Go Back   Tech Support Forum > Microsoft Support > Windows 7 Support, Windows Vista Support

Too many files on PC

This is a discussion on Too many files on PC within the Windows 7 Support, Windows Vista Support forums, part of the Tech Support Forum category. I am running MS WIN VISTA HOME PREMIUM SP2 While running my antivirus *Norton 360 Premier Edition* I have noticed


Closed Thread
 
Thread Tools Search this Thread
Old 04-18-2010, 09:28 PM   #1
Registered Member
 
Join Date: Apr 2010
Posts: 5
OS: Windows Vista Home Premium



I am running MS WIN VISTA HOME PREMIUM SP2

While running my antivirus *Norton 360 Premier Edition* I have noticed that it scans over a million "items" I believe that most of these are located here;

C:\ProgramData\MGS\cache\

I would like to know how or if I can safely delete all of these cache files, I could make a batch file for it but that would take a long time, I just really want to get rid of them so that my computer doesn't take over three hours to scan and is back to 1.5 hours or even 2.

Please help!!!

Also when the computer is logged on it gives me this error message saying that "error .DLL unable to find winguc32.rom" I would like to know what's apparently missing from the library or where ever this read only memory was ment to be and how I can fix it please if you can help with that.

__________________
oddysey is offline  
Old 04-19-2010, 03:09 AM   #2
TSF Enthusiast
 
tallin's Avatar
 
Join Date: Apr 2008
Location: Melbourne Victoria Australia
Posts: 983
OS: Windows XP/SP3 Windows 7 SP/1

My System


to TSF,

You have several issues going on here. How to free up space on your Hard Drive.

Please also run SFC /SCANNOW to make sure you have no missing .dll files on your Vista OS.

I suggest also go to Add and Remove and clear out, uninstall any old programs you do not need to free up space on your Hard Drive.
  • Start
  • Control Panel
  • Add and Remove
You may like to use Revo uninstaller to accomplish this as in my opinion it is better than using the Add and Remove utility.

Finally, there are several good cleaning tools for Windows Operating Systems in this link to clear your temporary internet files and more. I suggest you browse it and pick what you like to keep your system running well. All are fine when running Vista.

Reboot after all the above is accomplished and post back with the results thanks....

kind regards,

__________________
tallin is offline  
Old 04-19-2010, 04:22 AM   #3
Registered Member
 
Join Date: Apr 2010
Posts: 5
OS: Windows Vista Home Premium



The cleaner that I got from your link was able to delete approx' 15MB of data in a total of a thousand files. The cmd prompt didn't find anything wrong and as such i am still getting this message;

_________________________________
RunDLL - (Window title)

Error loading winguc32.rom
The specified module could not be found
__________________________________

I had already run disk cleanup as well as removed all programs not in use, how ever they did leave behind many things in C: drive, which I have since deleted, after I had done that the pc appears to be running faster and smoother I also cleared up somewhere between 10-20GB of space

I am now about to run norton and see how it compares to before.
__________________
oddysey is offline  
Old 04-19-2010, 05:38 AM   #4
Moderator Offline
 
Basementgeek's Avatar
 
Join Date: Feb 2005
Location: Ohio, USA
Posts: 11,553
OS: XP Pro SP3/Vista Ultimate SP2/Win7 64 bit



Hi:

Are you sure the error is winguc32.rom ?

BG
__________________

ASAP member since 2006

Four boxes keep us free: the soap box, the ballot box, the jury box, and the cartridge box.

Basementgeek is offline  
Old 04-19-2010, 05:42 AM   #5
Registered Member
 
Join Date: Apr 2010
Posts: 5
OS: Windows Vista Home Premium



Yes I am certain, I have tried google, but have not found a single result that refers to that particular error message
__________________
oddysey is offline  
Old 04-19-2010, 06:25 AM   #6
Moderator Offline
 
Basementgeek's Avatar
 
Join Date: Feb 2005
Location: Ohio, USA
Posts: 11,553
OS: XP Pro SP3/Vista Ultimate SP2/Win7 64 bit



I believe you are infected with something. You got some thing that is looking for this file and probably it no longer exists.

I only found one place in doing a goggle search. The info was from a site I don't know if I trust.

Norton find any problems ?

BG
__________________

ASAP member since 2006

Four boxes keep us free: the soap box, the ballot box, the jury box, and the cartridge box.

Basementgeek is offline  
Old 04-19-2010, 06:30 AM   #7
Registered Member
 
Join Date: Apr 2010
Posts: 5
OS: Windows Vista Home Premium



No none at all though it still finds about a million odd items. I figured something was trying to find something else that was deleted, but I have no idea what either might be. It has been doing this for a month or so but I haven't noticed anything suspicious.


Also, there is another account setup on this pc, albeit an account with parental controls, it doesn't bring up that error message when logging on to that account.
__________________
oddysey is offline  
Old 04-19-2010, 08:44 AM   #8
TSF Enthusiast
 
tallin's Avatar
 
Join Date: Apr 2008
Location: Melbourne Victoria Australia
Posts: 983
OS: Windows XP/SP3 Windows 7 SP/1

My System


I did find a result when researching winguc32.rom.

I would strongly suggest you Read this and follow each and every suggestion to post a thread in the Malware forum to have your system cleared of any infections by the experts.

If you are unable to complete any of the instructions, proceed onto the next. Please have patience as the Malware infection forum is always busy, but an expert will pick up your log as soon as possible.

kind regards,
__________________
tallin is offline  
Old 04-20-2010, 02:36 AM   #9
Registered Member
 
Join Date: Apr 2010
Posts: 5
OS: Windows Vista Home Premium



Alright, I read everything in that link, but I couldn't figure out how to post to the malware forum, I'm sorry.
GMER was unable to find any system modifications. But it didn't produce a log.
However the results I have are as follows;

Code:
DDS (Ver_10-03-17.01) - NTFSX64  
Run by stormii at 14:45:44.50 on Tue 20/04/2010
Internet Explorer: 8.0.6001.18904
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.61.1033.18.1912.685 [GMT -7:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agr64svc.exe
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Norton 360 Premier Edition\Engine\4.1.0.32\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\TOSHIBA\rselect\RSelSvc.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\SPAMfighter\sfus.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Norton 360 Premier Edition\Engine\4.1.0.32\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\p2phost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Windows\ehome\ehRecvr.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\SPAMfighter\SFAgent.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Dodo Wireless Broadband\Dodo Wireless Broadband.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\stormii\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://google.mini20.com
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHN&bmod=TSHN
mStart Page = hxxp://home.ez-tracks.com/?fromOMB=1
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHN&bmod=TSHN
mLocal Page = c:\windows\syswow64\blank.htm
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files (x86)\norton 360 premier edition\engine\4.1.0.32\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files (x86)\norton 360 premier edition\engine\4.1.0.32\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: D: {78dd7dc7-ae58-3848-bdbd-19ae1a1224cc} - c:\windows\syswow64\xwr29425.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files (x86)\norton 360 premier edition\engine\4.1.0.32\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [CollaborationHost] c:\windows\system32\p2phost.exe -s
uRun: [MSSMSGS] rundll32.exe winguc32.rom,YDjTkYrEWc
uRun: [WMPNSCFG] c:\program files (x86)\windows media player\WMPNSCFG.exe
mRun: [HWSetup] "c:\program files\toshiba\utilities\HWSetup.exe" hwSetUP
mRun: [SVPWUTIL] "c:\program files (x86)\toshiba\utilities\SVPWUTIL.exe" SVPwUTIL
mRun: [KeNotify] "c:\program files (x86)\toshiba\utilities\KeNotify.exe"
mRun: [ToshibaServiceStation] "c:\program files (x86)\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60
mRun: [NDSTray.exe] "c:\program files (x86)\toshiba\configfree\NDSTray.exe"
mRun: [cfFncEnabler.exe] "c:\program files (x86)\toshiba\configfree\cfFncEnabler.exe"
mRun: [TWebCamera] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [SPAMfighter Agent] "c:\program files (x86)\spamfighter\SFAgent.exe" update delay 60
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files (x86)\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [Error Nuker] c:\program files (x86)\error nuker\bin\ErrorNuker.exe autostart
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: hotmail.com\www
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files%20(x86)/Azada/Images/armhelper.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {BD0075D3-00CC-4DD1-9C59-CB7A8B1FFC93} = 202.136.43.240 202.136.43.241
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg64.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [(Default)] 
mRun-x64: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun-x64: [Persistence] c:\windows\system32\igfxpers.exe
mRun-x64: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun-x64: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun-x64: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun-x64: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe
mRun-x64: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun-x64: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun-x64: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
mRun-x64: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
mRun-x64: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosSENotify.exe
mRun-x64: [TPCHWMsg] %ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [WPCUMI] c:\windows\system32\WpcUmi.exe
IE-X64: {    c:\microgaming\casino\casinoshare\Casinogame.exe
IE-X64: {293C1FD5-9565-4177-A80E-55513FBCA754} - c:\microgaming\casino\platinumplay\casinogame.exe
IE-X64: {617C68C5-BE40-4ADB-86EB-AA50D6002E7F} - c:\microgaming\casino\roxypalace\casinogame.exe
IE-X64: {688510C7-57D3-4A18-BB3B-6E6FDF617685} - c:\microgaming\casino\luckyemperor\casinogame.exe
IE-X64: {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - http://www.intercasino.com

================= FIREFOX ===================

FF - ProfilePath - c:\users\stormii\appdata\roaming\mozilla\firefox\profiles\fn22f07m.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\picasa2\npPicasa2.dll
FF - plugin: c:\program files (x86)\picasa2\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360x64\0401000.020\symds64.sys [2010-4-13 433200]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360x64\0401000.020\symefa64.sys [2010-4-13 221232]
R0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\drivers\tos_sps64.sys [2009-10-10 504912]
R1 BHDrvx64;BHDrvx64;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20100324.001\BHDrvx64.sys [2010-3-24 678960]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360x64\0401000.020\cchpx64.sys [2010-4-13 615040]
R1 IDSVia64;IDSVia64;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20100415.001\IDSviA64.sys [2010-4-17 466992]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\drivers\RtlProt.sys [2009-10-10 31016]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360x64\0401000.020\ironx64.sys [2010-4-13 149552]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360x64\0401000.020\symtdiv.sys [2010-4-13 451120]
R2 camsvc;TOSHIBA Web Camera Service;c:\program files (x86)\toshiba\toshiba web camera application\TWebCameraSrv.exe [2009-10-10 20544]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\toshiba\configfree\CFProcSRVC.exe [2009-3-6 36864]
R2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
R2 N360;Norton 360;c:\program files (x86)\norton 360 premier edition\engine\4.1.0.32\ccsvchst.exe [2010-4-13 126392]
R2 RSELSVC;TOSHIBA Modem region select service;c:\program files\toshiba\rselect\RSelSvc.exe [2009-2-19 55808]
R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files (x86)\spamfighter\sfus.exe [2009-8-27 189064]
R2 TMachInfo;TMachInfo;c:\program files (x86)\toshiba\toshiba service station\TMachInfo.exe [2009-10-10 62776]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-4-14 251392]
R2 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-3-17 84480]
R2 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-4-9 803696]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-3-23 14472]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-10-22 132656]
R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2009-10-10 32832]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2009-10-10 415232]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-1-31 135664]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-12-7 89920]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-20 19968]

============== File Associations ===============

JSEFile=c:\windows\syswow64\WScript.exe "%1" %*

=============== Created Last 30 ================

2010-04-20 03:20:57	0	d-----w-	c:\program files (x86)\CleanUp!
2010-04-19 20:28:28	0	d-----w-	c:\users\stormii\appdata\roaming\EnchantedCavern
2010-04-18 03:58:02	65536	--sha-w-	c:\users\stormii\NTUSER.DAT{763d1993-4a9e-11df-b429-00225fbeebaa}.TM.blf
2010-04-18 03:58:02	524288	--sha-w-	c:\users\stormii\NTUSER.DAT{763d1993-4a9e-11df-b429-00225fbeebaa}.TMContainer00000000000000000002.regtrans-ms
2010-04-18 03:58:02	524288	--sha-w-	c:\users\stormii\NTUSER.DAT{763d1993-4a9e-11df-b429-00225fbeebaa}.TMContainer00000000000000000001.regtrans-ms
2010-04-17 23:50:27	691712	----a-w-	c:\windows\system32\drivers\mod7700.sys
2010-04-17 23:50:27	29696	----a-w-	c:\windows\system32\drivers\ewdcsc.sys
2010-04-17 23:50:27	132608	----a-w-	c:\windows\system32\drivers\ewusbnet.sys
2010-04-17 23:50:27	116864	----a-w-	c:\windows\system32\drivers\ewusbmdm.sys
2010-04-17 23:50:27	116224	----a-w-	c:\windows\system32\drivers\ewusbfake.sys
2010-04-17 19:45:10	0	d-----w-	c:\program files (x86)\SlotsOfFortune
2010-04-16 22:56:03	0	d-----w-	c:\users\stormii\appdata\roaming\Tific
2010-04-15 13:02:05	0	d-----w-	c:\program files (x86)\VegasSky
2010-04-15 00:20:09	4697992	----a-w-	c:\windows\system32\ntoskrnl.exe
2010-04-14 20:08:39	0	d-----w-	c:\program files (x86)\Net-Games.biz
2010-04-14 18:15:45	1427336	----a-w-	c:\windows\system32\drivers\tcpip.sys
2010-04-14 18:15:44	29696	----a-w-	c:\windows\system32\drivers\tunnel.sys
2010-04-14 18:15:44	225280	----a-w-	c:\windows\system32\iphlpsvc.dll
2010-04-14 18:09:35	273920	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2010-04-14 18:09:35	135680	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2010-04-14 18:09:35	106496	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2010-04-14 18:03:58	612864	----a-w-	c:\windows\system32\vbscript.dll
2010-04-14 18:03:58	420352	----a-w-	c:\windows\syswow64\vbscript.dll
2010-04-14 18:03:41	62464	----a-w-	c:\windows\syswow64\l3codeca.acm
2010-04-14 18:03:40	72192	----a-w-	c:\windows\system32\l3codeca.acm
2010-04-14 18:03:40	220672	----a-w-	c:\windows\syswow64\l3codecp.acm
2010-04-14 18:03:40	181760	----a-w-	c:\windows\system32\l3codecp.acm
2010-04-14 17:59:01	218624	----a-w-	c:\windows\system32\wintrust.dll
2010-04-14 17:59:01	172032	----a-w-	c:\windows\syswow64\wintrust.dll
2010-04-14 17:59:00	98304	----a-w-	c:\windows\syswow64\cabview.dll
2010-04-14 17:59:00	104960	----a-w-	c:\windows\system32\cabview.dll
2010-04-14 02:20:35	0	d-----w-	c:\users\stormii\appdata\roaming\ElementalsTheMagicKey
2010-04-14 01:44:06	0	d-----w-	c:\users\stormii\appdata\roaming\Enchanted Katya
2010-03-24 04:22:01	0	d-----w-	c:\users\stormii\appdata\roaming\Digsby
2010-03-24 04:22:01	0	d-----w-	c:\programdata\Digsby
2010-03-24 04:19:43	0	d-----w-	c:\program files (x86)\Digsby

==================== Find3M  ====================

2010-04-17 23:50:27	86016	----a-w-	c:\windows\inf\infstor.dat
2010-04-17 23:50:27	51200	----a-w-	c:\windows\inf\infpub.dat
2010-04-17 23:50:27	143360	----a-w-	c:\windows\inf\infstrng.dat
2010-04-13 12:25:52	854	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.INF
2010-04-13 12:25:52	7440	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.CAT
2010-04-13 12:25:52	173104	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
2010-03-19 01:24:47	0	---ha-w-	c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-03-19 01:04:30	0	---ha-w-	c:\windows\system32\drivers\Msft_Kernel_motmodem_01007.Wdf
2010-02-23 07:03:02	1147904	----a-w-	c:\windows\system32\wininet.dll
2010-02-23 06:57:40	132096	----a-w-	c:\windows\system32\iesysprep.dll
2010-02-23 06:57:39	77312	----a-w-	c:\windows\system32\iesetup.dll
2010-02-23 06:39:13	916480	----a-w-	c:\windows\syswow64\wininet.dll
2010-02-23 06:39:00	1209344	----a-w-	c:\windows\syswow64\urlmon.dll
2010-02-23 06:37:26	206848	----a-w-	c:\windows\syswow64\occache.dll
2010-02-23 06:35:21	611840	----a-w-	c:\windows\syswow64\mstime.dll
2010-02-23 06:34:51	5944832	----a-w-	c:\windows\syswow64\mshtml.dll
2010-02-23 06:34:49	594432	----a-w-	c:\windows\syswow64\msfeeds.dll
2010-02-23 06:34:49	55296	----a-w-	c:\windows\syswow64\msfeedsbs.dll
2010-02-23 06:34:06	25600	----a-w-	c:\windows\syswow64\jsproxy.dll
2010-02-23 06:33:45	71680	----a-w-	c:\windows\syswow64\iesetup.dll
2010-02-23 06:33:45	1985536	----a-w-	c:\windows\syswow64\iertutil.dll
2010-02-23 06:33:45	164352	----a-w-	c:\windows\syswow64\ieui.dll
2010-02-23 06:33:45	109056	----a-w-	c:\windows\syswow64\iesysprep.dll
2010-02-23 06:33:44	55808	----a-w-	c:\windows\syswow64\iernonce.dll
2010-02-23 06:33:44	184320	----a-w-	c:\windows\syswow64\iepeers.dll
2010-02-23 06:33:44	11070976	----a-w-	c:\windows\syswow64\ieframe.dll
2010-02-23 06:33:38	387584	----a-w-	c:\windows\syswow64\iedkcs32.dll
2010-02-23 05:19:22	162816	----a-w-	c:\windows\system32\ieUnatt.exe
2010-02-23 04:55:36	133632	----a-w-	c:\windows\syswow64\ieUnatt.exe
2010-02-23 04:55:24	173056	----a-w-	c:\windows\syswow64\ie4uinit.exe
2010-02-23 04:54:43	13312	----a-w-	c:\windows\syswow64\msfeedssync.exe
2010-02-20 23:15:56	32768	----a-w-	c:\windows\system32\nshhttp.dll
2010-02-20 23:14:20	33792	----a-w-	c:\windows\system32\httpapi.dll
2010-02-20 23:06:41	24064	----a-w-	c:\windows\syswow64\nshhttp.dll
2010-02-20 23:05:14	30720	----a-w-	c:\windows\syswow64\httpapi.dll
2010-02-20 21:30:08	620032	----a-w-	c:\windows\system32\drivers\http.sys
2010-02-16 15:20:14	176128	----a-w-	c:\windows\syswow64\xwr29425.dll
2010-02-16 15:20:14	176128	----a-w-	c:\windows\syswow64\wr29425.dll
2010-02-16 15:20:12	48793390	----a-w-	c:\windows\syswow64\xa86889062.exe
2010-02-16 15:20:12	48793390	----a-w-	c:\windows\syswow64\xa86887892.exe
2010-01-25 12:10:22	538624	----a-w-	c:\windows\system32\secproc_isv.dll
2010-01-25 12:10:22	160768	----a-w-	c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:10:22	160768	----a-w-	c:\windows\system32\secproc_ssp.dll
2010-01-25 12:10:03	539136	----a-w-	c:\windows\system32\secproc.dll
2010-01-25 12:08:59	460288	----a-w-	c:\windows\system32\msdrm.dll
2010-01-25 12:00:35	471552	----a-w-	c:\windows\syswow64\secproc_isv.dll
2010-01-25 12:00:35	152576	----a-w-	c:\windows\syswow64\secproc_ssp_isv.dll
2010-01-25 12:00:35	152064	----a-w-	c:\windows\syswow64\secproc_ssp.dll
2010-01-25 12:00:22	471552	----a-w-	c:\windows\syswow64\secproc.dll
2010-01-25 11:58:52	332288	----a-w-	c:\windows\syswow64\msdrm.dll
2010-01-25 08:29:35	413696	----a-w-	c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:29:31	600576	----a-w-	c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:29:31	409600	----a-w-	c:\windows\system32\RMActivate_ssp.exe
2010-01-25 08:29:28	599552	----a-w-	c:\windows\system32\RMActivate.exe
2010-01-25 08:21:20	526336	----a-w-	c:\windows\syswow64\RMActivate_isv.exe
2010-01-25 08:21:20	346624	----a-w-	c:\windows\syswow64\RMActivate_ssp_isv.exe
2010-01-25 08:21:18	518144	----a-w-	c:\windows\syswow64\RMActivate.exe
2010-01-25 08:21:18	347136	----a-w-	c:\windows\syswow64\RMActivate_ssp.exe
2010-01-23 09:44:17	2048	----a-w-	c:\windows\system32\tzres.dll
2010-01-23 09:26:13	2048	----a-w-	c:\windows\syswow64\tzres.dll
2009-12-09 14:57:28	665600	----a-w-	c:\windows\inf\drvindex.dat
2008-01-21 03:21:59	174	--sha-w-	c:\program files\desktop.ini
2008-01-21 03:21:59	174	--sha-w-	c:\program files (x86)\desktop.ini
2006-11-02 15:14:56	30674	----a-w-	c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56	30674	----a-w-	c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56	287440	----a-w-	c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56	287440	----a-w-	c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12	287440	----a-w-	c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12	287440	----a-w-	c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10	30674	----a-w-	c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10	30674	----a-w-	c:\windows\inf\perflib\0000\perfc.dat
2009-10-17 01:06:05	245760	--sha-w-	c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH: 14:48:45.32 ===============
Attached Files
File Type: rar Attach.rar (2.3 KB, 2 views)
__________________
oddysey is offline  
Old 04-20-2010, 09:05 AM   #10
Team Manager, Microsoft Support
Microsoft MVP
BSOD Kernel Dump Expert
 
jcgriff2's Avatar

Microsoft Most Valuable Professional
 
Join Date: Sep 2007
Location: BSOD CENTRAL
Posts: 30,492
OS: Windows 8.1, 7 + Windbg :)



Quote:
Originally Posted by tallin View Post
I did find a result when researching winguc32.rom.

I would strongly suggest you Read this and follow each and every suggestion to post a thread in the Malware forum to have your system cleared of any infections by the experts.

If you are unable to complete any of the instructions, proceed onto the next. Please have patience as the Malware infection forum is always busy, but an expert will pick up your log as soon as possible.

kind regards,
Please follow the instructions as tallin provided. Your DDS/ other logs are to be posted in the Security Forum... not here in Windows 7/ Vista Support.

This thread is now closed.

jcgriff2

.

jcgriff2 is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2


All times are GMT -7. The time now is 01:07 PM.


Copyright 2001 - 2014, Tech Support Forum

Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts