# Solved: BSOD 0x00000050



## Blueowly

PLEASE PLEASE PLEASE PLEASE help please!!!! i cant take this anymore!!! i tried youtube...google...nothings working...here is my dump file or watever u wana call it i cant find a solution...and its gonna be pricy for me to go and fix it at a computer store...so please help me please!!!


----------



## Blueowly

please some1 help =\ why no1 answering??


----------



## blues_harp28

Please be patient - people can only reply when they are here.
This is Not an instant messaging site.

Minidump check.
Probably caused by : hardware

PAGE_FAULT_IN_NONPAGED_AREA

Hard drive manufacturers test.
http://www.tacktech.com/display.cfm?ttid=287

Run a Memory test.
http://www.memtest.org/
http://www.memtest86.com/download.html
http://oca.microsoft.com/en/windiag.asp

Best to run a full scan - on individual Ram sticks.
Download and burn the ISO to CD

Boot from that CD and run the memory test overnight or at least for a few hours.
Guide to using Memtest86+ 
http://www.geekstogo.com/forum/topic/246994-guide-to-using-memtest86/


----------



## Blueowly

damn =\ i dont understand all that stuff im an idiot to fixing that  any easier stuff?? im sorry for being like that


----------



## blues_harp28

No easier stuff.
If you want to try and fix it yourself - you will have to learn as you go, we have all had to do the same.

You need to find out what hard drive you have intalled.
You download the hard drive test - burn the ISO file to a Cd using a working Pc.
You then start your Pc - and boot [start] from the Cd and run the test.

The same applies to running the Memory test.

Beginner Geek: How to Burn an ISO Image to a Disc - How-To Geek
http://www.howtogeek.com/howto/14183/beginner-geek-how-to-burn-an-iso-image-to-a-disc/


----------



## Blueowly

damn  ok but i downloaded a program that tells u what the error is from...and it says cause: microsoft operating system which is my windows but i have formated the pc 3 times...do i still do what u asked me to??


----------



## blues_harp28

It would be best to run a Hard drive and a Memory test.

Does your Pc start and can you get to the desktop?
If yes download and run this Ram test.
Roadkil.Net.
http://www.roadkil.net/program.php?ProgramID=34


----------



## Mark1956

The minidump states the cause as AppleCharger.sys, I would suggest you uninstall the software and see if that helps.

Here are a full set of instructions to help you run a test on the RAM and your hard drive if removing the AppleCharger software does not fix the problem. If you get any more BSOD's please post the minidumps.



> Identify the make of your hard drive and then use one of the links below to get the manufacturer's diagnostics for *ISO (CD)* not the one for Windows.
> When the download is complete right click the file and select Extract Here and burn the image to a CD.
> In Windows 7 right click the extracted file, select *Open With*, then select* Windows Disc Image Burning Tool* then follow the prompts. For all other versions of windows (if you do not have an ISO burner) download this free software. ImgBurn
> Install the program and start the application. Select the top left hand option to burn image file to disk and then on the next window click on the small yellow folder icon and browse to the file you have downloaded from the links below. Then click on the two grey discs with the arrow in between (bottom left) and leave it to complete the operation.
> Boot the PC into the Bios setup and set the CD/DVD drive to 1st in the boot sequence. Insert the disk in the drive then reboot and the disc will load into dos.
> Excelstore Use EStest CD image
> Hitachi/IBM Use the Drive Fitness Test - CD Image.
> Seagate, Samsung, Maxtor & Quantum Follow links for SeaTools (For DOS ISO image)
> Western Digital
> *Toshiba/Fujitsu*
> If you have a Toshiba/Fujitsu hard drive I would suggest the use of the diagnostics from the Seagate link as this will work on all makes of drive and on any OS.





> *Please read all the instructions before starting.*
> IMPORTANT
> _Always disconnect your PC from the mains supply when removing Ram sticks and earth your hands to discharge any static electricity to avoid damage to sensitive components. If performing this test on a laptop PC you should also remove the battery before removing or replacing the RAM sticks._
> Preliminary checks
> *For a new build:* You should first check the model of RAM stick that you have on the manufacturers site for the recommended voltage setting and then make sure it is set correctly in the PC's Bios. An incorrect voltage setting may be the reason for your problems so test the PC's performance again if the voltage was incorrect.
> *For older PC's*: Errors can also be caused by dirty contacts: Remove all the sticks and clean the contacts with a soft pencil eraser and blow out the slots with a can of compressed air.
> 
> _A quick test you can do is to remove all but one of your RAM sticks, run the PC and see if the BSOD still happens, if it doesn't you have found the problem, if it does then swap the sticks. Continue this test with all the sticks, running the PC on one at a time. You may find that only one of the sticks causes the BSOD. NOTE: This method is only worth using if the errors are occuring frequently, for intermittent faults follow the rest of the guide._
> Download Memtest86+ from here
> When the download is complete right click the file and select Extract Here and burn the image to a CD.
> In windows 7 right click the extracted file, select *Open With*, then select *Windows Disc Image Burning Tool* then follow the prompts. For all other versions of windows (if you do not have an ISO burner) download this free software. ImgBurn
> Install the program and start the application. Select the top left hand option to burn image file to disk and then on the next window click on the small yellow folder icon and browse to the ISO file you have downloaded. Then click on the two grey discs with the arrow in between (bottom left) and leave it to complete the operation.
> Testing
> Boot the PC into the Bios setup and set the CD/DVD drive to 1st in the boot sequence. Insert the disk in the drive then reboot and the disc will load into dos. Leave the test to run through at least 8 cycles or until it is showing some errors. If errors show in the test, remove all but one of your RAM sticks and repeat the test on each stick until you find the one that is faulty. This is a long slow test and should ideally be run overnight.
> The memtest will not be 100% accurate but should easily detect any major faults.


----------



## blues_harp28

Mark1956 said:


> The minidump states the cause as AppleCharger.sys, I would suggest you uninstall the software and see if that helps.


Now I thought at first that my WinDbag was faulty.
Not sure why you picked AppleCharger.sys as the cause, when there were these and a dozen more!

ERROR: Module load completed but symbols could not be loaded for BHDrvx64.sys
WARNING: Unable to verify timestamp for AppleCharger.sys
ERROR: Module load completed but symbols could not be loaded for AppleCharger.sys
WARNING: Unable to verify timestamp for tunnel.sys
ERROR: Module load completed but symbols could not be loaded for tunnel.sys
WARNING: Unable to verify timestamp for intelppm.sys
WARNING: Unable to verify timestamp for atkdisplowfilter.sys

Blueowly - run the Hard Drive test suggested above and let us know the result.


----------



## Mark1956

I think I have come across this before where we have had different results from Windows Debugger. All I got was one ERROR and WARNING concerning AppleCharger.sys and it was named as the faulting driver. As we well know it can be due to this driver conflicting with something else but it was also in the Stack Trace.


----------



## blues_harp28

Mark1956 said:


> As we well know it can be due to this driver conflicting with something else


Too true - I just thought for a moment that the old bug reader was on it last legs.
Thanks for the clarification.
:up:


----------



## Mark1956

You're welcome .


----------



## Blueowly

i did the memory test it said Error Checks: 0 meaning it dint find any error problems...when i did the bsod viewer i got this...
computer name: ADAM-PC
windows version: Windows 7 , 6.1, build: 7600
windows dir: C:\Windows
CPU: GenuineIntel Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Intel586, level: 6
8 logical processors, active mask: 255
RAM: 8572231680 total
VM: 2147352576, free: 1960177664

Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

On Fri 2/24/2012 5:50:33 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\022412-53367-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x705C0) 
Bugcheck code: 0x50 (0xFFFFFFFFFFFFFFD0, 0x1, 0xFFFFF80002CD36AC, 0x0)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that invalid system memory has been referenced.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. 
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time

On Fri 2/24/2012 5:50:33 PM GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: applecharger.sys (AppleCharger+0x1A93) 
Bugcheck code: 0x50 (0xFFFFFFFFFFFFFFD0, 0x1, 0xFFFFF80002CD36AC, 0x0)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\Windows\system32\drivers\applecharger.sys
Bug check description: This indicates that invalid system memory has been referenced.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. 
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: applecharger.sys . 
Google query: applecharger.sys PAGE_FAULT_IN_NONPAGED_AREA


----------



## Blueowly

ok so this is everything i have...i am very very sorry for this mess...for me i have paid way too much to build this case & computer...it would be highly highly highly appreciated if some1 can tell me how to solve this the idiot proof way because i am nottt smart at this what so ever...i do not wana take it to a store bcuz...

a) they are way too expensive
b) they might steal my parts...soo pls help!


----------



## Mark1956

Have you tried removing the AppleCharger software?

When you run the Memtest it needs to be for at least 8 passes which will be seen on the screen as the test progresses (as per the above instructions), for convenience this is best setup and left to run overnight.

I would do as BluesHarp suggested and run the hard drive test. This is a lot quicker than the memtest test and will give a quick result as to the health of your hard drive.

If the extended test comes up clean then I would follow that with an overnight test on the RAM with Memtest86+.


----------



## blues_harp28

In addition to the above.
You ran the Mem Test from the Roadkil.Net.program?

AppleCharger.sys - is a driver on the motherboard to charge Apple hardware such as iPhones or iPods.

To check if this loads at start up.
Click on the Start button > in the Search box > Type
msconfig

Click on the Start up tab.
Write down carefully what is listed and post the list here.

How to use MSCONFIG in Windows 7.
http://netsquirrel.com/msconfig/msconfig_win7.html


----------



## Blueowly

These are the start up items that are checked...

Realtek hd
Asus smart doctor
google update
splashtop connect IE
splashtop connect
adobe acrobat 
Adobe reader and acrobat manager
[email protected] control center
Asus gamerOSD
browser companion helper


----------



## Blueowly

and yes i ran the mem test from roadkill it said no errors....

now im dling memtest on a usb so i can do atleast 8 passes god knows how im gonna do that


----------



## Blueowly

These are the start up items that are checked...

Realtek hd
Asus smart doctor
google update
splashtop connect IE
splashtop connect
adobe acrobat 
Adobe reader and acrobat manager
[email protected] control center
Asus gamerOSD
browser companion helper


----------



## blues_harp28

Nothing in the Start up list.
Follow the suggestions in past posts on how to run the Memory Tests - all needed info is there.

You may have to update the AppleCharger driver - check link here and let it scan your Pc.
Driver Reference Table
http://www.sysnative.com/drivers/driver.php?id=AppleCharger.sys


----------



## Mark1956

> now im dling memtest on a usb so i can do atleast 8 passes god knows how im gonna do that


Why is that a problem?


----------



## Mark1956

It just occured to me if you are following my instructions to run Memtest86+ and you need to use a USB flash drive you will need a different download: Auto installer for USB key
The one in my instructions is an ISO file for burning to a CD.


----------



## Blueowly

yes now its on pass #2...im doing till pass #8 right?? so what happens when thats done what do i do??? is the problem fixed?? btw i did it using a flashdrive usb


----------



## Mark1956

The Memtest is purely a test, it does not fix anything. The test will make sure, to a reasonably high degree of certainty, that your RAM is ok. Ram is one of the most common causes of BSOD's so it is worth eliminating it in the early stages of diagnosis.

The next thing you should do is follow BluesHarp suggestion in post 20. Once that is done and the above test has come through with a positive result, run the PC for a while and see if the problem persists.

The hard drive is also a common cause of BSOD's so a test with that should be done next.
The downloads available for this test are made for burning to a CD, I don't think any of them are in the correct format for a Flash Drive. It is fine to use a re-recordable CD/DVD if you do not want to waste a disc.

If the hard drive test comes up clear, let us know and we can move on to further diagnosis.

If you have any questions or doubts about anything then please ask, we are here to help.


----------



## Blueowly

memory test (10 passes) 0 errors...good as new...it dint find any errors...some1 help??


----------



## blues_harp28

Ok - now run the scan in the link below.



blues_harp28 said:


> You may have to update the AppleCharger driver - check link here and let it scan your Pc.
> Driver Reference Table
> http://www.sysnative.com/drivers/driver.php?id=AppleCharger.sys


----------



## Blueowly

ok it did install the driver...but it dint scan i dont see a scan test blueharp :S


----------



## Blueowly

i also did the msconfig thing i dont see the applecharger on the list


----------



## blues_harp28

At this website - you typed the model number of your Pc and clicked on Motherboard and installed the driver?
Here


----------



## Blueowly

how do i find my model number i downloaded the on/off charger...but thats it...theres no scanning software


----------



## blues_harp28

You downloaded the On/Off Charge driver update from Here

Ok the memory test was done and it passed.
The AppleCharger driver is updated.
The next is the Hard drive test - follow the suggestions in Mark1956's post # 8
You will need to know what Hard drive you have installed.

Or as Mark suggests '*run the PC for a while and see if the problem persists*'
The AppleCharger update may have solved the problem.


----------



## Blueowly

ok i have updated my bios and applecharger...i think that was the problem since there is no way else to check if the problem is solved...i went on device manager right clicked on my hardrive and clicked update driver ....it searched the internet and said that my driver is up to date...since i dont got an empty cd now so...if this problem occurs again burn some program as ISO with img brun on an empty cd but can some1 tell me what type of hardrive or hardisk i have..it only says here...Disk DRIVES: ST000DL003-9VT166 ATA Device


----------



## Mark1956

That will be a Seagate drive with that number.


----------



## blues_harp28

Run the Pc for a few days to see if all is now a Ok.
Keep us updated.


----------



## Blueowly

i ran the pc for a few days...all is fine no bsod...but it delays alot now :S??....delay in video games and alota things...also i plugged in my ipod to charge it and all of a sudden the pc switched off ...no bsod no nothing...it just switched off...i tried switching it back on and insterted in not a power usb port....it also switched off ....anything to worry about there??


----------



## Blueowly

like if im lsning to a utube video song...and i open a new tab on google chrome or open an application on my pc...the song starts to stutter..or likeee give weird sounds like the disc is stuck or some kinda sound like that


----------



## blues_harp28

Back to your start up list in msconfig - for a moment.
No Anti-virus program was showing as running at start up.

Check and post
TSG System Information Utility - found here.
http://library.techguy.org/wiki/TSG_Valuable_links

Post a Hjt log - to see what is running on your system.

Hijack this 2.04

Save *HJTInstall.exe* to your desktop.
Doubleclick on the *HJTInstall.exe* icon on your desktop.
By default it will install to *C:\Program Files\Trend Micro\HijackThis* .
Click on *Install*.
It will create a HijackThis icon on the desktop.
Once installed, it will launch *Hijackthis*.
Click on the *Do a system scan and save a logfile* button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
*DO NOT* use the AnalyseThis button, its findings are dangerous if misinterpreted.
*DO NOT* have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

Post the uninstall log from Hjt log
Start HiJackThis.
Click > Open The Misc Tools Section button. 
Click > Open Uninstall Manager.
Click > Save List.
Save the uninstall_list file on your desktop.
It will then open in Notepad.
Come back to your thread > Copy-and-Paste the uninstall list in the reply box.


----------



## Blueowly

ok so u only want me to post the hjt list nothing else right???whats the thing about the no antiviryus on the start up list in msconfig i dint get that part...


----------



## blues_harp28

There was no Anti-virus program showing as running at start up in msconfig.
You may have an Anti-virus program - but is not seen as running at start up.

Just post the Hjt log and the un-install list from the Hjt log.


----------



## Blueowly

it wont let me save the log:S it keeps saying go to run type notepad c:/ bla bla bla find the lines and delete them then save as hosts what lines :S


----------



## blues_harp28

What is the exact message - bla bla bla is not telling us much?

Once the Hjt log has scanned your system - you then click Save Log.
Save the Hjt logfile to your Desktop.
It should then open in Notepad.

Click on Edit > Select All then click on Edit > Copy - to copy the entire contents of the log.

Edit.
Go to Control Panel > User Accounts.
Select > Change User Account Control Settings.
Move the slider to Never Notify.
Click OK.

Restart the computer.
Run Hjt log again.


----------



## Blueowly

For some reason your system denied white access to the hosts file.if any hijacked domains are in this file,hj may not be able to fix this. if that happens u need to edit the file urself. to do this click start run and type...notepad C:/windows/system32/drivers/etc/hosts and press enter.find the line(s) hj this reports and delete them .
save the file as "hosts" (with quotes) and reboot

thats what it says


----------



## blues_harp28

Ok - do this.
Go to Control Panel > User Accounts.
Select > Change User Account Control Settings.
Move the slider to Never Notify.
Click OK.

Restart the computer.
Run Hjt log again.


----------



## Blueowly

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:32:59 PM, on 2/28/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\GIGABYTE\UpdManager\RunUpd.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe
C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\ReImageCompanion\updatebhoWin32.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: script helper for ie - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - C:\Program Files (x86)\ReImageCompanion\jsloader.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=gmdfpnpdmnjaffhcdbobdjpolhpacaem
O4 - HKLM\..\RunOnce: [GBTUpd] C:\Program Files (x86)\GIGABYTE\UpdManager\PreRun.exe
O4 - HKLM\..\RunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [Google Update] "C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Arp Intelligent Protection Service (AIPS) - Arcai.com - C:\Program Files (x86)\netcut\services\AIPS.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect Firefox Software Updater Service (WCUService_STC_FF) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11177 bytes


----------



## Blueowly

the uninstall list:

@BIOS
3TB+Unlock B110303.1
Adobe Reader 9.3
ASUS Gamer OSD
ASUS Smart Doctor
AutoGreen B10.1021.1
Babylon toolbar on IE
Bing Bar
Catalyst Control Center - Branding
Cloud OC
D3DX10
Easy Tune 6 B11.0323.1
Etron USB3.0 Host Controller
Etron USB3.0 Host Controller
Free File Recovery 1.1
HiJackThis
IconPackager
IconPackager
Junk Mail filter update
Mesh Runtime
Messenger Companion
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT_amd64
NetCut 2.1.4
Norton Internet Security
ON_OFF Charge B11.0110.1
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
ReImageCompanion
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Smart 6 B10.1221.1
Splashtop Connect for Firefox
Splashtop Connect IE
TP-LINK Wireless Client Utility
Tweaking.com - Windows Repair (All in One)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update Manager B11.1124.1
VLC media player 1.1.11
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mail
Windows Live Mesh
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
Windows Movie Maker 2.6
WinPcap 4.1.2
WinZip 14.5
XviD MPEG-4 Video Codec


----------



## blues_harp28

While I check through your logs.

Download.
MalwareBytes and Superantispyware to your desktop.

MalwareBytes

SuperAntiSpyware
Download the Free version.

When downloaded to your desktop.
Close all open browser windows.

*MalwareBytes*
Click on the Install icon - allow it to update during the install process.

Start Malwarebytes Anti-Malware.
Click on Scanner > then quick scan >then Scan.
Any infections or problems will be highlighted in red.
After the scan is finished - Click - Show Results.
Check that all entries are selected.
Click - Remove Selected.
You may be prompted to restart to finish the removal process.
If Yes - restart your Pc.
Start Malwarebytes again.
Click on the Logs Tab.
Highlight the scan log entry.
Click - Open.
The scan log will appear in Notepad.
Copy-and-paste it in your next post.

*SuperAntiSpyware*
Click on the install icon - allow it to update during the install process.
Select the Quick Scan option.
Click Scan your Computer.
Any infections or problems will be highlighted in red.
After the scan is finished.
Click Continue.
Check that everything is listed.
Click Remove Threats.
Click OK - then click Finish
You may be prompted to restart to finish the removal process.
If Yes - restart your Pc.
Start SuperAntiSpyware again.
Click View Scan Logs.
Highlight the scan log entry.
Click - View Selected Log.
The scan log will appear in Notepad.
Copy-and-paste in your next post.


----------



## Blueowly

there is no check results in malwarebytes


----------



## blues_harp28

Once you have scanned with MalwareBytes.
Start Malwarebytes again.
Click on the Logs Tab.
Highlight the scan log entry.
Click - Open.
The scan log will appear in Notepad.
Copy-and-paste it in your next post.


----------



## Blueowly

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/28/2012 at 02:22 PM

Application Version : 5.0.1144

Core Rules Database Version : 8286
Trace Rules Database Version: 6098

Scan type : Quick Scan
Total Scan Time : 00:01:44

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC Off - Administrator

Memory items scanned : 725
Memory threats detected : 0
Registry items scanned : 53934
Registry threats detected : 0
File items scanned : 10604
File threats detected : 143

Adware.Tracking Cookie
C:\USERS\ADAM\AppData\Roaming\Microsoft\Windows\Cookies\Low\SIN94938.txt [ Cookie:[email protected]/ ]
C:\USERS\ADAM\AppData\Roaming\Microsoft\Windows\Cookies\Low\BK9Z5WHZ.txt [ Cookie:[email protected]/ ]
C:\USERS\ADAM\AppData\Roaming\Microsoft\Windows\Cookies\Low\X4SVEZIL.txt [ Cookie:[email protected]/ ]
C:\USERS\ADAM\AppData\Roaming\Microsoft\Windows\Cookies\Low\F2KQ9PB8.txt [ Cookie:[email protected]/ ]
C:\USERS\ADAM\AppData\Roaming\Microsoft\Windows\Cookies\Low\7Y0RCUX7.txt [ Cookie:[email protected]/cgi-bin ]
C:\USERS\ADAM\AppData\Roaming\Microsoft\Windows\Cookies\Low\U0POZESV.txt [ Cookie:[email protected]/ ]
C:\USERS\ADAM\AppData\Roaming\Microsoft\Windows\Cookies\Low\3810VUWN.txt [ Cookie:[email protected]/ ]
.doubleclick.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.microsoftsto.112.2o7.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.fdma-media.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads2.zeusclicks.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.syndication.traffichaus.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.syndication.traffichaus.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.syndication.traffichaus.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sexad.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s03.flagcounter.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
m1.webstats.motigo.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.harrenmedianetwork.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tradefx.advertserve.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.myroitracking.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.exoclick.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.exoclick.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c1.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c1.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
elite.callofduty.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
elite.callofduty.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
elite.callofduty.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elite.callofduty.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elite.callofduty.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ADAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

Trojan.Agent/Gen-Crypt
C:\USERS\ADAM\DESKTOP\PASTRY\CHOCOLATES\HANG DEP.EXE


----------



## Blueowly

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.01.13.04

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Adam :: ADAMCC [administrator]

Protection: Enabled

2/28/2012 2:31:20 PM
mbam-log-2012-02-28 (14-31-20).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 177361
Time elapsed: 1 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


----------



## blues_harp28

Remove these entries using Hjt log.
Close all browsers that you may be using

Start Hjt log - click Scan.
Once the page has opened - put a Tick mark against these entries and click Fix.
*Make sure that you only put a tick against the list below*
Close Hjt log.
Restart your Pc.

*O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)*

Post a new Hjt log.


----------



## Blueowly

ok did all that...now whats the next step ?? if i plug to charge my ipod is it ok?


----------



## Blueowly

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:07:07 PM, on 2/28/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\GIGABYTE\UpdManager\RunUpd.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe
C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\GIGABYTE\UpdManager\GBTUpd.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\ReImageCompanion\updatebhoWin32.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: script helper for ie - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - C:\Program Files (x86)\ReImageCompanion\jsloader.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=gmdfpnpdmnjaffhcdbobdjpolhpacaem
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [GBTUpd] C:\Program Files (x86)\GIGABYTE\UpdManager\PreRun.exe
O4 - HKLM\..\RunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [Google Update] "C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Arp Intelligent Protection Service (AIPS) - Arcai.com - C:\Program Files (x86)\netcut\services\AIPS.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect Firefox Software Updater Service (WCUService_STC_FF) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12014 bytes


----------



## blues_harp28

In an ealier post you mentioned other programs hanging, not just a problem with your ipod.
And not seeing an Anti-virus program in your start up list - I wanted to see if you had enough protection from spyware etc, on your Pc.

For future reference.
MalwareBytes have a free version available - once your trial version ends.
Use MalwareBytes and SuperAntiSpyware at least every two weeks.
Update each program and scan your Pc.

Make sure you keep your Pc up to date, with the security updates from Microsoft.
Check for Windows updates

Try your ipod again and report back any problems.


----------



## blues_harp28

Did you restart your Pc - and post a new hjt log?
All the entries in the Hjt log that I said to remove in post #51 are still there.


----------



## Blueowly

wait wait OMFGGG DUDE U ARE GOD...MY IPOD WORKED AND IT DINT CRASH..!!! I L;OVEE UUUU wait i want some advice plsss omfgg they should pay u to do this lmao....i use malware and superantispyware every 2 weeks...and i just fix the problems right??? like if theres a threat i just hit apply fix right?? and also can u link me to the free versions...


----------



## Blueowly

wait i removed them dude i swear :S


----------



## blues_harp28

You may have posted the old Hjt log.
Run the Hjt log again and post the result.

Your Norton Anti-virus program is Not running at start up - it should be.
Check msconfig - start up tab and put a tick next to Norton - Apply>Ok - reboot your Pc.

Run Malwarebytes - SuperAntiSpyware every two weeks - remove all that they may find.
http://www.malwarebytes.org/products/malwarebytes_free

Check for Windows updates

Edit
Repost the Start up list in msconfig


----------



## Blueowly

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:25:05 PM, on 2/28/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\GIGABYTE\UpdManager\RunUpd.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe
C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\GIGABYTE\UpdManager\GBTUpd.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\ReImageCompanion\updatebhoWin32.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: script helper for ie - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - C:\Program Files (x86)\ReImageCompanion\jsloader.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=gmdfpnpdmnjaffhcdbobdjpolhpacaem
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [GBTUpd] C:\Program Files (x86)\GIGABYTE\UpdManager\PreRun.exe
O4 - HKLM\..\RunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [Google Update] "C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Arp Intelligent Protection Service (AIPS) - Arcai.com - C:\Program Files (x86)\netcut\services\AIPS.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect Firefox Software Updater Service (WCUService_STC_FF) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12047 bytes


----------



## Blueowly

my norton is not in the msconfig startup tab anymore the malware and spyware took over lol


----------



## blues_harp28

Your Hjt log that you have posted in #59 is still the old log.
Never mind - those entries are doing no harm to your Pc.

What version of Norton security are you using?
In your Norton program - check settings and enable it to run at start up

Post all the start up entries in msconfig - ticked or unticked.


----------



## Blueowly

norton internet security 

intel r
intel r
intel r
asus smart
google update
superantispyware
splashtop
splashtop
adobe
adobe
catalyst control center
asus gamer osd
browswer comanion helper 
malwarebytes


----------



## blues_harp28

Start>Run>Type msconfig.
Untick these entries.

*google update
superantispyware
adobe
adobe
asus gamer osd
browswer comanion helper 
malwarebytes*

Apply>Ok>Reboot your Pc.
The System Configuration Utility box appear on retstart - saying changes have been made.
Tick the box on the lower left and then OK.

Edit.
Norton running at start up - will check and post back.


----------



## blues_harp28

Norton internet security.
First check.

Open the Start Menu.
In the seach line.
Type 
services.msc 
Press Enter.

Once in Services.
Scroll down to Norton.
Next to Startup type > Click on the drop down menu.
Select Automatic
Click Apply > Ok.

Make no other changes while in services.

Restart your Pc.


----------



## Blueowly

ok it starts up now...i just have some little advice that i need from u and that'll be it i swear i promise ill close topic...
1) my norton will end in 86...should i update and keep norton or buy kaspersky...
2) i have a graphic card im sure u can tell what type it is now called asus...(EAH6850 DC) it has alot of settings and i dont know whats best for fan and temperature or gpu i dont know anything with all that..i just want it to run smooth when im not running alot of applications and run as much as it needs when im gaming...like by itself i dont want to have to manuel do that..pls i hope u can help me just this one last time...pls


----------



## blues_harp28

Norton does takes a lot of Pc resources and that may be adding to your problems.
If you are thinking of changing - Microsoft Security Essentials is free and used by many on this forum.
http://windows.microsoft.com/en-US/windows/products/security-essentials

As for your Hardware question, Asus graphic card - I am not an expert, sorry.
It is better that you post a new question in the Hardware or the Games forum.
Give them as much detail as you can in your first post.

As for the problem that you started here - is all now a Ok?


----------



## Blueowly

it is more than perfect...and so are u!!...thank u soo much ill never forget this blue..take care and thx again buddy


----------



## blues_harp28

You take care too - this can be marked Solved at the top of the page.


----------



## Blueowly

blue harp that thing is back...everytime i plug my ipod my pc switches off directly..wat to do?? is there a way where i can fix it once and for all??


----------



## Blueowly

also now there is 2 X marks on my D drive and G drive..


----------



## blues_harp28

Blueowly said:


> blue harp that thing is back...everytime i plug my ipod my pc switches off directly..wat to do?? is there a way where i can fix it once and for all??


Depending on how you connect the ipod to the Pc - USB or Firewire.
Try a different USB port to connect the ipod - the one you are using may be faulty.

Update the drivers for the ipod from Apple.
Maybe un-install and re-install all Apple software.

It could be a Pc's power supply problem and it becomes overloaded when you connect an external device.

Try plugging something else into the same USB port - to see if the Pc then shuts down.

You are using USB 2.0 port on your Pc?


----------



## Blueowly

it works after the driver thx...but what about my hardrives...check the thumblane i uploaded a picture for u


----------



## Blueowly

hello?


----------



## blues_harp28

Continue with your new post here - http://forums.techguy.org/windows-7/1043382-what-going.html
Or you will confuse us all.


----------

