Jump to content

Search the Community

Showing results for tags 'PUM Hijack StartMenu'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 1 result

  1. Hello, I'm seeking expert assistance with removal of the following malware on a Windows 7 machine. Trojan.FakeAlert Trojan.FakeMS PUM.Hijack.StartMenu (two registry entries) I initially observed a rapid series of cascading dialogs stating "Unable to Load Attrib.exe" ." I immediately cut power to the machine. On normal reboot I see a similar series of cascading dialogs stating "Disk Errors Found," then the machine restarts on its own. In safe mode most of my program icons were not visible and many folders were empty. I managed to run a full scan with mbam which found the 4 items as listed above. I quarantined them and did a normal reboot but the cascading error dialogs were still present and another scan with mbam in safe mode reveals the same threats. So they're still hiding out somewhere in this PC. After reading the FAQs and Tips section of the forum on another machine, I was able to unhide everything in safe mode, giving me to access the forum via Firefox. I am reluctant to do another normal reboot until I have taken additional action, per one of your expert's recommendations. The DDS output files below were obtained after running mbam and removing the threats. Please let me know if a normal reboot and rerun of DDS is needed. Thank you in advance for your time. Here's the dds.txt file: DDS (Ver_2011-08-26.01) - NTFSAMD64 MINIMAL Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_19 Run by Tom at 18:30:42 on 2012-01-22 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.8183.7121 [GMT -5:00] . . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Windows\notepad.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111227141022.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe uRun: [tSUpODctlIrm.exe] C:\ProgramData\tSUpODctlIrm.exe mRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r mRun: [CTxfiHlp] CTXFIHLP.EXE mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRunOnce: [GrpConv] grpconv -o StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\CORELF~1.LNK - C:\Program Files (x86)\Corel\Print House Magic\cffrem.exe uPolicies-explorer: HideSCAHealth = 1 (0x1) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab TCP: DhcpNameServer = 10.0.0.1 TCP: Interfaces\{E359A986-72D7-4EFE-8E38-051C9AA41F29} : DhcpNameServer = 10.0.0.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll BHO-X64: McAfee Phishing Filter - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111227141022.dll BHO-X64: scriptproxy - No File BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r mRun-x64: [CTxfiHlp] CTXFIHLP.EXE mRun-x64: [updReg] C:\Windows\UpdReg.EXE mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRunOnce-x64: [GrpConv] grpconv -o . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\4imqfxt1.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - component: C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\components\scriptff.dll FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.93\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\Tom\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: XULRunner: {3DEBA5A5-6ACB-4AC6-8ACC-69A62A45D9F7} - C:\Users\Tom\AppData\Local\{3DEBA5A5-6ACB-4AC6-8ACC-69A62A45D9F7} FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - Ext: XUL Cache: {86c56d72-0491-4ff9-a2a0-aa4a68b83970} - %profile%\extensions\{86c56d72-0491-4ff9-a2a0-aa4a68b83970} FF - Ext: XUL Cache: {0244c830-c8f9-491b-8d2a-f63a68b17c6a} - %profile%\extensions\{0244c830-c8f9-491b-8d2a-f63a68b17c6a} . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] S1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] S1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] S2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-6-15 249648] S2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-23 135664] S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-8-27 249936] S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-8-27 249936] S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-8-27 249936] S2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-9-7 199272] S2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-9-7 208536] S2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-9-7 161168] S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?] S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-1-30 656624] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-7-7 195336] S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS --> C:\Windows\system32\drivers\BVRPMPR5a64.SYS [?] S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-1-29 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-1-29 79360] S3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?] S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?] S3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?] S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?] S3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?] S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-23 135664] S3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\system32\drivers\ha20x22k.sys --> C:\Windows\system32\drivers\ha20x22k.sys [?] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] S3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 PaeFireStudio;PreSonus FireStudio;C:\Windows\system32\Drivers\PaeFireStudio.sys --> C:\Windows\system32\Drivers\PaeFireStudio.sys [?] S3 PaeFireStudioAudio;PreSonus FireStudio Audio;C:\Windows\system32\drivers\PaeFireStudioAudio.sys --> C:\Windows\system32\drivers\PaeFireStudioAudio.sys [?] S3 PaeFireStudioMidi;PreSonus FireStudio MIDI;C:\Windows\system32\drivers\PaeFireStudioMidi.sys --> C:\Windows\system32\drivers\PaeFireStudioMidi.sys [?] S3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;C:\Windows\system32\DRIVERS\MarvinAVS64.sys --> C:\Windows\system32\DRIVERS\MarvinAVS64.sys [?] S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-01-22 02:33:45 -------- d-sh--w- C:\found.000 2012-01-22 00:32:29 453512 ----a-w- C:\ProgramData\tSUpODctlIrm.exe 2012-01-11 11:32:48 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll 2012-01-11 11:32:47 1572864 ----a-w- C:\Windows\System32\quartz.dll 2012-01-11 11:32:46 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-01-11 11:32:45 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-01-11 11:32:41 1739160 ----a-w- C:\Windows\System32\ntdll.dll 2012-01-11 11:32:38 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-01-11 11:32:36 77312 ----a-w- C:\Windows\System32\packager.dll 2012-01-11 11:32:34 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-01-01 17:25:10 -------- d-----w- C:\ProgramData\McAfee Security Scan 2012-01-01 17:25:09 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-01-01 17:25:09 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan . ==================== Find3M ==================== . 2011-12-10 20:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-11-24 05:00:47 3141632 ----a-w- C:\Windows\System32\win32k.sys 2011-11-05 05:26:29 1197568 ----a-w- C:\Windows\System32\wininet.dll 2011-11-05 05:23:10 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2011-11-05 05:17:42 2048 ----a-w- C:\Windows\System32\tzres.dll 2011-11-05 04:35:50 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-11-05 04:34:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2011-11-05 04:30:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2011-11-05 04:07:32 482816 ----a-w- C:\Windows\System32\html.iec 2011-11-05 03:28:41 386048 ----a-w- C:\Windows\SysWow64\html.iec 2011-11-05 03:25:44 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-11-05 02:55:38 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-10-26 05:19:07 43520 ----a-w- C:\Windows\System32\csrsrv.dll . ============= FINISH: 18:30:53.32 =============== and attach.txt: DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 2/5/2010 9:25:26 PM System Uptime: 1/22/2012 4:41:41 PM (2 hours ago) . Motherboard: DELL Inc. | | 0X501H Processor: Intel® Core™ i7 CPU 920 @ 2.67GHz | CPU 1 | 2660/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 689 GiB total, 596.583 GiB free. D: is CDROM () E: is CDROM () H: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Security Processor Loader Driver Device ID: ROOT\LEGACY_SPLDR\0000 Manufacturer: Name: Security Processor Loader Driver PNP Device ID: ROOT\LEGACY_SPLDR\0000 Service: spldr . Class GUID: {36fc9e60-c465-11cf-8056-444553540000} Description: eHome Infrared Receiver (USBCIR) Device ID: USB\VID_04EB&PID_E033\SN:CIR-00080612011700000000 Manufacturer: Microsoft Name: eHome Infrared Receiver (USBCIR) PNP Device ID: USB\VID_04EB&PID_E033\SN:CIR-00080612011700000000 Service: usbcir . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: McAfee Inc. mfehidk Device ID: ROOT\LEGACY_MFEHIDK\0000 Manufacturer: Name: McAfee Inc. mfehidk PNP Device ID: ROOT\LEGACY_MFEHIDK\0000 Service: mfehidk . Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318} Description: Consumer IR Devices Device ID: ROOT\SYSTEM\0001 Manufacturer: Microsoft Name: Consumer IR Devices PNP Device ID: ROOT\SYSTEM\0001 Service: circlass . ==== System Restore Points =================== . RP125: 12/11/2011 1:20:23 PM - Scheduled Checkpoint RP126: 12/14/2011 10:57:51 PM - Windows Update RP127: 12/23/2011 10:47:35 AM - Scheduled Checkpoint RP128: 12/31/2011 10:42:37 AM - Scheduled Checkpoint RP129: 1/8/2012 9:58:58 AM - Scheduled Checkpoint RP130: 1/10/2012 9:46:42 PM - Windows Update RP131: 1/11/2012 7:57:22 AM - Windows Update RP132: 1/18/2012 8:27:29 PM - Scheduled Checkpoint . ==== Installed Programs ====================== . Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.4.7 Amazon MP3 Downloader 1.0.10 Apple Application Support Apple Software Update ASIO4ALL ATI Catalyst Control Center Bing Bar Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Compatibility Pack for the 2007 Office system Corel Applications CorelDRAW 10 Creative Audio Control Panel Creative Software AutoUpdate Creative Sound Blaster Properties x64 Edition Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell Getting Started Guide Dell Support Center (Support Software) DirectXInstallService Dolby Digital Live Pack EMC 10 Content Emicsoft FLV Converter FLV to WMV Convert 2.7 Google Chrome Google Toolbar for Internet Explorer Google Update Helper GoToAssist 8.0.0.514 i-Fun Viewer Internet TV for Windows Media Center Java Auto Updater Java™ 6 Update 19 Junk Mail filter update Knoll Light Factory EZ Studio Magic Bullet Looks Studio Malwarebytes Anti-Malware version 1.60.0.1800 McAfee Security Scan Plus McAfee SecurityCenter Microsoft Choice Guard Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Mozilla Firefox (3.6) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Octoshape add-in for Adobe Flash Player Pinnacle Studio 14 Pinnacle Studio Ultimate Collection Plugins PowerDVD DX QualXServ Service Agreement QuickTime RealPlayer RealUpgrade 1.0 Red Giant ToonIt Studio Roxio Activation Module Roxio BackOnTrack Roxio Central Audio Roxio Central Copy Roxio Central Core Roxio Central Data Roxio Central Tools Roxio Easy CD and DVD Burning Roxio Express Labeler 3 Roxio Update Manager Security Update for CAPICOM (KB931906) Skins Sonic CinePlayer Decoder Pack Sound Blaster X-Fi SureThing Express Labeler Trapcode 3DStroke Studio Trapcode Particular Studio Trapcode Shine Studio Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Media Center Add-in for Flash WinX DVD Player 3.1.1 WinX DVD Ripper Platinum 6.3.5 WinX Free DVD Ripper 4.5.14 . ==== Event Viewer Messages From Past Week ======== . 1/22/2012 9:41:02 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 1/22/2012 9:41:02 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 1/22/2012 6:41:35 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 6:41:23 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache RxFilter spldr Wanarpv6 1/22/2012 5:11:23 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR10. 1/22/2012 5:11:09 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR9. 1/22/2012 5:10:55 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR8. 1/22/2012 5:10:41 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR7. 1/22/2012 5:10:27 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR6. 1/22/2012 5:10:13 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR5. 1/22/2012 5:09:46 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3. 1/22/2012 5:08:58 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 1/22/2012 5:08:30 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 4:45:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} 1/22/2012 4:42:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 1/22/2012 4:42:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 1/22/2012 4:42:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 1/22/2012 4:42:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 1/22/2012 4:42:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 1/22/2012 4:42:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 1/22/2012 4:41:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache mfehidk mfenlfk mfewfpk NetBIOS NetBT nsiproxy Psched rdbss RxFilter spldr Tcpip tdx Wanarpv6 WfpLwf 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The TCP/IP Registry Compatibility service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 1/22/2012 4:41:55 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 1/22/2012 4:41:54 PM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start. 1/22/2012 11:13:34 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 1/21/2012 9:55:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter 1/21/2012 9:55:49 PM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the file specified. 1/21/2012 9:55:02 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS. 1/21/2012 9:52:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.