1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

caught "system fix" virus - posting logs separately because they disappear

Discussion in 'Virus & Other Malware Removal' started by JTC111, Dec 3, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. JTC111

    JTC111 Thread Starter

    Joined:
    Apr 29, 2007
    Messages:
    102
    I seem to have the "System Fix" virus. While my browser was open to both facebook and an economics website that I don't have an address for, a warning came on my screen about malicious software and then my screen went black except for two folder icons, Homegroup and Libraries, both of which appear to be empty. I then got a window called "System Fix" which appeared to be searching my computer for problems, found some, then asked me to buy software to remove it. I did not. After that, many windows popped up on quick succession titles "Windows - Delayed Write Fail." And I also get a window popping up that is titled "Files indexation process failed." Additionally, I get numerous assorted messages popping up that make it sound like my hard drive is failing, but an internet search revealed that these are produced by the virus.

    My pc is useless right now. The log files I've posted here disappear within minutes of creating them.

    I'm desparate for some help. Thanks in advance.
    Jim

    DDS - Notepad

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
    Run by Jim at 15:26:16 on 2011-12-03
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.5290 [GMT -5:00]
    .
    AV: Spyware Doctor with AntiVirus *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spyware Doctor *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
    C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\PC Tools Security\pctsGui.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files (x86)\Steam\steam.exe
    C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\ProgramData\GBWXufOsmTrrX.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Windows\SysWOW64\attrib.exe
    C:\Windows\system32\conhost.exe
    C:\ProgramData\Ml5Ulab9bCegWn.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\SysWOW64\attrib.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Windows Live\Companion\companionuser.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\msiexec.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
    uURLSearchHooks: H - No File
    mURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    BHO: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: d6d23a04: {e1e8aa2a-cd08-4382-8f6f-369b72476ff2} - C:\ProgramData\api-ms-win-core-fibers-l1-1-032.dll
    TB: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
    TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [GBWXufOsmTrrX.exe] C:\ProgramData\GBWXufOsmTrrX.exe
    mRun: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
    Trusted Zone: intuit.com\ttlc
    DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1 68.237.161.12
    TCP: Interfaces\{2865D7DB-50E7-4B93-A449-7D399AD3E18B} : DhcpNameServer = 192.168.1.1 68.237.161.12
    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO-X64: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    BHO-X64: Conduit Engine - No File
    BHO-X64: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
    BHO-X64: XfireXO - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: d6d23a04: {E1E8AA2A-CD08-4382-8F6F-369B72476FF2} - C:\ProgramData\api-ms-win-core-fibers-l1-1-032.dll
    TB-X64: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
    TB-X64: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun-x64: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [GBWXufOsmTrrX.exe] C:\ProgramData\GBWXufOsmTrrX.exe
    mRun-x64: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\5w2lckjb.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
    FF - component: C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\5w2lckjb.default\extensions\{38542454-dfb6-44f5-b052-d4e071a3d073}\components\RadioWMPCoreGecko19.dll
    FF - component: C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\5w2lckjb.default\extensions\[email protected]\components\RadioWMPCoreGecko19.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    FF - plugin: C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\5w2lckjb.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 pavboot;pavboot;C:\Windows\system32\drivers\pavboot64.sys --> C:\Windows\system32\drivers\pavboot64.sys [?]
    R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
    R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
    R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
    R2 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-12-3 371472]
    R2 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-12-3 1117144]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 ENTECH64;ENTECH64;\??\C:\Windows\system32\DRIVERS\ENTECH64.sys --> C:\Windows\system32\DRIVERS\ENTECH64.sys [?]
    S3 EyeOneDisplay;EyeOneDisplay;C:\Windows\system32\Drivers\i1display_x64.sys --> C:\Windows\system32\Drivers\i1display_x64.sys [?]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
    S3 SeqCal;SeqCal;C:\Windows\system32\DRIVERS\SeqCal.sys --> C:\Windows\system32\DRIVERS\SeqCal.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== File Associations ===============
    .
    inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
    VBEFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
    VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
    .
    =============== Created Last 30 ================
    .
    2011-12-03 20:23:32 388096 ----a-r- C:\Users\Jim\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-12-03 20:14:26 -------- d--h--w- C:\Users\Jim\AppData\Local\{5C3B0FA2-6CE7-4F26-9F3F-9A4AC078C8CF}
    2011-12-03 20:13:37 -------- d--h--w- C:\Users\Jim\AppData\Local\{09CB5237-8395-4F9A-858E-E7BDCAF2BE9C}
    2011-12-03 19:40:43 747606 ---ha-w- C:\Windows\SysWow64\PerfStringBackup.TMP
    2011-12-03 19:32:00 -------- d--h--w- C:\Users\Jim\AppData\Local\{D41FF229-3CD2-4032-9EA1-953762C0A9AA}
    2011-12-03 19:31:34 -------- d--h--w- C:\Users\Jim\AppData\Local\{7C020ED1-4432-41C8-8317-4B27A59BBC2B}
    2011-12-03 19:13:16 816016 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
    2011-12-03 19:13:16 452872 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
    2011-12-03 19:13:14 337048 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
    2011-12-03 19:13:14 143896 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
    2011-12-03 19:13:09 282440 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
    2011-12-03 19:13:08 279344 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
    2011-12-03 19:13:07 92896 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
    2011-12-03 19:13:04 -------- d--h--w- C:\Program Files (x86)\PC Tools Security
    2011-12-03 19:13:04 -------- d--h--w- C:\Program Files (x86)\Common Files\PC Tools
    2011-12-03 19:11:34 -------- d--h--w- C:\ProgramData\PC Tools
    2011-12-03 18:24:42 -------- d--h--w- C:\Users\Jim\AppData\Local\{F56F0775-9E98-45E7-BAA0-2DE442CA45AD}
    2011-12-03 18:24:13 -------- d--h--w- C:\Users\Jim\AppData\Local\{C60C690F-B933-40AA-8922-ADE41CC91F8C}
    2011-12-02 23:00:21 -------- d--h--w- C:\Users\Jim\AppData\Local\{E74B0A2F-7B16-4F0C-8DBF-1A043D6509B5}
    2011-12-02 23:00:04 -------- d--h--w- C:\Users\Jim\AppData\Local\{331F2C80-59D0-49CE-9A2A-FFFD6FF8A5CF}
    2011-12-02 22:47:33 -------- d--h--w- C:\Users\Jim\AppData\Local\{9E3EEAF8-7CC5-4917-976F-028E4C33B6B1}
    2011-12-02 22:47:13 -------- d--h--w- C:\Users\Jim\AppData\Local\{C9365C59-32D1-49CD-AAFD-40FBB23B2DD7}
    2011-12-02 21:16:50 -------- d--h--w- C:\Users\Jim\AppData\Local\{943653FE-85E2-40A3-93C0-01610E9F8247}
    2011-12-02 21:16:33 -------- d--h--w- C:\Users\Jim\AppData\Local\{D289E4A7-B11D-4C13-98F1-2E76F4EC2F9C}
    2011-12-02 21:14:42 352392 ---ha-w- C:\ProgramData\Ml5Ulab9bCegWn.exe
    2011-12-02 21:11:43 445064 ---ha-w- C:\ProgramData\GBWXufOsmTrrX.exe
    2011-12-02 21:03:09 8822856 ---ha-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F5296738-865E-4DFF-AA4A-7A16906432C1}\mpengine.dll
    2011-11-29 21:15:05 -------- d--h--w- C:\Users\Jim\AppData\Local\{CE0DE713-3D1C-4F01-826A-4B045A7F6F7B}
    2011-11-29 21:14:51 -------- d--h--w- C:\Users\Jim\AppData\Local\{687B23C8-AEE3-486A-B45A-C5D1572189D1}
    2011-11-27 19:07:05 -------- d--h--w- C:\Users\Jim\AppData\Local\{2848939E-6D33-43D0-B939-3FFB2FDAA2C6}
    2011-11-27 19:06:53 -------- d--h--w- C:\Users\Jim\AppData\Local\{F232CF3F-D7CB-4D33-BFCE-9B8B379C3D41}
    2011-11-27 18:59:40 -------- d--h--w- C:\Program Files\Microsoft IntelliPoint
    2011-11-27 01:10:14 -------- d--h--w- C:\Users\Jim\AppData\Local\{1B3E1DB3-0B0A-40B8-B7F4-1F7EC6688ED0}
    2011-11-27 01:09:46 -------- d--h--w- C:\Users\Jim\AppData\Local\{4E0D26B4-84C4-4811-B334-5AF1586E3267}
    2011-11-25 08:00:28 158056 ---ha-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin
    2011-11-11 20:29:17 -------- d--h--w- C:\Program Files\SUPERAntiSpyware
    2011-11-11 16:24:03 -------- d--h--w- C:\Users\Jim\AppData\Local\Skyrim
    2011-11-11 16:23:48 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll
    2011-11-11 16:23:48 74072 ---ha-w- C:\Windows\SysWow64\XAPOFX1_4.dll
    2011-11-11 16:23:48 530776 ----a-w- C:\Windows\System32\XAudio2_6.dll
    2011-11-11 16:23:48 528216 ---ha-w- C:\Windows\SysWow64\XAudio2_6.dll
    2011-11-11 16:23:47 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
    2011-11-11 16:23:47 238936 ---ha-w- C:\Windows\SysWow64\xactengine3_6.dll
    2011-11-11 16:23:47 22360 ---ha-w- C:\Windows\SysWow64\X3DAudio1_7.dll
    2011-11-11 16:23:47 176984 ----a-w- C:\Windows\System32\xactengine3_6.dll
    2011-11-11 16:07:40 -------- d--h--w- C:\Program Files (x86)\Common Files\Steam
    2011-11-11 16:07:36 -------- d--h--w- C:\Program Files (x86)\Steam
    2011-11-09 09:41:02 -------- d--h--w- C:\Users\Jim\AppData\Local\{A59F8C1A-6818-41C3-B5B3-5D8C8A05BBA7}
    2011-11-09 09:40:42 -------- d--h--w- C:\Users\Jim\AppData\Local\{CB02BE05-9F46-437A-B4FF-556114664D57}
    2011-11-08 23:20:41 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
    2011-11-08 23:20:41 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
    2011-11-08 23:20:40 3144704 ----a-w- C:\Windows\System32\win32k.sys
    2011-11-08 23:20:40 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2011-11-04 00:05:21 -------- d--h--w- C:\Users\Jim\AppData\Local\{757F2E76-DB3A-4FC7-A71D-8B2DAC789546}
    .
    ==================== Find3M ====================
    .
    2011-11-27 01:09:31 414368 ---ha-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-09-22 15:51:56 0 ---ha-w- C:\Windows\SysWow64\ConduitEngine.tmp
    2011-09-19 22:50:55 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2011-09-19 22:50:55 152576 ---ha-w- C:\Windows\SysWow64\msclmd.dll
    2010-01-02 21:15:17 4179293 ---ha-w- C:\Program Files (x86)\everesthome220.exe
    .
    ============= FINISH: 15:37:11.66 ===============
     
  2. JTC111

    JTC111 Thread Starter

    Joined:
    Apr 29, 2007
    Messages:
    102
    Attach - Notepad

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 11/21/2009 11:31:45 AM
    System Uptime: 12/3/2011 3:10:46 PM (0 hours ago)
    .
    Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA770T-UD3P
    Processor: AMD Phenom(tm) II X4 965 Processor | Socket M2 | 3415/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 932 GiB total, 717.462 GiB free.
    D: is CDROM ()
    E: is Removable
    F: is Removable
    G: is Removable
    H: is Removable
    I: is FIXED (NTFS) - 932 GiB total, 412.145 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP339: 11/8/2011 6:19:20 PM - Windows Update
    RP340: 11/9/2011 3:00:26 AM - Windows Update
    RP341: 11/11/2011 3:00:27 AM - Windows Update
    RP342: 11/11/2011 11:07:22 AM - Installed Steam
    RP343: 11/11/2011 11:22:32 AM - Installed DirectX
    RP344: 11/12/2011 3:00:24 AM - Windows Update
    RP345: 11/15/2011 6:19:39 AM - Windows Update
    RP346: 11/22/2011 3:31:52 PM - Windows Update
    RP347: 11/29/2011 3:18:52 PM - Windows Update
    RP348: 12/2/2011 4:02:42 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    Acrobat.com
    Adobe AIR
    Adobe Anchor Service CS3
    Adobe Asset Services CS3
    Adobe Bridge CS3
    Adobe Bridge Start Meeting
    Adobe Camera Raw 4.0
    Adobe CMaps
    Adobe Color - Photoshop Specific
    Adobe Color Common Settings
    Adobe Color EU Extra Settings
    Adobe Color JA Extra Settings
    Adobe Color NA Recommended Settings
    Adobe Default Language CS3
    Adobe Device Central CS3
    Adobe ExtendScript Toolkit 2
    Adobe Flash Player 10 ActiveX
    Adobe Fonts All
    Adobe Help Viewer CS3
    Adobe Linguistics CS3
    Adobe PDF Library Files
    Adobe Photoshop CS3
    Adobe Reader 9.4.6
    Adobe Setup
    Adobe Stock Photos CS3
    Adobe Type Support
    Adobe Update Manager CS3
    Adobe Version Cue CS3 Client
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS3
    AGEIA PhysX v7.09.13
    Amazon MP3 Downloader 1.0.10
    Apple Application Support
    Apple Software Update
    Belarc Advisor 8.1
    Bing Bar
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center HydraVision Full
    Catalyst Control Center InstallProxy
    ccc-core-static
    CCC Help English
    Conduit Engine
    D3DX10
    Epson Print CD
    EPSON Scan
    EVEREST Home Edition v2.20
    Family Tree Maker 2006
    FTMVistaUpdater
    HiJackThis
    i1_driver_installer_utility_i1Match version 1.0
    Java Auto Updater
    Java(TM) 6 Update 26
    Junk Mail filter update
    Malwarebytes' Anti-Malware version 1.51.2.1300
    Mesh Runtime
    Messenger Companion
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Mozilla Firefox 8.0 (x86 en-US)
    Mozilla Thunderbird (8.0)
    MSVCRT
    MSVCRT_amd64
    Octoshape add-in for Adobe Flash Player
    Panda ActiveScan 2.0
    PDF Settings
    QuickTime
    RealPlayer
    Realtek 8169 8168 8101E 8102E Ethernet Driver
    Realtek High Definition Audio Driver
    RealUpgrade 1.0
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2553074)
    Security Update for 2007 Microsoft Office System (KB2553089)
    Security Update for 2007 Microsoft Office System (KB2553090)
    Security Update for 2007 Microsoft Office System (KB2584063)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2553073)
    Security Update for Microsoft Office Groove 2007 (KB2552997)
    Security Update for Microsoft Office InfoPath 2007 (KB2510061)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
    Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Spotify
    Spyware Doctor with AntiVirus 8.0
    Star Trek Online
    Steam
    Tabwin43
    TEFView 2.69
    TextPad 5
    The Elder Scrolls V: Skyrim
    TurboTax 2010
    TurboTax 2010 WinPerFedFormset
    TurboTax 2010 WinPerReleaseEngine
    TurboTax 2010 WinPerTaxSupport
    TurboTax 2010 wnyiper
    TurboTax 2010 wrapper
    Update EPSON Stylus Photo R2880 icc profile Glossy
    Update EPSON Stylus Photo R2880 icc profile Matte
    Update for 2007 Microsoft Office System (KB2284654)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 System (KB2539530)
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Outlook 2007 (KB2583910)
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update for Outlook 2007 Junk Email Filter (KB2596560)
    Ventrilo Client
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Player Firefox Plugin
    World of Warcraft
    Xfire (remove only)
    XfireXO Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/3/2011 3:31:51 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume .
    12/3/2011 3:14:48 PM, Error: Microsoft-Windows-WMPNSS-Service [14346] - A new media server was not initialized because RegisterRunningDevice() encountered error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service.
    12/3/2011 3:14:23 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: Access is denied.
    12/3/2011 3:14:23 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: Access is denied.
    12/3/2011 3:14:23 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80070005.
    12/3/2011 3:11:14 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{2865D7DB-50E7-4B93-A449-7D399AD3E18B} because another computer on the network has the same name. The server could not start.
    12/3/2011 3:11:14 PM, Error: NetBT [4321] - The name "JIM-PC :20" could not be registered on the interface with IP address 192.168.1.2. The computer with the IP address 192.168.1.5 did not allow the name to be claimed by this computer.
    12/3/2011 3:11:14 PM, Error: NetBT [4321] - The name "JIM-PC :0" could not be registered on the interface with IP address 192.168.1.2. The computer with the IP address 192.168.1.5 did not allow the name to be claimed by this computer.
    12/3/2011 3:11:10 PM, Error: Service Control Manager [7000] - The PDIHWCTL service failed to start due to the following error: The system cannot find the file specified.
    12/3/2011 3:11:00 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
    12/3/2011 3:11:00 PM, Error: atikmdag [43029] - Display is not active
    12/3/2011 3:05:55 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    12/3/2011 3:04:16 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    12/3/2011 3:04:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    12/3/2011 3:04:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    12/3/2011 3:04:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    12/3/2011 3:04:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    12/3/2011 3:04:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache pavboot PCTSD SASDIFSV SASKUTIL spldr Wanarpv6
    12/3/2011 2:13:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
    12/3/2011 2:10:10 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache pavboot SASDIFSV SASKUTIL spldr Wanarpv6
    12/3/2011 1:32:31 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    12/3/2011 1:30:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
    12/2/2011 6:17:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy pavboot Psched rdbss SASDIFSV SASKUTIL spldr tdx Wanarpv6 WfpLwf
    12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    12/2/2011 6:17:04 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    12/2/2011 6:10:23 PM, Error: Service Control Manager [7023] - The Software Protection service terminated with the following error: The system cannot find the file specified.
    12/2/2011 6:08:27 PM, Error: Microsoft-Windows-WMPNSS-Service [14356] - A media delivery engine with ID '0x80070057' was not initialized because RegisterDelegate() encountered error ''. Restart your computer, and then restart the WMPNetworkSvc service.
    12/2/2011 6:08:27 PM, Error: Microsoft-Windows-WMPNSS-Service [14348] - A new media server was not initialized due to error '0x80070057'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, in Windows Media Player, turn off media sharing, and then turn it back on.
    12/2/2011 6:08:27 PM, Error: Microsoft-Windows-WMPNSS-Service [14323] - Service 'WMPNetworkSvc' did not start correctly because MFCreateWMPMDEOpCenter encountered error '0xc00d36b0'. If possible, reinstall Windows Media Player.
    12/2/2011 6:08:18 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: pavboot spldr
    12/2/2011 6:08:06 PM, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Responder service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode.
    12/2/2011 6:08:06 PM, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Mapper I/O Driver service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode.
    12/2/2011 5:41:35 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    12/2/2011 5:41:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    12/2/2011 5:41:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    12/2/2011 4:18:19 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
    11/30/2011 6:41:20 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
    .
    ==== End Of File ===========================
     
  3. JTC111

    JTC111 Thread Starter

    Joined:
    Apr 29, 2007
    Messages:
    102
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:48:53 PM, on 12/3/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\PC Tools Security\pctsGui.exe
    C:\Program Files (x86)\Steam\steam.exe
    C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\ProgramData\GBWXufOsmTrrX.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\ProgramData\Ml5Ulab9bCegWn.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Windows Live\Companion\companionuser.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Users\Jim\Desktop\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
    R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    O2 - BHO: XfireXO - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: d6d23a04 - {E1E8AA2A-CD08-4382-8F6F-369B72476FF2} - C:\ProgramData\api-ms-win-core-fibers-l1-1-032.dll (file missing)
    O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [GBWXufOsmTrrX.exe] C:\ProgramData\GBWXufOsmTrrX.exe
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab
    O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10878 bytes
     
  4. JTC111

    JTC111 Thread Starter

    Joined:
    Apr 29, 2007
    Messages:
    102
    I think I've gotten rid of most of this problem so I'm going to start a new thread to fix the rest.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1029531

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice