caught "system fix" virus - posting logs separately because they disappear

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

JTC111

Thread Starter
Joined
Apr 29, 2007
Messages
102
I seem to have the "System Fix" virus. While my browser was open to both facebook and an economics website that I don't have an address for, a warning came on my screen about malicious software and then my screen went black except for two folder icons, Homegroup and Libraries, both of which appear to be empty. I then got a window called "System Fix" which appeared to be searching my computer for problems, found some, then asked me to buy software to remove it. I did not. After that, many windows popped up on quick succession titles "Windows - Delayed Write Fail." And I also get a window popping up that is titled "Files indexation process failed." Additionally, I get numerous assorted messages popping up that make it sound like my hard drive is failing, but an internet search revealed that these are produced by the virus.

My pc is useless right now. The log files I've posted here disappear within minutes of creating them.

I'm desparate for some help. Thanks in advance.
Jim

DDS - Notepad

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Jim at 15:26:16 on 2011-12-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.5290 [GMT -5:00]
.
AV: Spyware Doctor with AntiVirus *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spyware Doctor *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\PC Tools Security\pctsGui.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\GBWXufOsmTrrX.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\SysWOW64\attrib.exe
C:\Windows\system32\conhost.exe
C:\ProgramData\Ml5Ulab9bCegWn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\attrib.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Windows Live\Companion\companionuser.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
uURLSearchHooks: H - No File
mURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: d6d23a04: {e1e8aa2a-cd08-4382-8f6f-369b72476ff2} - C:\ProgramData\api-ms-win-core-fibers-l1-1-032.dll
TB: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [GBWXufOsmTrrX.exe] C:\ProgramData\GBWXufOsmTrrX.exe
mRun: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
Trusted Zone: intuit.com\ttlc
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 68.237.161.12
TCP: Interfaces\{2865D7DB-50E7-4B93-A449-7D399AD3E18B} : DhcpNameServer = 192.168.1.1 68.237.161.12
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO-X64: Conduit Engine - No File
BHO-X64: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
BHO-X64: XfireXO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: d6d23a04: {E1E8AA2A-CD08-4382-8F6F-369B72476FF2} - C:\ProgramData\api-ms-win-core-fibers-l1-1-032.dll
TB-X64: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
TB-X64: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [GBWXufOsmTrrX.exe] C:\ProgramData\GBWXufOsmTrrX.exe
mRun-x64: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\5w2lckjb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\5w2lckjb.default\extensions\{38542454-dfb6-44f5-b052-d4e071a3d073}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\5w2lckjb.default\extensions\[email protected]\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\5w2lckjb.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;C:\Windows\system32\drivers\pavboot64.sys --> C:\Windows\system32\drivers\pavboot64.sys [?]
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-12-3 371472]
R2 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-12-3 1117144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 ENTECH64;ENTECH64;\??\C:\Windows\system32\DRIVERS\ENTECH64.sys --> C:\Windows\system32\DRIVERS\ENTECH64.sys [?]
S3 EyeOneDisplay;EyeOneDisplay;C:\Windows\system32\Drivers\i1display_x64.sys --> C:\Windows\system32\Drivers\i1display_x64.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 SeqCal;SeqCal;C:\Windows\system32\DRIVERS\SeqCal.sys --> C:\Windows\system32\DRIVERS\SeqCal.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
VBEFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-12-03 20:23:32 388096 ----a-r- C:\Users\Jim\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-03 20:14:26 -------- d--h--w- C:\Users\Jim\AppData\Local\{5C3B0FA2-6CE7-4F26-9F3F-9A4AC078C8CF}
2011-12-03 20:13:37 -------- d--h--w- C:\Users\Jim\AppData\Local\{09CB5237-8395-4F9A-858E-E7BDCAF2BE9C}
2011-12-03 19:40:43 747606 ---ha-w- C:\Windows\SysWow64\PerfStringBackup.TMP
2011-12-03 19:32:00 -------- d--h--w- C:\Users\Jim\AppData\Local\{D41FF229-3CD2-4032-9EA1-953762C0A9AA}
2011-12-03 19:31:34 -------- d--h--w- C:\Users\Jim\AppData\Local\{7C020ED1-4432-41C8-8317-4B27A59BBC2B}
2011-12-03 19:13:16 816016 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
2011-12-03 19:13:16 452872 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
2011-12-03 19:13:14 337048 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
2011-12-03 19:13:14 143896 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
2011-12-03 19:13:09 282440 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2011-12-03 19:13:08 279344 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2011-12-03 19:13:07 92896 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
2011-12-03 19:13:04 -------- d--h--w- C:\Program Files (x86)\PC Tools Security
2011-12-03 19:13:04 -------- d--h--w- C:\Program Files (x86)\Common Files\PC Tools
2011-12-03 19:11:34 -------- d--h--w- C:\ProgramData\PC Tools
2011-12-03 18:24:42 -------- d--h--w- C:\Users\Jim\AppData\Local\{F56F0775-9E98-45E7-BAA0-2DE442CA45AD}
2011-12-03 18:24:13 -------- d--h--w- C:\Users\Jim\AppData\Local\{C60C690F-B933-40AA-8922-ADE41CC91F8C}
2011-12-02 23:00:21 -------- d--h--w- C:\Users\Jim\AppData\Local\{E74B0A2F-7B16-4F0C-8DBF-1A043D6509B5}
2011-12-02 23:00:04 -------- d--h--w- C:\Users\Jim\AppData\Local\{331F2C80-59D0-49CE-9A2A-FFFD6FF8A5CF}
2011-12-02 22:47:33 -------- d--h--w- C:\Users\Jim\AppData\Local\{9E3EEAF8-7CC5-4917-976F-028E4C33B6B1}
2011-12-02 22:47:13 -------- d--h--w- C:\Users\Jim\AppData\Local\{C9365C59-32D1-49CD-AAFD-40FBB23B2DD7}
2011-12-02 21:16:50 -------- d--h--w- C:\Users\Jim\AppData\Local\{943653FE-85E2-40A3-93C0-01610E9F8247}
2011-12-02 21:16:33 -------- d--h--w- C:\Users\Jim\AppData\Local\{D289E4A7-B11D-4C13-98F1-2E76F4EC2F9C}
2011-12-02 21:14:42 352392 ---ha-w- C:\ProgramData\Ml5Ulab9bCegWn.exe
2011-12-02 21:11:43 445064 ---ha-w- C:\ProgramData\GBWXufOsmTrrX.exe
2011-12-02 21:03:09 8822856 ---ha-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F5296738-865E-4DFF-AA4A-7A16906432C1}\mpengine.dll
2011-11-29 21:15:05 -------- d--h--w- C:\Users\Jim\AppData\Local\{CE0DE713-3D1C-4F01-826A-4B045A7F6F7B}
2011-11-29 21:14:51 -------- d--h--w- C:\Users\Jim\AppData\Local\{687B23C8-AEE3-486A-B45A-C5D1572189D1}
2011-11-27 19:07:05 -------- d--h--w- C:\Users\Jim\AppData\Local\{2848939E-6D33-43D0-B939-3FFB2FDAA2C6}
2011-11-27 19:06:53 -------- d--h--w- C:\Users\Jim\AppData\Local\{F232CF3F-D7CB-4D33-BFCE-9B8B379C3D41}
2011-11-27 18:59:40 -------- d--h--w- C:\Program Files\Microsoft IntelliPoint
2011-11-27 01:10:14 -------- d--h--w- C:\Users\Jim\AppData\Local\{1B3E1DB3-0B0A-40B8-B7F4-1F7EC6688ED0}
2011-11-27 01:09:46 -------- d--h--w- C:\Users\Jim\AppData\Local\{4E0D26B4-84C4-4811-B334-5AF1586E3267}
2011-11-25 08:00:28 158056 ---ha-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin
2011-11-11 20:29:17 -------- d--h--w- C:\Program Files\SUPERAntiSpyware
2011-11-11 16:24:03 -------- d--h--w- C:\Users\Jim\AppData\Local\Skyrim
2011-11-11 16:23:48 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll
2011-11-11 16:23:48 74072 ---ha-w- C:\Windows\SysWow64\XAPOFX1_4.dll
2011-11-11 16:23:48 530776 ----a-w- C:\Windows\System32\XAudio2_6.dll
2011-11-11 16:23:48 528216 ---ha-w- C:\Windows\SysWow64\XAudio2_6.dll
2011-11-11 16:23:47 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
2011-11-11 16:23:47 238936 ---ha-w- C:\Windows\SysWow64\xactengine3_6.dll
2011-11-11 16:23:47 22360 ---ha-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2011-11-11 16:23:47 176984 ----a-w- C:\Windows\System32\xactengine3_6.dll
2011-11-11 16:07:40 -------- d--h--w- C:\Program Files (x86)\Common Files\Steam
2011-11-11 16:07:36 -------- d--h--w- C:\Program Files (x86)\Steam
2011-11-09 09:41:02 -------- d--h--w- C:\Users\Jim\AppData\Local\{A59F8C1A-6818-41C3-B5B3-5D8C8A05BBA7}
2011-11-09 09:40:42 -------- d--h--w- C:\Users\Jim\AppData\Local\{CB02BE05-9F46-437A-B4FF-556114664D57}
2011-11-08 23:20:41 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-08 23:20:41 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-08 23:20:40 3144704 ----a-w- C:\Windows\System32\win32k.sys
2011-11-08 23:20:40 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-04 00:05:21 -------- d--h--w- C:\Users\Jim\AppData\Local\{757F2E76-DB3A-4FC7-A71D-8B2DAC789546}
.
==================== Find3M ====================
.
2011-11-27 01:09:31 414368 ---ha-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-22 15:51:56 0 ---ha-w- C:\Windows\SysWow64\ConduitEngine.tmp
2011-09-19 22:50:55 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-09-19 22:50:55 152576 ---ha-w- C:\Windows\SysWow64\msclmd.dll
2010-01-02 21:15:17 4179293 ---ha-w- C:\Program Files (x86)\everesthome220.exe
.
============= FINISH: 15:37:11.66 ===============
 

JTC111

Thread Starter
Joined
Apr 29, 2007
Messages
102
Attach - Notepad

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/21/2009 11:31:45 AM
System Uptime: 12/3/2011 3:10:46 PM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA770T-UD3P
Processor: AMD Phenom(tm) II X4 965 Processor | Socket M2 | 3415/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 932 GiB total, 717.462 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 932 GiB total, 412.145 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP339: 11/8/2011 6:19:20 PM - Windows Update
RP340: 11/9/2011 3:00:26 AM - Windows Update
RP341: 11/11/2011 3:00:27 AM - Windows Update
RP342: 11/11/2011 11:07:22 AM - Installed Steam
RP343: 11/11/2011 11:22:32 AM - Installed DirectX
RP344: 11/12/2011 3:00:24 AM - Windows Update
RP345: 11/15/2011 6:19:39 AM - Windows Update
RP346: 11/22/2011 3:31:52 PM - Windows Update
RP347: 11/29/2011 3:18:52 PM - Windows Update
RP348: 12/2/2011 4:02:42 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 9.4.6
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AGEIA PhysX v7.09.13
Amazon MP3 Downloader 1.0.10
Apple Application Support
Apple Software Update
Belarc Advisor 8.1
Bing Bar
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
ccc-core-static
CCC Help English
Conduit Engine
D3DX10
Epson Print CD
EPSON Scan
EVEREST Home Edition v2.20
Family Tree Maker 2006
FTMVistaUpdater
HiJackThis
i1_driver_installer_utility_i1Match version 1.0
Java Auto Updater
Java(TM) 6 Update 26
Junk Mail filter update
Malwarebytes' Anti-Malware version 1.51.2.1300
Mesh Runtime
Messenger Companion
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 8.0 (x86 en-US)
Mozilla Thunderbird (8.0)
MSVCRT
MSVCRT_amd64
Octoshape add-in for Adobe Flash Player
Panda ActiveScan 2.0
PDF Settings
QuickTime
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
RealUpgrade 1.0
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Spotify
Spyware Doctor with AntiVirus 8.0
Star Trek Online
Steam
Tabwin43
TEFView 2.69
TextPad 5
The Elder Scrolls V: Skyrim
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wnyiper
TurboTax 2010 wrapper
Update EPSON Stylus Photo R2880 icc profile Glossy
Update EPSON Stylus Photo R2880 icc profile Matte
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Ventrilo Client
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
World of Warcraft
Xfire (remove only)
XfireXO Toolbar
.
==== Event Viewer Messages From Past Week ========
.
12/3/2011 3:31:51 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume .
12/3/2011 3:14:48 PM, Error: Microsoft-Windows-WMPNSS-Service [14346] - A new media server was not initialized because RegisterRunningDevice() encountered error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service.
12/3/2011 3:14:23 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: Access is denied.
12/3/2011 3:14:23 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: Access is denied.
12/3/2011 3:14:23 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80070005.
12/3/2011 3:11:14 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{2865D7DB-50E7-4B93-A449-7D399AD3E18B} because another computer on the network has the same name. The server could not start.
12/3/2011 3:11:14 PM, Error: NetBT [4321] - The name "JIM-PC :20" could not be registered on the interface with IP address 192.168.1.2. The computer with the IP address 192.168.1.5 did not allow the name to be claimed by this computer.
12/3/2011 3:11:14 PM, Error: NetBT [4321] - The name "JIM-PC :0" could not be registered on the interface with IP address 192.168.1.2. The computer with the IP address 192.168.1.5 did not allow the name to be claimed by this computer.
12/3/2011 3:11:10 PM, Error: Service Control Manager [7000] - The PDIHWCTL service failed to start due to the following error: The system cannot find the file specified.
12/3/2011 3:11:00 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
12/3/2011 3:11:00 PM, Error: atikmdag [43029] - Display is not active
12/3/2011 3:05:55 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/3/2011 3:04:16 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
12/3/2011 3:04:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/3/2011 3:04:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/3/2011 3:04:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/3/2011 3:04:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/3/2011 3:04:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache pavboot PCTSD SASDIFSV SASKUTIL spldr Wanarpv6
12/3/2011 2:13:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
12/3/2011 2:10:10 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache pavboot SASDIFSV SASKUTIL spldr Wanarpv6
12/3/2011 1:32:31 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
12/3/2011 1:30:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
12/2/2011 6:17:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy pavboot Psched rdbss SASDIFSV SASKUTIL spldr tdx Wanarpv6 WfpLwf
12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
12/2/2011 6:10:23 PM, Error: Service Control Manager [7023] - The Software Protection service terminated with the following error: The system cannot find the file specified.
12/2/2011 6:08:27 PM, Error: Microsoft-Windows-WMPNSS-Service [14356] - A media delivery engine with ID '0x80070057' was not initialized because RegisterDelegate() encountered error ''. Restart your computer, and then restart the WMPNetworkSvc service.
12/2/2011 6:08:27 PM, Error: Microsoft-Windows-WMPNSS-Service [14348] - A new media server was not initialized due to error '0x80070057'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, in Windows Media Player, turn off media sharing, and then turn it back on.
12/2/2011 6:08:27 PM, Error: Microsoft-Windows-WMPNSS-Service [14323] - Service 'WMPNetworkSvc' did not start correctly because MFCreateWMPMDEOpCenter encountered error '0xc00d36b0'. If possible, reinstall Windows Media Player.
12/2/2011 6:08:18 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: pavboot spldr
12/2/2011 6:08:06 PM, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Responder service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode.
12/2/2011 6:08:06 PM, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Mapper I/O Driver service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode.
12/2/2011 5:41:35 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
12/2/2011 5:41:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/2/2011 5:41:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/2/2011 4:18:19 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
11/30/2011 6:41:20 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
.
==== End Of File ===========================
 

JTC111

Thread Starter
Joined
Apr 29, 2007
Messages
102
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:48:53 PM, on 12/3/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\PC Tools Security\pctsGui.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\GBWXufOsmTrrX.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\ProgramData\Ml5Ulab9bCegWn.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Windows Live\Companion\companionuser.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\Jim\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: XfireXO - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: d6d23a04 - {E1E8AA2A-CD08-4382-8F6F-369B72476FF2} - C:\ProgramData\api-ms-win-core-fibers-l1-1-032.dll (file missing)
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GBWXufOsmTrrX.exe] C:\ProgramData\GBWXufOsmTrrX.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10878 bytes
 

JTC111

Thread Starter
Joined
Apr 29, 2007
Messages
102
I think I've gotten rid of most of this problem so I'm going to start a new thread to fix the rest.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top