1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer Running Super Slow

Discussion in 'Virus & Other Malware Removal' started by Ashbery, Jun 1, 2011.

Thread Status:
Not open for further replies.
  1. Ashbery

    Ashbery Thread Starter

    Joined:
    Jun 1, 2011
    Messages:
    3
    Hello

    I'm totally nervous about this. I'm not that smart about computers. My computer started running very slow yesterday. It seems to hesitate when doing anything. In the web browser,the little thing I call the 'thinking circle' goes around and around for a minute then firefox will go into a "not responding" mode. Another odd thing is Netflix instant is skipping. Yesterday morning i could watch a movie in IE and check email in Firefox simultaneously. By 5pm i could barely do one at a time. I ran Norton Virus and some sort of Norton deep clean thing. It turned up nothing. But I have this weird feeling it is a virus or something. Any help would be appreciated. I just started an online class and i don't have the $150 to take this into the computer guy.

    Thank you in advance
    Ashbery
    OS Version: Microsoft® Windows Vista™ Home Premium , Service Pack 2, 32 bit
    Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-60, x64 Family 15 Model 104 Stepping 2
    Processor Count: 2
    RAM: 1982 Mb
    Graphics Card: NVIDIA MCP67M, 64 Mb
    Hard Drives: C: Total - 226251 MB, Free - 147293 MB; D: Total - 12221 MB, Free - 1901 MB;
    Motherboard: Quanta, 30CF, 85.24, None1
    Antivirus: Norton 360, Updated: Yes, On-Demand Scanner: Enabled

    ____________________________________________________
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:52:52 AM, on 6/1/2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Users\Amanda\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://movies.netflix.com/WiHome
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.1.0.29\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.1.0.29\coIEPlg.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Amanda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} (Enlite 2.x Simulation Engine Installer) - http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
    O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 9604 bytes
    ________________________________
    .
    DDS (Ver_11-05-19.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
    Run by Amanda at 4:54:42 on 2011-06-01
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1982.1195 [GMT -4:00]
    .
    AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k hpdevmgmt
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Windows\system32\UI0Detect.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Amanda\Downloads\dds.pif
    C:\Windows\system32\WSCRIPT.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://movies.netflix.com/WiHome
    mStart Page = hxxp://www.yahoo.com
    mDefault_Page_URL = hxxp://www.yahoo.com
    uInternet Settings,ProxyOverride = *.local
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\5.1.0.29\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\5.1.0.29\ips\IPSBHO.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\5.1.0.29\coIEPlg.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [Google Update] "c:\users\amanda\appdata\local\google\update\GoogleUpdate.exe" /c
    mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
    mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
    mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [OnScreenDisplay] c:\program files\hewlett-packard\hp quicktouch\HPKBDAPP.exe
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
    mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
    mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\1.0"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    StartupFolder: c:\users\amanda\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
    DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\amanda\appdata\roaming\mozilla\firefox\profiles\eu2qnqhg.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
    FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\coffplgn\components\coFFPlgn.dll
    FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\ipsffplgn\components\IPSFFPl.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
    FF - plugin: c:\users\amanda\appdata\local\google\update\1.3.21.57\npGoogleUpdate3.dll
    FF - plugin: c:\users\amanda\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
    FF - plugin: c:\users\amanda\appdata\roaming\mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\users\amanda\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
    ============= SERVICES / DRIVERS ===============
    .
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0501000.01d\SymDS.sys [2011-5-24 340088]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0501000.01d\SymEFA.sys [2011-5-24 744568]
    R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\bashdefs\20110518.001\BHDrvx86.sys [2011-5-24 802936]
    R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\ipsdefs\20110527.001\IDSvix86.sys [2011-5-28 353912]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0501000.01d\Ironx86.sys [2011-5-24 136312]
    R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0501000.01d\symtdiv.sys [2011-5-24 331384]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2010-10-27 21504]
    R2 N360;Norton 360;c:\program files\norton 360\engine\5.1.0.29\ccSvcHst.exe [2011-5-24 130008]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-5-10 105592]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-4-23 136176]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-4-23 136176]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2011-05-31 06:34:28 -------- d-----w- c:\users\amanda\appdata\local\NPE
    2011-05-31 06:22:34 6962000 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{35b50f62-7d66-409e-9d46-3b3f018cd649}\mpengine.dll
    2011-05-31 02:50:41 -------- d-----w- c:\programdata\LightScribe
    2011-05-24 21:58:14 -------- d-----w- c:\users\amanda\appdata\roaming\Tific
    2011-05-24 18:30:31 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2011-05-24 18:28:35 331384 ----a-r- c:\windows\system32\drivers\n360\0501000.01d\symtdiv.sys
    2011-05-24 18:28:34 744568 ----a-r- c:\windows\system32\drivers\n360\0501000.01d\SymEFA.sys
    2011-05-24 18:28:34 516216 ----a-r- c:\windows\system32\drivers\n360\0501000.01d\srtsp.sys
    2011-05-24 18:28:34 50168 ----a-r- c:\windows\system32\drivers\n360\0501000.01d\srtspx.sys
    2011-05-24 18:28:34 340088 ----a-r- c:\windows\system32\drivers\n360\0501000.01d\SymDS.sys
    2011-05-24 18:28:34 296568 ----a-r- c:\windows\system32\drivers\n360\0501000.01d\symnets.sys
    2011-05-24 18:28:34 136312 ----a-r- c:\windows\system32\drivers\n360\0501000.01d\Ironx86.sys
    2011-05-24 18:28:24 -------- d-----w- c:\windows\system32\drivers\n360\0501000.01D
    2011-05-23 20:11:14 -------- d-----w- c:\users\amanda\appdata\roaming\Juniper Networks
    2011-05-15 06:10:02 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-05-10 20:53:36 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
    2011-05-10 06:03:56 -------- d-----w- c:\users\amanda\appdata\roaming\BudgetExpress 3
    2011-05-10 06:03:09 25088 ----a-w- c:\windows\system32\msxml3a.dll
    2011-05-10 06:02:41 -------- d-----w- c:\program files\BudgetExpress 3
    .
    ==================== Find3M ====================
    .
    2011-05-24 23:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe
    2011-05-24 18:29:31 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2011-04-06 20:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
    2011-04-06 20:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll
    2011-04-06 20:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll
    2011-04-06 20:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
    2011-03-12 21:55:52 876032 ----a-w- c:\windows\system32\XpsPrint.dll
    2011-03-10 17:03:51 1162240 ----a-w- c:\windows\system32\mfc42u.dll
    2011-03-10 17:03:51 1136640 ----a-w- c:\windows\system32\mfc42.dll
    2011-03-03 15:42:03 739328 ----a-w- c:\windows\system32\inetcomm.dll
    2011-03-03 15:40:13 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2011-03-03 15:40:07 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
    2011-03-03 15:40:05 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
    2011-03-03 15:40:05 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
    2011-03-03 15:40:04 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
    2011-03-03 13:35:36 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2011-03-03 13:25:11 2041856 ----a-w- c:\windows\system32\win32k.sys
    .
    ============= FINISH: 4:56:06.39 ===============
    _________________________________________________________
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-05-19.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/28/2007 11:01:33 AM
    System Uptime: 5/31/2011 11:26:19 PM (5 hours ago)
    .
    Motherboard: Quanta | | 30CF
    Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-60 | Socket S1 | 800/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 221 GiB total, 143.255 GiB free.
    D: is FIXED (NTFS) - 12 GiB total, 1.857 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    32 Bit HP CIO Components Installer
    Activation Assistant for the 2007 Microsoft Office suites
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 8.2.6
    Adobe Shockwave Player
    AIM 7
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Atheros Driver Installation Program
    Bonjour
    BudgetExpress 3
    BufferChm
    Cards_Calendar_OrderGift_DoMorePlugout
    Compatibility Pack for the 2007 Office system
    Conexant HD Audio
    Coupon Printer for Windows
    CyberLink YouCam
    D2600
    DeviceDiscovery
    DJ_SF_05_D2600_Software_Min
    Download Updater (AOL LLC)
    DVD Suite
    EA Link
    EasyInfo
    ESU for Microsoft Vista
    Google Earth Plug-in
    Google Talk Plugin
    Google Update Helper
    GPBaseService2
    Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
    HDAUDIO Soft Data Fax Modem with SmartCP
    Hewlett-Packard Active Check
    Hewlett-Packard Asset Agent for Health Check
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Customer Experience Enhancements
    HP Customer Participation Program 14.0
    HP Deskjet D2600 Printer Driver Software 14.0 Rel. 5
    HP Doc Viewer
    HP Easy Setup - Frontend
    HP Help and Support
    HP Imaging Device Functions 14.0
    HP Photo Creations
    HP Photosmart Essential 2.5
    HP Product Detection
    HP Quick Launch Buttons 6.30 E1
    HP QuickPlay 3.6
    HP QuickTouch 1.00 C4
    HP Smart Web Printing 4.60
    HP Solution Center 14.0
    HP Total Care Advisor
    HP Update
    HP User Guides 0087
    HP Wireless Assistant
    HPNetworkAssistant
    HPPhotoGadget
    HPPhotoSmartDiscLabel_PaperLabel
    HPPhotoSmartDiscLabel_PrintOnDisc
    HPPhotoSmartDiscLabel_Tattoo
    HPPhotoSmartDiscLabelContent1
    hpphotosmartdisclabelplugin
    HPPhotoSmartPhotobookHolidayPack1
    HPPhotoSmartPhotobookModernPack1
    HPPhotoSmartPhotobookPlayfulPack1
    HPPhotoSmartPhotobookScrapbookPack1
    HPPhotoSmartPhotobookWebPack1
    HPProductAssistant
    HPSSupply
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 2
    Java(TM) 6 Update 24
    Juniper Networks Setup Client
    Juniper Networks Setup Client Activex Control
    LabelPrint
    LightScribe System Software 1.10.13.1
    MarketResearch
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable - KB2467175
    Microsoft Works
    MobileMe Control Panel
    Mozilla Firefox 4.0.1 (x86 en-US)
    MSCU for Microsoft Vista
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    muvee autoProducer 6.1
    My HP Games
    NetWaiting
    Norton 360
    NVIDIA Drivers
    Octoshape add-in for Adobe Flash Player
    OGA Notifier 2.0.0048.0
    Power2Go
    PowerDirector
    PSSWCORE
    QuickPlay SlingPlayer 0.4.4
    QuickTime
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
    Safari
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2466156)
    Security Update for 2007 Microsoft Office System (KB2509488)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft Office Excel 2007 (KB2464583)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
    Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Shop for HP Supplies
    SmartWebPrinting
    SolutionCenter
    Status
    Synaptics Pointing Device Driver
    The Sims™ Life Stories
    Toolbox
    TrayApp
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    VideoToolkit01
    Viewpoint Media Player
    WeatherBug Gadget
    WebReg
    Windows Media Player Firefox Plugin
    Yahoo! BrowserPlus 2.9.8
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    5/31/2011 11:27:55 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    5/31/2011 11:27:50 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer PATTI-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D2DC9269-AE8B-40BF-9C48-1D4EDAC30. The master browser is stopping or an election is being forced.
    5/30/2011 11:40:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
    5/30/2011 11:39:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.
    .
    ==== End Of File ===========================
    GMER 1.0.15.15640 - http://www.gmer.net
    Rootkit scan 2011-06-01 09:03:35
    Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 Hitachi_HTS542525K9SA00 rev.BBFOC32P
    Running: vd51jbv5.exe; Driver: C:\Users\Amanda\AppData\Local\Temp\pwdiqpog.sys


    ---- System - GMER 1.0.15 ----

    SSDT 90BE1268 ZwAlertResumeThread
    SSDT 90BE1348 ZwAlertThread
    SSDT 90BE1C58 ZwAllocateVirtualMemory
    SSDT 8725CAF0 ZwAlpcConnectPort
    SSDT 8779A678 ZwAssignProcessToJobObject
    SSDT 8779AEE0 ZwCreateMutant
    SSDT 8779A398 ZwCreateSymbolicLinkObject
    SSDT 872F1388 ZwCreateThread
    SSDT 8779A758 ZwDebugActiveProcess
    SSDT 90BE1E28 ZwDuplicateObject
    SSDT 90BE1A78 ZwFreeVirtualMemory
    SSDT 8779AFD0 ZwImpersonateAnonymousToken
    SSDT 90BE1188 ZwImpersonateThread
    SSDT 872082E0 ZwLoadDriver
    SSDT 90BE1978 ZwMapViewOfSection
    SSDT 8779AE00 ZwOpenEvent
    SSDT 872F10F0 ZwOpenProcess
    SSDT 90BE1D48 ZwOpenProcessToken
    SSDT 8779AAE0 ZwOpenSection
    SSDT 90BE1F18 ZwOpenThread
    SSDT 8779A588 ZwProtectVirtualMemory
    SSDT 90BE1428 ZwResumeThread
    SSDT 90BE16C8 ZwSetContextThread
    SSDT 90BE17A8 ZwSetInformationProcess
    SSDT 8779A998 ZwSetSystemInformation
    SSDT 8779ABC0 ZwSuspendProcess
    SSDT 90BE1508 ZwSuspendThread
    SSDT 872F1468 ZwTerminateProcess
    SSDT 90BE15E8 ZwTerminateThread
    SSDT 90BE1898 ZwUnmapViewOfSection
    SSDT 90BE1B68 ZwWriteVirtualMemory
    SSDT 8779A488 ZwCreateThreadEx

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!KeSetEvent + 11D 81CBB8A0 8 Bytes [68, 12, BE, 90, 48, 13, BE, ...]
    .text ntkrnlpa.exe!KeSetEvent + 131 81CBB8B4 4 Bytes [58, 1C, BE, 90] {POP EAX; SBB AL, 0xbe; NOP }
    .text ntkrnlpa.exe!KeSetEvent + 13D 81CBB8C0 4 Bytes [F0, CA, 25, 87]
    .text ntkrnlpa.exe!KeSetEvent + 191 81CBB914 4 Bytes JMP FB72319A
    .text ntkrnlpa.exe!KeSetEvent + 1F5 81CBB978 4 Bytes [E0, AE, 79, 87] {LOOPNZ 0xffffffffffffffb0; JNS 0xffffffffffffff8b}
    .text ...
    .text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8D607360, 0x35B0A2, 0xE8000020]
    ? C:\Users\Amanda\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
    AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\[email protected] 1540

    ---- EOF - GMER 1.0.15 ----
     
  2. Ashbery

    Ashbery Thread Starter

    Joined:
    Jun 1, 2011
    Messages:
    3
    Just bumping. Any help?
     
  3. Ashbery

    Ashbery Thread Starter

    Joined:
    Jun 1, 2011
    Messages:
    3
    Hi again.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/999987

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice