0

Hello All

Trying to help my cousin out with his Laptop. It keeps crashing every 15 mins or so and then going to the Blue Screen.

To me it sounds like there has been some sort of change in drivers on the system but thought I had better check it for virus / malware etc. I will post the required reports for the purpose of viruses etc but is there anything I can provide in trying to find out if any drivers are missing?

Also I will post the information on here that shows on the blue screen.

Regards

David

5
Contributors
31
Replies
32
Views
6 Years
Discussion Span
Last Post by jholland1964
0

What operating system is he running? If some version of Windows (likely), then have you tried booting into "Safe mode"?

0

Windows Vista. - yes I have tried booting in safe mode and so far so good. He is complaining of the fact that if he is running a couple of programmes then it has a tendancy to crash and restart automatically or go to blue creen.

It takes 15 mins to load on initial start up due to the number of programmes that he has open upon booting. Therefore I do have a feeling that this could be just to pure overload.

0

I usually pare down the number of services that are automatically started in my clients' Vista machines for similar reasons - slow booting at the least. However, unless they are taking more memory than the system has (including swap space), they should not cause a BSOD.

0

Windows Vista. - yes I have tried booting in safe mode and so far so good. He is complaining of the fact that if he is running a couple of programmes then it has a tendancy to crash and restart automatically or go to blue creen.

It takes 15 mins to load on initial start up due to the number of programmes that he has open upon booting. Therefore I do have a feeling that this could be just to pure overload.

Of course it could be malware too so that can't be ruled out yet.But since you say it takes 15 minutes to just boot the computer, which NO computer should require, it sounds to me like you have likely narrowed down the problem.

Run the DDS Scanner FIRST and post those two logs here, copy/paste BOTH logs.
It runs fine in Safe Mode. After you have done that then continue with the malware scanners to rule that out too. But give us the DDS logs. We may find the problem right there.

0

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.19154
Run by Gareth at 16:59:13 on 2011-11-08
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2939.2331 [GMT 0:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Security 360 *Enabled/Outdated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Users\Gareth\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gareth\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gareth\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gareth\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gareth\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gareth\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gareth\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gareth\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gareth\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://uk.yahoo.com
mDefault_Page_URL = hxxp://uk.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
mURLSearchHooks: H - No File
mURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110509214205.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "c:\users\gareth\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Steam] "c:\steam\Steam.exe" -silent
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [ManyCam] "c:\program files\manycam\bin\ManyCam.exe" /silent
mRun: [<NO NAME>]
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Virtual PDF Printer] c:\program files\virtual pdf printer\VirtualPDFPrinter.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [Toshiba TEMPO] c:\program files\toshiba tempro\Toshiba.Tempo.UI.TrayApplication.exe
mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe
mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [Skytel] Skytel.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [jswtrayutil] "c:\program files\jumpstart\jswtrayutil.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Google EULA Launcher] c:\program files\google\google eula\GoogleEULALauncher.exe IE PA
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [IObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4
IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{BE20DB45-12CC-4D4A-A96B-4F4B4333AE67} : DhcpNameServer = 192.168.0.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-10-13 387480]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-3-1 15672]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2009-7-20 20384]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-1-16 64584]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-1-16 165032]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-16 271480]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-1-16 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-1-16 141792]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-7 7168]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-1-16 314088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-16 40960]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-1 135664]
S2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2011-3-1 312152]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-3-2 366152]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-16 271480]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-16 271480]
S2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-16 271480]
S2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-1-16 171168]
S2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\toshiba tempro\TempoSVC.exe [2008-4-24 99720]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2008-2-6 126976]
S3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2010-11-30 4096]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-1-16 56064]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-8-7 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-1 135664]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2009-7-20 954368]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-3-2 22216]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-1-16 153280]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-1-16 52320]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-1-16 84488]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-11-02 14:35:02 -------- d-----w- c:\users\gareth\appdata\local\{FDA01F48-97E0-475E-AE87-7A2074B25E8C}
2011-11-02 13:23:24 -------- d-----w- c:\users\gareth\appdata\local\{DF692395-A1CF-4AFE-B2C3-BB0E15EF1F23}
2011-11-02 00:40:12 -------- d-----w- c:\users\gareth\appdata\local\{35004399-0AE2-4293-836C-17DA76FB0BA9}
2011-11-02 00:13:11 -------- d-----w- c:\users\gareth\appdata\local\{6775FDF8-FA8A-412D-BC16-FC1BA95FFF51}
2011-11-01 15:42:51 -------- d-----w- c:\users\gareth\appdata\local\{26E0B8C9-3D7F-4AEC-87D7-27D087FF352E}
2011-10-31 08:08:25 -------- d-----w- c:\users\gareth\appdata\local\{0C6304A2-6E07-4EC7-8627-56744872A688}
2011-10-31 01:01:46 -------- d-----w- c:\users\gareth\appdata\local\{17C26228-047E-492F-B0B7-B7F93D857728}
2011-10-31 00:51:12 -------- d-----w- c:\users\gareth\appdata\local\{7BA41663-77F4-4D09-B891-705F11471504}
2011-10-30 17:40:33 -------- d-----w- c:\users\gareth\appdata\local\{936C94EF-4037-4B23-87B8-9512F444ABD0}
2011-10-30 11:15:10 -------- d-----w- c:\users\gareth\appdata\local\{8A369321-D3E6-41A7-B8A9-D9B505F28AA3}
2011-10-30 09:39:05 -------- d-----w- c:\users\gareth\appdata\local\{EA4971BD-39D9-40C6-BFDF-891E66632798}
2011-10-30 02:37:31 -------- d-----w- c:\users\gareth\appdata\local\{16817869-A03C-4241-B809-791936392B05}
2011-10-30 01:37:56 -------- d-----w- c:\users\gareth\appdata\local\{282D8BF7-A6DB-483A-9AA1-2CAE7CFDF6F8}
2011-10-29 10:31:15 -------- d-----w- c:\users\gareth\appdata\local\{4F61C9CB-677B-4766-A6E7-021DA26F1EB4}
2011-10-29 10:05:43 -------- d-----w- c:\users\gareth\appdata\local\{A0411D1C-5E00-4219-931F-7D651A4E9490}
2011-10-29 04:38:54 -------- d-----w- c:\users\gareth\appdata\local\{E37CA9C9-9FCC-4852-90C0-04EEC31AF5E6}
2011-10-29 01:11:12 -------- d-----w- c:\users\gareth\appdata\local\{751C3251-1514-49B2-9249-2CB5EF7FD656}
2011-10-29 00:07:56 -------- d-----w- c:\users\gareth\appdata\local\{57339277-C85A-40B5-AD42-42C68903AC39}
2011-10-28 10:24:23 -------- d-----w- c:\users\gareth\appdata\local\{43E85759-26C2-4CBA-BE84-ED1A0682F531}
2011-10-28 08:05:44 -------- d-----w- c:\users\gareth\appdata\local\{626F00F1-8431-43E4-B6D3-C76F6DD2CEAF}
2011-10-28 03:53:22 -------- d-----w- c:\users\gareth\appdata\local\{1F261981-7D57-45EE-9030-ED0EB44B1A0A}
2011-10-27 23:11:23 -------- d-----w- c:\users\gareth\appdata\local\{BD804973-B272-4883-812B-B283CE8BBD9A}
2011-10-25 21:39:25 6144 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-10-25 10:59:22 -------- d-----w- c:\users\gareth\appdata\local\{28C1900E-FC5E-4B8D-B3E0-F860252A521F}
2011-10-24 20:47:18 -------- d-----w- c:\users\gareth\appdata\local\{3D4171F7-CCE3-4E79-BB30-2AD90EAFF353}
2011-10-23 23:53:15 -------- d-----w- c:\users\gareth\appdata\local\{B0A8612C-84F0-461D-9DB3-0891806F5C98}
2011-10-23 11:52:43 -------- d-----w- c:\users\gareth\appdata\local\{A6145C6C-8076-42D8-80E1-3910054A4E8F}
2011-10-22 22:20:28 -------- d-----w- c:\users\gareth\appdata\local\{BF431F72-B991-4F4D-87E0-B612C339D288}
2011-10-22 22:18:44 -------- d-----w- c:\users\gareth\appdata\local\{CA8EF6DD-B246-47B1-AD56-236505BBCC38}
2011-10-21 10:07:39 -------- d-----w- c:\users\gareth\appdata\local\{D5AEB4CB-D0BB-4A58-A6AC-7B53CB2D36DF}
2011-10-21 10:07:10 -------- d-----w- c:\users\gareth\appdata\local\{8E607390-56BA-4F85-BD9B-38D38BCB9E23}
2011-10-20 13:47:27 -------- d-----w- c:\users\gareth\appdata\local\{97CC5A54-196A-49A1-871B-87A0C2B37BD4}
2011-10-20 13:46:43 -------- d-----w- c:\users\gareth\appdata\local\{A3CFA734-1C52-4078-9C17-1197C30C1EF0}
2011-10-20 01:10:46 -------- d-----w- c:\users\gareth\appdata\local\{6DB64EC4-9DA4-4579-88DB-807CB8942588}
2011-10-20 01:09:06 -------- d-----w- c:\users\gareth\appdata\local\{02646A5E-D6BF-4AC8-8DF3-02F055BAE951}
2011-10-19 12:22:01 -------- d-----w- c:\users\gareth\appdata\local\{A8CB5570-DD20-4DA9-92FA-A8BF7A365D61}
2011-10-18 23:42:50 -------- d-----w- c:\users\gareth\appdata\local\{A3D82C33-5039-446D-867D-1F5E4B93E560}
2011-10-18 23:42:39 -------- d-----w- c:\users\gareth\appdata\local\{D55CED9B-7844-464E-BD4E-5F4D4895847D}
2011-10-18 11:42:05 -------- d-----w- c:\users\gareth\appdata\local\{4C1D96B8-28ED-4DD4-85B5-F402655239C5}
2011-10-18 11:41:22 -------- d-----w- c:\users\gareth\appdata\local\{3FB6C18E-46CE-4114-BA35-3350845340F6}
2011-10-17 13:47:03 -------- d-----w- c:\users\gareth\appdata\local\{6014B1F1-034D-49C5-8C56-2850FB7C5109}
2011-10-16 11:17:35 -------- d-----w- c:\windows\system32\drivers\nss\0306000.01F
2011-10-16 11:17:35 -------- d-----w- c:\windows\system32\drivers\NSS
2011-10-16 11:17:35 -------- d-----w- c:\program files\Norton Security Scan
2011-10-16 11:17:26 -------- d-----w- c:\program files\NortonInstaller
2011-10-16 11:16:07 -------- d-----w- c:\users\gareth\appdata\local\{869B8614-67CA-4E8C-87F6-C382A1B67EEE}
2011-10-16 11:15:38 -------- d-----w- c:\users\gareth\appdata\local\{26DACD6F-29D5-46F5-9E86-85062616FD6F}
2011-10-14 14:34:47 -------- d-----w- c:\users\gareth\appdata\local\{5B07D064-B766-40D3-B8A1-5CF0063241D4}
2011-10-14 14:34:35 -------- d-----w- c:\users\gareth\appdata\local\{B9EA125B-E9F7-4468-A215-94068C037709}
2011-10-14 02:33:54 -------- d-----w- c:\users\gareth\appdata\local\{3E8D7C95-2E5B-453F-BDE7-779698799354}
2011-10-14 02:33:30 -------- d-----w- c:\users\gareth\appdata\local\{7093B6EF-5076-4325-8E83-C62D67B06091}
2011-10-13 13:55:38 -------- d-----w- c:\users\gareth\appdata\roaming\SmartDraw
2011-10-13 13:52:59 -------- d-----w- c:\program files\SmartDraw VP
2011-10-13 13:49:34 -------- d-----w- c:\users\gareth\appdata\local\{2EBFF11E-C742-4113-A854-22FA60232F25}
2011-10-13 13:49:10 -------- d-----w- c:\users\gareth\appdata\local\{DB6A721C-85A5-46EB-825E-E78D4681D677}
2011-10-13 01:49:26 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 01:49:25 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-13 01:49:25 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 01:49:24 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-13 01:49:20 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-10-13 01:49:03 916480 ----a-w- c:\windows\system32\wininet.dll
2011-10-13 01:49:00 247808 ----a-w- c:\program files\internet explorer\ieproxy.dll
2011-10-13 01:47:36 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-10-13 01:47:16 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-13 01:47:16 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 01:47:15 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 01:47:15 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-10-12 01:52:50 -------- d-----w- c:\users\gareth\appdata\local\{75103DDE-CA09-4929-8CB8-FC33D616ADB8}
2011-10-12 01:51:45 -------- d-----w- c:\users\gareth\appdata\local\{6650F5EE-6586-4DC7-944C-E3E12527E098}
.
==================== Find3M ====================
.
2011-10-12 02:00:28 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-07 00:05:07 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-10-06 11:41:23 0 ----a-w- c:\windows\system32\RENB8E.tmp
2011-10-06 11:41:23 0 ----a-w- c:\windows\system32\RENB8D.tmp
2011-10-06 11:41:23 0 ----a-w- c:\windows\system32\RENB7D.tmp
2011-09-30 23:02:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-30 23:01:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-30 23:01:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-09-30 23:01:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-30 22:07:25 385024 ----a-w- c:\windows\system32\html.iec
2011-09-30 21:29:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-30 21:28:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-08-31 16:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 17:00:49.98 ===============

0

I have just realised that i completed the DDS log request in safe mode, will this make a difference to the results?

0

No, if you notice I said it runs fine in Safe mode if required. Post that Attach.txt log Copy/Paste it.
I already see several key problems but need to see that one too.

There are 47 program files that run automatically at start up, most not required and several that MUST BE Uninstalled for sure.That's part of the slow down for sure.

I have not gone through the Services yet.

Edited by jholland1964: n/a

0

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 20/07/2009 15:39:47
System Uptime: 08/11/2011 15:03:45 (2 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz | CPU | 1995/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 15.753 GiB free.
D: is Removable
E: is FIXED (NTFS) - 73 GiB total, 17.392 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
7-Zip 4.65
8500A909_eDocs
8500A909_Help
8500A909a
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Advanced SystemCare 3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Atheros Driver Installation Program
Atheros Wi-Fi Protected Setup Library
µTorrent
BB FlashBack 2 Express
Bonjour
BPD_DSWizards
bpd_scan
BPDSoftware
BPDSoftware_Ini
BT NetProtect Plus
BufferChm
Camera Assistant Software for Toshiba
CamStudio OSS Desktop Recorder
CCleaner
CD/DVD Drive Acoustic Silencer
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conduit Engine
D3DX10
Destination Component
DeviceDiscovery
DivX Setup
DocMgr
DocProc
Fax
Feedback Tool
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 12.0
HP Document Manager 2.0
HP Imaging Device Functions 12.0
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPProductAssistant
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
IObit Security 360
IObit Toolbar v4.1
iTunes
Java Auto Updater
Java(TM) 6 Update 27
LG USB Modem Drivers
Malwarebytes' Anti-Malware version 1.51.2.1300
ManyCam 2.6.60 (remove only)
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Premium
Microsoft Office Converter Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft XML Parser
MobileMe Control Panel
MPM
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
myphotobook 3.6
Network
Norton Security Scan
NVIDIA PhysX
Oblivion
OCR Software by I.R.I.S. 12.0
Officejet Pro 8500 A909 Series
OGA Notifier 2.0.0048.0
OpenAL
Pando Media Booster
Picasa 2
ProductContext
Quick Screen Capture 3.0
QuickTime
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Safari
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Segoe UI
Shockwave
Skype Toolbars
Skype™ 5.3
SmartDraw VP
SmartWebPrinting
SolutionCenter
Status
Steam
Synaptics Pointing Device Driver
TES Construction Set
Toolbox
TortoiseSVN 1.6.7.18415 (32 bit)
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Hardware Setup
TOSHIBA Manuals
Toshiba Online Product Information
TOSHIBA Recovery Disc Creator
TOSHIBA Supervisor Password
Toshiba TEMPRO
TOSHIBA Value Added Package
TrayApp
TRDCReminder
TRORDCLauncher
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
uTorrentBar Toolbar
VC80CRTRedist - 8.0.50727.6195
VirtualDJ Home FREE
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Encoder 9 Series
.
==== Event Viewer Messages From Past Week ========
.
08/11/2011 15:39:03, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
08/11/2011 15:21:06, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaSvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
08/11/2011 15:08:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
08/11/2011 15:06:22, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:05:28, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: spldr Wanarpv6
08/11/2011 15:05:28, Error: Service Control Manager [7001] - The Windows Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:05:28, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:05:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
08/11/2011 15:04:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
08/11/2011 15:04:53, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
08/11/2011 15:04:43, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
08/11/2011 15:04:40, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athihvs.dll Error Code: 21
08/11/2011 15:04:22, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was This service cannot be started in Safe Mode .
08/11/2011 15:04:22, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
08/11/2011 15:02:56, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC jswpslwf mfehidk mfenlfk mfewfpk NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr Tcpip tdx Wanarpv6
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The TCP/IP Registry Compatibility service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:01:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
08/11/2011 15:01:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
08/11/2011 15:00:45, Error: EventLog [6008] - The previous system shutdown at 14:59:28 on 08/11/2011 was unexpected.
02/11/2011 14:15:45, Error: EventLog [6008] - The previous system shutdown at 14:13:26 on 02/11/2011 was unexpected.
02/11/2011 14:04:36, Error: EventLog [6008] - The previous system shutdown at 14:02:46 on 02/11/2011 was unexpected.
02/11/2011 13:30:39, Error: EventLog [6008] - The previous system shutdown at 13:28:33 on 02/11/2011 was unexpected.
02/11/2011 07:38:33, Error: EventLog [6008] - The previous system shutdown at 07:36:27 on 02/11/2011 was unexpected.
02/11/2011 07:27:36, Error: EventLog [6008] - The previous system shutdown at 07:25:23 on 02/11/2011 was unexpected.
02/11/2011 06:56:47, Error: EventLog [6008] - The previous system shutdown at 06:53:54 on 02/11/2011 was unexpected.
02/11/2011 06:41:04, Error: EventLog [6008] - The previous system shutdown at 06:39:13 on 02/11/2011 was unexpected.
02/11/2011 06:00:37, Error: EventLog [6008] - The previous system shutdown at 05:58:20 on 02/11/2011 was unexpected.
02/11/2011 04:52:58, Error: EventLog [6008] - The previous system shutdown at 04:50:10 on 02/11/2011 was unexpected.
02/11/2011 03:46:18, Error: EventLog [6008] - The previous system shutdown at 03:44:08 on 02/11/2011 was unexpected.
02/11/2011 03:36:18, Error: EventLog [6008] - The previous system shutdown at 03:34:47 on 02/11/2011 was unexpected.
02/11/2011 03:16:56, Error: EventLog [6008] - The previous system shutdown at 03:15:17 on 02/11/2011 was unexpected.
02/11/2011 00:37:25, Error: EventLog [6008] - The previous system shutdown at 00:35:32 on 02/11/2011 was unexpected.
02/11/2011 00:10:40, Error: EventLog [6008] - The previous system shutdown at 00:09:15 on 02/11/2011 was unexpected.
01/11/2011 15:40:23, Error: EventLog [6008] - The previous system shutdown at 15:39:27 on 01/11/2011 was unexpected.
.
==== End Of File ===========================

0

First problem is your cousin is running TWO full Security suites, McAfee and total pieces of junk
IObit Security 360
IObit Toolbar v4.1
This IObit Security 360 program gets terrible reviews, it's own website is rated as unsatisfactory and possibly unsafe to even visit.
Having this alone is a real problem but running two different av programs and firewalls is the number one No-No. It does not increase protection but lessens it because they fight each other and the "bad guys' come right on in.
Also on there from this same company and another lousy program is

Advanced SystemCare 3, also very dangerous because it contains a registry cleaner among other things and "allegedly" will speed the computer and keep it running at "top notch" level, it doesn't and a registry cleaner is never needed and can do more damage than good.

I am not crazy about McAfee but it is at least it is from a reputable company and certainly not considered terrible as all that junk from iObit is considered to be.

Just do a search for reviews of iObit products and you will find the majority are "less than glowing".

Also on there is Norton Security Scan

Second no-no is your cousin is running, P2P programs, virtually the easiest way to infect a computer.

These also run all the time, and at start up.
µTorrent
uTorrentBar Toolbar

Is your cousins version of MBA-M the PAID version? Excellent program, free or paid but if it is the free version there is no need for it to run all the time as it does nothing. The Free version is a scanner only. The paid version offers some real time protection.

Before you go further, these programs below all need to uninstalled immediately.

Advanced SystemCare 3
Ask Toolbar
Conduit Engine >>>questionable at best. Conduit engines and toolbars are reputed to have a certain trackware functionality.
IObit Security 360
IObit Toolbar v4.1
Norton Security Scan
µTorrent
uTorrentBar Toolbar

Another possible problem is the fact that your cousin has two internal hard drives and BOTH have less than half remaining free space. With the uTorrent on there this tells me it's likely that there may be infected shared files stored on both of these drives.

C: is FIXED (NTFS) - 74 GiB total, 15.753 GiB free.

E: is FIXED (NTFS) - 73 GiB total, 17.392 GiB free.

Uninstall the programs noted above. Continue with the rest of the scans, in normal mode IF possible, if not then do them in safe mode.
Post back here with the requested logs.

Edited by jholland1964: n/a

0

Jholland - Thank you very much for your advice. Will carry out what you have suggested and report back with logs tomorrow morning. David

-2

HOW CAN YOU TELL IF ITS A blue screen of deathCONCERN
- error msgs
-HD FAILED
-immediate blue screen
-ntldr missing or corrupt
-just plain balank screen

-------------------------------------------------------------
Booting is loading of software, process that will load all ur data in harddrive
hard drive errors are NO BOOT concern
*hard disk failed
*bsod
*ntldr missing or corrupted
*blank screen

TROUBLE SHOOTING
1. Ask them to restart the computer
make sure all non essential peripheral are not connected to the system
and run diagnostic tool

Run diagnostics F12

IF PASSED
*but ask to backed up files ur computer if cant back up, transfer call to solution station with SR
or OSRI(Operating System Reinstallation) pc restore.

IF FAILED,
*know the error code and if ever replace or reseat hard drive

If you encounter error 0141 or 0150, check BIOS to check if the HDD is detected
See if the HDD is properly seated
Recheck BIOS if HDD is detected, if yes rerun diagnostics and test
If it still won't load Windows, it's an OS issue and there's a need for OSRI

Check for HDD error codes:
Check BIOS
Reseat connectors/data cable
PSA (Fn + Power button) for laptops
F12 Hard Drive Diagnostics
For error code = STOP :Xnnnnnn ask the cx the first code
The Last Known Good Configuration (F8)

HDD Troubleshooting:

Check for HDD error codes:
Check BIOS
Reseat connectors/data cable
PSA (Fn + Power button) for laptops
F12 Hard Drive Diagnostics

*******0141 0150 (HD not detected)
go to BIOS, if hard drive detected, if not reseat hard drive go back to bios if it already detected run diagnostics, if no more error detected and load the OS.if cant proceed to PC restore
verify media to check if ders a cd came to the computer (driver disk) cyber link DVD decoder, roxio DVD burner
*check the invoice date. if within 2 year we can send pre loaded HD.
*if way over 2 years will send blank HD.

*******0146 DST Log contains previous error(s). RUNS CUSTOM TEST or quick test in HD
if FAILS, verify media to check if ders a cd came to the computer (driver disk) cyber link DVD decoder, roxio DVD burner
*check the invoice date. if within 2 year we can send pre loaded HD.
*if way over 2 years will send blank HD.

If PASSED, set customer expectation to backed up files since OS is the problem. go OSRI PC RESTORE REINSTALLATION

*******OTHER ERROR verify media
tap F12 for desktops
hold and press =Fn and power button for portables

2. if encounter error message,
*blue screen, ask them to read stop collen and google it.

most of the problem need re-installation of operating system... =))

0

hey man, having video issues. monitor not showing anything. give me step by step TS. c'',)

Please create your own thread instead of hijacking another person's thread.

0

HOW CAN YOU TELL IF ITS A blue screen of deathCONCERN
- error msgs
-HD FAILED
-immediate blue screen
-ntldr missing or corrupt
-just plain balank screen

-------------------------------------------------------------
Booting is loading of software, process that will load all ur data in harddrive
hard drive errors are NO BOOT concern
*hard disk failed
*bsod
*ntldr missing or corrupted
*blank screen

TROUBLE SHOOTING
1. Ask them to restart the computer
make sure all non essential peripheral are not connected to the system
and run diagnostic tool

Run diagnostics F12

IF PASSED
*but ask to backed up files ur computer if cant back up, transfer call to solution station with SR
or OSRI(Operating System Reinstallation) pc restore.

IF FAILED,
*know the error code and if ever replace or reseat hard drive

If you encounter error 0141 or 0150, check BIOS to check if the HDD is detected
See if the HDD is properly seated
Recheck BIOS if HDD is detected, if yes rerun diagnostics and test
If it still won't load Windows, it's an OS issue and there's a need for OSRI

Check for HDD error codes:
Check BIOS
Reseat connectors/data cable
PSA (Fn + Power button) for laptops
F12 Hard Drive Diagnostics
For error code = STOP :Xnnnnnn ask the cx the first code
The Last Known Good Configuration (F8)

HDD Troubleshooting:

Check for HDD error codes:
Check BIOS
Reseat connectors/data cable
PSA (Fn + Power button) for laptops
F12 Hard Drive Diagnostics

*******0141 0150 (HD not detected)
go to BIOS, if hard drive detected, if not reseat hard drive go back to bios if it already detected run diagnostics, if no more error detected and load the OS.if cant proceed to PC restore
verify media to check if ders a cd came to the computer (driver disk) cyber link DVD decoder, roxio DVD burner
*check the invoice date. if within 2 year we can send pre loaded HD.
*if way over 2 years will send blank HD.

*******0146 DST Log contains previous error(s). RUNS CUSTOM TEST or quick test in HD
if FAILS, verify media to check if ders a cd came to the computer (driver disk) cyber link DVD decoder, roxio DVD burner
*check the invoice date. if within 2 year we can send pre loaded HD.
*if way over 2 years will send blank HD.

If PASSED, set customer expectation to backed up files since OS is the problem. go OSRI PC RESTORE REINSTALLATION

*******OTHER ERROR verify media
tap F12 for desktops
hold and press =Fn and power button for portables

2. if encounter error message,
*blue screen, ask them to read stop collen and google it.

most of the problem need re-installation of operating system... =))

We are presently working this thread and reinstall of the os is certainly not required at this time.

0

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8117

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154

08/11/2011 21:24:08
mbam-log-2011-11-08 (21-24-07).txt

Scan type: Full scan (C:\|E:\|)
Objects scanned: 335643
Time elapsed: 2 hour(s), 18 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

0

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-11-09 09:44:22
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD16 rev.11.0
Running: bg8cl6p8.exe; Driver: C:\Users\Gareth\AppData\Local\Temp\fwddapow.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x8A3811E8]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0x8A381212]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x8A3811FE]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0x8A3811D4]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Tcp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Udp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

0

The second scan on GMER has been running for a few hours now, as soon as its finished I will post the log. David

0

GMER scan finally finished after 5.5 hours or so. Came on here to upload the log and the computer randomly restarted. My cousin has mentioned this previously but i was unaware it was still a problem. Not sure if that will help in identifying what is wrong with it.

GMER log report below.


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-09 16:18:14
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD16 rev.11.0
Running: bg8cl6p8.exe; Driver: C:\Users\Gareth\AppData\Local\Temp\fwddapow.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x8A3811E8]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0x8A381212]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x8A3811FE]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0x8A3811D4]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Udp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

---- Files - GMER 1.0.15 ----

File C:\Users\Gareth\AppData\Local\Temp\PandoHHHD2LC4.dmp 0 bytes

---- EOF - GMER 1.0.15 ----

0

signing out for tonight, will look at any comments tomorrow. Thanks in advance. David

0

Hi Jholland1964, have you been able to look at the new reports yet? As per one of my previous posts, the laptop also seems to randomly restart itself. Has anything on the reports indicated to this happening or do you know why this may happen? Thanks David

0

Yes, sorry have looked at the logs. Did you uninstall all the items I noted earlier?
If so please run a new DDS Scan and post back with both logs.

0

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19154
Run by Gareth at 15:01:49 on 2011-11-15
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2939.1832 [GMT 0:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\SMARTD~1\Messages\SDNotify.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Users\Gareth\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ManyCam\Bin\ManyCam.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://uk.yahoo.com
mDefault_Page_URL = hxxp://uk.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110509214205.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "c:\users\gareth\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Steam] "c:\steam\Steam.exe" -silent
uRun: [ManyCam] "c:\program files\manycam\bin\ManyCam.exe" /silent
mRun: [<NO NAME>]
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Virtual PDF Printer] c:\program files\virtual pdf printer\VirtualPDFPrinter.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [Toshiba TEMPO] c:\program files\toshiba tempro\Toshiba.Tempo.UI.TrayApplication.exe
mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe
mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [Skytel] Skytel.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [jswtrayutil] "c:\program files\jumpstart\jswtrayutil.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Google EULA Launcher] c:\program files\google\google eula\GoogleEULALauncher.exe IE PA
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4
IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{BE20DB45-12CC-4D4A-A96B-4F4B4333AE67} : DhcpNameServer = 192.168.0.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-10-13 387480]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2009-7-20 20384]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-1-16 64584]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-1-16 165032]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2010-11-30 4096]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-1-16 56064]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-7 7168]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-1-16 153280]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-1-16 52320]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-1-16 314088]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-3-2 22216]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-1-16 84488]
.
=============== Created Last 30 ================
.
2011-11-15 14:59:23 -------- d-----w- c:\users\gareth\appdata\local\{77E9FA7C-B5B8-4A73-AF24-3F177FE57B31}
2011-11-09 16:26:45 -------- d-----w- c:\users\gareth\appdata\local\{46A32922-AB19-4C56-843F-6B067C7AEB72}
2011-11-09 16:25:32 -------- d-----w- c:\users\gareth\appdata\local\{E2A27BB8-8861-44C6-AD3D-DFAF6697D4AD}
2011-11-09 09:32:10 -------- d-----w- c:\users\gareth\appdata\local\{86B264AE-BF1F-49CB-B4FA-6BD095BBE0A4}
2011-11-08 21:33:25 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-11-08 21:33:11 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-08 21:33:07 707584 ----a-w- c:\program files\common files\system\wab32.dll
2011-11-08 19:01:37 -------- d-----w- c:\users\gareth\appdata\local\{95B679CA-8350-49D9-AD00-BC4C35311EE4}
2011-11-08 18:58:44 -------- d-----w- c:\users\gareth\appdata\local\{DDA05DE2-5F80-4D8E-BBF4-F81F96DBBD3A}
2011-11-02 14:35:02 -------- d-----w- c:\users\gareth\appdata\local\{FDA01F48-97E0-475E-AE87-7A2074B25E8C}
2011-11-02 13:23:24 -------- d-----w- c:\users\gareth\appdata\local\{DF692395-A1CF-4AFE-B2C3-BB0E15EF1F23}
2011-11-02 00:40:12 -------- d-----w- c:\users\gareth\appdata\local\{35004399-0AE2-4293-836C-17DA76FB0BA9}
2011-11-02 00:13:11 -------- d-----w- c:\users\gareth\appdata\local\{6775FDF8-FA8A-412D-BC16-FC1BA95FFF51}
2011-11-01 15:42:51 -------- d-----w- c:\users\gareth\appdata\local\{26E0B8C9-3D7F-4AEC-87D7-27D087FF352E}
2011-10-31 08:08:25 -------- d-----w- c:\users\gareth\appdata\local\{0C6304A2-6E07-4EC7-8627-56744872A688}
2011-10-31 01:01:46 -------- d-----w- c:\users\gareth\appdata\local\{17C26228-047E-492F-B0B7-B7F93D857728}
2011-10-31 00:51:12 -------- d-----w- c:\users\gareth\appdata\local\{7BA41663-77F4-4D09-B891-705F11471504}
2011-10-30 17:40:33 -------- d-----w- c:\users\gareth\appdata\local\{936C94EF-4037-4B23-87B8-9512F444ABD0}
2011-10-30 11:15:10 -------- d-----w- c:\users\gareth\appdata\local\{8A369321-D3E6-41A7-B8A9-D9B505F28AA3}
2011-10-30 09:39:05 -------- d-----w- c:\users\gareth\appdata\local\{EA4971BD-39D9-40C6-BFDF-891E66632798}
2011-10-30 02:37:31 -------- d-----w- c:\users\gareth\appdata\local\{16817869-A03C-4241-B809-791936392B05}
2011-10-30 01:37:56 -------- d-----w- c:\users\gareth\appdata\local\{282D8BF7-A6DB-483A-9AA1-2CAE7CFDF6F8}
2011-10-29 10:31:15 -------- d-----w- c:\users\gareth\appdata\local\{4F61C9CB-677B-4766-A6E7-021DA26F1EB4}
2011-10-29 10:05:43 -------- d-----w- c:\users\gareth\appdata\local\{A0411D1C-5E00-4219-931F-7D651A4E9490}
2011-10-29 04:38:54 -------- d-----w- c:\users\gareth\appdata\local\{E37CA9C9-9FCC-4852-90C0-04EEC31AF5E6}
2011-10-29 01:11:12 -------- d-----w- c:\users\gareth\appdata\local\{751C3251-1514-49B2-9249-2CB5EF7FD656}
2011-10-29 00:07:56 -------- d-----w- c:\users\gareth\appdata\local\{57339277-C85A-40B5-AD42-42C68903AC39}
2011-10-28 10:24:23 -------- d-----w- c:\users\gareth\appdata\local\{43E85759-26C2-4CBA-BE84-ED1A0682F531}
2011-10-28 08:05:44 -------- d-----w- c:\users\gareth\appdata\local\{626F00F1-8431-43E4-B6D3-C76F6DD2CEAF}
2011-10-28 03:53:22 -------- d-----w- c:\users\gareth\appdata\local\{1F261981-7D57-45EE-9030-ED0EB44B1A0A}
2011-10-27 23:11:23 -------- d-----w- c:\users\gareth\appdata\local\{BD804973-B272-4883-812B-B283CE8BBD9A}
2011-10-25 21:39:25 6144 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-10-25 10:59:22 -------- d-----w- c:\users\gareth\appdata\local\{28C1900E-FC5E-4B8D-B3E0-F860252A521F}
2011-10-24 20:47:18 -------- d-----w- c:\users\gareth\appdata\local\{3D4171F7-CCE3-4E79-BB30-2AD90EAFF353}
2011-10-23 23:53:15 -------- d-----w- c:\users\gareth\appdata\local\{B0A8612C-84F0-461D-9DB3-0891806F5C98}
2011-10-23 11:52:43 -------- d-----w- c:\users\gareth\appdata\local\{A6145C6C-8076-42D8-80E1-3910054A4E8F}
2011-10-22 22:20:28 -------- d-----w- c:\users\gareth\appdata\local\{BF431F72-B991-4F4D-87E0-B612C339D288}
2011-10-22 22:18:44 -------- d-----w- c:\users\gareth\appdata\local\{CA8EF6DD-B246-47B1-AD56-236505BBCC38}
2011-10-21 10:07:39 -------- d-----w- c:\users\gareth\appdata\local\{D5AEB4CB-D0BB-4A58-A6AC-7B53CB2D36DF}
2011-10-21 10:07:10 -------- d-----w- c:\users\gareth\appdata\local\{8E607390-56BA-4F85-BD9B-38D38BCB9E23}
2011-10-20 13:47:27 -------- d-----w- c:\users\gareth\appdata\local\{97CC5A54-196A-49A1-871B-87A0C2B37BD4}
2011-10-20 13:46:43 -------- d-----w- c:\users\gareth\appdata\local\{A3CFA734-1C52-4078-9C17-1197C30C1EF0}
2011-10-20 01:10:46 -------- d-----w- c:\users\gareth\appdata\local\{6DB64EC4-9DA4-4579-88DB-807CB8942588}
2011-10-20 01:09:06 -------- d-----w- c:\users\gareth\appdata\local\{02646A5E-D6BF-4AC8-8DF3-02F055BAE951}
2011-10-19 12:22:01 -------- d-----w- c:\users\gareth\appdata\local\{A8CB5570-DD20-4DA9-92FA-A8BF7A365D61}
2011-10-18 23:42:50 -------- d-----w- c:\users\gareth\appdata\local\{A3D82C33-5039-446D-867D-1F5E4B93E560}
2011-10-18 23:42:39 -------- d-----w- c:\users\gareth\appdata\local\{D55CED9B-7844-464E-BD4E-5F4D4895847D}
2011-10-18 11:42:05 -------- d-----w- c:\users\gareth\appdata\local\{4C1D96B8-28ED-4DD4-85B5-F402655239C5}
2011-10-18 11:41:22 -------- d-----w- c:\users\gareth\appdata\local\{3FB6C18E-46CE-4114-BA35-3350845340F6}
2011-10-17 13:47:03 -------- d-----w- c:\users\gareth\appdata\local\{6014B1F1-034D-49C5-8C56-2850FB7C5109}
.
==================== Find3M ====================
.
2011-10-07 00:05:07 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-10-06 11:41:23 0 ----a-w- c:\windows\system32\RENB8E.tmp
2011-10-06 11:41:23 0 ----a-w- c:\windows\system32\RENB8D.tmp
2011-10-06 11:41:23 0 ----a-w- c:\windows\system32\RENB7D.tmp
2011-10-03 05:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-30 23:06:24 916480 ----a-w- c:\windows\system32\wininet.dll
2011-09-30 23:02:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-30 23:01:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-30 23:01:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-09-30 23:01:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-30 22:07:25 385024 ----a-w- c:\windows\system32\html.iec
2011-09-30 21:29:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-30 21:28:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-06 13:30:12 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 16:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-25 16:15:04 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-08-25 16:14:01 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-25 16:14:01 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-08-25 13:31:01 4096 ----a-w- c:\windows\system32\oleaccrc.dll
.
============= FINISH: 15:04:27.16 ===============

0

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 20/07/2009 15:39:47
System Uptime: 15/11/2011 12:43:56 (3 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz | CPU | 800/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 13.269 GiB free.
D: is Removable
E: is FIXED (NTFS) - 73 GiB total, 17.059 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP856: 30/10/2011 00:00:07 - Scheduled Checkpoint
RP857: 30/10/2011 12:08:35 - Scheduled Checkpoint
RP858: 31/10/2011 05:03:52 - Scheduled Checkpoint
RP859: 02/11/2011 04:24:00 - Scheduled Checkpoint
RP860: 08/11/2011 19:05:29 - Installed Java(TM) 6 Update 29
RP861: 09/11/2011 03:00:12 - Windows Update
RP862: 15/11/2011 15:00:23 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
7-Zip 4.65
8500A909_eDocs
8500A909_Help
8500A909a
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Atheros Driver Installation Program
Atheros Wi-Fi Protected Setup Library
µTorrent
BB FlashBack 2 Express
Bonjour
BPD_DSWizards
bpd_scan
BPDSoftware
BPDSoftware_Ini
BT NetProtect Plus
BufferChm
Camera Assistant Software for Toshiba
CamStudio OSS Desktop Recorder
CCleaner
CD/DVD Drive Acoustic Silencer
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
D3DX10
Destination Component
DeviceDiscovery
DivX Setup
DocMgr
DocProc
Fax
Feedback Tool
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 12.0
HP Document Manager 2.0
HP Imaging Device Functions 12.0
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPProductAssistant
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
IObit Toolbar v4.1
iTunes
Java Auto Updater
Java(TM) 6 Update 29
LG USB Modem Drivers
Malwarebytes' Anti-Malware version 1.51.2.1300
ManyCam 2.6.60 (remove only)
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Premium
Microsoft Office Converter Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft XML Parser
MobileMe Control Panel
MPM
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
myphotobook 3.6
Network
Norton Security Scan
NVIDIA PhysX
Oblivion
OCR Software by I.R.I.S. 12.0
Officejet Pro 8500 A909 Series
OGA Notifier 2.0.0048.0
OpenAL
Pando Media Booster
Picasa 2
ProductContext
Quick Screen Capture 3.0
QuickTime
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Safari
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Segoe UI
Shockwave
Skype Toolbars
Skype™ 5.3
SmartDraw VP
SmartWebPrinting
SolutionCenter
Status
Steam
Synaptics Pointing Device Driver
TES Construction Set
Toolbox
TortoiseSVN 1.6.7.18415 (32 bit)
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Hardware Setup
TOSHIBA Manuals
Toshiba Online Product Information
TOSHIBA Recovery Disc Creator
TOSHIBA Supervisor Password
Toshiba TEMPRO
TOSHIBA Value Added Package
TrayApp
TRDCReminder
TRORDCLauncher
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
VC80CRTRedist - 8.0.50727.6195
VirtualDJ Home FREE
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Encoder 9 Series
.
==== Event Viewer Messages From Past Week ========
.
09/11/2011 16:54:52, Error: EventLog [6008] - The previous system shutdown at 16:53:37 on 09/11/2011 was unexpected.
09/11/2011 16:22:43, Error: EventLog [6008] - The previous system shutdown at 16:21:11 on 09/11/2011 was unexpected.
09/11/2011 16:19:31, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.8 for the Network Card with network address 0024D28695E5 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
09/11/2011 09:28:04, Error: EventLog [6008] - The previous system shutdown at 09:26:47 on 09/11/2011 was unexpected.
09/11/2011 09:17:02, Error: Service Control Manager [7031] - The McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
09/11/2011 09:16:26, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
09/11/2011 09:15:56, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
09/11/2011 09:15:35, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
09/11/2011 09:15:35, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
09/11/2011 06:33:10, Error: EventLog [6008] - The previous system shutdown at 06:30:24 on 09/11/2011 was unexpected.
09/11/2011 04:50:47, Error: EventLog [6008] - The previous system shutdown at 04:49:16 on 09/11/2011 was unexpected.
09/11/2011 04:28:30, Error: EventLog [6008] - The previous system shutdown at 04:25:49 on 09/11/2011 was unexpected.
08/11/2011 19:00:45, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.11 for the Network Card with network address 0024D28695E5 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
08/11/2011 18:05:25, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
08/11/2011 17:20:30, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
08/11/2011 15:39:03, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
08/11/2011 15:21:06, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaSvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
08/11/2011 15:08:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
08/11/2011 15:06:22, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:05:28, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: spldr Wanarpv6
08/11/2011 15:05:28, Error: Service Control Manager [7001] - The Windows Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:05:28, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:05:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
08/11/2011 15:04:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
08/11/2011 15:04:53, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
08/11/2011 15:04:43, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
08/11/2011 15:04:40, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athihvs.dll Error Code: 21
08/11/2011 15:04:22, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was This service cannot be started in Safe Mode .
08/11/2011 15:04:22, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
08/11/2011 15:02:56, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC jswpslwf mfehidk mfenlfk mfewfpk NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr Tcpip tdx Wanarpv6
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The TCP/IP Registry Compatibility service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:02:11, Error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/11/2011 15:01:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
08/11/2011 15:01:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
08/11/2011 15:00:45, Error: EventLog [6008] - The previous system shutdown at 14:59:28 on 08/11/2011 was unexpected.
.
==== End Of File ===========================

0

All items installed as suggested except for Ask Toolbar. That is not uninstalling.

0

scrap that, just tried again and it has been removed now. Do you want me to carry out a new DDS log?

0

No that was uninstalled last week when you requested. However, when i went to uninstall ASK Toolbar I saw some sort of file for UTorrent, i pressed uninstall on that as well and said it could not find the file and asked if i wanted to remove it from the list, which i did.

Can run new logs if required.

0

The laptop has been restarted with nothing running at all. This error message came after loading to desktop.

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 2057

Additional information about the problem:
BCCode: a
BCP1: 29CF0C71
BCP2: 0000001C
BCP3: 00000001
BCP4: 826FB5C5
OS Version: 6_0_6002
Service Pack: 2_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\Mini111511-01.dmp
C:\Users\Gareth\AppData\Local\Temp\WER-151539-0.sysdata.xml
C:\Users\Gareth\AppData\Local\Temp\WEREA2F.tmp.version.txt

Read our privacy statement:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409

0

The laptop has been restarted with nothing running at all.
That isn't possible, except in Safe Mode. Otherwise each and every one of the unnecessary programs listed below auto starts with the computer and runs in the background, even if you are not using them at the time. Look at the huge number of running processes showing when you ran this and the previous DDS scan.

Turn all of these off, they do not need to auto start. All can easily be run manually when needed.
Pando Media Booster
msnmsgr
Google Update
WMPNSCFG
Steam
ManyCam
Windows Defender>>> disable this entirely and leave it disabled. It is useless and can interfere with any other security programs running on the computer.
HP Software Update
Google EULA Launcher
Google Desktop Search
DivX Download Manager>>>can often be considered very questionable.
Camera Assistant Software
Adobe Reader Speed Launcher
Malwarebytes' Anti-Malware (reboot)
QuickTime Task
iTunesHelper
ApnUpdater
SunJavaUpdateSched
DivXUpdate
OSA9.EXE

Have you cleaned all the dust and air vents on the computer recently? This almost sounds to me like an over heating problem. Too much running all the time for sure.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.