Jump to content

Search the Community

Showing results for tags 'safemode'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 10 results

  1. I recently noticed my paid subscription to Malwarebytes kept crashing partway through scans. I also have avg paid full protection and somehow I still got infected even though I’m very careful and clean. Avg cannot detect either, both on max settings. Went to safe mode, cannot run windows defender scans, cannot run avg, Malwarebytes cannot detect anything. Really need help cleaning my machine, please help!! No downloads or extra files and cannot find a virus although I’m a novice at that.
  2. Hello, I recently logged into my computer and malwarebytes said it was out of date. I had to turn off the self-protection module to update and then malwarebytes was removed from my computer. I have since reinstalled it, but it will not boot unless I am in Safemode(which I currently am). I ran Rkill along with malwarebytes and they have both detected nothing, but I cannot understand what would cause the program not to function otherwise.
  3. Hi, I successfully downloaded Malwarebytes via Chameleon because I had the 4dsply virus. Plus, before shutting down my laptop would display a webpage to something called sportolife and other pages. I ran Malwarebytes several times, and it found multiple threats. When I downloaded MB there were two files on my desktop, the MB zip and a file called desktop.ini. My question is: Now that MB is installed and ran can I delete the desktop.ini file from the desktop? When I right click it says (paraphrased) "if deleted associated program may not run".
  4. Hello everyone! I just got a new laptop for the college, and I need some files from my old laptop. But, for protection, I did some scans on the old laptop to be sure that nothing is infected. Here is the results; - Avast Rescue Disk - nothing infected (some files were a "decompression bomb", but I removed them) - ESET Online Scanner - nothing infected - Malwarebytes full scan on Safe Mode - nothing infected So, I'm safe to do the backup? Or should I do the diagnostic logs? Thank you guys for the help.
  5. Today, from out of the blue, my Chrome web browser notified me that: "Chrome detected that your browser settings may have been changed without your knowledge. Would you like to reset them to their original defaults?".... what just happened? I did some searching around, and found this news article, published within the last 8 hours. After reading suggestions by Google that I may have acquired malware of a sort, I decided to do a scan with Malwarebytes Pro in safemode. It found "hijack.drives" (attached), which it then prompted to quarantine. How the heck did this get on my system, and is it something I should be concerned about?? The name of the find itself doesn't sound very friendly, and the fact my browser settings was changed by some unknown entity has had me paranoid. I have no idea if this "hijack.drives" is linked to the Chrome problem above. A pinned listing posted today on the Google Chrome Forums state that the 'reset' message is related to Chrome extensions. I found another article posted today regarding cleanup written by the vice-president of engineering. Can someone help me make sense of all this? I don't quite know what to do. A lot of the extensions I use contain sensitive information, such as the Lastpass extension which contains all my passwords. I'm hoping that nothing else inside my browser was exploited except browser settings. I'm tempted to do a System Restore to reverse what has happened:
  6. So i had qvo6 , i thought it was the thing that was causing the problem , i ran hitman pro , spybot , anvi smart , malware byte , norton , bit defender and adware . hitman pro detected hao and qvo6 and deleted them , but still cant use browsers in normal mode , i reseted them all , reinstall but nothing , someone told me to download pale moon . and it worked , i dont know how or why , now i remove all antivirus , if they were blocking the other browsers (ie,chromeand firefox) but nothing . here is my hijackthis log Logfile of HijackThis v1.99.1 Scan saved at 5:20:27 AM, on 7/21/2013 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Unable to get Internet Explorer version! Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Users\Shock\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe C:\Users\Shock\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe C:\Program Files (x86)\Pale Moon\palemoon.exe C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe C:\Program Files\HijackThis\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: IE.PerformancePack - {7adefb8e-b723-45e6-86e2-2b7841f5d6a5} - mscoree.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Shock\AppData\Local\Akamai\netsession_win.exe" O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O11 - Options group: [iNTERNATIONAL] International O13 - Gopher Prefix: O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - (no file) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing) O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing) O23 - Service: HP Support Assistant Service - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - (no file) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Microsoft SharePoint Workspace Audit Service - Unknown owner - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" /auditservice (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing) today i disabled internet explorer for window features
  7. Ive recently been infected with the moneypak malware. I cannot access safemode. Ive read the forums and attached FRST and search. Any help would be appreciated FRST: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-05-2013 Ran by SYSTEM on 19-05-2013 16:59:38 Running from G:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet004 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [9636896 2009-12-15] (Realtek Semiconductor) HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-12-15] (Synaptics Incorporated) HKLM\...\Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray [1931024 2010-07-19] (Intel® Corporation) HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation) HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation) HKLM-x32\...\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-20] (Intel Corporation) HKLM-x32\...\Run: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup [82944 2010-01-19] (Sony Electronics Corporation) HKLM-x32\...\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [320880 2009-08-26] (Sony Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation) HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-28] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe" [1151152 2013-03-18] () HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.) HKU\JALIL\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] C:\Users\JALIL\Documents\4f37f4e1.exe [24064 2013-05-16] () HKU\JALIL\...\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [x] HKU\JALIL\...\Winlogon: [shell] cmd.exe [345088 2010-11-20] (Microsoft Corporation) <==== ATTENTION Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Services (Whitelisted) ================= S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S2 arXfrSvc; C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [231280 2011-01-10] (Microsoft Corporation) S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] () S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4936752 2013-04-25] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.) S2 esClient; C:\Program Files\Windows Home Server\esClient.exe [109936 2011-01-10] (Microsoft Corporation) S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.) S2 mitsijm2012; c:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-07] (Autodesk, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-07-19] () S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions) S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions) S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () S3 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-10-15] (Sony Corporation) S3 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-10-15] (Sony Corporation) S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-09-14] (Sony Corporation) S2 vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [968880 2013-03-18] () S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation) S2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-09-14] (Sony Corporation) S2 WHSConnector; C:\Program Files\Windows Home Server\WHSConnector.exe [489840 2011-01-10] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-28] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-20] (AVG Technologies CZ, s.r.o.) S1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-03-18] (AVG Technologies) S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2010-07-26] (Devguru Co., Ltd) S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-13] (http://libusb-win32.sourceforge.net) S3 TVICHW64; C:\Windows\system32\DRIVERS\TVICHW64.SYS [21200 2010-08-06] (EnTech Taiwan) S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-12] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-05-19 11:25 - 2013-05-19 11:25 - 00003536 ____N C:\bootsqm.dat 2013-05-18 23:51 - 2013-05-18 23:58 - 00000000 ____D C:\Windows\Microsoft Antimalware 2013-05-18 19:56 - 2013-05-18 19:56 - 00000000 ____D C:\FRST 2013-05-18 16:20 - 2013-05-18 16:20 - 00000000 ____D C:\c70d519bc20333e0465e28333c2ee084 2013-05-17 15:56 - 2013-05-17 15:56 - 00000000 ____D C:\c9c105f75ab9a3b90fda 2013-05-17 15:56 - 2013-05-05 13:36 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-17 15:56 - 2013-05-05 13:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-17 15:56 - 2013-05-05 11:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-05-17 15:56 - 2013-05-05 11:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-05-17 15:54 - 2013-04-04 17:19 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-17 15:54 - 2013-04-04 17:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-17 15:54 - 2013-04-04 17:01 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-17 15:54 - 2013-04-04 17:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-17 15:54 - 2013-04-04 16:59 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-17 15:54 - 2013-04-04 16:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-17 15:54 - 2013-04-04 16:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-17 15:54 - 2013-04-04 16:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-17 15:54 - 2013-04-04 16:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-17 15:54 - 2013-04-04 16:55 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-17 15:54 - 2013-04-04 16:54 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-17 15:54 - 2013-04-04 16:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-17 15:54 - 2013-04-04 16:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-17 15:54 - 2013-04-04 16:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-17 15:54 - 2013-04-04 14:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-05-17 15:54 - 2013-04-04 14:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-05-17 15:54 - 2013-04-04 14:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-05-17 15:54 - 2013-04-04 14:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-05-17 15:54 - 2013-04-04 14:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-05-17 15:54 - 2013-04-04 14:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-05-17 15:54 - 2013-04-04 13:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-05-17 15:54 - 2013-04-04 13:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-05-17 15:54 - 2013-04-04 13:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-05-17 15:54 - 2013-04-04 13:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-05-17 15:54 - 2013-04-04 13:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-05-17 15:54 - 2013-04-04 13:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-05-17 15:54 - 2013-04-04 13:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-05-17 15:54 - 2013-04-04 13:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-05-16 12:46 - 2013-05-16 12:46 - 01096077 ____A C:\ProgramData\2433f433 2013-05-16 12:46 - 2013-05-16 12:46 - 01096042 ____A C:\Users\JALIL\AppData\Roaming\2433f433 2013-05-16 12:46 - 2013-05-16 12:46 - 01096038 ____A C:\Users\JALIL\AppData\Local\2433f433 2013-05-16 12:46 - 2013-05-16 12:46 - 00024064 ____A C:\Users\JALIL\Documents\4f37f4e1.exe 2013-05-14 17:03 - 2013-05-14 17:03 - 00516096 ____A C:\Users\JALIL\Desktop\Endocrine Histology Practice Quiz.ppt 2013-05-13 15:39 - 2013-05-13 15:39 - 04057695 ____A C:\Users\JALIL\Desktop\Reproduction BOLT S13.pptx 2013-05-13 13:57 - 2013-05-13 13:57 - 04023724 ____A C:\Users\JALIL\Desktop\Dinosaur origins BOLT S13.pptx 2013-05-13 13:29 - 2013-05-13 13:29 - 02058959 ____A C:\Users\JALIL\Desktop\Time and dinos BOLT S13 (SHORT).pptx 2013-04-23 19:12 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys ==================== One Month Modified Files and Folders ======= 2013-05-19 12:29 - 2010-07-14 18:32 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-19 12:29 - 2010-07-02 10:17 - 00000000 ____D C:\users\JALIL 2013-05-19 12:29 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-19 12:29 - 2009-07-13 20:51 - 00142524 ____A C:\Windows\setupact.log 2013-05-19 11:25 - 2013-05-19 11:25 - 00003536 ____N C:\bootsqm.dat 2013-05-19 09:20 - 2010-07-14 18:32 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-18 23:58 - 2013-05-18 23:51 - 00000000 ____D C:\Windows\Microsoft Antimalware 2013-05-18 19:56 - 2013-05-18 19:56 - 00000000 ____D C:\FRST 2013-05-18 16:20 - 2013-05-18 16:20 - 00000000 ____D C:\c70d519bc20333e0465e28333c2ee084 2013-05-18 16:20 - 2010-10-16 09:04 - 00000000 ____D C:\ProgramData\MFAData 2013-05-18 16:20 - 2010-06-08 18:32 - 01188836 ____A C:\Windows\WindowsUpdate.log 2013-05-18 16:18 - 2009-07-13 20:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-05-18 16:18 - 2009-07-13 20:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-05-17 15:56 - 2013-05-17 15:56 - 00000000 ____D C:\c9c105f75ab9a3b90fda 2013-05-17 15:56 - 2013-04-05 12:04 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-05-17 15:56 - 2010-08-03 19:58 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-05-16 12:46 - 2013-05-16 12:46 - 01096077 ____A C:\ProgramData\2433f433 2013-05-16 12:46 - 2013-05-16 12:46 - 01096042 ____A C:\Users\JALIL\AppData\Roaming\2433f433 2013-05-16 12:46 - 2013-05-16 12:46 - 01096038 ____A C:\Users\JALIL\AppData\Local\2433f433 2013-05-16 12:46 - 2013-05-16 12:46 - 00024064 ____A C:\Users\JALIL\Documents\4f37f4e1.exe 2013-05-15 08:57 - 2012-03-31 21:24 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-05-15 08:57 - 2011-06-04 10:39 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-05-14 17:03 - 2013-05-14 17:03 - 00516096 ____A C:\Users\JALIL\Desktop\Endocrine Histology Practice Quiz.ppt 2013-05-13 15:39 - 2013-05-13 15:39 - 04057695 ____A C:\Users\JALIL\Desktop\Reproduction BOLT S13.pptx 2013-05-13 13:57 - 2013-05-13 13:57 - 04023724 ____A C:\Users\JALIL\Desktop\Dinosaur origins BOLT S13.pptx 2013-05-13 13:29 - 2013-05-13 13:29 - 02058959 ____A C:\Users\JALIL\Desktop\Time and dinos BOLT S13 (SHORT).pptx 2013-05-13 13:11 - 2009-07-13 21:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-09 08:50 - 2012-12-12 17:09 - 00000965 ____A C:\Users\Public\Desktop\AVG 2013.lnk 2013-05-05 13:36 - 2013-05-17 15:56 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-05 13:16 - 2013-05-17 15:56 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-05 11:25 - 2013-05-17 15:56 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-05-05 11:12 - 2013-05-17 15:56 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-04-30 21:38 - 2011-06-14 11:07 - 00000000 ____D C:\Users\JALIL\AppData\Roaming\Skype 2013-04-30 20:03 - 2011-06-14 11:06 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-04-30 20:03 - 2011-06-14 11:06 - 00000000 ____D C:\ProgramData\Skype 2013-04-29 10:25 - 2010-10-10 14:05 - 00000000 ____D C:\Users\JALIL\Documents\Outlook Files 2013-04-23 23:00 - 2012-04-22 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox Other Malware: =========== C:\ProgramData\ezsidmv.dat ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-05-18 16:20:22 ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 3758.1 MB Available physical RAM: 3121.88 MB Total Pagefile: 3756.25 MB Available Pagefile: 3123.82 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:455.29 GB) (Free:294.96 GB) NTFS (Disk=0 Partition=3) Drive e: (Recovery) (Fixed) (Total:10.37 GB) (Free:0.8 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)] Drive g: (WDO_Media64) (Removable) (Total:1.8 GB) (Free:1.73 GB) NTFS (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 814834FB) Partition 1: (Not Active) - (Size=10 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=455 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 2 GB) (Disk ID: 2052474D) Partition 1: (Not Active) - (Size=915 GB) - (Type=70) Partition 2: (Not Active) - (Size=867 GB) - (Type=43) Partition 3: (Not Active) - (Size=5 KB) - (Type=72) Partition 4: (Not Active) - (Size=25 MB) - (Type=00) Last Boot: 2013-05-13 20:18 ==================== End Of Log ============================ Search: Farbar Recovery Scan Tool (x64) Version: 18-05-2013 Ran by SYSTEM at 2013-05-19 17:07:00 Running from G:\ Boot Mode: Recovery ================== Search: "services.exe" =================== C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\System32\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB ====== End Of Search ======
  8. I could use some assistance. I have ran MalwareBytes multiple times from safemode on my computer and this same virus keeps reappearing. thanks in advance for any help. Below are the mbam, Attach.txt and DDS.txt Here is the mbam log: Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Database version: v2012.09.24.09 Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking) Internet Explorer 9.0.8112.16421 Madrid :: MADRID-PC [administrator] 9/24/2012 12:40:33 PM mbam-log-2012-09-24 (12-40-33).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 446131 Time elapsed: 44 minute(s), 7 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 5 HKCR\Interface\{66666666-6666-6666-6666-660066226658} (Adware.GamePlayLab) -> Quarantined and deleted successfully. HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Quarantined and deleted successfully. HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully. HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully. HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Here is the Attach.txt log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 6/11/2008 10:00:41 PM System Uptime: 9/24/2012 2:13:25 PM (0 hours ago) . Motherboard: Gateway | | G33M05G1 Processor: Intel® Core2 Quad CPU Q9300 @ 2.50GHz | Socket 775 | 2498/333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 581 GiB total, 493.657 GiB free. D: is FIXED (NTFS) - 16 GiB total, 7.274 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable J: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft ISATAP Adapter Device ID: ROOT\*ISATAP\0001 Manufacturer: Microsoft Name: Microsoft ISATAP Adapter PNP Device ID: ROOT\*ISATAP\0001 Service: tunnel . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP LaserJet 4000 Series Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: Hewlett-Packard Name: HP LaserJet 4000 Series PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 4500_Help 8000A809 8000A809_eDocs 8000A809_Help Adobe Acrobat 5.0 Adobe Flash Player 11 ActiveX Adobe Reader 8.3.1 Adobe Shockwave Player 11.5 Apple Application Support Apple Software Update ArcSoft Insta Video Sharing Plus ArcSoft Print Creations ArcSoft Print Creations - Greeting Card ArcSoft Print Creations - Photo Book ArcSoft Print Creations - Photo Calendar Audacity 1.2.6 AVerMedia M791 PCIe Combo NTSC/ATSC 6.104.64.5 AVS DVD Authoring AVS DVD Copy version 4.1.1 AVS Media Player 4.1.1.60 AVS Screen Capture version 2.0.1 AVS Update Manager 1.0 AVS Video Converter 6 AVS Video Editor 6 AVS Video Recorder 2.4 AVS Video ReMaker 3.1.2.102 AVS YouTube Uploader version 2.1 AVS4YOU Software Navigator 1.4 BPD_HPSU bpd_scan BPDSoftware BPDSoftware_Ini BufferChm BurnToDisk version 1.0 Canon G.726 WMP-Decoder Canon MovieEdit Task for ZoomBrowser EX Canon RAW Image Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities MyCamera Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility Cisco Connect CloneDVD2 Compatibility Pack for the 2007 Office system CustomerResearchQFolder Destination Component DeviceDiscovery DeviceManagementQFolder DictionaryBoss DocMgr DocProc DocProcQFolder Epson Event Manager Epson FAX Utility Epson PC-FAX Driver Epson Print CD EPSON Scan EpsonNet Print EpsonNet Setup eSupportQFolder EzTune Fax Gateway Games Gateway Recovery Center Installer GearDrvs Google Update Helper GPBaseService GPBaseService2 Greeting Card Factory Photo Card Maker HOT ALBUM MYBOX Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Photosmart Essential 2.5 HP Update HPProductAssistant HPSSupply J4500 Java Auto Updater Java 6 Update 26 Java 6 Update 5 Kaspersky Anti-Virus 2011 KB0817 Keyboard Driver Logitech QuickCam Software Logitech® Camera Driver LTCM Client Malwarebytes Anti-Malware version 1.65.0.1400 MarketResearch Microsoft Money Essentials Microsoft Money Shared Libraries Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MP3 Rocket MSN Toolbar MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK myPrintMileage (Officejet Pro 8000 A809) Napster Napster Burn Engine NVIDIA PhysX NVIDIA Stereoscopic 3D Driver OVT Scanner PC Matic 1.1.0.48 PC Pitstop Download Nitro 1.5.0.0 PC Pitstop SuperShield 1.0.0.27 PC Speed Maximizer v3.0 PhotoImpression Picasa 3 Pivot Software Power2Go 5.0 Presto! PageManager 8.15.01 SE ProductContext PSSWCORE QuickTime Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Scan ScanSoft PaperPort 11 SDK Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Skype Toolbars Skype™ 5.10 Smart Copy 3.0.5.8 SmartWebPrinting Snap 'n Share Pro SolutionCenter Status The Print Shop 2.0 Deluxe Toolbox TrayApp Ulead DVD PictureShow 2 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Vegas Movie Studio HD 9.0 VideoExpress1.0 VideoToolkit01 WebReg WISECOMM DVRSERVER Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 9/24/2012 2:15:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Kaspersky Anti-Virus Service service to connect. 9/24/2012 2:15:25 PM, Error: Service Control Manager [7000] - The Kaspersky Anti-Virus Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 9/24/2012 2:13:52 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0. 9/24/2012 10:38:38 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.115 for the Network Card with network address 001FE2396E49 has been denied by the DHCP server 192.168.16.2 (The DHCP Server sent a DHCPNACK message). 9/24/2012 1:54:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 9/24/2012 1:54:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 9/24/2012 1:54:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 9/24/2012 1:54:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 9/24/2012 1:54:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 9/24/2012 1:51:42 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: KLIF spldr Wanarpv6 9/24/2012 1:51:42 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 9/20/2012 2:39:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect. 9/20/2012 2:39:47 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File =========================== Here is the DDS.txt log: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Madrid at 14:17:07 on 2012-09-24 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4093.2560 [GMT -10:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio64.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\taskeng.exe C:\Windows\MHotKey.exe C:\Windows\ChiFuncExt.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\CNYHKey.exe C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe C:\Program Files (x86)\Gateway\EzTune\dthtml.exe C:\Program Files (x86)\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe C:\Windows\SysWOW64\LVCOMSX.EXE C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Windows\ModLedKey.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\splwow64.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\wmi64.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\DllHost.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Bar = hxxp://www.google.com/ie uSearch Page = hxxp://www.google.com uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File TB: {71AAABE5-1F0F-11D7-BD6F-004854603DCE} - No File uRun: [PMSpeed] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.EXE uRun: [EPSON Artisan 810 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFRA.EXE /FU "C:\Windows\TEMP\E_S6622.tmp" /EF "HKCU" uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe mRun: [smart Copy] "C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe" -A mRun: [LchDrvKey] LchDrvKey.exe mRun: [LedKey] CNYHKey.exe mRun: [MBBalloon] "C:\Program Files (x86)\HOTALBUMMyBOX\MBBalloon.exe" mRun: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe" mRun: [DT GWY] "C:\Program Files (x86)\Gateway\EzTune\DTHtml.exe" -startup_folder mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun: [<NO NAME>] mRun: [ReminderApp] C:\Program Files (x86)\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe mRun: [sSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot mRun: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe" mRun: [indexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe" mRun: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" mRun: [LTCM Client] "C:\Program Files (x86)\LTCM Client\ltcmClient.exe" /startup mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [LVCOMSX] C:\Windows\system32\LVCOMSX.EXE mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 24.25.227.15 209.18.47.61 TCP: Interfaces\{E770229F-6D3A-40F7-AD34-A2EA2292C5C4} : DhcpNameServer = 24.25.227.15 209.18.47.61 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File TB-X64: {71AAABE5-1F0F-11D7-BD6F-004854603DCE} - No File mRun-x64: [smart Copy] "C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe" -A mRun-x64: [LchDrvKey] LchDrvKey.exe mRun-x64: [LedKey] CNYHKey.exe mRun-x64: [MBBalloon] "C:\Program Files (x86)\HOTALBUMMyBOX\MBBalloon.exe" mRun-x64: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe" mRun-x64: [DT GWY] "C:\Program Files (x86)\Gateway\EzTune\DTHtml.exe" -startup_folder mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun-x64: [(Default)] mRun-x64: [ReminderApp] C:\Program Files (x86)\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe mRun-x64: [sSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot mRun-x64: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe" mRun-x64: [indexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe" mRun-x64: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini mRun-x64: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe mRun-x64: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" mRun-x64: [LTCM Client] "C:\Program Files (x86)\LTCM Client\ltcmClient.exe" /startup mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [LVCOMSX] C:\Windows\system32\LVCOMSX.EXE mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -r [?] R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-8-2 1262400] R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272] R3 AVer88xHD;AVerMedia 23888 AvStream Video Capture;C:\Windows\system32\drivers\AVer88xHD64.sys --> C:\Windows\system32\drivers\AVer88xHD64.sys [?] R3 CAXHWBS2;CAXHWBS2;C:\Windows\system32\DRIVERS\CAXHWBS2.sys --> C:\Windows\system32\DRIVERS\CAXHWBS2.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-28 135664] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-15 250288] S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60a.sys --> C:\Windows\system32\DRIVERS\b57nd60a.sys [?] S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-17 89920] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-28 135664] S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?] S3 OV550I;OVT Scanner;C:\Windows\system32\Drivers\ov550ivx.sys --> C:\Windows\system32\Drivers\ov550ivx.sys [?] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S4 PCPitstop Realtime;PCPitstop Realtime;C:\Program Files (x86)\PCPitstop\PC MaticRT\PCPitstopRTService.exe [2012-7-22 3827896] . =============== File Associations =============== . JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* . =============== Created Last 30 ================ . 2012-09-24 20:42:29 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-09-24 20:42:29 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-09-22 01:49:06 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C40902EE-C35D-4FFE-A970-AB190BE72189}\mpengine.dll . ==================== Find3M ==================== . 2012-09-21 01:09:27 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-21 01:09:27 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-07-04 14:33:06 2769408 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 14:18:25.66 ===============
  9. I am currently having some computer problems and I have tried every way I know to fix it. What happens is that I have random sound clips playing for no apparent reason. Be it a 20 second song clip, advertisement, whatever. It only happens when I am connected to the internet, and when I connect my laptop to my flat screen tv through HDMI when I want to watch a movie. It doesn't happen when disconnect my wifi. Now I know it's not advertisements from a browser because it does it when I shut everything down. It's not a browser playing these sounds, I have pulled up task manager and closed every process except for the mandatory ones. I have rebooted my computer in safe mode and ran a Malwarebytes scan and Kaspersky tdsskiller scan. They both brought up nothing. Neither did a Norton scan nor a Kaspersky scan, I am running Windows 7 on an HP DV4-2142nr 64-bit laptop. Any questions, thoughts, suggestions or recommendations are most welcome. Thanks.
  10. seems like ...system.../srsvc.dll ... is involved. now=167K, probably not orig. win xp file,., keeps generating new "run" files, all of size 167K, with changing names, all executable, and run at startup.. currently streamdevproxy .... Malwarebytes is disabled in normal mode, but works fine in safe mode, ... But ... it fails to get the source file which writes new files for malwarebytes to find on the subsequent boot. daveyjane *********************************************************************************************************** quote: DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK Internet Explorer: 7.0.5730.13 Run by Benner at 8:46:51 on 2012-03-25 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.767.599 [GMT -4:00] . AV: Spyware Doctor with AntiVirus *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6} AV: Norton Security Suite *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Security Suite *Enabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\1511034286:1366486949.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\ctfmon.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2012\ievkbd.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2012\klwtbbho.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 4.0\apdproxy.exe" mRun: [volmgr] %APPDATA%\volmgr.exe mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2012\avp.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto mRun: [iSTray] "c:\program files\pc tools security\pctsGui.exe" /hideGUI mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\documents and settings\all users\application data\malwarebytes\malwarebytes' anti-malware\cleanup.dll",ProcessCleanupScript dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wg111v~1.lnk - c:\program files\netgear\wg111v2 configuration utility\RtlWake.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2012\ievkbd.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2012\klwtbbho.dll LSP: mswsock.dll DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1233706999203 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1233706979546 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{2950B391-EB7D-47F1-B472-88CD93F96EA2} : DhcpNameServer = 192.168.1.254 Notify: igfxcui - igfxsrvc.dll Notify: klogon - c:\windows\system32\klogon.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\benner\application data\mozilla\firefox\profiles\74ulm0y2.default\ FF - prefs.js: browser.search.selectedEngine - Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://search.internet-search-results.com/?sid=10101182100&s= FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\coffplgn\components\coFFPlgn.dll FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\ipsffplgn\components\IPSFFPl.dll FF - plugin: c:\program files\common files\motive\npMotive.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension . ---- FIREFOX POLICIES ---- FF - user.js: browser.search.selectedEngine - Search FF - user.js: browser.search.order.1 - Search FF - user.js: keyword.URL - hxxp://search.internet-search-results.com/?sid=10101182100&s= ============= SERVICES / DRIVERS =============== . R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2011-3-4 133208] R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2012-3-24 239168] R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2012-3-24 338880] R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2011-3-4 11352] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2011-3-10 34608] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-3-25 612184] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-3-25 337880] S1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2012-3-24 565552] S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-3-25 20696] S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-3-25 44768] S2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky anti-virus 2012\avp.exe [2011-4-24 202296] S2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2002-1-1 66048] S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-24 652360] S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\pc tools security\pctsAuxs.exe [2012-3-24 366840] S2 sdCoreService;PC Tools Security Service;c:\program files\pc tools security\pctsSvc.exe [2012-3-24 1150936] S3 ALSysIO;ALSysIO;\??\c:\docume~1\benner\locals~1\temp\alsysio.sys --> c:\docume~1\benner\locals~1\temp\ALSysIO.sys [?] S3 EraserUtilDrvI13;EraserUtilDrvI13;\??\c:\program files\common files\symantec shared\eengine\eraserutildrvi13.sys --> c:\program files\common files\symantec shared\eengine\EraserUtilDrvI13.sys [?] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19472] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-3-24 20464] S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2008-7-7 20480] S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2008-5-9 174336] S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2002-1-1 167808] . =============== Created Last 30 ================ . 2012-03-25 07:50:31 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-25 07:49:58 41184 ----a-w- c:\windows\avastSS.scr 2012-03-25 07:49:26 -------- d-----w- c:\program files\AVAST Software 2012-03-25 07:49:26 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software 2012-03-25 03:06:24 -------- d-----w- c:\program files\RegUtility 2012-03-25 02:52:46 -------- d-----w- c:\program files\RegistryNuke 2012 2012-03-25 01:44:50 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys 2012-03-25 01:44:50 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys 2012-03-25 01:44:49 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2012-03-25 01:44:43 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2012-03-25 01:44:43 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2012-03-25 01:44:35 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2012-03-25 01:44:26 -------- d-----w- c:\program files\PC Tools Security 2012-03-25 01:44:26 -------- d-----w- c:\program files\common files\PC Tools 2012-03-25 01:37:57 -------- d-----w- c:\documents and settings\all users\application data\PC Tools 2012-03-25 00:11:45 -------- d-----w- c:\windows\pss 2012-03-24 21:39:27 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll 2012-03-24 21:39:27 3072 ------w- c:\windows\system32\iacenc.dll 2012-03-24 18:47:34 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-24 16:47:01 97961 ----a-w- c:\windows\system32\drivers\klick.dat 2012-03-24 16:47:01 115369 ----a-w- c:\windows\system32\drivers\klin.dat 2012-03-24 16:41:21 -------- d-----w- c:\program files\Kaspersky Lab 2012-03-24 16:41:21 -------- d-----w- c:\documents and settings\all users\application data\Kaspersky Lab 2012-03-24 14:11:13 -------- d-sh--w- c:\windows\system32\AI_RecycleBin 2012-03-24 14:11:06 -------- d-----w- c:\program files\Core Temp 2012-03-24 14:06:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-23 23:43:44 -------- d-----w- C:\188c71482a26245595 . ==================== Find3M ==================== . 2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2011-12-28 23:07:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-28 21:52:56 0 ----a-w- c:\program files\evtsdbgedit.exe 2011-12-28 21:51:48 0 ----a-w- c:\windows\auditbasediag.exe 2011-12-28 21:50:23 0 ----a-w- c:\windows\system32\streamdevproxy.exe . ============= FINISH: 8:48:30.64 =============== ************************************************************************************************** Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.24.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.13 Benner :: BENNER-4923073F [administrator] Protection: Enabled 3/24/2012 6:02:22 PM mbam-log-2012-03-24 (18-02-22).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 191335 Time elapsed: 16 minute(s), 56 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 3 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{26D02F99-AE5B-4533-AD67-E23B4B20D60D} (Adware.AdRotator) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Z-opti (Adware.EZula) -> Quarantined and deleted successfully. HKCU\Software\Context\Context-Ads (Adware.AdRotator) -> Quarantined and deleted successfully. Registry Values Detected: 2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|*provdbgacl.exe (Trojan.FakeAlert) -> Data: "C:\Documents and Settings\LocalService\Local Settings\Application Data\provdbgacl.exe" -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|finc70dkk.exe (Trojan.FakeAlert) -> Data: "C:\Documents and Settings\Benner\Application Data\E1D4E46A80193FE2499A970547D70385\finc70dkk.exe" -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 4 C:\Documents and Settings\LocalService\Local Settings\Application Data\provdbgacl.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Benner\Application Data\E1D4E46A80193FE2499A970547D70385\finc70dkk.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\queuescanxml.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\objeditdiag.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. (end) ******************************************************* ************************************************************. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2/3/2009 7:18:32 PM System Uptime: 3/25/2012 8:43:35 AM (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | P4G533LA Processor: Intel® Celeron® CPU 2.60GHz | PGA 478 | 2590/100mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 75 GiB total, 59.705 GiB free. D: is CDROM () E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP94: 12/28/2011 3:44:37 PM - Installed %1 %2. RP95: 12/28/2011 3:44:51 PM - Printer Driver Microsoft XPS Document Writer Installed RP96: 12/28/2011 4:37:55 PM - Software Distribution Service 3.0 RP97: 12/28/2011 10:34:22 PM - Software Distribution Service 3.0 RP98: 12/31/2001 11:31:55 PM - Removed VZAccess Manager. RP99: 3/23/2012 7:37:56 PM - Software Distribution Service 3.0 RP100: 3/23/2012 7:38:30 PM - Software Distribution Service 3.0 RP101: 3/23/2012 7:57:09 PM - Printer Driver Microsoft XPS Document Writer Installed RP102: 3/23/2012 8:10:21 PM - Removed Microsoft Office XP Professional with FrontPage RP103: 3/23/2012 8:14:04 PM - Removed Microsoft Office Live Add-in 1.3 RP104: 3/23/2012 8:15:44 PM - Removed Adobe Photoshop CS2 RP105: 3/23/2012 8:45:35 PM - cleanup by dhb RP106: 3/24/2012 10:26:42 AM - Software Distribution Service 3.0 RP107: 3/24/2012 10:31:32 AM - Removed InstallIQ Updater RP108: 3/24/2012 10:32:34 AM - Software Distribution Service 3.0 RP109: 3/24/2012 10:33:31 AM - Software Distribution Service 3.0 RP110: 3/24/2012 10:36:46 AM - Software Distribution Service 3.0 RP111: 3/24/2012 10:38:36 AM - Software Distribution Service 3.0 RP112: 3/24/2012 11:52:04 AM - Software Distribution Service 3.0 RP113: 3/24/2012 12:40:38 PM - Installed Kaspersky Anti-Virus 2012. RP114: 3/24/2012 1:43:16 PM - Software Distribution Service 3.0 RP115: 3/24/2012 2:34:05 PM - Software Distribution Service 3.0 RP116: 3/24/2012 5:41:32 PM - Software Distribution Service 3.0 . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Photoshop Elements 4.0 Adobe Reader 9 Agent Ransack Version 1.7.3 avast! Free Antivirus Core Temp 1.0 RC3 EVEREST Home Edition v2.20 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Intel® Extreme Graphics Driver Java™ 6 Update 12 Kaspersky Anti-Virus 2012 LG USB Modem Drivers Malwarebytes Anti-Malware version 1.60.1.1000 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Silverlight Mobile Broadband Generic Drivers Mozilla Firefox (3.0) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6.0 Parser (KB925673) OpenOffice.org 2.1 RegistryNuke 2012 version 2.0.0.86 RegUtility version 4.1 Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB2544521) Security Update for Windows Internet Explorer 7 (KB2559049) Security Update for Windows Internet Explorer 7 (KB2618444) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB976325) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960714) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) Software Update for Web Folders SoulSeek Client 156c Spyware Doctor with AntiVirus 8.0 Update for Windows Internet Explorer 7 (KB976749) Update for Windows XP (KB2345886) Update for Windows XP (KB2541763) Update for Windows XP (KB2616676-v2) Update for Windows XP (KB2641690) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) WebFldrs XP WG111v2 Configuration Utility Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Live Sign-in Assistant Windows Presentation Foundation Windows XP Service Pack 3 WinRAR archiver XML Paper Specification Shared Components Pack 1.0 . ==== Event Viewer Messages From Past Week ======== . 3/24/2012 9:44:36 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 3/24/2012 9:43:24 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 3/24/2012 9:37:01 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm KLIF 3/24/2012 8:45:48 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde 3/24/2012 8:45:42 PM, error: Service Control Manager [7000] - The Kaspersky Anti-Virus Service service failed to start due to the following error: Access is denied. 3/24/2012 8:45:34 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 3/24/2012 8:21:28 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found. 3/24/2012 5:32:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 3/24/2012 4:25:40 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec kl2 KLIF MRxSmb NetBIOS NetBT PCIIde RasAcd Rdbss Tcpip 3/24/2012 4:25:40 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning. 3/24/2012 4:25:40 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning. 3/24/2012 4:25:40 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 3/24/2012 4:25:40 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning. 3/24/2012 4:24:57 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} 3/24/2012 4:22:13 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} 3/24/2012 2:37:00 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec kl2 KLIF MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip 3/24/2012 12:50:05 PM, error: Service Control Manager [7031] - The Kaspersky Anti-Virus Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 3/24/2012 10:39:01 PM, error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: Access is denied. 3/24/2012 10:38:23 PM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s). 3/23/2012 7:38:01 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Windows Malicious Software Removal Tool - December 2011 (KB890830). . ==== End Of File =========================== end quote: thanks for your assistance, daveyjane winxp pro, 32bits, asus motherboard, nvidia graphics, intel 2600 mHz. 768K mem
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.