'd put the short post first, as you know who gets stuck with the loooong ones. :s

that other thread was a marathon! shouldn't there have been a prize @ the end?! (i know this thread needs one!!) sheesh, it's bad enough dealing with one hairy issue, let alone 2 at the same time.. that would have been time for me to buy play-doh & throw it against the wall.

now for *fun* with windows media player --> it's version 12.0.7601.17514

so far, it's only on barnesandnoble.com where it says i don't have windows MP. i tried cdbaby.com & it played music samples, but here's my drowning in ignorance part -- i don't know what is playing those samples. the windows MP isn't running, i uninstalled itunes (it wouldn't update because of a corrupted or missing file or something), & cyberlink media doesn't appear to be playing anything either.

i tried setting the windows MP as the default, & it said it was already set as such. :s

that's good news the font is ok here!! one down, one to go . yep, you assumed correctly, it's gmail. i have it automatically set for georgia & normal size. after tapping away the email, on my end it displayed as all 1 font, 1 size, plus it looks the same in sent mail. laurie said she opened it on an iPad if that would make any difference. ? but she said there was a range of font sizes, & in some places it was huge.

can't imagine what someone is thinking opening an email like that! maybe, 'well, well what do we have here, a rabid font maniac?'
nittiley's Avatar
Account Disabled with 2,667 posts.
THREAD STARTER
 
Join Date: Aug 2011
Experience: Beginner
14-Oct-2011, 11:01 AM #77
after checking with mostly everyone, right now only 2 people are getting the wonky font. does that mean it's something on their end? i don't want them having computer problems, but it would be great if this is all cleared up. thanks!!
nittiley's Avatar
Account Disabled with 2,667 posts.
THREAD STARTER
 
Join Date: Aug 2011
Experience: Beginner
15-Oct-2011, 11:14 AM #78
windows MP is working on all the sites now because there was an option i overlooked. i still wonder why it suddenly went from working to not working on that site (??), & exactly what else was going on, but if it remains a mystery, i'll live.

is there anything else you think should be done, or do you think my computer is good to go? i'm going to mark this resolved, but please let me know if there's anything else you'd recommend.

otherwise.. i don't know how to thank you for getting this thing from being all but inoperable to running again.

you've been incredible helping so much!!
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,414 posts.
 
Join Date: Mar 2001
Location: Bradford, England
16-Oct-2011, 12:43 PM #79
Good to hear WMP is working again

If the font is okay for everyone else, it may be the other person's setup. Are they using a laptop etc?


Can you run this last tool, as a cleanup of bits and bats, and when we're done with it, we'll remove all the tools we've used

Please download Runscanner to your desktop and run it.
  • When the first page comes up select Beginner Mode
  • On the next page select Save a binary .Run file (Recommended) then click Start full scan at the top.
  • At this time Runscanner.exe may request access to the Internet through your firewall please allow it to do so, it will then run for two or three minutes.
  • On completion it will ask for a location to save the file and a name. It will do this for both the .run file and the log file
  • Call the .run file "RSReport" and save it to your desktop. You will see the RSReport.run file on your desktop. Rightclick on it and select Send To then select Compressed (zipped) Folder and upload that zip here. Click on the Go Advanced button for the uploading options at the bottom of this page (in the picture below )


  • In there, at the bottom, click on the button Manage Attachments (in the picture below .
  • A window will appear, and then Browse to RSReport.zip on your Desktop.
  • Click Upload, and when uploaded click Close this Window
  • Then, in the previous window, click on Add Reply

__________________
Just go with the flow, like a twig on the shoulders of a mighty stream

MVP in Consumer Security
nittiley's Avatar
Account Disabled with 2,667 posts.
THREAD STARTER
 
Join Date: Aug 2011
Experience: Beginner
17-Oct-2011, 12:33 AM #80
if you're sure this is the best use of your time & talents (?), then we'll forge on.

once again, you're braver than i am

uh oh, what you've put there looks like i'd better get at it shortly, but i'll have to do that tomorrow.

thanks eddie -- you really go above & beyond, & i don't want to advantage of that, ok?
nittiley's Avatar
Account Disabled with 2,667 posts.
THREAD STARTER
 
Join Date: Aug 2011
Experience: Beginner
17-Oct-2011, 01:40 PM #81
at least what's left here doesn't look like it's going to interfere with you stopped a flu pandemic on fold it

one person was using an iPad, the other i'll have to ask. ok, time to get the runscanner going
nittiley's Avatar
Account Disabled with 2,667 posts.
THREAD STARTER
 
Join Date: Aug 2011
Experience: Beginner
17-Oct-2011, 02:11 PM #82
ugh.. these look long
here's the runscanner log (pasted) & hopefully the RSR uploaded.
thanks again!!
------

Runscanner logfile http://www.runscanner.net
* = signed file
- = file not found
General info
------------
Computer name : PEK-PC
Creation time : 10/17/2011 1:46:34 PM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 9.0.8112.16421
OS : Windows 7 Home Premium
OS Build : 7601
OS SP : Service Pack 1
RunScanner Version : 2.0.0.50
User Language : English (United States)
User rights : Administrator
Windows folder : C:\Windows
Running processes
-----------------
* C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
* C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
* C:\Windows\System32\dllhost.exe (Microsoft Corporation)
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
* C:\Users\peck ent\AppData\Local\Google\Update\1.3.21.69\GoogleCrashHandler.exe (Google Inc.)
* C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
* C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Company)
* C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe (Hewlett-Packard Development Company L.P.)
* C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
* C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Hewlett-Packard Company)
* C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
* C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
* C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
* C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
* C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
* C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
* C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
* C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
* C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
* C:\Users\peck ent\Desktop\runscanner.exe (Runscanner.net)
* C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
* C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
* C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
* C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Corporation)
* C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Corporation)
C:\Windows\SysWOW64\UTSCSI.EXE
* C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\wlanext.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
Unrated items
-------------
002 * C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
010 * C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes' Anti-Malware)
010 C:\Windows\system32\UTSCSI.EXE (UTSCSI Application)
042 GUID / CLSID not found {0000036B-C524-4050-81A0-243669A86B9F}
042 GUID / CLSID not found {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}
042 GUID / CLSID not found {92780B25-18CC-41C8-B9BE-3C9C571A8263}
042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49}
042 GUID / CLSID not found {DDE87865-83C5-48c4-8357-2F5B1AA84522}
100 Start Page HKCU : http://www.npr.org/
100 Start Page HKLM : http://g.msn.com/CQNOT/1
105 E&xport to Microsoft Excel : res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
105 Google Sidewiki... : res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
173 GUID / CLSID not found {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}
173 GUID / CLSID not found
221 GUID / CLSID not found {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}
221 GUID / CLSID not found
223 GUID / CLSID not found {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 GUID / CLSID not found {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 GUID / CLSID not found {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 GUID / CLSID not found {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}
225 GUID / CLSID not found {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}
227 GUID / CLSID not found
229 GUID / CLSID not found {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
001 audiodg.exe
001 C:\Windows\System32\csrss.exe
001 C:\Windows\System32\csrss.exe
001 C:\Windows\System32\conhost.exe
001 C:\Windows\System32\dwm.exe
001 C:\Windows\System32\hkcmd.exe
001 C:\Windows\System32\taskhost.exe
001 C:\Windows\System32\igfxtray.exe
001 C:\Windows\System32\lsass.exe
001 C:\Windows\System32\lsm.exe
001 C:\Windows\System32\igfxpers.exe
001 C:\Windows\System32\services.exe
001 C:\Windows\System32\spoolsv.exe
001 C:\Windows\System32\winlogon.exe
001 C:\Windows\System32\smss.exe
Missing files
-------------
010 C:\Windows\system32\AxInstSV.dll
010 C:\Windows\system32\aelupsvc.dll
010 C:\Windows\system32\appidsvc.dll
010 C:\Windows\system32\appinfo.dll
010 C:\Windows\system32\Alg.exe
010 C:\Windows\system32\qmgr.dll
010 C:\Windows\system32\bfe.dll
010 C:\Windows\system32\bdesvc.dll
010 C:\Windows\System32\bthserv.dll
010 C:\Windows\system32\browser.dll
010 C:\Windows\system32\vaultsvc.dll
010 C:\Windows\system32\dwm.exe
010 C:\Windows\system32\trkwks.dll
010 C:\Windows\system32\efssvc.dll
010 C:\Windows\system32\wecsvc.dll
010 C:\Windows\system32\wevtsvc.dll
010 C:\Windows\system32\fdPHost.dll
010 C:\Windows\system32\fdrespub.dll
010 C:\Windows\system32\ikeext.dll
010 C:\Windows\system32\ui0detect.exe
010 C:\Windows\system32\kmsvc.dll
010 C:\Windows\system32\lltdres.dll
010 C:\Windows\system32\eapsvc.dll
010 C:\Windows\system32\ipnathlp.dll
010 C:\Windows\System32\certprop.dll
010 C:\Windows\System32\certprop.dll
010 C:\Windows\system32\sppsvc.exe
010 C:\Windows\system32\TabSvc.dll
010 C:\Windows\System32\sensrsvc.dll
010 C:\Windows\system32\defragsvc.dll
010 C:\Windows\system32\wbengine.exe
010 C:\Windows\system32\vssvc.exe
010 C:\Windows\System32\swprv.dll
010 C:\Windows\system32\sdrsvc.dll
010 C:\Program Files (x86)\Windows Defender\MsMpRes.dll
010 C:\Windows\system32\mmcss.dll
010 C:\Windows\system32\mmcss.dll
010 C:\Windows\system32\netman.dll
010 C:\Windows\System32\nlasvc.dll
010 C:\Windows\system32\nsisvc.dll
010 C:\Windows\system32\p2psvc.dll
010 C:\Windows\system32\IPBusEnum.dll
010 C:\Windows\system32\pnrpauto.dll
010 C:\Windows\system32\pnrpsvc.dll
010 C:\Windows\system32\pnrpsvc.dll
010 C:\Windows\system32\wpdbusenum.dll
010 C:\Windows\System32\wercplsupport.dll
010 C:\Windows\system32\profsvc.dll
010 C:\Windows\system32\pcasvc.dll
010 C:\Windows\system32\sstpsvc.dll
010 C:\Windows\system32\qagentrt.dll
010 regsvc.dll
010 C:\Windows\system32\rasauto.dll
010 C:\Windows\system32\rasmans.dll
010 C:\Windows\System32\termsrv.dll
010 C:\Windows\system32\RpcEpMap.dll
010 C:\Windows\system32\Locator.exe
010 C:\Windows\system32\samsrv.dll
010 C:\Windows\system32\seclogon.dll
010 C:\Windows\system32\srvsvc.dll
010 C:\Windows\system32\iphlpsvc.dll
010 C:\Windows\system32\snmptrap.exe
010 C:\Windows\system32\spoolsv.exe
010 C:\Windows\system32\sppuinotify.dll
010 C:\Windows\system32\ssdpsrv.dll
010 C:\Windows\system32\wiaservc.dll
010 C:\Windows\system32\sysmain.dll
010 C:\Windows\system32\schedsvc.dll
010 C:\Windows\system32\tbssvc.dll
010 C:\Windows\system32\lmhsvc.dll
010 C:\Windows\system32\umpnpmgr.dll
010 C:\Windows\system32\umpo.dll
010 C:\Windows\system32\vds.exe
010 C:\Windows\system32\dps.dll
010 C:\Windows\system32\Wat\WatUX.exe
010 C:\Windows\System32\audiosrv.dll
010 C:\Windows\System32\audiosrv.dll
010 C:\Windows\system32\wbiosrvc.dll
010 C:\Windows\system32\wudfsvc.dll
010 C:\Windows\System32\wersvc.dll
010 C:\Windows\system32\FntCache.dll
010 C:\Windows\System32\ListSvc.dll
010 C:\Windows\System32\wscsvc.dll
010 C:\Windows\System32\themeservice.dll
010 C:\Windows\system32\w32time.dll
010 C:\Windows\system32\wuaueng.dll
010 C:\Windows\System32\wlansvc.dll
010 C:\Windows\system32\dot3svc.dll
010 C:\Windows\system32\wbem\wmisvc.dll
010 C:\Windows\system32\wbem\wmiapsrv.exe
010 C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
010 C:\Windows\system32\wkssvc.dll
010 C:\Windows\System32\wwansvc.dll
011 c:\windows\system32\drivers\1394ohci.sys
011 c:\windows\system32\drivers\ohci1394.sys
011 c:\windows\system32\drivers\agp440.sys
011 c:\windows\system32\drivers\CHDRT64.sys
011 c:\windows\system32\drivers\ACPI.sys
011 c:\windows\system32\drivers\acpipmi.sys
011 c:\windows\system32\DRIVERS\arcsas.sys
011 c:\windows\system32\DRIVERS\adp94xx.sys
011 c:\windows\system32\DRIVERS\adpahci.sys
011 c:\windows\system32\DRIVERS\adpu320.sys
011 c:\windows\system32\drivers\aliide.sys
011 c:\windows\system32\drivers\amdide.sys
011 c:\windows\system32\drivers\amdsata.sys
011 c:\windows\system32\DRIVERS\amdsbs.sys
011 c:\windows\system32\drivers\amdxata.sys
011 C:\Windows\system32\drivers\afd.sys
011 C:\Windows\system32\appidsvc.dll
011 c:\windows\system32\DRIVERS\arc.sys
011 c:\windows\system32\drivers\atapi.sys
011 c:\windows\system32\DRIVERS\athrx.sys
011 C:\Windows\system32\drivers\Beep.sys
011 C:\Windows\system32\drivers\fvevol.sys
011 c:\windows\system32\DRIVERS\blbdrive.sys
011 c:\windows\system32\DRIVERS\bthmodem.sys
011 c:\windows\system32\DRIVERS\hidbth.sys
011 c:\windows\system32\DRIVERS\Lbd.sys
011 c:\windows\system32\DRIVERS\b57nd60a.sys
011 c:\windows\system32\DRIVERS\evbda.sys
011 c:\windows\system32\DRIVERS\bxvbda.sys
011 c:\windows\System32\Drivers\Brserid.sys
011 c:\windows\System32\Drivers\BrSerWdm.sys
011 c:\windows\System32\Drivers\BrUsbMdm.sys
011 c:\windows\System32\Drivers\BrUsbSer.sys
011 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
011 C:\ComboFix\catchme.sys
011 c:\windows\system32\DRIVERS\CAXHWAZL.sys
011 c:\windows\system32\DRIVERS\GEARAspiWDM.sys
011 c:\windows\system32\DRIVERS\cdfs.sys
011 c:\windows\system32\drivers\cmdide.sys
011 System32\Drivers\cng.sys
011 C:\Windows\system32\clfs.sys
011 c:\windows\system32\DRIVERS\compbatt.sys
011 C:\Windows\system32\browser.dll
011 c:\windows\system32\DRIVERS\circlass.sys
011 c:\windows\system32\DRIVERS\CmBatt.sys
011 c:\windows\system32\DRIVERS\usbhub.sys
011 C:\Windows\system32\drivers\dfsc.sys
011 c:\windows\System32\drivers\dxgkrnl.sys
011 c:\windows\system32\DRIVERS\crcdisk.sys
011 c:\windows\system32\DRIVERS\usbehci.sys
011 c:\windows\system32\DRIVERS\elxstor.sys
011 c:\windows\system32\drivers\errdev.sys
011 c:\windows\system32\DRIVERS\fssfltr.sys
011 C:\Windows\system32\drivers\fastfat.sys
011 C:\Windows\system32\drivers\fsdepends.sys
011 C:\Windows\system32\drivers\filetrace.sys
011 C:\Windows\system32\drivers\fileinfo.sys
011 c:\windows\system32\DRIVERS\fdc.sys
011 c:\windows\system32\DRIVERS\flpydisk.sys
011 c:\windows\system32\DRIVERS\umpass.sys
011 C:\Windows\system32\drivers\hwpolicy.sys
011 c:\windows\system32\drivers\hcw85cir.sys
011 c:\windows\system32\DRIVERS\HidBatt.sys
011 c:\windows\system32\drivers\kbdhid.sys
011 c:\windows\system32\DRIVERS\mouhid.sys
011 c:\windows\system32\drivers\HDAudBus.sys
011 c:\windows\system32\drivers\HdAudio.sys
011 c:\windows\system32\DRIVERS\HpqKbFiltr.sys
011 c:\windows\system32\drivers\HpSAMD.sys
011 c:\windows\system32\DRIVERS\CAX_DPV.sys
011 C:\Windows\system32\drivers\http.sys
011 c:\windows\system32\drivers\i8042prt.sys
011 c:\windows\system32\DRIVERS\igdkmd64.sys
011 c:\windows\system32\DRIVERS\iirsp.sys
011 C:\Windows\system32\drivers\irenum.sys
011 c:\windows\system32\DRIVERS\hidir.sys
011 c:\windows\system32\drivers\iaStorV.sys
011 c:\windows\system32\DRIVERS\netw5v64.sys
011 c:\windows\system32\drivers\intelide.sys
011 c:\windows\system32\drivers\IPMIDrv.sys
011 System32\drivers\ipnat.sys
011 c:\windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS
011 c:\windows\system32\drivers\isapnp.sys
011 c:\windows\system32\drivers\Wdf01000.sys
011 c:\windows\system32\drivers\ksthunk.sys
011 c:\windows\system32\drivers\kbdclass.sys
011 System32\Drivers\ksecdd.sys
011 System32\Drivers\ksecpkg.sys
011 c:\windows\system32\DRIVERS\lltdio.sys
011 c:\windows\system32\DRIVERS\rspndr.sys
011 C:\Windows\system32\drivers\spldr.sys
011 c:\windows\system32\DRIVERS\lsi_fc.sys
011 c:\windows\system32\DRIVERS\lsi_sas.sys
011 c:\windows\system32\DRIVERS\lsi_sas2.sys
011 c:\windows\system32\DRIVERS\lsi_scsi.sys
011 C:\Windows\system32\drivers\luafv.sys
011 C:\Windows\system32\drivers\secdrv.sys
011 C:\Windows\system32\drivers\mbam.sys
011 C:\Windows\system32\drivers\netbt.sys
011 c:\windows\system32\DRIVERS\mdmxsdk.sys
011 c:\windows\system32\DRIVERS\megasas.sys
011 c:\windows\system32\DRIVERS\MegaSR.sys
011 c:\windows\system32\drivers\msdsm.sys
011 C:\Windows\system32\drivers\exfat.sys
011 C:\Windows\system32\drivers\fltmgr.sys
011 c:\windows\system32\drivers\msiscsi.sys
011 c:\windows\system32\DRIVERS\MTConfig.sys
011 C:\Windows\system32\drivers\qwavedrv.sys
011 c:\windows\system32\DRIVERS\rdpbus.sys
011 C:\Windows\System32\drivers\scfilter.sys
011 c:\windows\system32\drivers\drmkaud.sys
011 c:\windows\system32\DRIVERS\tunnel.sys
011 c:\windows\system32\DRIVERS\wd.sys
011 c:\windows\system32\DRIVERS\yk62x64.sys
011 c:\windows\system32\drivers\modem.sys
011 c:\windows\system32\DRIVERS\monitor.sys
011 C:\Windows\system32\drivers\mountmgr.sys
011 c:\windows\system32\drivers\mouclass.sys
011 c:\windows\system32\DRIVERS\uagp35.sys
011 c:\windows\system32\DRIVERS\gagp30kx.sys
011 c:\windows\system32\drivers\MSKSSRV.sys
011 c:\windows\system32\drivers\MSPCLOCK.sys
011 c:\windows\system32\drivers\MSPQM.sys
011 c:\windows\system32\drivers\msahci.sys
011 C:\Windows\system32\drivers\Msfs.sys
011 c:\windows\system32\drivers\msisadrv.sys
011 C:\Windows\system32\drivers\MsRPC.sys
011 c:\windows\system32\drivers\mpio.sys
011 C:\Windows\system32\drivers\mup.sys
011 c:\windows\system32\drivers\CompositeBus.sys
011 c:\windows\system32\drivers\tdpipe.sys
011 c:\windows\system32\DRIVERS\nwifi.sys
011 C:\Windows\system32\drivers\ndis.sys
011 c:\windows\system32\DRIVERS\ndiscap.sys
011 C:\Windows\system32\drivers\NDProxy.sys
011 c:\windows\system32\DRIVERS\ndisuio.sys
011 c:\windows\system32\DRIVERS\netbios.sys
011 c:\windows\system32\drivers\NISx64\1206000.01D\SYMNETS.SYS
011 c:\windows\system32\drivers\nv_agp.sys
011 c:\windows\system32\DRIVERS\nfrd960.sys
011 C:\Windows\system32\drivers\Npfs.sys
011 C:\Windows\system32\drivers\nsiproxy.sys
011 C:\Windows\system32\drivers\Ntfs.sys
011 c:\windows\system32\drivers\pci.sys
011 C:\Windows\system32\drivers\Null.sys
011 c:\windows\system32\drivers\nvraid.sys
011 c:\windows\system32\drivers\nvstor.sys
011 c:\windows\system32\DRIVERS\usbohci.sys
011 c:\windows\system32\DRIVERS\parport.sys
011 C:\Windows\system32\drivers\partmgr.sys
011 C:\Windows\system32\drivers\mshidkmdf.sys
011 c:\windows\system32\drivers\pciide.sys
011 c:\windows\system32\DRIVERS\pcmcia.sys
011 System32\drivers\pcw.sys
011 c:\windows\system32\drivers\swenum.sys
011 c:\windows\system32\DRIVERS\disk.sys
011 c:\windows\system32\DRIVERS\amdppm.sys
011 c:\windows\system32\DRIVERS\amdk8.sys
011 c:\windows\system32\DRIVERS\intelppm.sys
011 c:\windows\system32\DRIVERS\processr.sys
011 c:\windows\system32\drivers\peauth.sys
011 C:\Windows\system32\sstpsvc.dll
011 c:\windows\system32\DRIVERS\ql2300.sys
011 c:\windows\system32\DRIVERS\ql40xx.sys
011 C:\Windows\System32\drivers\pacer.sys
011 c:\windows\system32\DRIVERS\AgileVpn.sys
011 System32\DRIVERS\rasacd.sys
011 C:\Windows\system32\drivers\RDPENCDD.sys
011 C:\Windows\system32\DRIVERS\RDPCDD.sys
011 C:\Windows\system32\drivers\RdpRefMp.sys
011 C:\Windows\system32\drivers\RDPWD.sys
011 System32\drivers\rdyboost.sys
011 c:\windows\system32\DRIVERS\Rt64win7.sys
011 c:\windows\System32\Drivers\RtsUStor.sys
011 c:\windows\system32\drivers\termdd.sys
011 C:\Windows\system32\drivers\tsusbflt.sys
011 c:\windows\system32\DRIVERS\Rts516xIR.sys
011 c:\windows\system32\DRIVERS\RtsUCcid.sys
011 c:\windows\system32\drivers\sbp2port.sys
011 C:\Windows\system32\drivers\SBREdrv.sys
011 c:\windows\system32\drivers\cdrom.sys
011 c:\windows\system32\DRIVERS\sfloppy.sys
011 c:\windows\system32\drivers\sdbus.sys
011 c:\windows\system32\DRIVERS\psi_mf.sys
011 c:\windows\system32\DRIVERS\serial.sys
011 c:\windows\system32\DRIVERS\sermouse.sys
011 c:\windows\system32\DRIVERS\serenum.sys
011 C:\Windows\system32\srvsvc.dll
011 C:\Windows\system32\srvsvc.dll
011 c:\windows\system32\DRIVERS\SiSRaid2.sys
011 c:\windows\system32\DRIVERS\sisraid4.sys
011 c:\windows\system32\drivers\sffdisk.sys
011 c:\windows\system32\drivers\sffp_mmc.sys
011 c:\windows\system32\drivers\sffp_sd.sys
011 c:\windows\system32\DRIVERS\VSTAZL6.SYS
011 c:\windows\system32\DRIVERS\VSTDPV6.SYS
011 c:\windows\system32\DRIVERS\VSTCNXT6.SYS
011 System32\DRIVERS\srvnet.sys
011 c:\windows\system32\DRIVERS\stexstor.sys
011 c:\windows\system32\drivers\NISx64\1206000.01D\SRTSP64.SYS
011 c:\windows\system32\drivers\NISx64\1206000.01D\SRTSPX64.SYS
011 c:\windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS
011 c:\windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS
011 C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
011 c:\windows\system32\DRIVERS\SynTP.sys
011 C:\Windows\system32\drivers\discache.sys
011 c:\windows\system32\drivers\mssmbios.sys
011 c:\windows\system32\drivers\tdtcp.sys
011 c:\windows\system32\DRIVERS\tcpip.sys
011 System32\drivers\tcpipreg.sys
011 C:\Windows\System32\DRIVERS\tssecsrv.sys
011 c:\windows\system32\DRIVERS\udfs.sys
011 c:\windows\system32\DRIVERS\usbuhci.sys
011 c:\windows\system32\drivers\uliagpkx.sys
011 c:\windows\system32\drivers\usbaudio.sys
011 c:\windows\system32\DRIVERS\usbccgp.sys
011 c:\windows\system32\drivers\usbcir.sys
011 c:\windows\system32\DRIVERS\USBSTOR.SYS
011 c:\windows\system32\drivers\hidusb.sys
011 c:\windows\system32\DRIVERS\usbprint.sys
011 c:\windows\system32\DRIVERS\usbscan.sys
011 System32\Drivers\usbaapl64.sys
011 c:\windows\system32\drivers\umbus.sys
011 c:\windows\system32\DRIVERS\vgapnp.sys
011 c:\windows\System32\drivers\vga.sys
011 c:\windows\system32\drivers\vhdmp.sys
011 c:\windows\system32\drivers\viaide.sys
011 c:\windows\system32\drivers\vdrvroot.sys
011 c:\windows\system32\DRIVERS\vwifibus.sys
011 c:\windows\system32\DRIVERS\vwififlt.sys
011 c:\windows\system32\DRIVERS\vwifimp.sys
011 c:\windows\system32\drivers\volmgr.sys
011 C:\Windows\system32\drivers\volmgrx.sys
011 c:\windows\system32\drivers\volsnap.sys
011 c:\windows\system32\DRIVERS\vsmraid.sys
011 c:\windows\system32\DRIVERS\wacompen.sys
011 c:\windows\system32\drivers\MSTEE.sys
011 c:\windows\system32\DRIVERS\wfplwf.sys
011 c:\windows\system32\DRIVERS\CAX_CNXT.sys
011 c:\windows\system32\drivers\WudfPf.sys
011 c:\windows\system32\drivers\wmiacpi.sys
011 c:\windows\system32\DRIVERS\BrFiltLo.sys
011 c:\windows\system32\DRIVERS\BrFiltUp.sys
011 C:\Windows\System32\drivers\ws2ifsl.sys
011 C:\Windows\system32\wkssvc.dll
011 C:\Windows\system32\wkssvc.dll
011 C:\Windows\system32\wkssvc.dll
011 C:\Windows\system32\wkssvc.dll
011 c:\windows\system32\DRIVERS\WUDFRd.sys
011 c:\windows\system32\DRIVERS\XAudio64.sys
032 rdpclip
069 CNMLMA5.DLL
069 CNMN6PPM.DLL
069 CNCF2Lk.DLL
069 localspl.dll
069 FXSMON.DLL
069 tcpmon.dll
069 usbmon.dll
069 WSDMon.dll
145 kbdclass.sys
148 C:\Windows\system32\ntvdm.exe
210 C:\Windows\system32\sdclt.exe
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,414 posts.
 
Join Date: Mar 2001
Location: Bradford, England
19-Oct-2011, 03:51 PM #83
Hmmm, not what I was expecting, so lets go this route, as I prefer this way. And its not as lengthy as it looks

Download OTS to your Desktop and double-click on it to run it
  • Make sure you close all other programs and don't use the PC while the scan runs.
  • Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and post the information back here in an attachment. I will review it when it comes in. The last line is < End of Report >, so make sure that is the last line in the attached report.


Make sure you attach the report in your reply. If it is too big to upload, then zip the text file and upload it that way
nittiley's Avatar
Account Disabled with 2,667 posts.
THREAD STARTER
 
Join Date: Aug 2011
Experience: Beginner
20-Oct-2011, 10:16 AM #84
was that an oh-it's-just-something-else unexpectedness, or an oh-this-could-be-something-nasty? wait, nevermind.. i don't want to know!
nittiley's Avatar
Account Disabled with 2,667 posts.
THREAD STARTER
 
Join Date: Aug 2011
Experience: Beginner
20-Oct-2011, 10:43 AM #85
i just made it a zip file from the outset. ok, heaving another stack of work @ you.. eddie? can you breathe underneath this huge pile??!
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
nittiley's Avatar
Account Disabled with 2,667 posts.
THREAD STARTER
 
Join Date: Aug 2011
Experience: Beginner
21-Oct-2011, 10:48 AM #86
getting several pop-ups about an unknown plug-in crashing. it is ok to ignore those? thanks!!
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,414 posts.
 
Join Date: Mar 2001
Location: Bradford, England
21-Oct-2011, 12:31 PM #87
Will look at the log soon, but where are you getting the pop-ups? Is it at a certain or site, or just online?
nittiley's Avatar
Account Disabled with 2,667 posts.
THREAD STARTER
 
Join Date: Aug 2011
Experience: Beginner
22-Oct-2011, 08:55 AM #88
it didn't happen today so far, but those pop ups were during the last 2-ish days & only when i'm using explorer. it started when i opened the browser while the home page was loading, & then when i was trying to get on techguy. plus (as if you need more of this!) explorer kept freezing & i had to use task manager to close it.

so @ that point i was here on techguy, everything froze, i'd end task, log back in, repeat. forget how many times that happened, but many. :s

btw, i have one complaint about that long sleeved white coat that came with this computer.. it didn't have perforations for my fingers to get @ the keyboard!
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,414 posts.
 
Join Date: Mar 2001
Location: Bradford, England
24-Oct-2011, 01:31 PM #89
No, its just that RunScanner found loads of files as unknown, and I prefer to double-check, and looks like its fine. Fix to follow at the end

You must have my white coat, as I lost my mind last week, but someone did borrow my crystal ball at work, and I want it back

If the popup appears again, let me know


--

Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.

Code:
[Unregister Dlls]
[Registry - Safe List]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
[Files/Folders - Modified Within 30 Days]
NY ->  8 C:\Users\peck ent\AppData\Local\Temp\*.tmp files -> C:\Users\peck ent\AppData\Local\Temp\*.tmp
[Alternate Data Streams]
NY -> @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:DFC5A2B2
NY -> @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:D1B5B4F1
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
nittiley's Avatar
Account Disabled with 2,667 posts.
THREAD STARTER
 
Join Date: Aug 2011
Experience: Beginner
25-Oct-2011, 01:53 PM #90
so far, no more pop-ups of that nature

since you closed the holes for the fingers on that white coat, did it mean, "don't touch the computer!" ?

uh oh, whoever borrowed your crystal ball is going to know that you want it back..!

this thread needs a status bar.. 98% resolved

have to run into town again, back later to run the fix.. & many thanks again eddie!!
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑