We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
PC not saving changes & BSOD
Comments
-
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7600.16869
Run by john and nikki at 21:08:50 on 2013-06-19
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.2013.1058 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Norton AntiVirus *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Norton AntiVirus *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: AVG update module *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ca4025c68f96926d\STacSV.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
C:\Program Files\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\The TechGuys\Launch\Launch.exe
C:\Program Files\OEM\DSG OSD 1.01\SunflowerOSD.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
uWindow Title = Internet Explorer, optimized for Bing and MSN
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: <No Name>: {00A6FAF6-072E-44cf-8957-5838F569A31D} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
BHO: MyWebSearch Search Assistant BHO: {00A6FAF1-072E-44cf-8957-5838F569A31D} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
BHO: mwsBar BHO: {07B18EA1-A523-4961-B6BB-170DE4475CCA} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton antivirus\engine\18.7.1.3\ips\ipsbho.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.2.0.5\AVG Secure Search_toolbar.dll
BHO: DealPly: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - c:\program files\dealply\DealPlyIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.2.0.5\AVG Secure Search_toolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Reminder] c:\program files\ttg\reminder\Reminder.exe
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Recovery Backup Wizard] c:\program files\ttg\reminder\Reminder.exe
uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [SpeetItUpFree] "c:\program files\speeditup free\speeditupfree.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\launch.lnk - c:\windows\installer\{4a65dad2-e914-4923-9c2a-81b968a68ce2}\_A685CC3126A7CC37D335DE.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\osd.lnk - c:\windows\installer\{1c91f8f0-36cc-4c58-bdb3-66f0eeef92a1}\_693B294D31BEF0AFC52D71.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{1A7A4CDA-F3C7-4FC3-8F4A-5DC38EC101E2} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{1A7A4CDA-F3C7-4FC3-8F4A-5DC38EC101E2}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1 194.168.4.100 194.168.8.100
TCP: Interfaces\{1A7A4CDA-F3C7-4FC3-8F4A-5DC38EC101E2}\6796277696E6D65646961693530363630333 : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{1A7A4CDA-F3C7-4FC3-8F4A-5DC38EC101E2}\A6F686E616E646E696B6B696132333 : DHCPNameServer = 192.168.0.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.2.0\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1207010.003\symds.sys [2012-4-5 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1207010.003\symefa.sys [2012-4-5 744568]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-3-29 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-1-7 37664]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.6.0.29\definitions\bashdefs\20121130.005\BHDrvx86.sys [2012-12-3 995488]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.6.0.29\definitions\ipsdefs\20121204.001\IDSvix86.sys [2012-12-5 386720]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1207010.003\ironx86.sys [2012-4-5 136312]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\nav\1207010.003\symnets.sys [2012-4-5 299640]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-4-25 4936752]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-6-1 13336]
R2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\2.bin\mwssvc.exe [2011-4-9 28762]
R2 NAV;Norton AntiVirus;c:\program files\norton antivirus\engine\18.7.1.3\ccsvchst.exe [2012-4-5 130008]
R2 SoilIO;SoilIO;c:\windows\system32\drivers\SoilIO.sys [2009-12-4 16248]
R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.2.0\ToolbarUpdater.exe [2013-5-12 1015984]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-9 106656]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2010-6-1 127600]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:\windows\system32\drivers\JME.sys [2010-6-1 98928]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-6-1 1006624]
R3 soilkbc;soilkbc;c:\windows\system32\drivers\Soilkbc.sys [2009-12-4 10744]
R3 SoilMC;SoilMC;c:\windows\system32\drivers\SoilMC.sys [2009-12-4 10616]
S2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2013-2-19 1418184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-11 1343400]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-05-12 09:58:49 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-03-29 01:53:48 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
.
============= FINISH: 21:11:49.37 ===============Never argue with stupid people, they will drag you down to their level and then beat you with experience.- Mark TwainArguing with idiots is like playing chess with a pigeon: no matter how good you are at chess, its just going to knock over the pieces and strut around like its victorious.0 -
Who'd have thought it, Norton being so difficult. Quick question - can you access the NAV gui?0
-
Yes; but as its expired, I can't actually do anythingNever argue with stupid people, they will drag you down to their level and then beat you with experience.- Mark TwainArguing with idiots is like playing chess with a pigeon: no matter how good you are at chess, its just going to knock over the pieces and strut around like its victorious.0
-
Can you turn off the tamper protection?
https://support.norton.com/sp/en/us/home/current/solutions/v45039253_NAV_Retail_2013_en_us
If it refuses you best bet is to backup and restore/reinstall.0 -
Nope; 'settings' is greyed.Never argue with stupid people, they will drag you down to their level and then beat you with experience.- Mark TwainArguing with idiots is like playing chess with a pigeon: no matter how good you are at chess, its just going to knock over the pieces and strut around like its victorious.0
-
Backup & restore/reinstall.0
-
Yeah; looking like reinstall will be the only option. Great!Never argue with stupid people, they will drag you down to their level and then beat you with experience.- Mark TwainArguing with idiots is like playing chess with a pigeon: no matter how good you are at chess, its just going to knock over the pieces and strut around like its victorious.0
-
This virus is some serious piece of s@#t!
I can't even delete the HDD partitions; they just reappear!Never argue with stupid people, they will drag you down to their level and then beat you with experience.- Mark TwainArguing with idiots is like playing chess with a pigeon: no matter how good you are at chess, its just going to knock over the pieces and strut around like its victorious.0 -
I don't think it's infected.
How are you reinstalling? Malware will run within windows, but if windows isn't running, then neither is any malware.
The BSoD's are probably down to kernel components from both AVG and Norton running and conflicting.
Mbam will have been detecting MyWebSearch & DealPly. It's failure to complete could be down to disk corruption caused by the crashes.0 -
I don't think it's infected.
How are you reinstalling? Malware will run within windows, but if windows isn't running, then neither is any malware.
The BSoD's are probably down to kernel components from both AVG and Norton running and conflicting.
Mbam will have been detecting MyWebSearch & DealPly. It's failure to complete could be down to disk corruption caused by the crashes.
Obviously it can't be running; but whatever its done has made a right mess.Never argue with stupid people, they will drag you down to their level and then beat you with experience.- Mark TwainArguing with idiots is like playing chess with a pigeon: no matter how good you are at chess, its just going to knock over the pieces and strut around like its victorious.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.2K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.2K Work, Benefits & Business
- 600.9K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards