Error : szAppName : svchost.exe szAppVer : 5.1.2600.5512

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

aqeelz

Thread Starter
Joined
Jan 13, 2015
Messages
8
Dear Members,
I have a HP Compaq (Model: HP dx7380 MT (RX445AV) ) running on Windows XP Professional SP 3 Build 2600 ,
Since a copule of months I am facing a prblem where a error shows up and the sound gets off.I am attching the snaps of that error dialog box. Please help in resolving the issue.



Regards
 

blues_harp28

Moderator
Joined
Jan 9, 2005
Messages
19,427
Hi, first do the following.
Check and post
TSG System Information Utility - found here.
http://static.techguy.org/download/SysInfo.exe
======
Download Security Check by screen317 from.
http://screen317.spywareinfoforum.org/
Or
http://www.bleepingcomputer.com/download/securitycheck/dl/123/

Save it to your Desktop.
Double click the install icon.
A command Prompt window will open.
Let it scan the Pc - press any key when asked.
It should now open in Notepad.
Copy and Paste the result of the scan in the reply box below.
 

aqeelz

Thread Starter
Joined
Jan 13, 2015
Messages
8
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Intel(R) Core(TM)2 CPU 6320 @ 1.86GHz, x86 Family 6 Model 15 Stepping 6
Processor Count: 2
RAM: 2038 Mb
Graphics Card: Intel(R) Q965/Q963 Express Chipset Family, 256 Mb
Hard Drives: C: Total - 61439 MB, Free - 36263 MB; D: Total - 61439 MB, Free - 7066 MB; E: Total - 81919 MB, Free - 8207 MB; F: Total - 100435 MB, Free - 21103 MB; G: Total - 305234 MB, Free - 3664 MB;
Motherboard: Board Manufacturer, 0AB4h
Antivirus: K7TotalSecurity, Updated: Yes, On-Demand Scanner: Enabled
 

aqeelz

Thread Starter
Joined
Jan 13, 2015
Messages
8
Results of screen317's Security Check version 0.99.93
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Please wait while WMIC is being installed.d
i
s
p
l
a
y
N
a
m
e
ECHO is off.
K
7
T
o
t
a
l
S
e
c
u
r
i
t
y
ECHO is off.
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Adobe Reader 8 Adobe Reader out of Date!
Google Chrome (39.0.2171.95)
Google Chrome (39.0.2171.99)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 20% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 

blues_harp28

Moderator
Joined
Jan 9, 2005
Messages
19,427
I have never heard of K7 TotalSecurity - is it a free or paid for anti-virus program?

Post a Hijack this log to see what is running on your Pc.
Hijack this 2.05
  • Save HJTInstall.exe to your desktop.
  • Doubleclick on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
Also post the Uninstall Log from Hjt log
Start HijackThis.
At the bottom right hand corner under - Others stuff.
Click on Config.
Then Misc.
Then Uninstall Manager.
Save List > paste the list in your next post.
 

blues_harp28

Moderator
Joined
Jan 9, 2005
Messages
19,427
I asked about K7 as it is not in the list of recommended anti-virus programs, that you can find online.
That aside - we need to see the Hjt log - post # 5.
 

aqeelz

Thread Starter
Joined
Jan 13, 2015
Messages
8
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 5:42:30 PM, on 1/17/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)


Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\K7 Computing\K7TSecurity\K7TSecurity.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIJ4E.EXE
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\K7 Computing\K7TSecurity\K7SysMon.Exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\K7 Computing\K7TSecurity\K7CrvSvc.exe
C:\Program Files\K7 Computing\K7TSecurity\K7TSMngr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\K7 Computing\K7TSecurity\K7EmlPxy.exe
C:\Program Files\K7 Computing\K7TSecurity\K7FWSrvc.exe
C:\Program Files\K7 Computing\K7TSecurity\K7PSSrvc.exe
C:\Program Files\K7 Computing\K7TSecurity\K7RTScan.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\EasyTech Computers\Application Data\uTorrent\uTorrent.exe
C:\WINDOWS\system32\dwwin.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Documents and Settings\EasyTech Computers\Local Settings\Application Data\VNT\vntldr.exe
C:\Documents and Settings\EasyTech Computers\Local Settings\Application Data\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EasyTech Computers\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://202.62.75.14/userportal/login.do
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: K7 Web Protection - {08B3B4B6-02DA-4658-8BA6-5974E3EBB03D} - C:\Program Files\K7 Computing\K7TSecurity\K7SRExt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O4 - HKLM\..\Run: [K7TSStart] C:\Program Files\K7 Computing\K7TSecurity\K7TSecurity.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [WSHelperSetup.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] "C:\Program Files\VNT\vntldr.exe"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIJ4E.EXE /EPT "EPLTarget\P0000000000000000" /M "M100 Series"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WSHelperSetup.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\k7wslsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\k7wslsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\k7wslsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\k7wslsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\k7wslsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\k7wslsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8EFB0C3E-FCA5-4D38-A939-AF7F004037C5}: NameServer = 192.168.15.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AV Health Monitor (AVHealthMon) - K7 Computing Pvt. Ltd. - C:\WINDOWS\AVHealthMonitor\HealthMon.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: K7Carnivore Service (K7CrvSvc) - K7 Computing Pvt Ltd - C:\Program Files\K7 Computing\K7TSecurity\K7CrvSvc.exe
O23 - Service: K7Computng - EMail Proxy Server (K7EmlPxy) - K7 Computing Pvt Ltd - C:\Program Files\K7 Computing\K7TSecurity\K7EmlPxy.exe
O23 - Service: K7Firewall Services (K7FWSrvc) - K7 Computing Pvt Ltd - C:\Program Files\K7 Computing\K7TSecurity\K7FWSrvc.exe
O23 - Service: K7Privacy Services (K7PSSrvc) - K7 Computing Pvt Ltd - C:\Program Files\K7 Computing\K7TSecurity\K7PSSrvc.exe
O23 - Service: K7RealTime AntiVirus Services (K7RTScan) - K7 Computing Pvt Ltd - C:\Program Files\K7 Computing\K7TSecurity\K7RTScan.exe
O23 - Service: K7SpmSrc - K7 Computing Pvt Ltd - C:\Program Files\K7 Computing\K7TSecurity\K7SpmSrc.exe
O23 - Service: K7TotalSecurity Manager (K7TSMngr) - K7 Computing Pvt Ltd - C:\Program Files\K7 Computing\K7TSecurity\K7TSMngr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 10241 bytes
 

blues_harp28

Moderator
Joined
Jan 9, 2005
Messages
19,427
Download AdwCleaner by Xplode to your desktop.
http://www.bleepingcomputer.com/download/adwcleaner/
Click on the Download Now @BleepingComputer button and save it to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close any browsers that may be open - double click on the ADWCleaner icon on your desktop
Click on the Scan button.
Let it scan your Pc - when that is done click on the Report button.
The report will appear on your desktop - Copy and Paste it into your next post.
======
Also post the Uninstall Log from Hjt log
Start HijackThis.
At the bottom right hand corner under - Others stuff.
Click on Config.
Then Misc.
Then Uninstall Manager.
Save List > paste the list in your next post.
 

aqeelz

Thread Starter
Joined
Jan 13, 2015
Messages
8
# AdwCleaner v4.108 - Report created 19/01/2015 at 13:20:49
# Updated 17/01/2015 by Xplode
# Database : 2015-01-18.1 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : EasyTech Computers - EASYTECH
# Running from : C:\Documents and Settings\EasyTech Computers\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : APNMCP

***** [ Files / Folders ] *****

Folder Found : C:\DOCUME~1\EASYTE~1\LOCALS~1\Temp\apn
Folder Found : C:\Documents and Settings\All Users\Application Data\apn
Folder Found : C:\Documents and Settings\All Users\Application Data\apn
Folder Found : C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork
Folder Found : C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork
Folder Found : C:\Documents and Settings\EasyTech Computers\Local Settings\Application Data\AskPartnerNetwork
Folder Found : C:\Documents and Settings\EasyTech Computers\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja
Folder Found : C:\Documents and Settings\EasyTech Computers\Local Settings\Application Data\VNT
Folder Found : C:\Program Files\AskPartnerNetwork
Folder Found : C:\Program Files\VNT

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : HKLM\SOFTWARE\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lkemddiljapcmhicklfpcbpfffahfbja
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.99

[C:\Documents and Settings\EasyTech Computers\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Documents and Settings\EasyTech Computers\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

*************************

AdwCleaner[R0].txt - [2875 octets] - [19/01/2015 13:20:49]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2935 octets] ##########
 

blues_harp28

Moderator
Joined
Jan 9, 2005
Messages
19,427
Run AdwCleaner again - Scan > Clean > let it reboot your pc.
Then post the latest log file.
======
Download Junkware Removal Tool
http://www.bleepingcomputer.com/download/junkware-removal-tool/

Temporarily shutdown your anti-virus to avoid any conflicts.
http://www.bleepingcomputer.com/for...nti-virus-firewall-and-anti-malware-programs/
Be sure to enable the anti-virus program after the scan.

Right-mouse click JRT.exe and select Run as administrator (If using XP just double click on the icon to run it.)
The tool will open and start scanning your system.
Please be patient as this can take a while to complete.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top