1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Please Help!!

Discussion in 'Virus & Other Malware Removal' started by MissBoozy, Dec 14, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. MissBoozy

    MissBoozy Thread Starter

    Joined:
    Dec 14, 2011
    Messages:
    4
    Ok Ive been having issues with my Pc for a while now. in this time i have done 3 factory restores and spent ages scanning and trying to find the problem.......with no luck.
    Problems have been......
    Redirection when using opera or google chrome. (sometimes)
    Random folders and logs appearing throughout my Pc.
    Registry folders have virus names or folders but cant find anything using that name through my pc.
    Theres other things too which now im writing it down i cant remember but will keep you updated as and when i remember things.
    My PC used to belong to someone else who hardly used it, also 2 other people have used my PC recently so I hope everything on it is OK.

    Know its not much to go on but hope you can help if you are not too busy :)


    OS Version: Microsoft Windows 7 Home Premium, 64 bit
    Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz, Intel64 Family 6 Model 23 Stepping 10
    Processor Count: 4
    RAM: 4095 Mb
    Graphics Card: NVIDIA GeForce GT 220, 1024 Mb
    Hard Drives: C: Total - 470477 MB, Free - 439263 MB; D: Total - 471000 MB, Free - 250297 MB;
    Motherboard: eMachines, ET1850
    Antivirus: Lavasoft Ad-Watch Live! Anti-Virus, Updated and Enabled

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:47:13, on 14/12/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files (x86)\Opera Next\opera.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACPW&l=0809&m=et1850&r=17361211l42g9b95uhw5tef563v26o
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACPW&l=0809&m=et1850&r=17361211l42g9b95uhw5tef563v26o
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACPW&l=0809&m=et1850&r=17361211l42g9b95uhw5tef563v26o
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACPW&l=0809&m=et1850&r=17361211l42g9b95uhw5tef563v26o
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
    O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - Startup: ERUNT AutoBackup.lnk = C:\Windows\ERUNT\AUTOBACK.EXE
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 8955 bytes




    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7600.16385
    Run by Menow at 16:48:07 on 2011-12-14
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.4095.2249 [GMT 0:00]
    .
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    AV: Norton Internet Security *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton Internet Security *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
    C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Opera Next\opera.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\explorer.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Users\Menow\Desktop\OTL.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\notepad.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACPW&l=0809&m=et1850&r=17361211l42g9b95uhw5tef563v26o
    uDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACPW&l=0809&m=et1850&r=17361211l42g9b95uhw5tef563v26o
    mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACPW&l=0809&m=et1850&r=17361211l42g9b95uhw5tef563v26o
    mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACPW&l=0809&m=et1850&r=17361211l42g9b95uhw5tef563v26o
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    StartupFolder: C:\Users\Menow\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Windows\ERUNT\AUTOBACK.EXE
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{7DCB401A-A63D-4B7A-94D7-6D8730EC8A6C} : DhcpNameServer = 192.168.1.254
    Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
    BHO-X64: Symantec NCO BHO - No File
    BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL
    BHO-X64: Symantec Intrusion Prevention - No File
    BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    BHO-X64: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    BHO-X64: Google Dictionary Compression sdch - No File
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
    mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRunOnce-x64: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1008000.029\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1008000.029\SYMEFA64.SYS [?]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20111212.002\IDSviA64.sys [2011-12-12 488568]
    R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-10-28 2152152]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-14 366152]
    R2 Norton Internet Security;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [2011-12-14 117640]
    R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-12-30 240160]
    R3 BHDrvx64;Symantec Heuristics Driver;C:\Windows\system32\drivers\NISx64\1007000.01E\BHDrvx64.sys --> C:\Windows\system32\drivers\NISx64\1007000.01E\BHDrvx64.sys [?]
    R3 ccHP;Symantec Hash Provider;C:\Windows\system32\drivers\NISx64\1007000.01E\ccHPx64.sys --> C:\Windows\system32\drivers\NISx64\1007000.01E\ccHPx64.sys [?]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-12-13 138360]
    R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-12-14 17152]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\system32\drivers\NISx64\1007000.01E\SYMNDISV.SYS --> C:\Windows\system32\drivers\NISx64\1007000.01E\SYMNDISV.SYS [?]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14 136176]
    S2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe [2009-12-30 44312]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14 136176]
    S4 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-8 169312]
    S4 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2009-12-30 332272]
    .
    =============== Created Last 30 ================
    .
    2011-12-14 16:33:41 -------- d-----w- C:\Windows\ERUNT
    2011-12-14 12:54:00 16432 ----a-w- C:\Windows\System32\lsdelete.exe
    2011-12-14 11:12:42 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EAA29F75-AC61-4AD5-970C-A70E7FF1CCE5}\offreg.dll
    2011-12-14 11:12:38 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EAA29F75-AC61-4AD5-970C-A70E7FF1CCE5}\mpengine.dll
    2011-12-14 11:12:34 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2011-12-14 10:51:34 -------- d-----w- C:\Users\Menow\AppData\Roaming\Malwarebytes
    2011-12-14 10:51:22 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-12-14 10:51:19 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-12-14 10:51:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-12-14 10:38:01 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
    2011-12-14 10:36:06 388096 ----a-r- C:\Users\Menow\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-12-14 10:36:06 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2011-12-14 10:34:34 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys
    2011-12-14 10:34:29 -------- d-----w- C:\Program Files (x86)\Lavasoft
    2011-12-14 08:11:57 -------- d-----w- C:\Windows\NAPP_Dism_Log
    2011-12-14 03:30:56 56880 ----a-w- C:\Windows\System32\drivers\NISx64\1008000.029\symndisv.sys
    2011-12-14 03:30:56 278576 ----a-w- C:\Windows\System32\drivers\NISx64\1008000.029\symtdi.sys
    2011-12-14 03:30:55 476720 ----a-w- C:\Windows\System32\drivers\NISx64\1008000.029\srtsp64.sys
    2011-12-14 03:30:55 44080 ----a-w- C:\Windows\System32\drivers\NISx64\1008000.029\symndis.sys
    2011-12-14 03:30:55 43568 ----a-w- C:\Windows\System32\drivers\NISx64\1008000.029\symids.sys
    2011-12-14 03:30:55 402992 ----a-w- C:\Windows\System32\drivers\NISx64\1008000.029\SymEFA64.sys
    2011-12-14 03:30:55 334384 ----a-w- C:\Windows\System32\drivers\NISx64\1008000.029\BHDrvx64.sys
    2011-12-14 03:30:55 32304 ----a-w- C:\Windows\System32\drivers\NISx64\1008000.029\srtspx64.sys
    2011-12-14 03:30:55 120880 ----a-w- C:\Windows\System32\drivers\NISx64\1008000.029\symfw.sys
    2011-12-14 03:30:48 583296 ----a-w- C:\Windows\System32\drivers\NISx64\1008000.029\cchpx64.sys
    2011-12-14 03:30:47 -------- d-----w- C:\Windows\System32\drivers\NISx64\1008000.029
    2011-12-14 03:10:24 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-12-14 02:59:31 -------- d-----w- C:\Windows\SysWow64\Adobe
    2011-12-14 02:24:24 -------- d-----w- C:\Users\Menow\AppData\Local\MagicCamera
    2011-12-14 02:24:18 -------- d-----w- C:\Program Files (x86)\ShiningMorning
    2011-12-14 02:13:48 -------- d-----w- C:\Users\Menow\AppData\Local\Opera
    2011-12-14 02:13:45 -------- d-----w- C:\Program Files (x86)\Opera Next
    2011-12-14 01:51:15 83249512 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlcC784.tmp
    2011-12-14 01:39:37 -------- d-----w- C:\Users\Menow\AppData\Local\Symantec
    2011-12-14 01:24:51 -------- d-----w- C:\Users\Menow\AppData\Local\ElevatedDiagnostics
    2011-12-14 01:21:15 -------- d-----w- C:\Windows\pss
    2011-12-14 01:20:36 -------- d-----w- C:\Users\Menow\Tracing
    2011-12-14 01:19:34 -------- d-----w- C:\Users\Menow\AppData\Local\IOI
    2011-12-14 00:57:21 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
    2011-12-14 00:54:42 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
    2011-12-14 00:54:42 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
    2011-12-14 00:53:50 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2011-12-14 00:52:58 -------- d-----w- C:\Program Files (x86)\Microsoft
    2011-12-14 00:52:40 -------- d--h--w- C:\ProgramData\Common Files
    2011-12-14 00:52:36 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
    2011-12-14 00:52:09 -------- d-----w- C:\ProgramData\MFAData
    2011-12-14 00:51:40 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8a8250411ccb9fa\DSETUP.dll
    2011-12-14 00:51:40 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8a8250411ccb9fa\DXSETUP.exe
    2011-12-14 00:51:40 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8a8250411ccb9fa\dsetup32.dll
    2011-12-14 00:51:19 141402440 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc6E2F.tmp
    2011-12-14 00:51:11 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
    2011-12-14 00:50:28 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
    2011-12-14 00:50:15 55024 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
    2011-12-14 00:50:14 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
    2011-12-14 00:50:13 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
    2011-12-14 00:48:42 -------- d-----w- C:\Program Files (x86)\Packard Bell Photo Frame
    2011-12-14 00:44:21 311808 ----a-w- C:\Windows\System32\msv1_0.dll
    2011-12-14 00:44:21 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
    2011-12-14 00:43:24 46592 ----a-w- C:\Windows\System32\msasn1.dll
    2011-12-14 00:43:24 34816 ----a-w- C:\Windows\SysWow64\msasn1.dll
    2011-12-14 00:41:43 -------- d-----w- C:\Users\Menow\AppData\Local\Google
    2011-12-14 00:38:01 31280 ----a-r- C:\Windows\System32\drivers\SymIMV.sys
    2011-12-14 00:37:58 -------- d-----w- C:\Users\Menow\AppData\Local\Packard Bell
    2011-12-14 00:37:55 172592 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
    2011-12-14 00:37:55 -------- d-----w- C:\Program Files\Symantec
    2011-12-14 00:37:55 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
    2011-12-14 00:37:19 -------- d-----w- C:\Users\Menow\AppData\Local\VirtualStore
    2011-12-14 00:33:54 220672 ----a-w- C:\Windows\System32\wintrust.dll
    2011-12-14 00:33:54 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2011-12-14 00:33:53 139264 ----a-w- C:\Windows\System32\cabview.dll
    2011-12-14 00:33:53 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
    2011-12-14 00:19:34 -------- d-----w- C:\Windows\SysWow64\AGEIA
    2011-12-14 00:19:28 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2011-12-14 00:19:25 645224 ----a-w- C:\Windows\System32\nvuninst.exe
    .
    ==================== Find3M ====================
    .
    2011-12-14 00:26:30 6 ----a-w- C:\Windows\System32\PLD_Framework.cmd
    .
    ============= FINISH: 16:48:38.67 ===============




    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 14/12/2011 00:32:14
    System Uptime: 14/12/2011 03:16:39 (13 hours ago)
    .
    Motherboard: eMachines | | ET1850
    Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz | CPU 1 | 1999/333mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 459 GiB total, 428.966 GiB free.
    D: is FIXED (NTFS) - 460 GiB total, 244.431 GiB free.
    E: is CDROM ()
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    J: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Description: Microsoft PS/2 Mouse
    Device ID: ACPI\PNP0F03\4&8527638&0
    Manufacturer: Microsoft
    Name: Microsoft PS/2 Mouse
    PNP Device ID: ACPI\PNP0F03\4&8527638&0
    Service: i8042prt
    .
    ==== System Restore Points ===================
    .
    RP1: 14/12/2011 00:37:39 - Windows Update
    RP2: 14/12/2011 00:38:54 - Windows Update
    RP3: 14/12/2011 00:40:20 - Windows Update
    RP4: 14/12/2011 00:41:15 - Windows Update
    RP5: 14/12/2011 00:42:11 - Windows Update
    RP6: 14/12/2011 00:43:14 - Windows Update
    RP7: 14/12/2011 00:44:11 - Windows Update
    RP8: 14/12/2011 00:53:55 - Installed DirectX
    RP9: 14/12/2011 01:53:50 - Installed DirectX
    RP10: 14/12/2011 10:33:06 - Installed Ad-Aware
    RP11: 14/12/2011 10:34:13 - Installed Ad-Aware
    RP12: 14/12/2011 10:35:42 - Installed HiJackThis
    RP13: 14/12/2011 11:11:58 - Windows Update
    .
    ==== Installed Programs ======================
    .
    2007 Microsoft Office Suite Service Pack 2 (SP2)
    Acrobat.com
    Ad-Aware
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Photoshop Elements 7.0
    Adobe Reader 9.1 MUI
    Adobe Shockwave Player 11.5
    Advertising Center
    Alice Greenfingers
    Amazonia
    Chicken Invaders 2
    Compatibility Pack for the 2007 Office system
    Dairy Dash
    Dream Day First Home
    eBay Worldwide
    ERUNT 1.1j
    Farm Frenzy 2
    First Class Flurry
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Granny In Paradise
    Heroes of Hellas
    HiJackThis
    Identity Card
    ImagXpress
    Junk Mail filter update
    MagicCamera 6.8.0
    Malwarebytes' Anti-Malware version 1.51.2.1300
    Merriam Websters Spell Jam
    Metaboli
    Microsoft Choice Guard
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Works
    MSVCRT
    Nero 9 Essentials
    Nero ControlCenter
    Nero DiscSpeed
    Nero DiscSpeed Help
    Nero DriveSpeed
    Nero DriveSpeed Help
    Nero Express Help
    Nero InfoTool
    Nero InfoTool Help
    Nero Installer
    Nero Online Upgrade
    Nero StartSmart
    Nero StartSmart Help
    Nero StartSmart OEM
    NeroExpress
    neroxml
    Norton Internet Security
    Norton Online Backup
    NVIDIA PhysX
    Opera Next 12.00 alpha build 1116
    Packard Bell GameZone Console
    Packard Bell InfoCentre
    Packard Bell Photo Frame 4.2.3.9
    Packard Bell Recovery Management
    Packard Bell Registration
    Packard Bell ScreenSaver
    Packard Bell Software Suite SE
    Packard Bell Updater
    Realtek High Definition Audio Driver
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office Word 2007 (KB974631)
    Welcome Center
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer
    .
    ==== Event Viewer Messages From Past Week ========
    .
    14/12/2011 01:42:43, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
    14/12/2011 01:41:31, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Oberon Media Game Console service service to connect.
    14/12/2011 01:41:31, Error: Service Control Manager [7000] - The Oberon Media Game Console service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    14/12/2011 01:41:00, Error: Service Control Manager [7001] - The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    14/12/2011 01:40:58, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    14/12/2011 01:24:58, Error: Service Control Manager [7023] - The Software Protection service terminated with the following error: The system cannot find the file specified.
    14/12/2011 01:22:57, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: spldr SYMTDI
    14/12/2011 01:22:57, Error: Service Control Manager [7001] - The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    14/12/2011 01:22:57, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Responder service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode.
    14/12/2011 01:22:57, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Mapper I/O Driver service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode.
    14/12/2011 01:22:07, Error: Service Control Manager [7016] - The NVIDIA Display Driver Service service has reported an invalid current state 32.
    14/12/2011 00:22:10, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: The system cannot find the file specified.
    14/12/2011 00:19:29, Error: Microsoft-Windows-Application-Experience [205] - The Program Compatibility Assistant service failed to perform the phase two initialization.
    .
    ==== End Of File ===========================
     
  2. MissBoozy

    MissBoozy Thread Starter

    Joined:
    Dec 14, 2011
    Messages:
    4
    cant help thinking ive posted something wrong here hmmmm
     
  3. MissBoozy

    MissBoozy Thread Starter

    Joined:
    Dec 14, 2011
    Messages:
    4
    anyone got any suggestions? im kinda desperate here :)
     
  4. MissBoozy

    MissBoozy Thread Starter

    Joined:
    Dec 14, 2011
    Messages:
    4
    stiiiiiil stumped :(
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1031208

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice