Tech Support Forum 26-09-2013
Dear Sirs
Help Please
My name is Jack Willday, and I have recently in the last 3 months purchased a new laptop a Samsung 900X4C-A03
The computer arrived running Windows 8 which is proving to be for me at 70 years of age a big problem.
I recently when scanning the Internet opened what I thought was an innocent program, but my antivirus program opened a box saying there was a threat (problem), and asking me to protect or allow.
I do not know how or why I did it, but I think I must of clicked allow instead of protect, other than the curer often when I use the computer, jumps all over the place.
I was using Google Chrome, which still worked for a little time, but it will not now work.
When Google Chrome was still working, I tried to follow your pre-contact instructions with the following results.
DDS: Would not download I only received a blank page.
GMER Rootkit Scanner
Downloaded the program and opened it
Received a box saying: C:#windows#system33#config#system: (Sorry but I cannot find back slash on my computer)
The process cannot access the file because it is being used by another process.
Click OK
Box saying: Gmer.exe has stopped working
A problem caused the program to stop working
Windows will close the program and notify you if a solution is available.
I re-ran the program.
This time I double clocked and the program opened.
I un-clicked IAT/EAT & Show all
The program ran and produced a log which is on my Desktop, (Copied Below)
GMER 2.1.19163 - GMER - Rootkit Detector and Remover
Rootkit scan 2013-09-23 13:35:34
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003e LITEONIT_LMT-256M3M rev.VZJ4 238.47GB
Running: gmer.exe; Driver: C:\Users\Jack\AppData\Local\Temp\pxroypoc.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\windows\System32\win32k.sys!W32pServiceTable fffff96000224200 7 bytes [40, 3B, 82, 01, 00, 53, F2]
.text C:\windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000224208 7 bytes [01, 63, C0, FF, 00, 17, DB]
---- Threads - GMER 2.1 ----
Thread C:\windows\system32\csrss.exe [676:700] fffff960008c05e8
Thread C:\windows\system32\svchost.exe [892:6044] 000007faffdd1f34
Thread C:\windows\system32\svchost.exe [516:3384] 000007fb03461824
Thread C:\windows\system32\svchost.exe [516:4152] 000007fb018c51dc
Thread C:\windows\system32\svchost.exe [516:4156] 000007fb031b1470
Thread C:\windows\system32\svchost.exe [516:4168] 000007fb031b1470
Thread C:\windows\system32\svchost.exe [516:3840] 000007fb0b665c38
Thread C:\windows\system32\svchost.exe [516:4132] 000007fb08bc16b0
Thread C:\windows\system32\svchost.exe [516:9932] 000007fafde110f0
Thread C:\windows\System32\spoolsv.exe [1488:2736] 000007fb04b254c0
Thread C:\windows\System32\spoolsv.exe [1488:2780] 000007fb047030ec
Thread C:\windows\System32\spoolsv.exe [1488:2924] 000007fb04e65798
Thread C:\windows\System32\spoolsv.exe [1488:2976] 000007fb04eae080
Thread C:\windows\System32\spoolsv.exe [1488:3056] 000007fb04da81ac
Thread C:\windows\system32\svchost.exe [1532:1552] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1592] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1604] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1624] 000007fb0823c4f0
Thread C:\windows\system32\svchost.exe [1532:1692] 000007fb08248810
Thread C:\windows\system32\svchost.exe [1532:1700] 000007fb08265170
Thread C:\windows\system32\svchost.exe [1532:1704] 000007fb082484a0
Thread C:\windows\system32\svchost.exe [1532:1888] 000007fb064131a0
Thread C:\windows\system32\svchost.exe [1532:3672] 000007fb06419c68
Thread C:\windows\system32\svchost.exe [1532:4036] 000007fb020524e8
Thread C:\windows\system32\svchost.exe [1532:4048] 000007fb01cf4910
Thread C:\windows\system32\svchost.exe [1532:4072] 000007fb01c61544
Thread C:\windows\system32\svchost.exe [1532:4076] 000007fb01c455dc
Thread C:\windows\system32\svchost.exe [1532:6512] 000007fb01cf1044
Thread C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe [2120:4248] 00000000725a7419
Thread C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe [2120:4404] 00000000727ee520
Thread C:\windows\SysWOW64\svchost.exe [2224:2244] 0000000074c68064
Thread C:\windows\SysWOW64\svchost.exe [2224:2492] 000000001000d0d0
Thread C:\windows\SysWOW64\svchost.exe [2224:2516] 000000003af11400
Thread C:\windows\SysWOW64\svchost.exe [2224:3560] 0000000074c68064
Thread C:\windows\SysWOW64\svchost.exe [2224:5936] 000000006e9c1c6a
Thread C:\windows\SysWOW64\svchost.exe [2224:7500] 00000000774e50a7
Thread C:\windows\SysWOW64\svchost.exe [2224:9092] 00000000774e50a7
Thread C:\windows\SYSTEM32\ntdll.dll [3328:3332] 00000000008a1c94
Thread C:\windows\SYSTEM32\ntdll.dll [4252:4208] 0000000000416a76
Thread C:\windows\SYSTEM32\ntdll.dll [4252:4308] 0000000000409230
Thread C:\windows\SYSTEM32\ntdll.dll [5140:5144] 00000000004020c8
Thread C:\windows\SYSTEM32\ntdll.dll [5700:5704] 00000000004c82f4
Thread C:\windows\SYSTEM32\ntdll.dll [5700:5720] 0000000000427070
Thread C:\windows\SYSTEM32\ntdll.dll [7216:8388] 00000000010b1795
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
I am now using Internet Explorer.
DDS: I have just downloaded and ran, see logs.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16688
Run by Jack at 17:02:33 on 2013-09-26
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.7814.5816 [GMT 3:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\dwm.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskhostex.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
C:\windows\system32\dashost.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\windows\system32\igfxext.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Samsung\S Agent\CommonAgent.exe
C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\wwahost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\windows\splwow64.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\msiexec.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://samsung13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{A9F55109-D9DE-4BA7-B3B8-F2285CBF2A9D} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{A9F55109-D9DE-4BA7-B3B8-F2285CBF2A9D}\85D26496C656 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /S3HpProtect
x64-Run: [RtHDVBg_SRSSA] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SRSSA
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Bitcasa] C:\Program Files\Bitcasa\Bitcasa.exe /startup
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\Drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\windows\System32\Drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\Drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\Drivers\avgrkx64.sys [2013-9-5 45880]
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2013-1-7 645952]
R0 intmsd;IntelliMemory Storage Filter Driver;C:\windows\System32\Drivers\intmsd.sys [2013-1-7 104272]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\Drivers\PxHlpa64.sys [2013-1-7 56336]
R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\Drivers\avgidsdrivera.sys [2013-7-20 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\Drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgwfpa;AVG Firewall Driver;C:\windows\System32\Drivers\avgwfpa.sys [2013-7-18 248632]
R1 cbfs3;cbfs3;C:\windows\System32\Drivers\cbfs3.sys [2013-1-7 352456]
R1 ccSet_NARA;NARA Settings Manager;C:\windows\System32\Drivers\NARAx64\0401000.00E\ccSetx64.sys [2013-1-7 168608]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\windows\System32\Drivers\NSTx64\7DE05000.043\ccSetx64.sys [2013-8-26 150104]
R1 intmfs;IntelliMemory File System Filter Driver;C:\windows\System32\Drivers\intmfs.sys [2013-1-7 28496]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-11-6 171664]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-4-11 772064]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-8-27 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-9-5 1124288]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]
R2 Easy Launcher;Easy Launcher;C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2013-1-4 1594568]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2013-3-25 99184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-1-7 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-1-7 165760]
R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe [2013-8-26 129424]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-8-15 3943104]
R2 SWUpdateService;SW Update Service;C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [2013-7-12 3017776]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-1-7 364416]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-4-18 3388144]
R3 acpials;ALS Sensor Filter;C:\windows\System32\Drivers\acpials.sys [2012-7-26 9728]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter;C:\windows\System32\Drivers\AmpPal.sys [2013-4-11 165344]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]
R3 ETD;Samsung PS/2 Port Input Device;C:\windows\System32\Drivers\ETD.sys [2013-3-25 358768]
R3 ETDSMBus;ETDSMBus;C:\windows\System32\Drivers\ETDSMBus.sys [2013-4-19 21840]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-10-24 342528]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\Drivers\iwdbus.sys [2012-10-10 25568]
R3 NETwNe64;@oem32.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\windows\System32\Drivers\NETwew00.sys [2013-4-25 3341792]
R3 RadioHIDMini;Radio HID Mini-driver;C:\windows\System32\Drivers\RadioHIDMini.sys [2012-11-13 23408]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2013-1-7 683664]
R3 SensorsAlsDriver;UMDF Reflector service for SensorsAlsDriver;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
R3 usb3Hub;USB-IF USB 3.0 Hub;C:\windows\System32\Drivers\usb3Hub.sys [2012-10-10 47072]
R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\windows\System32\Drivers\xHCIPort.sys [2012-10-10 188896]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\windows\System32\Drivers\avgboota.sys [2012-10-26 20912]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]
S2 IntelliMemory;IntelliMemory;C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [2012-11-1 55120]
S3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol;C:\windows\System32\Drivers\AmpPal.sys [2013-4-11 165344]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\Drivers\btmaux.sys [2012-8-27 121728]
S3 btmhsf;btmhsf;C:\windows\System32\Drivers\btmhsf.sys [2012-8-29 857472]
S3 ibtfltcoex;ibtfltcoex;C:\windows\System32\Drivers\iBtFltCoex.sys [2012-8-6 68136]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\Drivers\intelaud.sys [2012-10-10 35296]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-4-18 273136]
.
=============== Created Last 30 ================
.
2013-09-26 08:29:47 78296 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-26 08:29:47 694232 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-09-15 08:27:10 144896 ----a-w- C:\windows\System32\tssdisai.dll
2013-09-13 08:35:12 265392 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin
2013-09-04 22:43:42 45880 ----a-w- C:\windows\System32\drivers\avgrkx64.sys
.
==================== Find3M ====================
.
2013-08-21 04:12:06 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-08-21 04:11:59 915968 ----a-w- C:\windows\System32\uxtheme.dll
2013-08-21 04:11:59 53760 ----a-w- C:\windows\System32\UXInit.dll
2013-08-21 04:11:07 3959296 ----a-w- C:\windows\System32\jscript9.dll
2013-08-21 04:11:04 67072 ----a-w- C:\windows\System32\iesetup.dll
2013-08-21 04:11:04 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-08-21 02:34:51 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-08-21 02:06:11 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-08-21 02:06:06 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2013-08-21 02:05:28 2876928 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-08-21 02:05:25 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-08-21 02:05:25 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-08-21 01:43:54 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-08-20 23:52:56 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
2013-08-16 05:41:13 58200 ----a-w- C:\windows\System32\drivers\dam.sys
2013-08-16 05:39:26 2371728 ----a-w- C:\windows\System32\WSService.dll
2013-08-16 05:32:48 209200 ----a-w- C:\windows\System32\NotificationUI.exe
2013-08-16 05:22:22 40448 ----a-w- C:\windows\System32\wuapp.exe
2013-08-16 05:22:11 4917760 ----a-w- C:\windows\System32\sppsvc.exe
2013-08-16 05:20:30 105984 ----a-w- C:\windows\System32\WinSetupUI.dll
2013-08-15 22:43:21 35328 ----a-w- C:\windows\SysWow64\wuapp.exe
2013-08-15 22:43:07 84992 ----a-w- C:\windows\SysWow64\wudriver.dll
2013-08-15 22:43:07 126976 ----a-w- C:\windows\SysWow64\wuwebv.dll
2013-08-15 22:43:03 562688 ----a-w- C:\windows\SysWow64\WSShared.dll
2013-08-15 22:43:03 159232 ----a-w- C:\windows\SysWow64\WSSync.dll
2013-08-15 22:43:02 83968 ----a-w- C:\windows\SysWow64\OEMLicense.dll
2013-08-15 22:43:02 167424 ----a-w- C:\windows\SysWow64\WSClient.dll
2013-08-15 22:43:02 143872 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-15 22:43:02 124928 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-15 22:42:52 76800 ----a-w- C:\windows\SysWow64\setupcln.dll
2013-08-15 22:42:47 91648 ----a-w- C:\windows\SysWow64\sppc.dll
2013-08-03 04:30:14 4038144 ----a-w- C:\windows\System32\win32k.sys
2013-07-30 01:24:22 150104 ----a-r- C:\windows\System32\drivers\NSTx64\7DE05000.043\ccSetx64.sys
2013-07-19 22:51:00 311608 ----a-w- C:\windows\System32\drivers\avgloga.sys
2013-07-19 22:50:56 71480 ----a-w- C:\windows\System32\drivers\avgidsha.sys
2013-07-19 22:50:56 246072 ----a-w- C:\windows\System32\drivers\avgidsdrivera.sys
2013-07-19 22:50:50 206648 ----a-w- C:\windows\System32\drivers\avgldx64.sys
2013-07-17 23:04:48 248632 ----a-w- C:\windows\System32\drivers\avgwfpa.sys
2013-07-13 06:18:21 337408 ----a-w- C:\windows\System32\wintrust.dll
2013-07-13 06:16:06 68096 ----a-w- C:\windows\System32\cryptsvc.dll
2013-07-13 06:16:06 1889280 ----a-w- C:\windows\System32\crypt32.dll
2013-07-13 06:15:53 98304 ----a-w- C:\windows\System32\apprepsync.dll
2013-07-13 06:15:53 124416 ----a-w- C:\windows\System32\apprepapi.dll
2013-07-13 04:24:58 261120 ----a-w- C:\windows\SysWow64\wintrust.dll
2013-07-13 04:23:11 1568256 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-07-13 04:23:03 87040 ----a-w- C:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23:03 74240 ----a-w- C:\windows\SysWow64\apprepsync.dll
2013-07-09 08:04:07 120144 ----a-w- C:\windows\System32\drivers\msgpioclx.sys
2013-07-09 06:18:21 439488 ----a-w- C:\windows\System32\WerFault.exe
2013-07-09 06:07:17 2233168 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-07-09 04:25:45 385768 ----a-w- C:\windows\SysWow64\WerFault.exe
2013-07-09 03:57:19 245760 ----a-w- C:\windows\SysWow64\LocationApi.dll
2013-07-08 22:46:00 543744 ----a-w- C:\windows\System32\wwanmm.dll
2013-07-08 22:46:00 414208 ----a-w- C:\windows\System32\wwanconn.dll
2013-07-08 22:46:00 370688 ----a-w- C:\windows\System32\Wwanadvui.dll
2013-07-08 22:45:16 312832 ----a-w- C:\windows\System32\LocationApi.dll
2013-07-06 00:16:17 1025024 ----a-w- C:\windows\System32\localspl.dll
2013-07-03 00:23:43 391168 ----a-w- C:\windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-07-03 00:23:12 778752 ----a-w- C:\windows\System32\oleaut32.dll
2013-07-03 00:22:26 1300480 ----a-w- C:\windows\System32\gdi32.dll
2013-07-03 00:11:23 268800 ----a-w- C:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-07-03 00:11:02 551424 ----a-w- C:\windows\SysWow64\oleaut32.dll
2013-07-02 00:44:14 36288 ----a-w- C:\windows\System32\drivers\WdBoot.sys
2013-07-01 22:08:49 247216 ----a-w- C:\windows\System32\drivers\WdFilter.sys
2013-06-30 22:45:28 116536 ----a-w- C:\windows\System32\drivers\avgmfx64.sys
2013-06-30 22:30:14 67072 ----a-w- C:\windows\SysWow64\openfiles.exe
2013-06-30 22:29:22 77312 ----a-w- C:\windows\System32\openfiles.exe
2013-06-29 06:15:54 195416 ----a-w- C:\windows\System32\drivers\sdbus.sys
2013-06-29 06:15:47 125784 ----a-w- C:\windows\System32\drivers\dumpsd.sys
2013-06-29 05:43:16 327512 ----a-w- C:\windows\System32\drivers\Classpnp.sys
2013-06-29 01:12:01 1022464 ----a-w- C:\windows\SysWow64\gdi32.dll
.
============= FINISH: 17:02:41.69 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 19/04/2013 18:52:56
System Uptime: 24/09/2013 10:56:51 (55 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | NP900X4C-A03GR
Processor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz | CPU Socket - U3E1 | 1900/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 211 GiB total, 141.808 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Device ID: USB\VID_8087&PID_07DA\6&1CE2C138&0&5
Manufacturer: Intel Corporation
Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
PNP Device ID: USB\VID_8087&PID_07DA\6&1CE2C138&0&5
Service: BTHUSB
.
==== System Restore Points ===================
.
RP26: 03/09/2013 10:23:23 - Scheduled Checkpoint
RP27: 13/09/2013 11:34:50 - Windows Update
RP28: 16/09/2013 13:51:43 - Windows Update
RP29: 26/09/2013 11:29:29 - Windows Update
.
==== Installed Programs ======================
.
???????????
64 Bit HP CIO Components Installer
Absolute Reminder
Adobe Photoshop Elements 11
Adobe Reader X (10.1.8) MUI
AllSharePlayLink
AVG 2013
Bing Bar
Bitcasa version 0.9.20.4133
BufferChm
C4400
Copy
CyberLink PowerDVD 10
D3DX10
Destinations
DeviceDiscovery
DocProc
E-POP
Easy File Share
Elements 11 Organizer
ETDWare X64 11.7.10.4_WHQL
Galerie foto
Google Chrome
Google Update Helper
GPBaseService2
Help Desk
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart C4400 All-In-One Driver Software 14.0 Rel. 6
HP Solution Center 14.0
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
Intel AppUp(SM) center
Intel(R) Manageability Engine Firmware Recovery Agent
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
Intel(R) PROSet/Wireless WiFi Software Driver
Intel(R) Rapid Storage Technology
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel(R) WiDi
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
IntelliMemory
MarketResearch
Microsoft Application Error Reporting
Microsoft Office
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Greek) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
Mozilla Firefox 20.0.1 (x86 en-GB)
MSVCRT
MSVCRT110
MSVCRT110_amd64
Nero 7 Ultra Edition
neroxml
Norton Identity Safe
Norton Online Backup
Norton Online Backup ARA
OCR Software by I.R.I.S. 14.0
Personal Ancestral File 5
Photo Common
Photo Gallery
Plants vs. Zombies
PS_AIO_03_C4400_Software_Min
PSE11 STI Installer
Quick Starter
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Recovery
S Agent
S Service
S?????? f?t???af???
Scan
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition
Settings
Shop for HP Supplies
SolutionCenter
SRS Premium Sound
Status
Stockmarket Investor 3
Support Center
Support Center FAQ
SW Update
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User Guide
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.7
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.00 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
26/09/2013 16:15:09, Error: Service Control Manager [7034] - The IntelliMemory service terminated unexpectedly. It has done this 1 time(s).
25/09/2013 00:58:55, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
24/09/2013 10:56:59, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000004, 0x000000000000012c, 0xfffffa801cb84140, 0xfffff803d3d60810). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 092413-7656-01.
24/09/2013 10:51:24, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
.
==== End Of File ===========================
Dear Sirs
Help Please
My name is Jack Willday, and I have recently in the last 3 months purchased a new laptop a Samsung 900X4C-A03
The computer arrived running Windows 8 which is proving to be for me at 70 years of age a big problem.
I recently when scanning the Internet opened what I thought was an innocent program, but my antivirus program opened a box saying there was a threat (problem), and asking me to protect or allow.
I do not know how or why I did it, but I think I must of clicked allow instead of protect, other than the curer often when I use the computer, jumps all over the place.
I was using Google Chrome, which still worked for a little time, but it will not now work.
When Google Chrome was still working, I tried to follow your pre-contact instructions with the following results.
DDS: Would not download I only received a blank page.
GMER Rootkit Scanner
Downloaded the program and opened it
Received a box saying: C:#windows#system33#config#system: (Sorry but I cannot find back slash on my computer)
The process cannot access the file because it is being used by another process.
Click OK
Box saying: Gmer.exe has stopped working
A problem caused the program to stop working
Windows will close the program and notify you if a solution is available.
I re-ran the program.
This time I double clocked and the program opened.
I un-clicked IAT/EAT & Show all
The program ran and produced a log which is on my Desktop, (Copied Below)
GMER 2.1.19163 - GMER - Rootkit Detector and Remover
Rootkit scan 2013-09-23 13:35:34
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003e LITEONIT_LMT-256M3M rev.VZJ4 238.47GB
Running: gmer.exe; Driver: C:\Users\Jack\AppData\Local\Temp\pxroypoc.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\windows\System32\win32k.sys!W32pServiceTable fffff96000224200 7 bytes [40, 3B, 82, 01, 00, 53, F2]
.text C:\windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000224208 7 bytes [01, 63, C0, FF, 00, 17, DB]
---- Threads - GMER 2.1 ----
Thread C:\windows\system32\csrss.exe [676:700] fffff960008c05e8
Thread C:\windows\system32\svchost.exe [892:6044] 000007faffdd1f34
Thread C:\windows\system32\svchost.exe [516:3384] 000007fb03461824
Thread C:\windows\system32\svchost.exe [516:4152] 000007fb018c51dc
Thread C:\windows\system32\svchost.exe [516:4156] 000007fb031b1470
Thread C:\windows\system32\svchost.exe [516:4168] 000007fb031b1470
Thread C:\windows\system32\svchost.exe [516:3840] 000007fb0b665c38
Thread C:\windows\system32\svchost.exe [516:4132] 000007fb08bc16b0
Thread C:\windows\system32\svchost.exe [516:9932] 000007fafde110f0
Thread C:\windows\System32\spoolsv.exe [1488:2736] 000007fb04b254c0
Thread C:\windows\System32\spoolsv.exe [1488:2780] 000007fb047030ec
Thread C:\windows\System32\spoolsv.exe [1488:2924] 000007fb04e65798
Thread C:\windows\System32\spoolsv.exe [1488:2976] 000007fb04eae080
Thread C:\windows\System32\spoolsv.exe [1488:3056] 000007fb04da81ac
Thread C:\windows\system32\svchost.exe [1532:1552] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1592] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1604] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1624] 000007fb0823c4f0
Thread C:\windows\system32\svchost.exe [1532:1692] 000007fb08248810
Thread C:\windows\system32\svchost.exe [1532:1700] 000007fb08265170
Thread C:\windows\system32\svchost.exe [1532:1704] 000007fb082484a0
Thread C:\windows\system32\svchost.exe [1532:1888] 000007fb064131a0
Thread C:\windows\system32\svchost.exe [1532:3672] 000007fb06419c68
Thread C:\windows\system32\svchost.exe [1532:4036] 000007fb020524e8
Thread C:\windows\system32\svchost.exe [1532:4048] 000007fb01cf4910
Thread C:\windows\system32\svchost.exe [1532:4072] 000007fb01c61544
Thread C:\windows\system32\svchost.exe [1532:4076] 000007fb01c455dc
Thread C:\windows\system32\svchost.exe [1532:6512] 000007fb01cf1044
Thread C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe [2120:4248] 00000000725a7419
Thread C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe [2120:4404] 00000000727ee520
Thread C:\windows\SysWOW64\svchost.exe [2224:2244] 0000000074c68064
Thread C:\windows\SysWOW64\svchost.exe [2224:2492] 000000001000d0d0
Thread C:\windows\SysWOW64\svchost.exe [2224:2516] 000000003af11400
Thread C:\windows\SysWOW64\svchost.exe [2224:3560] 0000000074c68064
Thread C:\windows\SysWOW64\svchost.exe [2224:5936] 000000006e9c1c6a
Thread C:\windows\SysWOW64\svchost.exe [2224:7500] 00000000774e50a7
Thread C:\windows\SysWOW64\svchost.exe [2224:9092] 00000000774e50a7
Thread C:\windows\SYSTEM32\ntdll.dll [3328:3332] 00000000008a1c94
Thread C:\windows\SYSTEM32\ntdll.dll [4252:4208] 0000000000416a76
Thread C:\windows\SYSTEM32\ntdll.dll [4252:4308] 0000000000409230
Thread C:\windows\SYSTEM32\ntdll.dll [5140:5144] 00000000004020c8
Thread C:\windows\SYSTEM32\ntdll.dll [5700:5704] 00000000004c82f4
Thread C:\windows\SYSTEM32\ntdll.dll [5700:5720] 0000000000427070
Thread C:\windows\SYSTEM32\ntdll.dll [7216:8388] 00000000010b1795
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
I am now using Internet Explorer.
DDS: I have just downloaded and ran, see logs.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16688
Run by Jack at 17:02:33 on 2013-09-26
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.7814.5816 [GMT 3:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\dwm.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskhostex.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
C:\windows\system32\dashost.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\windows\system32\igfxext.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Samsung\S Agent\CommonAgent.exe
C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\wwahost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\windows\splwow64.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\msiexec.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://samsung13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{A9F55109-D9DE-4BA7-B3B8-F2285CBF2A9D} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{A9F55109-D9DE-4BA7-B3B8-F2285CBF2A9D}\85D26496C656 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /S3HpProtect
x64-Run: [RtHDVBg_SRSSA] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SRSSA
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Bitcasa] C:\Program Files\Bitcasa\Bitcasa.exe /startup
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\Drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\windows\System32\Drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\Drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\Drivers\avgrkx64.sys [2013-9-5 45880]
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2013-1-7 645952]
R0 intmsd;IntelliMemory Storage Filter Driver;C:\windows\System32\Drivers\intmsd.sys [2013-1-7 104272]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\Drivers\PxHlpa64.sys [2013-1-7 56336]
R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\Drivers\avgidsdrivera.sys [2013-7-20 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\Drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgwfpa;AVG Firewall Driver;C:\windows\System32\Drivers\avgwfpa.sys [2013-7-18 248632]
R1 cbfs3;cbfs3;C:\windows\System32\Drivers\cbfs3.sys [2013-1-7 352456]
R1 ccSet_NARA;NARA Settings Manager;C:\windows\System32\Drivers\NARAx64\0401000.00E\ccSetx64.sys [2013-1-7 168608]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\windows\System32\Drivers\NSTx64\7DE05000.043\ccSetx64.sys [2013-8-26 150104]
R1 intmfs;IntelliMemory File System Filter Driver;C:\windows\System32\Drivers\intmfs.sys [2013-1-7 28496]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-11-6 171664]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-4-11 772064]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-8-27 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-9-5 1124288]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]
R2 Easy Launcher;Easy Launcher;C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2013-1-4 1594568]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2013-3-25 99184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-1-7 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-1-7 165760]
R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe [2013-8-26 129424]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-8-15 3943104]
R2 SWUpdateService;SW Update Service;C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [2013-7-12 3017776]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-1-7 364416]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-4-18 3388144]
R3 acpials;ALS Sensor Filter;C:\windows\System32\Drivers\acpials.sys [2012-7-26 9728]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter;C:\windows\System32\Drivers\AmpPal.sys [2013-4-11 165344]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]
R3 ETD;Samsung PS/2 Port Input Device;C:\windows\System32\Drivers\ETD.sys [2013-3-25 358768]
R3 ETDSMBus;ETDSMBus;C:\windows\System32\Drivers\ETDSMBus.sys [2013-4-19 21840]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-10-24 342528]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\Drivers\iwdbus.sys [2012-10-10 25568]
R3 NETwNe64;@oem32.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\windows\System32\Drivers\NETwew00.sys [2013-4-25 3341792]
R3 RadioHIDMini;Radio HID Mini-driver;C:\windows\System32\Drivers\RadioHIDMini.sys [2012-11-13 23408]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2013-1-7 683664]
R3 SensorsAlsDriver;UMDF Reflector service for SensorsAlsDriver;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
R3 usb3Hub;USB-IF USB 3.0 Hub;C:\windows\System32\Drivers\usb3Hub.sys [2012-10-10 47072]
R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\windows\System32\Drivers\xHCIPort.sys [2012-10-10 188896]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\windows\System32\Drivers\avgboota.sys [2012-10-26 20912]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]
S2 IntelliMemory;IntelliMemory;C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [2012-11-1 55120]
S3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol;C:\windows\System32\Drivers\AmpPal.sys [2013-4-11 165344]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\Drivers\btmaux.sys [2012-8-27 121728]
S3 btmhsf;btmhsf;C:\windows\System32\Drivers\btmhsf.sys [2012-8-29 857472]
S3 ibtfltcoex;ibtfltcoex;C:\windows\System32\Drivers\iBtFltCoex.sys [2012-8-6 68136]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\Drivers\intelaud.sys [2012-10-10 35296]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-4-18 273136]
.
=============== Created Last 30 ================
.
2013-09-26 08:29:47 78296 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-26 08:29:47 694232 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-09-15 08:27:10 144896 ----a-w- C:\windows\System32\tssdisai.dll
2013-09-13 08:35:12 265392 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin
2013-09-04 22:43:42 45880 ----a-w- C:\windows\System32\drivers\avgrkx64.sys
.
==================== Find3M ====================
.
2013-08-21 04:12:06 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-08-21 04:11:59 915968 ----a-w- C:\windows\System32\uxtheme.dll
2013-08-21 04:11:59 53760 ----a-w- C:\windows\System32\UXInit.dll
2013-08-21 04:11:07 3959296 ----a-w- C:\windows\System32\jscript9.dll
2013-08-21 04:11:04 67072 ----a-w- C:\windows\System32\iesetup.dll
2013-08-21 04:11:04 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-08-21 02:34:51 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-08-21 02:06:11 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-08-21 02:06:06 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2013-08-21 02:05:28 2876928 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-08-21 02:05:25 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-08-21 02:05:25 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-08-21 01:43:54 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-08-20 23:52:56 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
2013-08-16 05:41:13 58200 ----a-w- C:\windows\System32\drivers\dam.sys
2013-08-16 05:39:26 2371728 ----a-w- C:\windows\System32\WSService.dll
2013-08-16 05:32:48 209200 ----a-w- C:\windows\System32\NotificationUI.exe
2013-08-16 05:22:22 40448 ----a-w- C:\windows\System32\wuapp.exe
2013-08-16 05:22:11 4917760 ----a-w- C:\windows\System32\sppsvc.exe
2013-08-16 05:20:30 105984 ----a-w- C:\windows\System32\WinSetupUI.dll
2013-08-15 22:43:21 35328 ----a-w- C:\windows\SysWow64\wuapp.exe
2013-08-15 22:43:07 84992 ----a-w- C:\windows\SysWow64\wudriver.dll
2013-08-15 22:43:07 126976 ----a-w- C:\windows\SysWow64\wuwebv.dll
2013-08-15 22:43:03 562688 ----a-w- C:\windows\SysWow64\WSShared.dll
2013-08-15 22:43:03 159232 ----a-w- C:\windows\SysWow64\WSSync.dll
2013-08-15 22:43:02 83968 ----a-w- C:\windows\SysWow64\OEMLicense.dll
2013-08-15 22:43:02 167424 ----a-w- C:\windows\SysWow64\WSClient.dll
2013-08-15 22:43:02 143872 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-15 22:43:02 124928 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-15 22:42:52 76800 ----a-w- C:\windows\SysWow64\setupcln.dll
2013-08-15 22:42:47 91648 ----a-w- C:\windows\SysWow64\sppc.dll
2013-08-03 04:30:14 4038144 ----a-w- C:\windows\System32\win32k.sys
2013-07-30 01:24:22 150104 ----a-r- C:\windows\System32\drivers\NSTx64\7DE05000.043\ccSetx64.sys
2013-07-19 22:51:00 311608 ----a-w- C:\windows\System32\drivers\avgloga.sys
2013-07-19 22:50:56 71480 ----a-w- C:\windows\System32\drivers\avgidsha.sys
2013-07-19 22:50:56 246072 ----a-w- C:\windows\System32\drivers\avgidsdrivera.sys
2013-07-19 22:50:50 206648 ----a-w- C:\windows\System32\drivers\avgldx64.sys
2013-07-17 23:04:48 248632 ----a-w- C:\windows\System32\drivers\avgwfpa.sys
2013-07-13 06:18:21 337408 ----a-w- C:\windows\System32\wintrust.dll
2013-07-13 06:16:06 68096 ----a-w- C:\windows\System32\cryptsvc.dll
2013-07-13 06:16:06 1889280 ----a-w- C:\windows\System32\crypt32.dll
2013-07-13 06:15:53 98304 ----a-w- C:\windows\System32\apprepsync.dll
2013-07-13 06:15:53 124416 ----a-w- C:\windows\System32\apprepapi.dll
2013-07-13 04:24:58 261120 ----a-w- C:\windows\SysWow64\wintrust.dll
2013-07-13 04:23:11 1568256 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-07-13 04:23:03 87040 ----a-w- C:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23:03 74240 ----a-w- C:\windows\SysWow64\apprepsync.dll
2013-07-09 08:04:07 120144 ----a-w- C:\windows\System32\drivers\msgpioclx.sys
2013-07-09 06:18:21 439488 ----a-w- C:\windows\System32\WerFault.exe
2013-07-09 06:07:17 2233168 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-07-09 04:25:45 385768 ----a-w- C:\windows\SysWow64\WerFault.exe
2013-07-09 03:57:19 245760 ----a-w- C:\windows\SysWow64\LocationApi.dll
2013-07-08 22:46:00 543744 ----a-w- C:\windows\System32\wwanmm.dll
2013-07-08 22:46:00 414208 ----a-w- C:\windows\System32\wwanconn.dll
2013-07-08 22:46:00 370688 ----a-w- C:\windows\System32\Wwanadvui.dll
2013-07-08 22:45:16 312832 ----a-w- C:\windows\System32\LocationApi.dll
2013-07-06 00:16:17 1025024 ----a-w- C:\windows\System32\localspl.dll
2013-07-03 00:23:43 391168 ----a-w- C:\windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-07-03 00:23:12 778752 ----a-w- C:\windows\System32\oleaut32.dll
2013-07-03 00:22:26 1300480 ----a-w- C:\windows\System32\gdi32.dll
2013-07-03 00:11:23 268800 ----a-w- C:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-07-03 00:11:02 551424 ----a-w- C:\windows\SysWow64\oleaut32.dll
2013-07-02 00:44:14 36288 ----a-w- C:\windows\System32\drivers\WdBoot.sys
2013-07-01 22:08:49 247216 ----a-w- C:\windows\System32\drivers\WdFilter.sys
2013-06-30 22:45:28 116536 ----a-w- C:\windows\System32\drivers\avgmfx64.sys
2013-06-30 22:30:14 67072 ----a-w- C:\windows\SysWow64\openfiles.exe
2013-06-30 22:29:22 77312 ----a-w- C:\windows\System32\openfiles.exe
2013-06-29 06:15:54 195416 ----a-w- C:\windows\System32\drivers\sdbus.sys
2013-06-29 06:15:47 125784 ----a-w- C:\windows\System32\drivers\dumpsd.sys
2013-06-29 05:43:16 327512 ----a-w- C:\windows\System32\drivers\Classpnp.sys
2013-06-29 01:12:01 1022464 ----a-w- C:\windows\SysWow64\gdi32.dll
.
============= FINISH: 17:02:41.69 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 19/04/2013 18:52:56
System Uptime: 24/09/2013 10:56:51 (55 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | NP900X4C-A03GR
Processor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz | CPU Socket - U3E1 | 1900/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 211 GiB total, 141.808 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Device ID: USB\VID_8087&PID_07DA\6&1CE2C138&0&5
Manufacturer: Intel Corporation
Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
PNP Device ID: USB\VID_8087&PID_07DA\6&1CE2C138&0&5
Service: BTHUSB
.
==== System Restore Points ===================
.
RP26: 03/09/2013 10:23:23 - Scheduled Checkpoint
RP27: 13/09/2013 11:34:50 - Windows Update
RP28: 16/09/2013 13:51:43 - Windows Update
RP29: 26/09/2013 11:29:29 - Windows Update
.
==== Installed Programs ======================
.
???????????
64 Bit HP CIO Components Installer
Absolute Reminder
Adobe Photoshop Elements 11
Adobe Reader X (10.1.8) MUI
AllSharePlayLink
AVG 2013
Bing Bar
Bitcasa version 0.9.20.4133
BufferChm
C4400
Copy
CyberLink PowerDVD 10
D3DX10
Destinations
DeviceDiscovery
DocProc
E-POP
Easy File Share
Elements 11 Organizer
ETDWare X64 11.7.10.4_WHQL
Galerie foto
Google Chrome
Google Update Helper
GPBaseService2
Help Desk
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart C4400 All-In-One Driver Software 14.0 Rel. 6
HP Solution Center 14.0
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
Intel AppUp(SM) center
Intel(R) Manageability Engine Firmware Recovery Agent
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
Intel(R) PROSet/Wireless WiFi Software Driver
Intel(R) Rapid Storage Technology
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel(R) WiDi
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
IntelliMemory
MarketResearch
Microsoft Application Error Reporting
Microsoft Office
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Greek) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
Mozilla Firefox 20.0.1 (x86 en-GB)
MSVCRT
MSVCRT110
MSVCRT110_amd64
Nero 7 Ultra Edition
neroxml
Norton Identity Safe
Norton Online Backup
Norton Online Backup ARA
OCR Software by I.R.I.S. 14.0
Personal Ancestral File 5
Photo Common
Photo Gallery
Plants vs. Zombies
PS_AIO_03_C4400_Software_Min
PSE11 STI Installer
Quick Starter
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Recovery
S Agent
S Service
S?????? f?t???af???
Scan
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition
Settings
Shop for HP Supplies
SolutionCenter
SRS Premium Sound
Status
Stockmarket Investor 3
Support Center
Support Center FAQ
SW Update
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User Guide
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.7
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.00 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
26/09/2013 16:15:09, Error: Service Control Manager [7034] - The IntelliMemory service terminated unexpectedly. It has done this 1 time(s).
25/09/2013 00:58:55, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
24/09/2013 10:56:59, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000004, 0x000000000000012c, 0xfffffa801cb84140, 0xfffff803d3d60810). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 092413-7656-01.
24/09/2013 10:51:24, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
.
==== End Of File ===========================