[RESOLVED] PROBLEM with TFC by oldtimer
Page 1 of 2 12 LastLast
Results 1 to 15 of 18

Thread: [RESOLVED] PROBLEM with TFC by oldtimer

  1. #1
    Join Date
    Jun 2001
    Location
    wi,usa
    Posts
    615

    Resolved [RESOLVED] PROBLEM with TFC by oldtimer

    i just used it on a windows7 and it froze it up. i was also using it at the same time on a vista.
    that one froze up also. it crashed windows explorer. i had to do a 'hard restart' on both.[hold down the power button].
    on a win7 last week it worked just fine. i dl'd it from geekstogo...
    what a problemo! it used work real good.....now it's corrupted ?

    i am starting the required scans on the win7 to be sure it's clean.
    i giving this to my customer next week so it has to be right
    TIA
    .
    Last edited by nlday; March 9th, 2013 at 08:49 PM. Reason: clarify situation
    the more you make...
    the more they take.

  2. #2
    Join Date
    Jun 2001
    Location
    wi,usa
    Posts
    615
    here's my mbam...
    Malwarebytes Anti-Malware 1.70.0.1100
    www.malwarebytes.org

    Database version: v2013.03.09.13

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    GEO :: DELL7-PC [administrator]

    3/9/2013 6:24:56 PM
    mbam-log-2013-03-09 (18-24-56).txt

    Scan type: Full scan (C:\|Q:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 339376
    Time elapsed: 28 minute(s), 43 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    here's the aswMBR...
    aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
    Run date: 2013-03-09 19:02:52
    -----------------------------
    19:02:52.750 OS Version: Windows x64 6.1.7601 Service Pack 1
    19:02:52.750 Number of processors: 2 586 0x170A
    19:02:52.750 ComputerName: DELL7-PC UserName: GEO
    19:02:55.761 Initialize success
    19:02:56.495 AVAST engine defs: 13030901
    19:03:19.458 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
    19:03:19.458 Disk 0 Vendor: ST3320418AS CC46 Size: 305245MB BusType: 3
    19:03:19.473 Disk 0 MBR read successfully
    19:03:19.473 Disk 0 MBR scan
    19:03:19.473 Disk 0 Windows VISTA default MBR code
    19:03:19.473 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
    19:03:19.489 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 13118 MB offset 81920
    19:03:19.505 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 292086 MB offset 26947584
    19:03:19.505 Disk 0 scanning C:\Windows\system32\drivers
    19:03:30.144 Service scanning
    19:03:44.839 Modules scanning
    19:03:44.839 Disk 0 trace - called modules:
    19:03:44.886 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
    19:03:44.917 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800336f2d0]
    19:03:44.917 3 CLASSPNP.SYS[fffff880018d343f] -> nt!IofCallDriver -> [0xfffffa8002ee0520]
    19:03:44.933 5 ACPI.sys[fffff88000fa67a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002ef6060]
    19:03:51.407 AVAST engine scan C:\Windows
    19:03:58.754 AVAST engine scan C:\Windows\system32
    19:06:19.435 AVAST engine scan C:\Windows\system32\drivers
    19:06:32.056 AVAST engine scan C:\Users\GEO
    19:07:13.162 AVAST engine scan C:\ProgramData
    19:07:53.098 Scan finished successfully
    19:14:18.122 Disk 0 MBR has been saved successfully to "C:\Users\GEO\Desktop\MBR.dat"
    19:14:18.122 The log file has been saved successfully to "C:\Users\GEO\Desktop\aswMBR.txt"
    the more you make...
    the more they take.

  3. #3
    Join Date
    Jun 2001
    Location
    wi,usa
    Posts
    615
    here's the dds.txt
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.17.2
    Run by GEO at 19:17:25 on 2013-03-09
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.1266 [GMT -6:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\svchost.exe -k apphost
    C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\498\g2ax_service.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\GEEK SQUAD UPS\ppped.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\498\g2ax_comm_customer.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\498\g2ax_system_customer.exe
    C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\498\g2ax_user_customer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Classic Shell\ClassicStartMenu.exe
    C:\Program Files (x86)\Dell V520 Series\DKADGmon.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\GEEK SQUAD UPS\pppeuser.exe
    C:\Program Files (x86)\Dell\ErrorApp\dkab1err.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\notepad.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll
    TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
    EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [PowerPanel Personal Edition User Interaction] "C:\Program Files (x86)\GEEK SQUAD UPS\pppeuser.exe"
    uRun: [DKab1err] "C:\Program Files (x86)\Dell\ErrorApp\DKab1err.exe"
    uRun: [DKADGmon] "C:\Program Files (x86)\Dell V520 Series\DKADGmon.exe"
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [DKADGmon] "C:\Program Files (x86)\Dell V520 Series\DKADGmon.exe"
    mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
    mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
    mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
    IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 192.168.10.1
    TCP: Interfaces\{D60E6F7F-5BF9-4170-BB3E-75223501CECD} : DHCPNameServer = 192.168.10.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
    x64-BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll
    x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
    x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe
    x64-Run: [DKADGmon] "C:\Program Files (x86)\Dell V520 Series\DKADGmon.exe"
    x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
    x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: GoToAssist Express Customer - C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\498\g2ax_winlogonx64.dll
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\GEO\AppData\Roaming\Mozilla\Firefox\Profiles\qt6and8n.default\
    FF - prefs.js: browser.search.selectedEngine - Bing
    FF - prefs.js: browser.startup.homepage - hxxp://www.thefreedictionary.com/
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-8 65336]
    R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-8 178624]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-12-9 55280]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-12 1025808]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-3-12 377920]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-3-12 33400]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-3-12 80816]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-3-8 45248]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
    R2 GoToAssist Remote Support Customer;GoToAssist Remote Support Customer;C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\498\g2ax_service.exe [2013-3-8 611400]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-9 13336]
    R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-9 689472]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2010-12-9 138752]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-12 59392]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-18 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-03-09 17:29:11 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E94AAB00-CA38-4897-8DE2-DD2F860A9D67}\offreg.dll
    2013-03-09 03:13:23 173128 ----a-w- C:\Windows\System32\g2ax_credential_provider64_498.dll
    2013-03-08 20:30:50 -------- d-----w- C:\Users\GEO\AppData\Local\Adobe
    2013-03-08 19:28:20 -------- d-----w- C:\ProgramData\dl_CATS
    2013-03-08 19:02:18 230912 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\DKADGQ4C.DLL
    2013-03-08 19:01:55 230912 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\DKFX1N4C.DLL
    2013-03-08 19:01:21 421888 ----a-w- C:\Windows\SysWow64\lexlog.dll
    2013-03-08 19:01:20 836096 ----a-w- C:\Windows\System32\lexlog.dll
    2013-03-08 19:00:32 -------- d-----w- C:\Users\GEO\AppData\Local\ABBYY
    2013-03-08 19:00:15 -------- d-----w- C:\ProgramData\ABBYY
    2013-03-08 19:00:15 -------- d-----w- C:\Program Files (x86)\Common Files\ABBYY
    2013-03-08 19:00:15 -------- d-----w- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
    2013-03-08 18:59:00 -------- d-----w- C:\ProgramData\gn_Logs
    2013-03-08 18:57:39 -------- d-----w- C:\Program Files (x86)\Dell V520 Series
    2013-03-08 18:56:55 -------- d-----w- C:\Program Files\Dell V520 Series
    2013-03-08 18:55:09 -------- d-----w- C:\ProgramData\ADG
    2013-03-08 17:27:27 -------- d-----w- C:\ProgramData\Licenses
    2013-03-08 17:27:24 129872 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
    2013-03-08 17:27:24 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
    2013-03-08 17:27:23 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
    2013-03-08 16:11:59 178624 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2013-03-08 16:11:58 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
    2013-03-08 15:54:35 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-03-08 15:30:08 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E94AAB00-CA38-4897-8DE2-DD2F860A9D67}\mpengine.dll
    2013-02-22 19:15:02 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-22 19:15:02 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-22 19:12:59 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-02-22 19:12:57 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-02-22 19:12:56 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-02-22 19:12:55 3153408 ----a-w- C:\Windows\System32\win32k.sys
    2013-02-22 19:12:50 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2013-02-22 19:12:49 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-02-22 19:12:49 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-02-22 19:12:48 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-02-22 19:12:48 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-02-22 19:12:45 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-02-22 19:12:13 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-02-22 19:12:12 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2013-02-22 18:58:15 -------- d-----w- C:\Users\GEO\AppData\Roaming\Malwarebytes
    2013-02-22 18:58:01 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-02-22 18:58:00 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-02-22 18:58:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-02-22 18:57:37 -------- d-----w- C:\Users\GEO\AppData\Local\Programs
    2013-02-15 22:31:23 186432 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
    .
    ==================== Find3M ====================
    .
    2013-03-08 15:54:30 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2013-03-08 15:54:30 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2013-03-08 15:36:37 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-03-08 15:36:37 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-03-06 23:33:21 70992 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2013-03-06 23:33:21 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2013-03-06 23:33:20 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2013-03-06 23:32:51 41664 ----a-w- C:\Windows\avastSS.scr
    2013-01-17 07:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
    2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    .
    ============= FINISH: 19:17:50.38 ===============
    here's the attach.txt
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 12/18/2010 3:50:02 PM
    System Uptime: 3/9/2013 6:21:28 PM (1 hours ago)
    .
    Motherboard: Dell Inc. | | 018D1Y
    Processor: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz | CPU 1 | 3003/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 285 GiB total, 245.684 GiB free.
    D: is CDROM ()
    E: is Removable
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP56: 1/12/2013 2:41:40 PM - Installed GEEK SQUAD POWER MANAGEMENT
    RP57: 1/13/2013 6:30:49 PM - Windows Update
    RP58: 1/19/2013 2:35:21 PM - Windows Update
    RP59: 2/22/2013 1:13:12 PM - Windows Update
    RP60: 3/8/2013 9:28:35 AM - Windows Update
    RP61: 3/8/2013 9:54:01 AM - Installed Java 7 Update 17
    RP62: 3/8/2013 10:42:38 AM - Removed HP Update
    RP63: 3/8/2013 10:43:52 AM - Removed Java(TM) 6 Update 31
    .
    ==== Installed Programs ======================
    .
    64 Bit HP CIO Components Installer
    ABBYY FineReader 9.0 Sprint
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.6)
    avast! Free Antivirus
    Classic Shell
    Consumer In-Home Service Agreement
    D3DX10
    Dell DataSafe Local Backup
    Dell DataSafe Local Backup - Support Software
    Dell DataSafe Online
    Dell Dock
    Dell Edoc Viewer
    Dell Getting Started Guide
    Dell V520 Series Uninstaller
    GEEK SQUAD POWER MANAGEMENT
    GoToAssist Customer 1.6.0.498
    Intel(R) Control Center
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Rapid Storage Technology
    Internet Explorer
    Java 7 Update 17
    Java Auto Updater
    Junk Mail filter update
    Malwarebytes Anti-Malware version 1.70.0.1100
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Starter 2010 - English
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Mozilla Firefox 19.0.2 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Realtek High Definition Audio Driver
    Roxio Burn
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Skype Toolbars
    Skype™ 6.0
    SpywareBlaster 5.0
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    WildTangent Games
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/9/2013 6:22:21 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
    3/9/2013 5:54:35 PM, Error: Service Control Manager [7034] - The Dock Login Service service terminated unexpectedly. It has done this 1 time(s).
    .
    ==== End Of File ===========================
    the more you make...
    the more they take.

  4. #4
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Are you having any particular issues except for TFC problem?

    See if you can run TFC from safe mode.

  5. #5
    Join Date
    Jun 2001
    Location
    wi,usa
    Posts
    615
    i have no noticeable problem so far, but hasn't been too long since it crashed. i will get to trying it with safe mode tom. it's getting late here. is possible that a malware could have infiltrated into TFC ? crashes... happened on 2 different computers, dl's within minutes of each other ? i am skeptical and paranoid about it. so will do the drill..all the other sscans if necessary.
    the more you make...
    the more they take.

  6. #6
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Let me know if it runs OK from safe mode first.

  7. #7
    Join Date
    Jun 2001
    Location
    wi,usa
    Posts
    615
    copy that
    the more you make...
    the more they take.

  8. #8
    Join Date
    Jun 2001
    Location
    wi,usa
    Posts
    615
    yay... on the win7--- it worked like it's supposed to in safe mode. i dl'd it from itx instead of geekstogo.
    last evening it did not black out the desktop, it froze the 'puter, .ctrl-alt-delete did not work, or any other commands to get out of it.

    on my own 'puter[the vista]....it blacked out the desktop,and the TFC box dissapeared,
    mouse and keyboard function was gone...had to do the hard restart.

    it hapened on 2 at the same time...coincidence or something worse?
    Last edited by nlday; March 10th, 2013 at 11:47 AM.
    the more you make...
    the more they take.

  9. #9
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I've seen this happening before.

    Download ATF Cleaner by Atribune.

    Double-click ATF-Cleaner.exe to run the program.
    Under Main choose: Select All
    Unselect Cookies.
    Click the Empty Selected button.

    If you use Firefox browser
    Click Firefox at the top and choose: Select All
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    Unselect Cookies.
    Click the Empty Selected button.

    If you use Opera browser
    Click Opera at the top and choose: Select All
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    Unselect Cookies.
    Click the Empty Selected button.

    Click Exit on the Main menu to close the program.

  10. #10
    Join Date
    Apr 2000
    Location
    Sheboygan, WI
    Posts
    53,392
    I, also have seen it happen. Vista was the OS. Ley vista do the repair and all has been fine since then. Just my experience.

  11. #11
    Join Date
    Jun 2001
    Location
    wi,usa
    Posts
    615
    ok. i did the ATF, on the main tab it removed 47mb's.
    there were none removed from firefox..?
    none left in firefox, because TFC removed them ?
    the more you make...
    the more they take.

  12. #12
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    See if TFC will run now, normal or safe mode.

  13. #13
    Join Date
    Jun 2001
    Location
    wi,usa
    Posts
    615
    i'm just checking the win 7. it did work in safe mode,b4. ATF
    so now will do TFC normal mode. crossin all fingers.
    i really don't want another bad shutdown....
    the more you make...
    the more they take.

  14. #14
    Join Date
    Jun 2001
    Location
    wi,usa
    Posts
    615
    TFC did not black out the desktop.
    it did clean out 7 more mb's
    then asked for restart. and restarted ok
    so those other scans not needed at this time? tom, i'll do this drill on my vista.
    the more you make...
    the more they take.

  15. #15
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    You should be good to go

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •