Jump to content

Search the Community

Showing results for tags 'Audio Ads'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 7 results

  1. Recently, I've had trouble with constant audio ads running in the background, even when I don't have a browser open. I can't be certain but I think this and some other ads that intermediately come up on sites like google and youtube have something to do with a proxy server that I can't get rid of, and/or some .exe programs (internetport3.exe and getcap.exe) that I can't seem to shake either. I've tried Malwarebytes as well as HitmanPro and RougeKiller, all before coming to this site looking for help. I've also read the "I'm Infected-What do I do now?" thread and have followed the steps there. I appreciate the help.
  2. Hi guys. I appear to have this iexplorer *32.exe virus. It started with audio ads starting in the background. After deactivating and reactivating Internet Explorer 11 using Windows Features, the audio ads stopped, but multiple iexplorer*32.exe still automatically start on their own and commence sending/recieving data - which has just blown my monthly download limit half way through my 30 day allowance! No virus / malware tools I have run have detected anything apart from cookies. I've had MS Security Essentials running for ages and haven't had a known virus for 5 years+. Any help to waste this sucker would be greatly appreciated. Cheers James.
  3. Hello! I seem to be having the same malware problem as member "r3dDaWn" who initially posted on April 14, 2014. In my search for a solution, it was finding his post in this forum that reminded me that Malwarebytes has these helpful forums, Duh! For I think Malwarebytes is great and have the paid Premium version of Malwarebytes. It just didn't start giving me helpful clues about this malware until a few days ago. In my case, there is apparently the same malware associated with "searchnet.blinkxcore.com" as affected "r3dDaWn" that intermittently runs weird audio ads. But I'm an older person who is only moderately computer/internet literate, so, because until just a few days ago Malwarebytes had not been giving me any notices about that website name or any other information about any malicious intrusions, I had nothing to go on, and all I knew to do was run the couple protection programs I have. I've had no clue what to do until finally being given a notification by the Malwarebytes software in just the last few days that eventually got me here to this forum. (And it wasn't until just a little while ago after reading that other fellow's post again that I realized I might be able to get more log information from my Malwarebytes program than I'd known how to find to now, so I dug further into my Malwarebytes program awhile ago and realized I could make a copy of the Malwarebytes daily protection log into a text file, which I did and attached that along with the others per the AdvancedSetup page's instructions. Though I still don't know how to find a log of a scan. As I said, I'm still very behind-the-curve on all this. ) The audio ads malware actually first happened a few months ago. But unlike in recent days, during that first period Malwarebytes was not giving any kind of notices at all about any kind of malicious intrusions or anything. So, again, I had little to go on. I ran scans with AdAware, (I have their paid full Internet Security /AntiVirus version), and Malwarebytes, and Spybot Search and Destroy. The only things that showed up were some tracking cookies and PUPs, mostly in Spybot, that I let get fixed. (I eventually also downloaded a software called Secunia that's supposed to help one keep up with updating programs supposedly because outdated programs tend to have their weak points exploited by hackers, though I've not used it since the first time after installing it.) The audio ads still kept happening. And I realized that it seemed they'd happen around times I was playing or had played videos (my online college classes as well as research involve video classes via the school's online system and other videos, most often via YouTube.) But that still didn't tell me anything helpful. I thought that maybe one of my neightbor's internet connection's was somehow interfering with mine, which, unless they were purposely hacking, didn't make sense in that they use their wifi, but I have my computer connected directly to my modem with an ethernet cable, and don't use the wifi. But I knew that a neighbor had experienced some kind of hacking awhile ago, so I checked with neighbors and called my internet provider just in case. No helpful info or answers. I did online searches for answers, but did not know how to describe what was happening very well, and I had no other information to go on at that time, so didn't come up with anything that looked helpful. Then the audio ads stopped happening. But during the ensuing next few weeks, there were two or three instances of a Malwarebytes dialogue box popping up saying that my Malwarebytes database was "missing or corrupt" and asking Yes/No if I wished to newly download the database. This seemed really strange, but I hoped it was just a good self-correction thing, and I just clicked to newly download the database. I was getting worried when it happened the second or third time and, being amidst a heavy workload schedule, decided that if it happened one more time, I was going to query Malwarebytes, but then that did not happen again. The audio ads did not happen any more for several weeks. Then just several days ago, for the very first time ever, Malwarebytes started delivering a popup notification from the bottom of the screen saying that it had successfully blocked a malicious website. I considered this both a good thing protection-wise, but very distressing in that the only websites I'd been on those particular days were very high-integrity sites I trusted and had used for years in my work and studies, so things didn't make sense. The popup happened a few more times, but would disappear before I could read its information. I didn't yet know that I could find a daily protection log inside the program. So when I opened the Malwarebytes program hoping to see some kind of log of those notifications and their info right after they happened, I didn't know where/how to look to locate it. I know, I know.. really stupid super-DUH that when I did click "History" and it was on the Quarantine page, I was too tired to notice the "Application Logs" tab. Okay, so I admit it, I'm really, really embarrassed that on top of all else, I need new glasses! At the next notification instance I managed to quickly enough move my cursor over to the popup and hover over it, hoping it would keep it there, which it did. I made a mental note of things, but did not have time to write it down that first time. Then within a day or so the audio ads began happening again, apparently most often associated near or at the time of playing a video like on YouTube, or a replay of a webinar whether originally done on a Google hangouts or other service. And by then the Malwarebytes notification had popped up a few more times as well near the times when this happened. I caught the popup and noted down the information the next time I could grab it in time, and then caught it the next few times as well to see if it was giving the same malicious site and information, which it was. The only information that changed each time was the "Port." This is the information I noted down given in the Malwarebytes notification popups saying that it had successfully blocked a malicious website (now also in an attached log): -- The Ports would change, so I only noted the first few I paused, which were 57630, 51433 and 61488. -- IP 66.45.56.109 (This stayed the same at least for those few of the notices I noted.) -- website -- searchnet.blinkxcore.com -- outbound -- Process: C:\Program Files (x86)\Mozilla Firefox\firefox.exe It had been long hours these last few days going too long without sleep trying to catch up on school assignments, so after noting this while grabbing sleep I ran a full scan with AdAware internet security. Nothing was detected. I was feeling so stupid and clueless, but had to search for a solution! This time in searching for a solution, it was the fact that I finally had something specific, that malicious website's name, to put into the search query that finally led me to a few places where others had experienced the same malware problem. On one forum a fellow had experienced the exact same things (except he said nothing of Malwarebytes notifications), and indicated he thought that the website was a porn site. This was extremely upsetting and made me worry that one of the nearby neighbor adolescents might have indeed somehow hacked into my internet connection. Right after reading that, I clicked another of the search results that brought me to the Malwarebytes Forum post answering "r3dDaWn"'s post about the same malware. So, anyway, I'm just so glad you are all here and that I found you, and that someone has already had this problem successfully cleared with your wonderful help! So I'm praying that you'll be able to help me get this successfully cleared, too! So per the instructions on the Advanced Setup page, I did a full scan with my Malwarebytes Premium, but it said it did not detect anything malicious. Out of curiosity I looked at the scan settings and saw that "Scan for Rootkits" was not checked, so I checked it and ran another scan. Still said nothing detected. (Then as mentioned above, it was not until in the process of writing this post and after already running the Farbar tool, that I happen to again glance through that fellow's post, and realized I should dig further into my Malwarebytes for a log.) I downloaded and ran the Farbar Recovery Scan Tool, and have attached the logs. And also per the instructions have not run anything else nor taken any other actions regarding this. (I unexpectedly noticed something in one of the Farbar logs that was disturbing. I've not bothered with the Chrome browser for many months, it's just proven to be a problem for me on this computer. So the first thing that is disturbing is that the Chrome browser is showing up at all. But I saw in the log that in it, "conduit.search" is showing up as a default, which was malware that had hijacked the search in my Firefox browser some months ago, and it took days of searching to finally find the sufficiently complete steps to fully clear that off of Firefox. I frankly can't recall if I attempted to find the steps to clear it from Chrome or not, I was amidst a very heavy class load, so might just have had to get right back to work after clearing Firefox. After getting the current issue cleared up, I'll check the forums here for the right steps to clear this, too; though I think I might just uninstall Chrome, and do a new install if ever wishing to try it again? Just hoping it won't cause any added problems to this malware removal process.) Thank you all ahead of time for your tremendously valued and appreciated time and assistance! (And for your patience with my limited knowledge and inefficient descriptions,.. all made worse by my way overtired dough-brain!) Please know how very greatly you are appreciated! P.S. Just would like to say that after a long challenging life-path of setbacks, I'm just now in the last few years restoring my own path and goals, admittedly occasionally flailing a times as I try to catch up with the learning curve to learn about the online world about both website creation and business and such things, as part of that quest to eventually be able to establish the natural-health resources website I've long wished and planned to do... ... and I have well-intended friends who are much more online business savvy always trying to be helpful by continually sending me links and stuff, that I feel obligated to say that I've looked at, but seldom have time to do more than make a quick desktop folder and plunk the link or file into it to check later, but never do! I just haven't had time to sort through the accumulated mess!, so I just wish to apologize for there being a bunch of unnecessary desktop stuff making the log unnecessarily long,.. ... I'd wished I could clear all of that off before sending the logs, but feared that doing so would mess up the process here,.. so again, apologies for all the unnecessary clutter. But just wished to say that along with ever continuing my dedicated primary computer use for studies, research, education, my computer and online access are now more important to me than ever, as I've gone back to school, attending college entirely online.... which is vitally important to me, so the idea of something nastily interfering with my computer or online classes is really upsetting. And I'm right amidst a heavy class load this semester right now while still moving kinda slow still recovering from illness... ... So, when things clearly got to a point a few days ago where nothing I knew to do was clearing up this scarily intrusive malware problem, the idea of having to take everything off my computer (a very modest little laptop, but it's the most important thing in my world right now!) and resetting it and restoring everything from scratch was just overwhelming. But of course, the potential for something to crash or dangerously hack or mess up my computer and its files is even more worrisome! So again, I'm so relieved and grateful to have found you all at this forum, and again thank you for your patience and assistance! Addition.txt FRST.txt daily protection log 9-10-14.txt
  4. Hello, My dell laptop seems to be inflicted with some malwares. Whenever I connect to internet network, the audio starts playing with no active browser/programs. Once I disconnect the internet, the audio goes off in sometime. I had a chance to browse through some of the topics in your forum where people had received support and solved similar problems. I am attacthing the DDS log file. I request you to review the file and suggest steps to remove this malware/virus. Thank you in advance for your help and support. Regards, dds.txt
  5. Hey guys and gals, Yesterday I saw a dialogue on my comp that Ive seen before, warning me that my Java was out of date, and prompting me to shut down - it always looked a little fishy. I think last time I closed the window, this time I clicked to shutdown later. Well at some point while I was doing paperwork it shut down on its own. Then when it restarted it hung after typing my password while trying to log in (for at least 12 hours). I restarted this morning in Safe Mode with Networking and ran MBAM, removing 3 threats. Now it logs in okay, but I've got these audio ads playing in the backround randomly. I know there are probably other viruses on this machine, it's old, but I use it a lot now. Here are my logs if anyone can help... DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 3/2/2010 5:37:54 PM System Uptime: 7/4/2013 8:59:43 AM (1 hours ago) . Motherboard: eMachines | | WMCP61M Processor: AMD Athlon Processor 2850e | Socket AM2 | 792/201mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 286 GiB total, 45.334 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318} Description: PS/2 Compatible Mouse Device ID: ACPI\PNP0F13\4&2218BD69&0 Manufacturer: Microsoft Name: PS/2 Compatible Mouse PNP Device ID: ACPI\PNP0F13\4&2218BD69&0 Service: i8042prt . ==== System Restore Points =================== . RP379: 6/19/2013 7:48:18 AM - Windows Update RP380: 6/25/2013 5:44:11 AM - Windows Update RP381: 7/2/2013 6:34:12 AM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 2007 Microsoft Office Suite Service Pack 2 (SP2) 7-Zip 9.10 beta Acrobat.com Adobe After Effects CS5 Third Party Content Adobe After Effects CS5 Third Party Royalty Content Adobe AIR Adobe Community Help Adobe Creative Suite 5 Production Premium Adobe Download Assistant Adobe Encore CS5 Third Party Royalty Content Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Encoder CS5 Dolby X64 Adobe Media Encoder CS5 PCI X64 Adobe Media Player Adobe Photoshop Lightroom 3.2 64-bit Adobe Premiere Pro CS5 Third Party Royalty Content Adobe Reader X (10.1.6) Advertising Center Amazon Cloud Drive Ant.com IE add-on Apple Application Support Apple Mobile Device Support Apple Software Update Auto Gordian Knot 2.55 AviSynth 2.5 AVS Update Manager 1.0 AVS Video Converter 7 AVS4YOU Software Navigator 1.4 Blender Blender (remove only) Bonjour Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon IJ Network Scan Utility Canon IJ Network Tool Canon MP Navigator EX 3.0 Canon MP Navigator EX 5.1 Canon MP560 series MP Drivers Canon MP560 series User Registration Canon MX430 series MP Drivers Canon MX430 series On-screen Manual Canon MX430 series User Registration Canon My Printer Canon Solution Menu EX Canon Speed Dial Utility Canon Utilities Solution Menu CDBurnerXP Click'N Design 3D (V5) Compatibility Pack for the 2007 Office system D3DX10 DreamStation DXi2 Dropbox eBay Worldwide eMachines Games eMachines Recovery Management eMachines Registration eMachines ScreenSaver eMachines Updater ESET Smart Security Eudora Final Draft 7 Google Chrome Google Earth Google Update Helper Haali Media Splitter HD Writer AE 1.0 for HDC Identity Card ImagXpress Internet Explorer Toolbar 4.8 by SweetPacks Internet TV for Windows Media Center Java 7 Update 17 Java Auto Updater Java 6 Update 22 (64-bit) Junk Mail filter update L3DT Standard v2.9.0.0 (remove only) LogMeIn Malwarebytes Anti-Malware version 1.75.0.1300 Matroska Pack McAfee Security Scan Plus Mesh Runtime Microsoft Application Error Reporting Microsoft Chart Controls for Microsoft .NET Framework 3.5 Microsoft Expression Web 2 Microsoft Expression Web 2 MUI (English) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Works Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 MobileMe Control Panel Mozilla Firefox 20.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 9 Essentials Nero ControlCenter Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero StartSmart Nero StartSmart Help Nero StartSmart OEM NeroExpress neroxml Netflix in Windows Media Center NeuroSolutions NeuroSolutions 6 Norton Online Backup NVIDIA Display Control Panel NVIDIA Drivers NVIDIA ForceWare Network Access Manager OpenOffice.org 3.2 PDF Settings CS5 Pen Tablet Perl Studio 2009 Picasa 3 PVSonyDll PxMergeModule Python 2.6.5 Python 2.7.2 QuickTime Realtek High Definition Audio Driver Safari Samsung Kies Samsung Mobile phone USB driver Drive Software Samsung PC Studio 3 USB Driver Installer SAMSUNG USB Driver for Mobile Phones Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2466156) Security Update for 2007 Microsoft Office System (KB2509488) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for CAPICOM (KB931906) Security Update for Microsoft Office Excel 2007 (KB2464583) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2535818) Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) StartNow Toolbar SweetPacks Updater Service TeamViewer 7 TotalMovieConverter Twacker 64 Unity Web Player Unreal Development Kit: 2011-05 Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Expression Web 2 (KB957827) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Updater By SweetPacks 2.0.0.586 VLC media player 2.0.7 VobSub v2.23 (Remove Only) WD Drive Manager (x64) Welcome Center Winamp Winamp Detector Plug-in WinAVI Video Converter 9.0 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver WinSCP 4.2.1 beta Xvid 1.2.2 final uninstall XviD MPEG4 Video Codec (remove only) Yodot Recovery Software . ==== Event Viewer Messages From Past Week ======== . 7/4/2013 9:20:06 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. 7/4/2013 9:20:06 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/4/2013 9:20:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69} 7/4/2013 9:09:41 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 7/4/2013 8:56:12 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running. 7/4/2013 8:54:47 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 7/4/2013 8:54:46 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 7/4/2013 8:54:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 7/4/2013 8:54:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 7/4/2013 8:54:38 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 7/4/2013 8:54:31 AM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 7/4/2013 8:54:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 7/4/2013 8:54:12 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/4/2013 8:54:12 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/4/2013 8:54:12 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/4/2013 8:52:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B} 7/4/2013 8:52:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache ehdrv ElRawDisk spldr Wanarpv6 7/4/2013 8:52:30 AM, Error: Service Control Manager [7001] - The Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 7/4/2013 8:25:52 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect. 7/4/2013 8:25:52 AM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/4/2013 8:25:52 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 7/4/2013 7:47:27 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8002b6c3ef, 0x0000000000000000, 0x000000007efa003c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 070413-29780-01. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Remote Desktop Configuration service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Certificate Propagation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/4/2013 7:44:36 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/4/2013 7:40:06 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect. 7/4/2013 7:40:06 AM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/4/2013 7:33:43 AM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 7/4/2013 7:33:43 AM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 7/4/2013 7:33:43 AM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The data is invalid. 7/4/2013 7:33:43 AM, Error: Service Control Manager [7001] - The WLAN AutoConfig service depends on the Extensible Authentication Protocol service which failed to start because of the following error: The dependency service or group failed to start. 7/4/2013 7:33:43 AM, Error: Service Control Manager [7001] - The Extensible Authentication Protocol service depends on the CNG Key Isolation service which failed to start because of the following error: A system shutdown is in progress. 7/4/2013 7:33:43 AM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The service did not start due to a logon failure. 7/4/2013 7:33:43 AM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure. 7/4/2013 7:33:43 AM, Error: Service Control Manager [7000] - The CNG Key Isolation service failed to start due to the following error: A system shutdown is in progress. 7/4/2013 7:33:40 AM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: A system shutdown is in progress. 7/4/2013 7:33:40 AM, Error: Service Control Manager [7000] - The Certificate Propagation service failed to start due to the following error: A system shutdown is in progress. 7/4/2013 7:33:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1115" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 7/4/2013 7:33:39 AM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control. 7/4/2013 6:38:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 7/4/2013 6:38:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 7/4/2013 6:31:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McComponentHostService with arguments "" in order to run the server: {CC6F4D12-8575-4CFF-9455-CF5774AEB13B} 7/3/2013 5:36:51 PM, Error: Service Control Manager [7022] - The Windows Defender service hung on starting. 7/3/2013 3:11:52 PM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress. 7/3/2013 3:10:32 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FontCache3.0.0.0 service. . ==== End Of File =========================== And DDS DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7600.16766 BrowserJavaVersion: 10.17.2 Run by Matt at 9:27:43 on 2013-07-04 . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Ant.com\IE add-on\AntUpdaterService.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\Panasonic\HD Writer AE 1\HDWriterAutoStart.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Users\Matt\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Ant.com browser helper (video detector): {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll BHO: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Updater By SweetPacks: {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension32.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll TB: Ant.com Video Downloader toolbar: {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\anttoolbar.dll TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll TB: Ant.com Video Downloader toolbar: {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\anttoolbar.dll TB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll uRun: [AdobeBridge] <no file> mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 208.180.42.68 208.180.42.100 TCP: Interfaces\{76C09F17-3DAB-4FF0-8A0B-AE83015E5F44} : DHCPNameServer = 208.180.42.68 208.180.42.100 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Eudora's Shell Extension - {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Program Files (x86)\Qualcomm\Eudora\EuShlExt.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll x64-BHO: Updater By SweetPacks: {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\gdk3e1kb.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Matt\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Users\Matt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-06-24 06:28; {EEE6C361-6118-11DC-9C72-001320C79847}; C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\gdk3e1kb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi FF - ExtSQL: 2013-06-24 06:29; {7D4F1959-3F72-49d5-8E59-F02F8AA6815D}; C:\Program Files\Updater By SweetPacks\Firefox . ============= SERVICES / DRIVERS =============== . R? dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) R? LMIRfsClientNP;LMIRfsClientNP R? MBAMProtector;MBAMProtector R? MBAMScheduler;MBAMScheduler R? MBAMService;MBAMService R? McComponentHostService;McAfee Security Scan Component Host Service R? ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) R? SwitchBoard;Adobe SwitchBoard R? USBAAPL64;Apple Mobile USB Driver R? WatAdminSvc;Windows Activation Technologies Service R? wlcrasvc;Windows Live Mesh remote connections service S? AntUpdaterService;Ant Toolbar updater service S? eamonm;eamonm S? ekrn;ESET Service S? ElRawDisk;ElRawDisk S? epfwwfp;epfwwfp S? Greg_Service;GRegService S? LMIGuardianSvc;LMIGuardianSvc S? LMIInfo;LogMeIn Kernel Information Provider S? LMIRfsDriver;LogMeIn Remote File System Driver S? PxHlpa64;PxHlpa64 S? TabletServicePen;TabletServicePen S? TeamViewer7;TeamViewer 7 S? teamviewervpn;TeamViewer VPN Adapter S? Updater By SweetPacks;Updater By SweetPacks S? Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar S? Updater Service;Updater Service S? wacmoumonitor;Wacom Mode Helper S? WDBtnMgrSvc.exe;WD Drive Manager Service . =============== File Associations =============== . FileExt: .js: Applications\perl_studio.exe="C:\Program Files (x86)\Perl Studio 2009\perl_studio.exe" "%1" [userChoice] . =============== Created Last 30 ================ . 2013-07-04 14:21:26 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5CD04FCC-9813-47E2-9938-C8A2AFF08938}\offreg.dll 2013-07-04 11:41:08 -------- d-----w- C:\Users\Matt\AppData\Roaming\Malwarebytes 2013-07-04 11:40:29 -------- d-----w- C:\ProgramData\Malwarebytes 2013-07-04 11:40:19 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-07-04 11:40:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-04 11:40:01 -------- d-----w- C:\Users\Matt\AppData\Local\Programs 2013-07-02 11:35:42 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5CD04FCC-9813-47E2-9938-C8A2AFF08938}\mpengine.dll 2013-06-24 11:30:43 -------- d-----w- C:\Program Files (x86)\VideoLAN 2013-06-24 11:29:27 -------- d-----w- C:\Program Files\Updater By SweetPacks 2013-06-24 11:28:04 -------- d-----w- C:\Program Files (x86)\SweetIM 2013-06-24 11:26:54 33792 ----a-w- C:\Windows\System32\ImHttpComm.dll 2013-06-24 11:26:54 1447728 ----a-w- C:\Windows\System32\dmwu.exe 2013-06-24 11:26:54 -------- d-----w- C:\Windows\SysWow64\jmdp 2013-06-24 11:26:54 -------- d-----w- C:\Windows\SysWow64\ARFC 2013-06-24 11:26:53 -------- d-----w- C:\Windows\SysWow64\WNLT 2013-06-24 11:19:47 -------- d-----w- C:\Program Files (x86)\Matroska Pack 2013-06-22 22:33:57 -------- d-----r- C:\Users\Matt\Dropbox 2013-06-22 22:26:35 -------- d-----w- C:\Users\Matt\AppData\Roaming\Dropbox 2013-06-12 16:10:07 26024 ----a-w- C:\Windows\System32\drivers\rsdrvx64.sys 2013-06-12 16:08:01 -------- d-----w- C:\Program Files\Yodot Recovery for Android . ==================== Find3M ==================== . 2013-06-12 05:19:20 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-12 05:19:20 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-08 14:20:29 35656 ----a-w- C:\Windows\System32\LMIport.dll 2013-06-08 14:20:29 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll 2013-06-08 14:20:28 100680 ----a-w- C:\Windows\System32\LMIinit.dll 2013-06-04 14:15:02 103448 ----a-w- C:\Windows\System32\drivers\ssudbus.sys 2013-06-04 14:15:00 203672 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys 2013-05-02 07:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 9:35:47.78 =============== Thanks in advance.
  6. I believe i have a malware infection. Here are the basic stats for my machine: Windows 7 Home Premium Hewlett-Packard HP Pavilion dv7 Notebook PC Processor: AMD Turion II Ultra Dual-Core Mobile M600 2.40 GHz Installed memory (RAM): 400GB (3.75 GB usable) 64-bit Operating System I am running Norton Security Suite - provided by my ISP (All definitions are updated, but Norton finds nothing) The Problem: For several months now, I have had unsolicited audio advertisements pop up spontaneously whenever I start-up. A new slider (sometimes several) opens in my sound mixer (labeled "name not available" or sometimes "winrscmde" of it's own accord and begins playing ads for several minutes. Sometimes another will open later, and then another. I ran my scan through Norton and got no results. I also chatted online with a Norton rep who tried several fixes and resolved nothing. He said I needed to contact my driver manufacturers - whatever that means. While al this goes on, I frequently get messages from Windows warning of "High CPU Usage by winrscmde". After striking out with Norton help (a couple of months ago), I have mostly just managed this by muting each new slider that appears, and restarting as little as possible. Usually after an hour or so, the activity abates. What I've Done: This morning I downloaded the free version of Malwarebytes, and ran the quick scan. I found and removed 2 items (I saved the report,) then rebooted as requested. The following startup was worse. In adition to the ads, My Explorer opened on it's own, opened my gmail (veeeeeery slowly) and created a "compose" folder with a spam message. Also, Norton just notified me of a blocked attack from Exploit Toolkit Wbsite 38. I have also run DDS and saved both files. Advice?
  7. Hi....I'm having a problem with my Windows 7 Home computer. Anytime it starts up I get random audio ads before anything opens. This even happens before I even log into the computer. I think I've narrowed it down to a process svchost running as winrscmde. If I kill this process it stops until I reboot the computer. Please help. not only is this very irritating, it's causing my computer to run at 100% CPU utilization.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.