crewst

Members
  • Content count

    7
  • Joined

  • Last visited

About crewst

  • Rank
    New Member
  1. forgot to add.... one of the cleanings I did wiped out antiwpa, so I had to put it back on to get back to normal windows, hence the date is recent. The infection was perhaps a week earlier.
  2. antiwpa was used when the drive died. HP did not send reinstallation disks, and the system recovery partition is gone, given that the drive physically died. The only way to get it back up and running was to find a windows torrent to reinstall. If this renders my issue un-helpable, I understand: rules are rules.
  3. ATTACH . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 7/13/2011 11:33:15 PM System Uptime: 4/17/2012 10:01:45 PM (0 hours ago) . Motherboard: HP | | 3600 Processor: AMD Turion X2 Ultra Dual-Core Mobile ZM-84 | Socket M2/S1G1 | 2300/1800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 298 GiB total, 150.513 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP103: 4/15/2012 1:12:17 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . . ĀµTorrent Adobe AIR Adobe Digital Editions Adobe Flash Player 10 ActiveX Adobe Reader X (10.1.1) AMD USB Audio Driver Filter Apple Application Support Apple Software Update Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish DVD Menu Pack for HP MediaSmart Video ESET Online Scanner v3 GetDataBack for FAT GetDataBack for NTFS HP MediaSmart DVD HP MediaSmart Live TV HP MediaSmart Music HP MediaSmart Photo HP MediaSmart Video HP MediaSmart Webcam HP Product Detection HP Quick Launch Buttons IDT Audio Java 6 Update 15 JMicron JMB38X Flash Media Controller Driver LeapFrog Connect LeapFrog My Pals Plugin LightScribe System Software Logitech Harmony Remote Software Malwarebytes Anti-Malware version 1.61.0.1400 Microsoft Office Standard Edition 2003 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Movie Theme Pack for HP MediaSmart Video Mozilla Firefox 11.0 (x86 en-US) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Picasa 3 QLBCASL QuickTime Realtek USB 2.0 Card Reader Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) TurboTax 2011 TurboTax 2011 WinPerFedFormset TurboTax 2011 WinPerReleaseEngine TurboTax 2011 WinPerTaxSupport TurboTax 2011 wpaiper TurboTax 2011 wrapper Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) Visual Studio 2008 x64 Redistributables VLC media player 1.1.11 . ==== Event Viewer Messages From Past Week ======== . 4/17/2012 9:59:56 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 4/17/2012 8:53:49 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 4/17/2012 8:53:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 4/17/2012 8:53:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 4/17/2012 8:53:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 4/17/2012 8:53:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 4/17/2012 8:53:30 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache SASDIFSV SASKUTIL spldr Wanarpv6 4/15/2012 9:35:13 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding 4/15/2012 1:11:00 AM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0. 4/13/2012 8:15:33 PM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The process cannot access the file because it is being used by another process. . ==== End Of File ===========================
  4. DDS . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_15 Run by TnJ at 22:03:41 on 2012-04-17 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2736 [GMT -4:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\Java\jre6\bin\jusched.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet . ============== Pseudo HJT Report =============== . uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" dRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL Trusted Zone: intuit.com\ttlc DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 71.242.0.12 TCP: Interfaces\{F9B10057-8EEB-46CE-8CD9-30FA8016B119} : DhcpNameServer = 192.168.1.1 71.242.0.12 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\TnJ\AppData\Roaming\Mozilla\Firefox\Profiles\psnh7y4o.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 clwvd;HP Webcam Splitter;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?] R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] . =============== Created Last 30 ================ . 2012-04-08 00:40:39 -------- d-----w- C:\Windows\System32\appmgmt 2012-04-01 22:37:38 9216 ----a-w- C:\Windows\System32\antiwpa.dll 2012-04-01 22:36:54 9216 ----a-w- C:\antiwpa.dll 2012-04-01 21:09:25 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll 2012-04-01 21:09:25 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll 2012-03-19 04:19:08 -------- d-sh--w- C:\$RECYCLE.BIN . ==================== Find3M ==================== . 2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-02-29 00:33:44 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-15 23:39:12 411368 ----a-w- C:\Windows\SysWow64\deploytk.dll . ============= FINISH: 22:06:33.34 ===============
  5. previously run GMER log I am denied access to "keys" I have other logs, but they are not current. Only the above antimalware log is current. GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-03-15 23:05:20 Windows 6.1.7601 Service Pack 1 Running: rootkit detector -- yleotsef.exe ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186bc7417 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186bc7417 (not active ControlSet) ---- EOF - GMER 1.0.15 ----
  6. Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.04.03.04 Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking) Internet Explorer 9.0.8112.16421 TnJ :: TNJ-PC [administrator] 4/2/2012 11:25:58 PM mbam-log-2012-04-02 (23-25-58).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 313148 Time elapsed: 43 minute(s), 7 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  7. Something got past my AVG, and I had Pihar.b, "trojan.agent", Olmark.x, Olmark.awo, Olmark.Af, kryptik.kb, Olmark.ag I thought I had cleaned everything up, but I currently cannot complete a scan with MalwareBytes AntiMalware, and a normal windows login seems to be slow still. Previously I had been unable to ctrl-alt-delete to look for running tasks, browsers were almost stopped complete. As mentioned, currently things seem slow and AntiMalware causes a blue screen if run in normal mode. Safe mode runs fine. Last log I ran to follow....