Jump to content

Random Backgroud Audio

starplex
 Share

Recommended Posts

starplex

starplex

Posted
Posted

Help Please.

I have ran the Malwarebytes software and removed 4 files that were threats.  However, the audio is still coming through.  Below are the log files.

.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/25/2012 3:36:21 AM
System Uptime: 7/9/2013 7:14:50 PM (0 hours ago)
.
Motherboard: Acer |  | VA50_CM
Processor: AMD A8-4500M APU with Radeon HD Graphics    | Socket FT1 | 1900/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 448 GiB total, 345.136 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP59: 6/14/2013 9:39:43 AM - Windows Update
RP60: 6/15/2013 8:29:31 AM - Windows Update
RP61: 6/15/2013 10:03:06 PM - Windows Update
RP62: 6/16/2013 12:55:19 PM - Windows Update
RP63: 7/9/2013 8:17:05 AM - Windows Update
RP64: 7/9/2013 8:39:28 AM - Installed Java 7 Update 25
RP65: 7/9/2013 8:44:04 AM - Removed GimpShop 2.8
RP66: 7/9/2013 8:51:28 AM - Removed LogMeIn Hamachi
RP67: 7/9/2013 8:58:43 AM - Removed Skype™ 6.1
RP68: 7/9/2013 9:02:27 AM - Removed newsXpresso
RP69: 7/9/2013 9:28:23 AM - Configured MediaEspresso
RP70: 7/9/2013 9:33:43 AM - Removed eBay Worldwide
.
==== Installed Programs ======================
.
 clear.fi SDK- Movie 2
 clear.fi SDK - MVP 2
Acer Backup Manager
Acer Crystal Eye Webcam
Acer ePower Management
Acer eRecovery Management
Acer Games
Acer Instant Update Service
Acer Registration
Acer ScreenSaver
Acer Updater
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.0) MUI
Agatha Christie - Death on the Nile
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Media Foundation Decoders
AMD Steady Video Plug-In
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Bluetooth Suite (64)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Backup Manager V3
Bejeweled 3
Bing Bar
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chronicles of Albian
Chuzzle Deluxe
clear.fi Media
clear.fi Photo
Cradle of Rome 2
D3DX10
DefaultTab
DiRT 3
Dolby Home Theater v4
Dora's World Adventure
ETDWare PS/2-X64 10.6.10.8_WHQL
Evernote v. 4.5.2
Far Cry 2
FATE
Final Drive: Nitro
Galerie de photos Windows Live
Galería fotográfica de Windows Live
Garry's Mod
Google Chrome
Google Update Helper
Governor of Poker 2 Premium Edition
Identity Card
iTunes
Java 7 Update 25
Java Auto Updater
Jewel Match 3
Jewel Quest Mysteries: The Seventh Gate Collector's Edition
Junk Mail filter update
Just Cause 2
Launch Manager
Lego Harry Potter
Malwarebytes Anti-Malware version 1.75.0.1300
Master of Orion
Master of Orion II
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft XNA Framework Redistributable 4.0
MSVCRT
MSVCRT_amd64
MyWinLocker
MyWinLocker 4
MyWinLocker Suite
Norton 360
Norton Online Backup
NTI Media Maker 9
OpenAL
Paint.NET v3.5.10
Penguins!
Pirate101
Plants vs. Zombies - Game of the Year
Polar Bowler
Polar Golfer
Qualcomm Atheros WiFi Driver Installation
Rapture3D 2.4.8 Game
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Shared C Run-time for x64
Shredder
Slenders Woods
Steam
Tales of Lagoona
Terraria
Torchlight
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Virtual Villagers 5 - New Believers
Welcome Center
WildTangent Games App
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Galeria de Fotos
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Wizard101
Yahoo! Detect
Yahoo! Software Update
Yahoo! Toolbar
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
7/9/2013 9:25:06 AM, Error: Service Control Manager [7034]  - The FastFreeConverterUpdt service terminated unexpectedly.  It has done this 1 time(s).
7/9/2013 9:10:35 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
7/9/2013 9:10:35 AM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
7/9/2013 7:26:20 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:  An instance of the service is already running.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7034]  - The Application Information service terminated unexpectedly.  It has done this 1 time(s).
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The IP Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Group Policy Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Extensible Authentication Protocol service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Computer Browser service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Background Intelligent Transfer Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 7:24:20 PM, Error: Service Control Manager [7031]  - The Application Experience service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 7:17:53 PM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
7/9/2013 7:09:24 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
7/9/2013 7:09:24 PM, Error: Service Control Manager [7000]  - The Application Information service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
7/9/2013 6:54:43 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error:  An instance of the service is already running.
7/9/2013 6:54:43 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error:  An instance of the service is already running.
7/9/2013 6:54:43 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error:  An instance of the service is already running.
7/9/2013 6:53:43 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:  An instance of the service is already running.
7/9/2013 6:21:17 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error:  An instance of the service is already running.
7/9/2013 6:08:45 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
7/9/2013 6:08:45 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
7/9/2013 6:07:07 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
7/9/2013 5:41:56 PM, Error: Service Control Manager [7034]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 5:41:56 PM, Error: Service Control Manager [7034]  - The User Profile Service service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 5:41:56 PM, Error: Service Control Manager [7034]  - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 5:41:56 PM, Error: Service Control Manager [7034]  - The Extensible Authentication Protocol service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 5:32:16 PM, Error: Service Control Manager [7031]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
7/9/2013 5:32:16 PM, Error: Service Control Manager [7031]  - The User Profile Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
7/9/2013 5:32:16 PM, Error: Service Control Manager [7031]  - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
7/9/2013 5:32:16 PM, Error: Service Control Manager [7031]  - The Extensible Authentication Protocol service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 5:16:35 PM, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
7/9/2013 5:14:58 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
7/9/2013 5:14:58 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/9/2013 5:14:58 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/9/2013 5:14:49 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Program Files (x86)\Atheros\AthIhvWlanExt.dll Error Code: 21
7/9/2013 5:14:46 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/9/2013 5:14:40 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/9/2013 5:14:35 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  BHDrvx64 ccSet_N360 discache eeCtrl IDSVia64 mwlPSDFilter mwlPSDNServ mwlPSDVDisk spldr SRTSPX SymIRON SymNetS Wanarpv6
7/9/2013 5:08:54 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
7/9/2013 3:58:12 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/9/2013 3:58:12 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/9/2013 3:57:45 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD BHDrvx64 ccSet_N360 DfsC discache eeCtrl IDSVia64 mwlPSDFilter mwlPSDNServ mwlPSDVDisk NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf
7/9/2013 3:57:41 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
7/9/2013 3:57:41 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
7/9/2013 3:57:41 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
7/9/2013 3:57:41 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
7/9/2013 3:57:41 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
7/9/2013 3:57:41 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
7/9/2013 3:57:41 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
7/9/2013 3:57:41 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
7/9/2013 3:57:41 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
7/9/2013 3:57:41 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
7/9/2013 3:41:05 PM, Error: Service Control Manager [7034]  - The Diagnostic System Host service terminated unexpectedly.  It has done this 1 time(s).
7/9/2013 3:41:05 PM, Error: Service Control Manager [7031]  - The WLAN AutoConfig service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 3:41:05 PM, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 3:41:05 PM, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 3:41:05 PM, Error: Service Control Manager [7031]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 3:41:05 PM, Error: Service Control Manager [7031]  - The PnP-X IP Bus Enumerator service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 3:41:05 PM, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
7/9/2013 3:41:05 PM, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 3:41:05 PM, Error: Service Control Manager [7031]  - The HomeGroup Listener service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 3:41:05 PM, Error: Service Control Manager [7031]  - The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 3:41:05 PM, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 3:05:23 PM, Error: Service Control Manager [7034]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 5 time(s).
7/9/2013 3:05:23 PM, Error: Service Control Manager [7034]  - The User Profile Service service terminated unexpectedly.  It has done this 4 time(s).
7/9/2013 3:05:23 PM, Error: Service Control Manager [7034]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 6 time(s).
7/9/2013 3:05:23 PM, Error: Service Control Manager [7034]  - The Application Information service terminated unexpectedly.  It has done this 2 time(s).
7/9/2013 2:14:05 PM, Error: Service Control Manager [7034]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 4 time(s).
7/9/2013 2:14:05 PM, Error: Service Control Manager [7034]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 5 time(s).
7/9/2013 2:05:13 PM, Error: Service Control Manager [7034]  - The Server service terminated unexpectedly.  It has done this 4 time(s).
7/9/2013 2:05:13 PM, Error: Service Control Manager [7034]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 4 time(s).
7/9/2013 2:05:13 PM, Error: Service Control Manager [7034]  - The Computer Browser service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 1:52:33 PM, Error: Service Control Manager [7034]  - The Themes service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 1:52:33 PM, Error: Service Control Manager [7034]  - The Task Scheduler service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 1:52:33 PM, Error: Service Control Manager [7034]  - The System Event Notification Service service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 1:52:33 PM, Error: Service Control Manager [7034]  - The Server service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 1:52:33 PM, Error: Service Control Manager [7034]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 1:52:33 PM, Error: Service Control Manager [7034]  - The IP Helper service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 1:52:33 PM, Error: Service Control Manager [7034]  - The Group Policy Client service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 1:52:33 PM, Error: Service Control Manager [7034]  - The Background Intelligent Transfer Service service terminated unexpectedly.  It has done this 3 time(s).
7/9/2013 1:52:33 PM, Error: Service Control Manager [7031]  - The Computer Browser service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
7/9/2013 1:44:51 PM, Error: Service Control Manager [7034]  - The Windows Update service terminated unexpectedly.  It has done this 2 time(s).
7/9/2013 1:44:51 PM, Error: Service Control Manager [7031]  - The Themes service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 1:44:51 PM, Error: Service Control Manager [7031]  - The Task Scheduler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/9/2013 1:44:51 PM, Error: Service Control Manager [7031]  - The System Event Notification Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
7/9/2013 1:44:51 PM, Error: Service Control Manager [7031]  - The Server service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2013 1:44:51 PM, Error: Service Control Manager [7031]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
7/9/2013 1:44:51 PM, Error: Service Control Manager [7031]  - The IP Helper service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
7/9/2013 1:44:51 PM, Error: Service Control Manager [7031]  - The Group Policy Client service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
7/9/2013 1:44:51 PM, Error: Service Control Manager [7031]  - The Background Intelligent Transfer Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/3/2013 7:27:57 PM, Error: Service Control Manager [7000]  - The Computer Browser service failed to start due to the following error:  The pipe has been ended.
7/3/2013 6:51:26 PM, Error: Service Control Manager [7000]  - The Computer Browser service failed to start due to the following error:  The client of a component requested an operation which is not valid given the state of the component instance.
7/3/2013 3:34:16 PM, Error: Service Control Manager [7000]  - The Application Experience service failed to start due to the following error:  The client of a component requested an operation which is not valid given the state of the component instance.
7/3/2013 12:58:40 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D3DCB472-7261-43CE-924B-0704BD730D5F}  and APPID  {D3DCB472-7261-43CE-924B-0704BD730D5F}  to the user Chandler-PC\Chandler SID (S-1-5-21-901859277-1321572276-1753676177-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/3/2013 12:58:40 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {145B4335-FE2A-4927-A040-7C35AD3180EF}  and APPID  {145B4335-FE2A-4927-A040-7C35AD3180EF}  to the user Chandler-PC\Chandler SID (S-1-5-21-901859277-1321572276-1753676177-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/3/2013 12:58:39 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {B77C4C36-0154-4C52-AB49-FAA03837E47F}  and APPID  {EA022610-0748-4C24-B229-6C507EBDFDBB}  to the user Chandler-PC\Chandler SID (S-1-5-21-901859277-1321572276-1753676177-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/2/2013 12:26:38 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the GREGService service.
.
==== End Of File ===========================

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611  BrowserJavaVersion: 10.25.2
Run by Chandler at 19:19:09 on 2013-07-09
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3561.2027 [GMT -6:00]
.
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Users\Chandler\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Dolby PCEE4\pcee4.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.


mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Chandler\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\Users\Chandler\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMEST~1.LNK - C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
StartupFolder: C:\Users\Chandler\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{394700B6-3AA1-4811-87AB-EA0FA59CE115} : DHCPNameServer = 192.168.2.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-3-19 31872]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys [2013-6-8 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys [2013-6-8 1139800]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [2013-7-2 1393240]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys [2013-6-8 169048]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130706.002\IDSviA64.sys [2013-7-9 513184]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2012-3-19 22648]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2012-3-19 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2012-3-19 62776]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys [2013-6-8 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-6-8 433752]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-3-19 235520]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-2-20 106144]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Chandler\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-5-27 107520]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-4-5 355920]
R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-6-1 871296]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2012-2-29 28264]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-3-19 255376]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-9 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-9 701512]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccsvchst.exe [2013-6-8 144368]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-1-5 256536]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2012-6-1 102528]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2012-6-1 219776]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-3-19 95248]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-2-20 30368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-3-2 138912]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-4-5 244560]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-3-19 103536]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-9 25928]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-6-1 342632]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-6-1 56448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-2-20 36000]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-2-20 339616]
S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-2-20 110752]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-2-20 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-2-20 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-2-20 280992]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-2-20 550560]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-6-21 173424]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-26 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-07-09 23:19:05 -------- d-----w- C:\Users\Chandler\AppData\Roaming\Malwarebytes
2013-07-09 23:18:31 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-09 23:18:30 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-07-09 23:18:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-09 23:18:01 -------- d-----w- C:\Users\Chandler\AppData\Local\Programs
2013-07-09 17:04:03 -------- d-----w- C:\Users\Chandler\AppData\Roaming\SUPERAntiSpyware.com
2013-07-09 15:55:38 -------- d-----w- C:\Users\Chandler\AppData\Local\ElevatedDiagnostics
2013-07-09 14:40:55 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-01 18:42:20 -------- d-----w- C:\Users\Chandler\AppData\Local\EgisTec
2013-06-15 14:31:17 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-15 14:31:16 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-06-15 14:31:16 218112 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-06-15 14:31:14 279040 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-06-13 23:05:20 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-06-13 23:05:20 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-06-12 20:27:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-12 20:22:57 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-06-12 20:22:57 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
.
==================== Find3M  ====================
.
2013-07-09 14:40:45 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-07-09 14:40:45 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-18 17:30:59 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-06-12 18:03:31 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 18:03:31 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-23 05:25:28 1139800 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys
2013-05-21 05:02:00 493656 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys
2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-05-16 05:02:14 796760 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\srtsp64.sys
2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-02 16:22:04 2274480 ----a-w- C:\Windows\System32\coin94.dll
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-25 00:43:56 433752 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys
2013-04-16 02:41:14 169048 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
.
============= FINISH: 19:31:12.03 ===============

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello and :welcome:

Please run the following and post back all the logs as ATTACHMENTS by clicking on the More Reply Options button.


STEP 01

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
  • Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


    STEP 02

    Please download Malwarebytes Anti-Rootkit from HERE
    • Unzip the contents to a folder in a convenient location.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt
    STEP 03

    Please download Junkware Removal Tool to your desktop.
    • Shutdown your antivirus to avoid any conflicts.
    • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next reply message
    • When completed make sure to re-enable your antivirus
    STEP 04

    Please download AdwCleaner by Xplode to your desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • If prompted by the User Account Control click Yes to allow it to run.
    • Under Actions click on the Delete button.
    • Click OK on all prompts.
    • You will be prompted to restart your computer. A text file will open after the restart.
    • Please post the entire contents of that logfile to your next reply.
    • You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.
    STEP 05

    button_eos.gif

    Please go here to run the online antivirus scannner from ESET.
    • Turn off the real time scanner of any existing antivirus program while performing the online scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Click Start
    • Make sure that the option Remove found threats is unticked
    • Click on Advanced Settings and ensure these options are ticked:
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology
    • Click Scan
    • Wait for the scan to finish
    • If any threats were found, click the 'List of found threats' , then click Export to text file....
    • Save it to your desktop, then please copy and paste that log as a reply to this topic.
Link to post
Share on other sites
starplex

starplex

Posted
  • Author
Posted

The audio in the background quit after the AntiRoot run. The Malwarebytes also quit popping up saying blocking svchost from connecting, which is a good thing I assume.  It found some files and removed them.  However, the ESET says I have 2 files that are variants of W64/Olmarik.AY Trojan. 

The Logs/files are attached as requested. 

Thanks for the help & please provide any additional guidance regarding the potential Trojan threat.

mbar-log-2013-07-10 (16-10-16).txt

mbar-log-2013-07-10 (16-49-41).txt

system-log.txt

JRT.txt

AdwCleanerS1.txt

Eset Files found.txt

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please run this antivirus scanner and let's see if it can help find and remove any other infections.
 
 

dr_web_cureit_zpse80d87bf.jpg

  • Please download Dr.Web CureIt! antivirus and save it to your computer. The file size is in excess of 100MB
  • NOTE: Free usage of Dr.Web CureIt! for business purposes is illegal.
  • Internet Explorer may show a warning when downloading - the file is safe to download from the provided link.
  • Shutdown your antivirus to avoid any conflicts while scanning.
  • Once the scans have completed please re-enable your antivirus.
  • If using Malwarebytes Anti-Malware PRO you can right click over the tray icon and disable the Protection Modules
  • If needed you can also temporarily disable it from starting with Windows
  • Temporarily turn off any other security add-ons or applications you may also have.
  • Once you have downloaded Dr.Web CureIt! you should right click over it and choose Properties and verify it has a Digital Signature.
  • If it does not have a Digital Signature then do not run it.
  • Close all open programs including all Web browsers and then double-click on drweb-cureit.exe to start the installer.
  • You should have your User Account Control (UAC) enabled for improved security and which should then produce a dialog box asking for approval to run the installer.
  • Click on the Yes button to start the installer.
  • Click OK to scan your computer in the Enhanced Protection Mode
  • Click on the check box to agree to participate in their software improvement program.
  • Then if needed choose your Language by clicking on the small globe like icon in the upper right corner by the wrench.
  • Then click on the Continue button and then click on the Select objects for scanning link just below the "Start scanning" button.
  • Place a check mark on all the items except for Temporary files and System restore points - those items should not have a check mark on them.
  • Then click on the Start scanning button.
  • If a threat is found you can click on the Action column in the program.
  • Your options will be Cure or Ignore
  • If you see an item that you are absolutely sure is OK, then un-check the check box for that item, otherwise keep it on Cure.
  • Then click on the Neutralize button.
  • Once completed click on the green Open Report link. It will open the report in NOTEPAD
  • Save the report to your desktop. The report will be called Cureit.log
  • Close Dr.Web Cureit!
  • Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  • After reboot, attach the log Cureit.log you saved previously in your next reply.
  • Re-Enable your antivirus and other security programs when all done.
Link to post
Share on other sites
starplex

starplex

Posted
  • Author
Posted

Well, I ran the Dr. Web.  It identified 1586 threats, most ending in .js.  I did not see the link to run the report, so I hit the arrow button which took me back to the start page.  Thus, I didn't get to run the report as requested.  Is there another way to retrieve the data?  I went ahead and Shutdown as well. 

 

Thanks

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please uninstall ALL versions of Java and then run the following.

Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Okay great. You can go ahead and uninstall and remove any tools or logs we've used for this clean up now.

Please read the following when you have time: Best Practices for Safe Computing - Prevention of Malware Infection

I'll go ahead then and close your topic soon.

Take care and stay safe out there

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.