Jump to content

Alliance_Brewer

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Alliance_Brewer
    RogueKiller V8.6.7 [Aug 28 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : Amy [Admin rights] Mode : Scan -- Date : 08/28/2013 21:08:41 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 9 ¤¤¤ [RUN][sUSP PATH] HKUS\.DEFAULT\[...]\Run : mnigfiu (rundll32 "C:\Windows\system32\config\systemprofile\AppData\Local\mnigfiu.dll",mnigfiu [x][-][x]) -> FOUND [RUN][sUSP PATH] HKUS\.DEFAULT\[...]\Run : Google (rundll32 "C:\Users\Amy\AppData\Local\Microsoft Games\Google\dhlablbh.dll",DllRegisterServer [x][x][x]) -> FOUND [RUN][sUSP PATH] HKUS\.DEFAULT\[...]\Run : (C:\Windows\system32\config\systemprofile\AppData\Roaming\taskmrg.exe [-]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-18\[...]\Run : mnigfiu (rundll32 "C:\Windows\system32\config\systemprofile\AppData\Local\mnigfiu.dll",mnigfiu [x][-][x]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-18\[...]\Run : Google (rundll32 "C:\Users\Amy\AppData\Local\Microsoft Games\Google\dhlablbh.dll",DllRegisterServer [x][x][x]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-18\[...]\Run : (C:\Windows\system32\config\systemprofile\AppData\Roaming\taskmrg.exe [-]) -> FOUND [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 2 ¤¤¤ [V1][sUSP PATH] EasyShare Registration Task.job : C:\Windows\system32\rundll32.exe - C:\PROGRA~2\Kodak\EasyShareSetup\$REGIS~1\Registration_8.2.30.1.sxt _RegistrationOffer@16 [-][-][x] -> FOUND [V2][sUSP PATH] EasyShare Registration Task : C:\Windows\system32\rundll32.exe - C:\PROGRA~2\Kodak\EasyShareSetup\$REGIS~1\Registration_8.2.30.1.sxt _RegistrationOffer@16 [-][-][x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ [Address] SSDT[13] : NtAlertResumeThread @ 0x83127DF3 -> HOOKED (Unknown @ 0x874B01F0) [Address] SSDT[14] : NtAlertThread @ 0x8307ACB7 -> HOOKED (Unknown @ 0x874B02D0) [Address] SSDT[19] : NtAllocateVirtualMemory @ 0x83073CAC -> HOOKED (Unknown @ 0x87C015B8) [Address] SSDT[22] : NtAlpcConnectPort @ 0x830BF576 -> HOOKED (Unknown @ 0x874BB608) [Address] SSDT[43] : NtAssignProcessToJobObject @ 0x830490BA -> HOOKED (Unknown @ 0x874AE958) [Address] SSDT[66] : NtCreateFile @ 0x83099460 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F0F9DC) [Address] SSDT[74] : NtCreateMutant @ 0x8305A348 -> HOOKED (Unknown @ 0x874AEF00) [Address] SSDT[86] : NtCreateSymbolicLinkObject @ 0x8304B9C2 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F0FDBA) [Address] SSDT[87] : NtCreateThread @ 0x8312602A -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F10102) [Address] SSDT[88] : NtCreateThreadEx @ 0x830BA483 -> HOOKED (Unknown @ 0x87C01F70) [Address] SSDT[96] : NtDebugActiveProcess @ 0x830F7EB2 -> HOOKED (Unknown @ 0x874AEA38) [Address] SSDT[103] : NtDeleteKey @ 0x83035A46 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F10476) [Address] SSDT[106] : NtDeleteValueKey @ 0x8302744F -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F10544) [Address] SSDT[107] : NtDeviceIoControlFile @ 0x830BD727 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F10690) [Address] SSDT[111] : NtDuplicateObject @ 0x8307B751 -> HOOKED (Unknown @ 0x874AE1C0) [Address] SSDT[131] : NtFreeVirtualMemory @ 0x82F0282C -> HOOKED (Unknown @ 0x87C01390) [Address] SSDT[145] : NtImpersonateAnonymousToken @ 0x8303F95E -> HOOKED (Unknown @ 0x874AEFD0) [Address] SSDT[147] : NtImpersonateThread @ 0x830C396A -> HOOKED (Unknown @ 0x874B0110) [Address] SSDT[155] : NtLoadDriver @ 0x8300FC2E -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F12062) [Address] SSDT[168] : NtMapViewOfSection @ 0x830905E1 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F12480) [Address] SSDT[177] : NtOpenEvent @ 0x83059D44 -> HOOKED (Unknown @ 0x874AEE20) [Address] SSDT[179] : NtOpenFile @ 0x8307BD71 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F12798) [Address] SSDT[182] : NtOpenKey @ 0x830958C2 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F12962) [Address] SSDT[190] : NtOpenProcess @ 0x8305BB8F -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F12974) [Address] SSDT[191] : NtOpenProcessToken @ 0x830AE357 -> HOOKED (Unknown @ 0x874AE0E0) [Address] SSDT[194] : NtOpenSection @ 0x830B39D3 -> HOOKED (Unknown @ 0x874AEC60) [Address] SSDT[198] : NtOpenThread @ 0x830A80DE -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F1303E) [Address] SSDT[215] : NtProtectVirtualMemory @ 0x8308C641 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F130D2) [Address] SSDT[269] : NtQueueApcThread @ 0x83045E3E -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F130E4) [Address] SSDT[304] : NtResumeThread @ 0x830BA6AA -> HOOKED (Unknown @ 0x874B03B0) [Address] SSDT[312] : NtSecureConnectPort @ 0x830A8113 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F133E6) [Address] SSDT[316] : NtSetContextThread @ 0x8312789F -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F13452) [Address] SSDT[333] : NtSetInformationProcess @ 0x83082865 -> HOOKED (Unknown @ 0x87C010C0) [Address] SSDT[350] : NtSetSystemInformation @ 0x8309836A -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F1378A) [Address] SSDT[358] : NtSetValueKey @ 0x830545F4 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F137F4) [Address] SSDT[366] : NtSuspendProcess @ 0x83127D2F -> HOOKED (Unknown @ 0x874AED40) [Address] SSDT[367] : NtSuspendThread @ 0x830DF1A3 -> HOOKED (Unknown @ 0x874B0490) [Address] SSDT[370] : NtTerminateProcess @ 0x830A4D76 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F13BC6) [Address] SSDT[371] : unknown @ 0x830C26A3 -> HOOKED (Unknown @ 0x874B0570) [Address] SSDT[385] : NtUnmapViewOfSection @ 0x830AE992 -> HOOKED (Unknown @ 0x87C011B0) [Address] SSDT[399] : NtWriteVirtualMemory @ 0x830A9A73 -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F15CBA) [Address] Shadow SSDT[7] : NtGdiAlphaBlend -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F109BA) [Address] Shadow SSDT[14] : NtGdiBitBlt -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F10CD2) [Address] Shadow SSDT[125] : NtGdiDeleteObjectApp -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F10FE4) [Address] Shadow SSDT[200] : NtGdiGetPixel -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F10FFE) [Address] Shadow SSDT[237] : NtGdiMaskBlt -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F11324) [Address] Shadow SSDT[243] : NtGdiOpenDCW -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F1163C) [Address] Shadow SSDT[247] : NtGdiPlgBlt -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F11716) [Address] Shadow SSDT[302] : NtGdiStretchBlt -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F11A38) [Address] Shadow SSDT[308] : NtGdiTransparentBlt -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F11D4E) [Address] Shadow SSDT[318] : NtUserAttachThreadInput -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F13C36) [Address] Shadow SSDT[402] : NtUserGetAsyncKeyState -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F13FA8) [Address] Shadow SSDT[406] : NtUserGetClassInfoEx -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F142C4) [Address] Shadow SSDT[434] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x8808FCE0) [Address] Shadow SSDT[436] : NtUserGetKeyState -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F14740) [Address] Shadow SSDT[448] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x8809B188) [Address] Shadow SSDT[490] : NtUserMessageCall -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F14A54) [Address] Shadow SSDT[508] : NtUserPostMessage -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F14D68) [Address] Shadow SSDT[509] : NtUserPostThreadMessage -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F14DDE) [Address] Shadow SSDT[524] : NtUserRegisterRawInputDevices -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F14DF0) [Address] Shadow SSDT[536] : NtUserSendInput -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F151F4) [Address] Shadow SSDT[544] : NtUserSetClipboardViewer -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F15538) [Address] Shadow SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F15B2E) [Address] Shadow SSDT[588] : NtUserSetWinEventHook -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F1580E) [Address] Shadow SSDT[607] : NtUserUnhookWindowsHookEx -> HOOKED (C:\Windows\System32\drivers\AntiLog32.sys @ 0x95F15C98) ¤¤¤ External Hives: ¤¤¤ -> E:\windows\system32\config\SYSTEM | DRVINFO [Drv - E:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> E:\windows\system32\config\SOFTWARE | DRVINFO [Drv - E:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> E:\windows\system32\config\SECURITY | DRVINFO [Drv - E:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> E:\windows\system32\config\SAM | DRVINFO [Drv - E:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> E:\windows\system32\config\DEFAULT | DRVINFO [Drv - E:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> E:\Users\Default\NTUSER.DAT | DRVINFO [Drv - E:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK2565GSX +++++ --- User --- [MBR] 0b255272e157ed401c92c73117767ca8 [bSP] 0275bb52c3d6eab85416b27bfc856294 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 62 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 129024 | Size: 15360 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31586304 | Size: 223051 Mo User != LL1 ... KO! --- LL1 --- [MBR] f97c2b23f7278b2595e06350008b61d8 [bSP] b9ffc68348249bfe1743aedd7f650d31 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 62 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 129024 | Size: 15360 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31586304 | Size: 223051 Mo User != LL2 ... KO! --- LL2 --- [MBR] f97c2b23f7278b2595e06350008b61d8 [bSP] b9ffc68348249bfe1743aedd7f650d31 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 62 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 129024 | Size: 15360 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31586304 | Size: 223051 Mo Finished : << RKreport[0]_S_08282013_210841.txt >> RKreport[0]_S_08282013_210612.txt
  2. Alliance_Brewer
    Thanks. Here's the 2 DDS reports. Rogue to follow. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16660 Run by Amy at 20:33:09 on 2013-08-28 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3032.1191 [GMT -4:00] . AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\STacSV.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\conhost.exe C:\Program Files\24x7Help\App24x7Svc.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\aestsrv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe C:\Program Files\Flip Video\FlipShare\FlipShareService.exe C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files\Norton Family\Engine\2.8.0.14\ccSvcHst.exe C:\Program Files\FS\Spyro Portal\FlashPortal.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\System32\WLTRYSVC.EXE C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\bcmwltry.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\DellTPad\Apoint.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Constant Guard Protection Suite\IDVault.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files\Norton Family\Engine\2.8.0.14\ccSvcHst.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\conhost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k SDRSVC . ============== Pseudo HJT Report =============== . BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\20.4.0.40\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\20.4.0.40\ips\ipsbho.dll BHO: Window Shopper: {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Constant Guard Protection Suite: {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - c:\programdata\white sky, inc\id vault\iebho1.13.820.2\NativeBHO.dll BHO: Norton Family BHO: {B8E07826-0971-4f16-B133-047B88034E89} - c:\program files\norton family\engine\2.8.0.14\coieplg.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.6.0_22\bin\jp2ssv.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\20.4.0.40\coieplg.dll uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe" -s uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe mRun: [Apoint] c:\program files\delltpad\Apoint.exe mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe" mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jaureg.exe" -u auto-update mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Wondershare Helper Compact] "c:\program files\common files\wondershare\wondershare helper compact\WSHelper.exe" dRun: [mnigfiu] rundll32 "c:\windows\system32\config\systemprofile\appdata\local\mnigfiu.dll",mnigfiu dRun: [Google] rundll32 "c:\users\amy\appdata\local\microsoft games\google\dhlablbh.dll",DllRegisterServer dRun: [] c:\windows\system32\config\systemprofile\appdata\roaming\taskmrg.exe StartupFolder: c:\users\amy\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe StartupFolder: c:\users\amy\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~2.lnk - c:\program files\openoffice.org 3\program\quickstart.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\consta~1.lnk - c:\program files\constant guard protection suite\IDVault.exe mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.1 TCP: Interfaces\{44BF9EB7-97FD-484F-9FE7-B099717A0959} : NameServer = 75.75.75.75,75.75.76.76 TCP: Interfaces\{44BF9EB7-97FD-484F-9FE7-B099717A0959} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{44BF9EB7-97FD-484F-9FE7-B099717A0959}\A474337343 : DHCPNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll Notify: mnigfiu - c:\windows\system32\config\systemprofile\appdata\local\mnigfiu.dll AppInit_DLLs= c:\progra~1\keycry~1\KEYCRY~3.DLL SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1404000.028\symds.sys [2013-7-16 367704] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1404000.028\symefa.sys [2013-7-16 934488] R1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog32.sys [2013-8-28 80104] R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\bashdefs\20130715.001\BHDrvx86.sys [2013-7-16 1002072] R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\n360\1404000.028\ccsetx86.sys [2013-7-16 134744] R1 ccSet_NSM;Norton Family Settings Manager;c:\windows\system32\drivers\nsm\0208000.00e\ccsetx86.sys [2013-8-6 134304] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\ipsdefs\20130827.001\IDSvix86.sys [2013-8-28 392792] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1404000.028\ironx86.sys [2013-7-16 175264] R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\n360\1404000.028\symnets.sys [2013-7-16 339544] R2 24x7HelpSvc;24x7HelpService;c:\program files\24x7help\App24x7Svc.exe [2013-8-21 342608] R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_028821c569ae5894\AEstSrv.exe [2010-8-20 81920] R2 FastFreeConverterUpdt;FastFreeConverterUpdt;c:\program files\fast free converter\FastFreeConverterUpdt.exe [2012-11-26 687104] R2 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2010-12-15 1085440] R2 IDVaultSvc;CGPS Service;c:\program files\constant guard protection suite\IDVaultSvc.exe [2013-8-20 40512] R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2010-9-13 308656] R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\20.4.0.40\ccsvchst.exe [2013-7-16 144368] R2 NSM;Norton Family;c:\program files\norton family\engine\2.8.0.14\ccsvchst.exe [2013-8-6 143928] R2 SpyroService;Spyro Portal Service;c:\program files\fs\spyro portal\FlashPortal.exe [2012-1-31 48128] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-8-28 108120] R3 keycrypt;keycrypt;c:\windows\system32\drivers\KeyCrypt32.sys [2013-8-28 24520] R3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\drivers\OA009Ufd.sys [2010-8-20 144672] R3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\drivers\OA009Vid.sys [2010-8-20 269216] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 CltMngSvc;Search Protect by Conduit Updater;c:\program files\searchprotect\bin\cltmngsvc.exe --> c:\program files\searchprotect\bin\CltMngSvc.exe [?] S2 MBAMScheduler;MBAMScheduler;"c:\program files\malwarebytes' anti-malware\mbamscheduler.exe" --> c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [?] S2 MBAMService;MBAMService;"c:\program files\malwarebytes' anti-malware\mbamservice.exe" --> c:\program files\malwarebytes' anti-malware\mbamservice.exe [?] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2008-4-1 19456] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-12-23 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352] S3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A};Symantec Redirector - Norton Family;c:\windows\system32\drivers\nsm\0208000.00e\symrdrs.sys [2013-8-6 197280] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-1 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-24 1343400] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== Created Last 30 ================ . 2013-08-28 23:49:48 24520 ----a-w- c:\windows\system32\drivers\KeyCrypt32.sys 2013-08-28 23:49:48 -------- d-----w- c:\program files\KeyCryptSDK 2013-08-28 23:49:47 9951544 ----a-w- c:\windows\system32\ZALSDKCore.dll 2013-08-28 23:49:47 80104 ----a-w- c:\windows\system32\drivers\AntiLog32.sys 2013-08-28 23:49:47 -------- d-----w- c:\windows\system32\ZALSDK_uninst 2013-08-28 22:11:13 -------- d-----w- c:\users\amy\appdata\local\NPE 2013-08-26 23:11:35 -------- d-----w- c:\windows\system32\MpEngineStore 2013-08-24 01:11:30 -------- d-----w- c:\users\amy\appdata\local\ElevatedDiagnostics 2013-08-23 20:23:15 -------- d-----w- c:\users\amy\appdata\roaming\Nico Mak Computing 2013-08-22 10:19:08 -------- d-----w- C:\N360_BACKUP 2013-08-22 03:10:35 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2013-08-22 02:47:10 -------- d-sh--w- C:\$RECYCLE.BIN 2013-08-22 02:37:46 98816 ----a-w- c:\windows\sed.exe 2013-08-22 02:37:46 256000 ----a-w- c:\windows\PEV.exe 2013-08-22 02:37:46 208896 ----a-w- c:\windows\MBR.exe 2013-08-22 02:37:26 -------- d-s---w- C:\ComboFix 2013-08-22 01:37:48 -------- d-----w- c:\program files\File Type Helper 2013-08-22 01:37:44 -------- d-----w- c:\program files\Fast Free Converter 2013-08-22 01:37:39 -------- d-----w- c:\users\amy\appdata\roaming\24x7 Help 2013-08-22 01:37:31 -------- d-----w- c:\program files\24x7Help 2013-08-22 01:19:08 -------- d-----w- c:\users\amy\appdata\local\CRE 2013-08-22 01:19:08 -------- d-----w- c:\users\amy\appdata\local\Conduit 2013-08-22 01:19:08 -------- d-----w- c:\program files\Conduit 2013-08-22 01:18:46 -------- d-----w- c:\users\amy\appdata\local\SwvUpdater 2013-08-21 10:47:27 -------- d-----w- c:\users\amy\appdata\roaming\Malwarebytes 2013-08-21 10:47:07 -------- d-----w- c:\programdata\Malwarebytes 2013-08-14 21:12:09 652800 ----a-w- c:\windows\system32\rpcrt4.dll 2013-08-14 21:12:04 175104 ----a-w- c:\windows\system32\wintrust.dll 2013-08-14 21:12:04 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-14 21:12:04 1166848 ----a-w- c:\windows\system32\crypt32.dll 2013-08-14 21:12:04 103936 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-14 21:11:57 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-14 21:11:55 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-08-14 21:11:53 1289096 ----a-w- c:\windows\system32\ntdll.dll 2013-08-14 21:11:50 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-08-14 21:11:48 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-08-14 21:11:35 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-14 21:11:32 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-06 11:02:35 197280 ----a-r- c:\windows\system32\drivers\nsm\0208000.00e\symrdrs.sys 2013-08-06 11:02:34 134304 ----a-r- c:\windows\system32\drivers\nsm\0208000.00e\ccsetx86.sys 2013-08-06 11:02:25 -------- d-----w- c:\windows\system32\drivers\nsm\0208000.00E 2013-08-06 00:21:42 -------- d-----w- c:\users\amy\appdata\roaming\Dropbox . ==================== Find3M ==================== . 2013-08-21 03:22:35 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-08-21 03:22:35 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-07-26 03:13:24 1767936 ----a-w- c:\windows\system32\wininet.dll 2013-07-26 03:12:04 2877440 ----a-w- c:\windows\system32\jscript9.dll 2013-07-26 03:12:00 61440 ----a-w- c:\windows\system32\iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- c:\windows\system32\iesysprep.dll 2013-07-26 02:49:14 2706432 ----a-w- c:\windows\system32\mshtml.tlb 2013-07-26 01:59:38 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-07-16 21:04:40 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2013-06-05 03:05:09 2347520 ----a-w- c:\windows\system32\win32k.sys 2013-06-04 04:53:07 509440 ----a-w- c:\windows\system32\qedit.dll . ============= FINISH: 20:44:12.29 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume3 Install Date: 8/23/2010 9:29:32 PM System Uptime: 8/28/2013 8:25:27 PM (0 hours ago) . Motherboard: Dell Inc. | | 0G848F Processor: Pentium® Dual-Core CPU T4200 @ 2.00GHz | Microprocessor | 2000/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 218 GiB total, 1.291 GiB free. D: is CDROM () E: is FIXED (NTFS) - 15 GiB total, 6.432 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP409: 8/28/2013 6:38:38 PM - Norton_Power_Eraser_20130828183834031 . ==== Installed Programs ====================== . 3ivx MPEG-4 5.0.3 (remove only) Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.03) aiofw aioprnt aioscnnr AntiLogger SDK version 1.6.6.247 Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft Print Creations ArcSoft Print Creations - Album Page ArcSoft Print Creations - Funhouse ArcSoft Print Creations - Greeting Card ArcSoft Print Creations - Photo Book ArcSoft Print Creations - Photo Calendar ArcSoft Print Creations - Scrapbook ArcSoft Print Creations - Slimline Card Bonjour C4USelfUpdater CCScore center Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module ClosetMaid v1.5.2 Compatibility Pack for the 2007 Office system Constant Guard Protection Suite D3DX10 Dell Edoc Viewer Dell Touchpad Dell Wireless WLAN Card Utility ESSBrwr ESSCDBK ESScore ESSgui ESSini ESSPCD ESSPDock ESSTOOLS essvatgt FlipShare Google Chrome Google Update Helper iCloud Inkscape 0.48.0 Integrated Webcam Driver (1.00.02.0825) Intel® Graphics Media Accelerator Driver Intel® TV Wizard Intel® Matrix Storage Manager iTunes Java Auto Updater Java 6 Update 20 Java 6 Update 22 Juniper Networks Host Checker Juniper Networks Setup Client Junk Mail filter update KODAK AiO Home Center Kodak EasyShare software KODAK Gallery Upload Software ksDIP LeapFrog Connect LeapFrog Tag Plugin Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) netbrdg Norton Family Norton Security Suite OfotoXMI OGA Notifier 2.0.0048.0 OpenOffice.org 3.3 Pinnacle Studio 12 Pinnacle Video Driver PreReq Quicken 2009 QuickSet QuickTime Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) SFR SHASTA Shutterfly Express Uploader skin0001 SKINXSDK Skype Click to Call Skype™ 5.10 SpyroDriver SpyroPortalDriver staticcr TomTom HOME 2.8.2.2264 TomTom HOME Visual Studio Merge Modules Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) VPRINTOL Window Shopper Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Migration Assistant WIRELESS Wondershare MobileGo for iOS ( Version 3.1.0 ) . ==== Event Viewer Messages From Past Week ======== . 8/28/2013 8:26:46 PM, Error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified. 8/28/2013 8:26:46 PM, Error: Service Control Manager [7000] - The MBAMScheduler service failed to start due to the following error: The system cannot find the file specified. 8/28/2013 8:26:36 PM, Error: Service Control Manager [7000] - The Search Protect by Conduit Updater service failed to start due to the following error: The system cannot find the file specified. 8/28/2013 8:26:05 PM, Error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified. 8/28/2013 8:05:33 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 8/28/2013 7:18:23 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service. 8/28/2013 7:13:20 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running. 8/28/2013 7:13:19 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s). 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/28/2013 7:11:19 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/28/2013 7:08:10 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error: An instance of the service is already running. 8/28/2013 7:08:10 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running. 8/28/2013 7:07:10 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running. 8/28/2013 7:06:10 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/28/2013 6:46:55 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 8/28/2013 6:39:48 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 8/28/2013 6:39:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 8/28/2013 6:39:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 8/28/2013 6:39:32 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv.dll Error Code: 21 8/28/2013 6:39:30 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 8/28/2013 6:39:22 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 8/28/2013 6:39:17 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccSet_N360 ccSet_NSM discache eeCtrl IDSVix86 spldr SRTSPX SymIRON SymNetS Wanarpv6 8/28/2013 6:08:25 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 8/27/2013 6:25:01 PM, Error: Service Control Manager [7023] - The iPod Service service terminated with the following error: %%-2147417831 8/27/2013 10:12:58 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 8/26/2013 2:25:15 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 8/26/2013 10:25:39 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The service has not been started. 8/26/2013 10:24:02 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. 8/24/2013 2:27:06 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 8/24/2013 2:21:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 8/24/2013 2:21:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 8/24/2013 2:20:54 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 ccSet_N360 ccSet_NSM DfsC discache eeCtrl IDSVix86 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx Wanarpv6 WfpLwf ws2ifsl 8/24/2013 2:20:54 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 8/24/2013 2:20:54 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 8/24/2013 2:20:54 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 8/24/2013 2:20:54 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 8/24/2013 2:20:54 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 8/24/2013 2:20:54 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 8/24/2013 2:20:54 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 8/24/2013 2:20:54 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 8/24/2013 2:20:54 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 8/24/2013 2:20:54 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 8/23/2013 8:45:59 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 8/23/2013 8:16:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 8/23/2013 8:15:38 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect. 8/23/2013 8:15:38 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/23/2013 7:59:01 PM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 4 time(s). 8/23/2013 7:18:30 PM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 3 time(s). 8/23/2013 7:18:30 PM, Error: Service Control Manager [7034] - The User Profile Service service terminated unexpectedly. It has done this 3 time(s). 8/23/2013 7:18:30 PM, Error: Service Control Manager [7034] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 3 time(s). 8/23/2013 6:13:38 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000, 0x00000002, 0x00000001, 0x82e838ac). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 082313-68562-01. 8/23/2013 6:09:46 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000, 0x00000002, 0x00000001, 0x82ec38ac). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 082313-37845-01. 8/23/2013 6:08:13 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 8/23/2013 6:08:13 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 8/23/2013 6:08:13 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/23/2013 5:00:37 PM, Error: Service Control Manager [7023] - The IKE and AuthIP IPsec Keying Modules service terminated with the following error: Load failed 8/22/2013 9:57:07 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the CGPS Service service to connect. 8/22/2013 9:57:07 AM, Error: Service Control Manager [7000] - The CGPS Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/22/2013 9:56:58 AM, Error: Service Control Manager [7031] - The CGPS Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 8/22/2013 6:05:42 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service. 8/22/2013 6:04:12 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service. 8/22/2013 6:04:12 AM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/22/2013 10:23:24 AM, Error: Service Control Manager [7031] - The Norton Security Suite service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/22/2013 10:22:27 AM, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: Insufficient system resources exist to complete the requested service. 8/21/2013 9:53:09 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service. 8/21/2013 9:52:39 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service. 8/21/2013 9:52:09 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service. 8/21/2013 9:51:39 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. 8/21/2013 9:51:09 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service. 8/21/2013 9:39:15 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000008e (0xc0000005, 0x8227219f, 0x8b817414, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 082113-56472-01. 8/21/2013 6:53:57 AM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107. 8/21/2013 6:53:57 AM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. . ==== End Of File ===========================
  3. Alliance_Brewer
    My computer started playing ads in the background even when the browser is shut down. Whatever it is, seems to be taxing my laptop's processor- the fan is running all the time. Advice please?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.