Jump to content

BorisSpider

Members
  • Posts

    14
  • Joined

  • Last visited

Everything posted by BorisSpider

  1. Ok a complete flattern it is. Where do I stand for data, jpegs, music, word/office documents? cheera
  2. after using google translate I managed to get the green button to change, after clicking it, hit a 404 error, when i clicked back got a slightly different page with a link to esetsmartinstaller_enu.exe after copyng the link back to hidemyass I can download the file. This file says that it installs an application and launches ESET Online scanner in a seperate window. Would you like me download this file and run it?
  3. Can't access with out hidemyass, can get as far a check box to accept ToU however green start button doesnt change.
  4. Done a rescan. AVG keeps opening despite the fact that it is closed on the taskbar. RKreport0_S_09302013_184544.txt
  5. I've included the new rogue killer log as it has a new process which had been killed, ran anti-route kit 3 times, each time it did not restart the computer and the same four were found each time. RKreport0_D_09302013_165340.txt mbar-log-2013-09-30 (17-57-48).txt system-log.txt mbar-log-2013-09-30 (17-32-40).txt mbar-log-2013-09-30 (16-57-15).txt
  6. Sorry they looked fine when I pasted them in. RKreport0_S_09302013_154702.txt dds.txt attach.txt
  7. DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK Internet Explorer: 9.0.8112.16506 BrowserJavaVersion: 1.6.0_35 Run by Miss Hugill at 15:27:04 on 2013-09-30 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2045.1265 [GMT 1:00] . AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes ================ . C:\WINDOWS\SYSTEM32\wininit.exe C:\Windows\system32\lsm.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\Explorer.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Lavasoft\Ad-Aware\AAWWSC.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://isearch.avg.com/?cid={0CF7B058-7589-4463-8FC9-FC300CCDC206}&mid=d41ed8e02b0c47d0a41e5b26693d5ac9-99e6f4ecb7e89a8a23d00e7ae57224ff75c232cb〈=en&ds=AVG&pr=fr&d=2013-01-22%2018:02:32&pid=avg&sg=&v=14.0.0.14&sap=hp uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://en.uk.acer.yahoo.com uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\17.0.0.9\AVG Secure Search_toolbar.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\17.0.0.9\AVG Secure Search_toolbar.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe" uRun: [PiqQpdkr] c:\users\miss hugill\appdata\local\gqwdyqyd\piqqpdkr.exe uRun: [spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean uRunOnce: [AutoLaunch] c:\program files\lavasoft\ad-aware\AutoLaunch.exe monthly mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [Acer Tour] Notify: GoToAssist - c:\program files\citrix\gotoassist\570\G2AWinLogon.dll Notify: SDWinLogon - SDWinLogon.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-5 39224] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-5-5 64288] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-1-22 37664] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-12-2 1181328] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-11-12 27632] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184] S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-10 22328] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312] S2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136] S2 CFRDBService;Finnigan Database Service;c:\xcalibur\system\programs\CFRDBService.exe [2013-9-6 262144] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 Finnigan Security Server;Finnigan Security Server;c:\xcalibur\system\programs\finSS_Server.exe [2013-9-6 65536] S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-4-15 21504] S2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2012-10-1 376144] S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-9-28 1817560] S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-9-28 1033688] S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-9-28 171928] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2013-3-22 93072] S2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.5.0\ToolbarUpdater.exe [2013-8-15 1643184] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2012-11-20 12400] S3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2006-12-2 847392] S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-2-12 89256] S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-2-12 15016] S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-2-12 120744] S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-2-12 114216] S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-2-12 25512] S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-2-12 110632] S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-2-12 115752] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-2-12 90536] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-2-12 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-2-12 122152] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-2-12 115496] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2009-2-12 25768] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2009-2-12 111912] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-2-12 117672] S3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2006-12-2 31232] S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2010-9-26 155320] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856] . =============== Created Last 30 ================ . 2013-09-28 21:54:02 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2013-09-28 21:53:06 15224 ----a-w- c:\windows\system32\sdnclean.exe 2013-09-28 21:52:53 -------- d-----w- c:\program files\Spybot - Search & Destroy 2 2013-09-28 15:57:07 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-09-28 15:57:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-09-12 20:29:02 615936 ----a-w- c:\windows\system32\themeui.dll 2013-09-12 20:27:55 2049536 ----a-w- c:\windows\system32\win32k.sys 2013-09-10 00:34:48 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys 2013-09-08 13:42:35 -------- d-----w- c:\users\miss hugill\.SquashOccurrences 2013-09-08 10:50:06 -------- d-----w- c:\users\miss hugill\Rob 2013-09-07 10:53:22 -------- d-----w- c:\users\miss hugill\appdata\roaming\.minecraft 2013-09-06 11:08:06 -------- d-----w- C:\Xcalibur 2013-09-05 00:43:42 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys . ==================== Find3M ==================== . 2013-09-28 21:31:38 5 ----a-w- c:\windows\system32\drivers\etc\hosts 2013-09-28 12:46:49 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-09-23 18:52:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-09-23 18:52:50 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-08-02 04:09:35 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-07-31 10:00:20 1800704 ----a-w- c:\windows\system32\jscript9.dll 2013-07-31 09:52:44 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-07-31 09:52:34 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-07-31 09:48:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2013-07-31 09:48:09 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-07-31 09:45:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-07-20 00:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys 2013-07-20 00:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2013-07-20 00:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2013-07-20 00:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2013-07-17 19:41:34 2048 ----a-w- c:\windows\system32\tzres.dll 2013-07-10 09:47:00 783360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-07-09 12:10:36 1205168 ----a-w- c:\windows\system32\ntdll.dll 2013-07-08 04:55:51 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-07-08 04:55:51 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-07-08 04:20:04 172544 ----a-w- c:\windows\system32\wintrust.dll 2013-07-08 04:16:55 98304 ----a-w- c:\windows\system32\cryptnet.dll 2013-07-08 04:16:55 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2013-07-08 04:16:54 992768 ----a-w- c:\windows\system32\crypt32.dll 2013-07-05 04:53:33 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys . ============= FINISH: 15:31:43.62 ===============
  8. Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Safe mode with network support User : Miss Hugill [Admin rights] Mode : Scan -- Date : 09/30/2013 15:47:02 | ARK || FAK || MBR | ¤¤¤ Bad processes : 2 ¤¤¤ [sVCHOST] svchost.exe -- C:\Windows\System32\svchost.exe [-] -> KILLED [TermProc] [sVCHOST] svchost.exe -- C:\Windows\System32\svchost.exe [-] -> KILLED [TermProc] ¤¤¤ Registry Entries : 10 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : PiqQpdkr (C:\Users\Miss Hugill\AppData\Local\gqwdyqyd\piqqpdkr.exe [-]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-2146661600-1499433993-4118350145-1000\[...]\Run : PiqQpdkr (C:\Users\Miss Hugill\AppData\Local\gqwdyqyd\piqqpdkr.exe [-]) -> FOUND [sHELL][sUSP PATH] HKLM\[...]\Winlogon : userinit (userinit.exe,,C:\Users\Miss Hugill\AppData\Local\gqwdyqyd\piqqpdkr.exe [x][-]) -> FOUND [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ SECU][PUM] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> FOUND [HJ SECU][PUM] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> FOUND [HJ SECU][PUM] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 1 ¤¤¤ [V1][sUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{A593F6EB-99AF-4843-B4D4-006D25F4063A}.exe - --uninstall=1 [x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts MZP ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - WDC WD1600BEVS-22RST0 ATA Device +++++ --- User --- [MBR] 2cfd5ee75126dfd67e48be1f5fcbacbb [bSP] f9dbfb3ce51d71565415d3ff0a658f3e : Acer MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 6997 Mo 1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 14329980 | Size: 72990 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 163814805 | Size: 72637 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_09302013_154702.txt >>
  9. RogueKiller V8.7.0 [sep 30 2013] by Tigzy mail : tigzyRKgmailcom Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/
  10. RogueKiller V8.7.0 [sep 30 2013] by Tigzy mail : tigzyRKgmailcom Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/
  11. DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK Internet Explorer: 9.0.8112.16506 BrowserJavaVersion: 1.6.0_35 Run by Miss Hugill at 15:27:04 on 2013-09-30 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2045.1265 [GMT 1:00] . AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes ================ . C:\WINDOWS\SYSTEM32\wininit.exe C:\Windows\system32\lsm.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\Explorer.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Lavasoft\Ad-Aware\AAWWSC.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://isearch.avg.com/?cid={0CF7B058-7589-4463-8FC9-FC300CCDC206}&mid=d41ed8e02b0c47d0a41e5b26693d5ac9-99e6f4ecb7e89a8a23d00e7ae57224ff75c232cb〈=en&ds=AVG&pr=fr&d=2013-01-22%2018:02:32&pid=avg&sg=&v=14.0.0.14&sap=hp uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://en.uk.acer.yahoo.com uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\17.0.0.9\AVG Secure Search_toolbar.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\17.0.0.9\AVG Secure Search_toolbar.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe" uRun: [PiqQpdkr] c:\users\miss hugill\appdata\local\gqwdyqyd\piqqpdkr.exe uRun: [spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean uRunOnce: [AutoLaunch] c:\program files\lavasoft\ad-aware\AutoLaunch.exe monthly mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [Acer Tour] Notify: GoToAssist - c:\program files\citrix\gotoassist\570\G2AWinLogon.dll Notify: SDWinLogon - SDWinLogon.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-5 39224] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-5-5 64288] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-1-22 37664] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-12-2 1181328] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-11-12 27632] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184] S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-10 22328] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312] S2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136] S2 CFRDBService;Finnigan Database Service;c:\xcalibur\system\programs\CFRDBService.exe [2013-9-6 262144] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 Finnigan Security Server;Finnigan Security Server;c:\xcalibur\system\programs\finSS_Server.exe [2013-9-6 65536] S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-4-15 21504] S2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2012-10-1 376144] S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-9-28 1817560] S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-9-28 1033688] S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-9-28 171928] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2013-3-22 93072] S2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.5.0\ToolbarUpdater.exe [2013-8-15 1643184] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2012-11-20 12400] S3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2006-12-2 847392] S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-2-12 89256] S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-2-12 15016] S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-2-12 120744] S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-2-12 114216] S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-2-12 25512] S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-2-12 110632] S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-2-12 115752] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-2-12 90536] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-2-12 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-2-12 122152] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-2-12 115496] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2009-2-12 25768] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2009-2-12 111912] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-2-12 117672] S3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2006-12-2 31232] S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2010-9-26 155320] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856] . =============== Created Last 30 ================ . 2013-09-28 21:54:02 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2013-09-28 21:53:06 15224 ----a-w- c:\windows\system32\sdnclean.exe 2013-09-28 21:52:53 -------- d-----w- c:\program files\Spybot - Search & Destroy 2 2013-09-28 15:57:07 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-09-28 15:57:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-09-12 20:29:02 615936 ----a-w- c:\windows\system32\themeui.dll 2013-09-12 20:27:55 2049536 ----a-w- c:\windows\system32\win32k.sys 2013-09-10 00:34:48 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys 2013-09-08 13:42:35 -------- d-----w- c:\users\miss hugill\.SquashOccurrences 2013-09-08 10:50:06 -------- d-----w- c:\users\miss hugill\Rob 2013-09-07 10:53:22 -------- d-----w- c:\users\miss hugill\appdata\roaming\.minecraft 2013-09-06 11:08:06 -------- d-----w- C:\Xcalibur 2013-09-05 00:43:42 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys . ==================== Find3M ==================== . 2013-09-28 21:31:38 5 ----a-w- c:\windows\system32\drivers\etc\hosts 2013-09-28 12:46:49 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-09-23 18:52:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-09-23 18:52:50 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-08-02 04:09:35 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-07-31 10:00:20 1800704 ----a-w- c:\windows\system32\jscript9.dll 2013-07-31 09:52:44 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-07-31 09:52:34 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-07-31 09:48:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2013-07-31 09:48:09 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-07-31 09:45:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-07-20 00:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys 2013-07-20 00:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2013-07-20 00:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2013-07-20 00:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2013-07-17 19:41:34 2048 ----a-w- c:\windows\system32\tzres.dll 2013-07-10 09:47:00 783360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-07-09 12:10:36 1205168 ----a-w- c:\windows\system32\ntdll.dll 2013-07-08 04:55:51 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-07-08 04:55:51 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-07-08 04:20:04 172544 ----a-w- c:\windows\system32\wintrust.dll 2013-07-08 04:16:55 98304 ----a-w- c:\windows\system32\cryptnet.dll 2013-07-08 04:16:55 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2013-07-08 04:16:54 992768 ----a-w- c:\windows\system32\crypt32.dll 2013-07-05 04:53:33 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys . ============= FINISH: 15:31:43.62 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 02/01/2008 19:37:06 System Uptime: 30/09/2013 15:15:20 (0 hours ago) . Motherboard: Acer | | Grapevine Processor: Intel® Core2 CPU T5500 @ 1.66GHz | U1 | 1662/166mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 71 GiB total, 9.739 GiB free. D: is FIXED (NTFS) - 71 GiB total, 16.449 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft ISATAP Adapter Device ID: ROOT\*ISATAP\0171 Manufacturer: Microsoft Name: Microsoft ISATAP Adapter #53 PNP Device ID: ROOT\*ISATAP\0171 Service: tunnel . ==== System Restore Points =================== . RP1546: 26/09/2013 10:25:52 - Scheduled Checkpoint . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 32 Bit HP CIO Components Installer Acer Arcade Deluxe Acer Camera Driver Acer Empowering Technology Acer GridVista Acer Mobility Center Plug-In Acer OrbiCam Application Acer ScreenSaver Acer Tour Ad-Aware Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 8.1.2 Adobe Reader 8.1.2 Security Update 1 (KB403742) Adobe Shockwave Player 11.6 Age of Empires III AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan Amazon MP3 Downloader 1.0.17 Apple Application Support Apple Mobile Device Support Apple Software Update AVG 2013 AVG Security Toolbar BBC iPlayer Desktop BlackBerry Device Manager 7.0 Bonjour BT Desktop Help BTHomeHub BufferChm CCleaner Citrix Presentation Server Client - Web Only Click to Call with Skype Copy Coupon Printer CustomerResearchQFolder D3DX10 Destinations DeviceManagementQFolder DocProc DocProcQFolder eSupportQFolder F300 F300_Help F300Trb Fax GameShadow Google Chrome Google Earth Google Update Helper GoToAssist Corporate HDAUDIO Soft Data Fax Modem with SmartCP HelixDownloadManager Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Participation Program 8.0 HP Imaging Device Functions 8.0 HP OCR Software 8.0 HP Photosmart Essential HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B HP Solution Center 8.0 HP Update HPProductAssistant HPSSupply Intel PROSet Wireless Intel® PROSet/Wireless WiFi Software iTunes Java Auto Updater Java 6 Update 2 Java 6 Update 3 Java 6 Update 35 Java 6 Update 5 Java 6 Update 7 K-Lite Codec Pack 4.7.0 (Full) Launch Manager LightScribe 1.4.124.1 Logitech Video Enumerator Malwarebytes Anti-Malware version 1.75.0.1300 MarketResearch Media Go MetaFrame Presentation Server Web Client for Win32 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Age of Empires Gold Microsoft Age of Empires II Microsoft Age of Empires II: The Conquerors Expansion Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Ultimate 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MS Access 97 SP2 MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MVision NTI Backup NOW! 4.7 NTI CD & DVD-Maker NVIDIA Drivers OGA Notifier 2.0.0048.0 Panda Internet Security 2010 PATRICIAN II PlayStation®Network Downloader PlayStation®Store PowerProducer QuickTime RealPlayer Realtek High Definition Audio Driver ReelPortal Private Scan SCARM 0.9.16 beta Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition Segoe UI SimCity 3000 UK Edition Skype™ 6.1 SMSC Fast Infrared Driver SolutionCenter Sony Ericsson Update Engine Sony Ericsson Update Service Sony PC Companion 2.10.108 Spybot - Search & Destroy Status Stronghold Stronghold 2 Deluxe swMSM Synaptics Pointing Device Driver THE SETTLERS - Heritage of Kings THE SETTLERS - Rise of an Empire TomTom HOME TomTom HOME Visual Studio Merge Modules Toolbox TrayApp Unity Web Player UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VLC media player 2.0.1 WebReg Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Messenger Windows Live OneCare safety scanner Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 5.00 (32-bit) Xcalibur . ==== Event Viewer Messages From Past Week ======== . 30/09/2013 15:19:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 30/09/2013 15:19:45, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.65 for the Network Card with network address 0018DEADB669 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). 30/09/2013 15:18:52, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wcncsvc with arguments "" in order to run the server: {375FF001-DD27-11D9-8F9C-0002B3988E81} 30/09/2013 15:17:14, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 30/09/2013 15:17:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 30/09/2013 15:16:58, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 30/09/2013 15:16:52, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver AVGIDSShim Avgldx86 spldr Wanarpv6 30/09/2013 15:16:52, Error: Service Control Manager [7003] - The Spybot-S&D 2 Security Center Service service depends the following service: wscsvc. This service might not be installed. 30/09/2013 15:16:52, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 30/09/2013 15:16:52, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning. 30/09/2013 15:16:45, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21 30/09/2013 15:16:43, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 30/09/2013 15:16:18, Error: EventLog [6008] - The previous system shutdown at 15:12:27 on 30/09/2013 was unexpected. 30/09/2013 15:05:09, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 30/09/2013 15:05:09, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect. 30/09/2013 15:05:09, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Net Driver HPZ12 service to connect. 30/09/2013 15:05:09, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MobilityService service to connect. 30/09/2013 15:05:09, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Cyberlink RichVideo Service(CRVS) service to connect. 30/09/2013 15:05:09, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied. 30/09/2013 15:05:09, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 30/09/2013 15:05:09, Error: Service Control Manager [7000] - The Net Driver HPZ12 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 30/09/2013 15:05:09, Error: Service Control Manager [7000] - The MobilityService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 30/09/2013 15:05:09, Error: Service Control Manager [7000] - The Cyberlink RichVideo Service(CRVS) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 28/09/2013 22:49:31, Error: EventLog [6008] - The previous system shutdown at 22:48:03 on 28/09/2013 was unexpected. 28/09/2013 22:47:21, Error: EventLog [6008] - The previous system shutdown at 22:45:26 on 28/09/2013 was unexpected. 28/09/2013 21:33:02, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Pml Driver HPZ12 service to connect. 28/09/2013 21:33:02, Error: Service Control Manager [7000] - The Pml Driver HPZ12 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 28/09/2013 13:57:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 28/09/2013 13:54:16, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 28/09/2013 13:54:16, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 28/09/2013 13:47:22, Error: PlugPlayManager [10] - Error writing to server side install pipe 28/09/2013 13:45:38, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error: "1314" Happened while starting this command: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe -Embedding 28/09/2013 13:45:33, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. 28/09/2013 13:45:33, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 28/09/2013 13:45:33, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69} 28/09/2013 13:45:33, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {0228576F-6E6C-4E1A-B175-0E46A316AFE2}. The error: "1314" Happened while starting this command: C:\Windows\ehome\ehmsas.exe -Embedding 26/09/2013 17:24:47, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {28778B62-8481-400D-8E8A-A4C81ED3F65C} as /. The error: "1314" Happened while starting this command: "C:\Windows\System32\wermgr.exe" -senstrigger -Embedding 26/09/2013 17:21:55, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll 26/09/2013 17:18:25, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 26/09/2013 17:18:25, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 26/09/2013 17:18:15, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 26/09/2013 17:18:06, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 26/09/2013 17:17:54, Error: Service Control Manager [7034] - The eRecovery Service service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:17:43, Error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:17:40, Error: Service Control Manager [7031] - The Software Licensing service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 26/09/2013 17:17:20, Error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:17:20, Error: Service Control Manager [7034] - The Intel® PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:17:09, Error: Service Control Manager [7034] - The Finnigan Security Server service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:17:08, Error: Service Control Manager [7034] - The Intel® PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:17:03, Error: Service Control Manager [7034] - The Finnigan Database Service service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:17:02, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:16:56, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 26/09/2013 17:16:56, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 26/09/2013 17:16:42, Error: Service Control Manager [7034] - The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:16:33, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Live ID Sign-in Assistant service, but this action failed with the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 26/09/2013 17:16:18, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 26/09/2013 17:16:13, Error: Service Control Manager [7034] - The pcCMService service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:16:13, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Lavasoft Ad-Aware Service service, but this action failed with the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 26/09/2013 17:16:11, Error: Service Control Manager [7034] - The MobilityService service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:16:08, Error: Service Control Manager [7034] - The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly. It has done this 1 time(s). 26/09/2013 17:16:08, Error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 26/09/2013 11:00:52, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 26/09/2013 10:54:53, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the stisvc service. 26/09/2013 10:52:34, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the XAudioService service to connect. 26/09/2013 10:52:34, Error: Service Control Manager [7000] - The XAudioService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 26/09/2013 09:12:32, Error: EventLog [6008] - The previous system shutdown at 20:35:05 on 25/09/2013 was unexpected. 25/09/2013 18:48:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service. 24/09/2013 20:35:37, Error: EventLog [6008] - The previous system shutdown at 20:25:08 on 24/09/2013 was unexpected. 24/09/2013 18:11:15, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® PROSet/Wireless Event Log service to connect. 24/09/2013 18:11:15, Error: Service Control Manager [7000] - The Intel® PROSet/Wireless Event Log service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 23/09/2013 21:04:38, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 23/09/2013 20:51:31, Error: volsnap [20] - The shadow copies of volume D: were aborted because of a failed free space computation. 23/09/2013 20:35:40, Error: EventLog [6008] - The previous system shutdown at 20:14:36 on 23/09/2013 was unexpected. 23/09/2013 19:56:59, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect. 23/09/2013 19:56:59, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================
  12. Symptoms: Can't access microsoft.com, avg.com, avast.com (can access them when I use a web proxy) Can't open mbam.exe without renaming it to abcd.exe AVG free keeps popping up at random intervals. Malwarebytes repeatedly finds Hijack userint despite allegedly removing it. Thanks Boris
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.