Jump to content

firefox crashes upon startup


obuntu
 Share

Recommended Posts

Hi, I am running a windows 7 laptop. Yesterday when I tries to start firefox, it crashes and tries going into safemode, then crashes again. I tried scanning my computer with ESET and it picked up 14 infiltrations! (I just scanned it a couple days ago and it was clean then). Firefox is working now, but it occasionally loses connection to the internet (and the same thing happens with internet explorer), e.g., if you watch a youtube video it would suddenly drop ("an error occurred, please try again") I suspect the computer is still not clean. I am posting the logs here to seek further help. Thanks in advance and happy new year to the crew!!!

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2

Run by falconer at 21:58:55 on 2012-12-27

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3819.2799 [GMT -5:00]

.

AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\CxAudMsg64.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\Launch Manager\LMutilps32.exe

C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

C:\Windows\syswow64\svchost.exe

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Windows\system32\rundll32.exe

C:\Windows\system32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

C:\Program Files\ESET\ESET Smart Security\egui.exe

C:\Windows\Temp\temp04.exe

C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

svchost.exe

C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://acer.msn.com

mStart Page = hxxp://acer.msn.com

mDefault_Page_URL = hxxp://acer.msn.com

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll

uWindows: Load = C:\Users\falconer\LOCALS~1\Temp\msqiaheza.pif

mWinlogon: Userinit = userinit.exe

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

uRun: [Netscape] C:\Users\falconer\AppData\Roaming\78BD2D\78BD2D.exe

uRun: [sonyAgent] C:\Windows\Temp\temp04.exe

mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

mRun: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

mRun: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}

StartupFolder: C:\Users\falconer\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MENUST~2.LNK - C:\HTV Script\Menu Starter.ahk

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACERVC~1.LNK - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab

TCP: NameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{FA2DA520-766F-4F20-AAC1-C6812A48D702} : DHCPNameServer = 75.75.75.75 75.75.76.76

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

LSA: Authentication Packages = msv1_0 relog_ap

x64-mStart Page = hxxp://acer.msn.com

x64-mDefault_Page_URL = hxxp://acer.msn.com

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll

x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"

x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll

x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\falconer\AppData\Roaming\Mozilla\Firefox\Profiles\7re72ker.default-1356578275335\

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2012-12-09 11:31; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF - ExtSQL: 2012-12-26 20:41; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisor

.

============= SERVICES / DRIVERS ===============

.

R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2012-3-14 62496]

R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-3-14 209768]

R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-3-14 38288]

R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2011-12-21 22648]

R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2011-12-21 20520]

R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2011-12-21 62776]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-10-24 204288]

R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]

R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2011-12-21 198784]

R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-10-24 353360]

R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-3-7 913144]

R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-12-21 872552]

R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-5-29 36456]

R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-10-24 244624]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2012-8-22 103472]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]

R2 RS_Service;Raw Socket Service;C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2011-10-24 260640]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-10-24 114704]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-10-24 77424]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-12-21 44672]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]

S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-6-21 173424]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-10-24 250984]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-17 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-12-27 04:13:06 -------- d-----w- C:\Users\falconer\AppData\Local\ATI

2012-12-27 03:55:00 -------- d-----w- C:\HJT

2012-12-27 02:05:42 -------- d-----w- C:\Users\falconer\AppData\Local\Diagnostics

2012-12-26 02:01:31 -------- d-----w- C:\Users\falconer\AppData\Roaming\Ohih

2012-12-26 02:01:30 -------- d-----w- C:\Users\falconer\AppData\Roaming\Yngel

2012-12-26 02:01:30 -------- d-----w- C:\Users\falconer\AppData\Roaming\Qyfu

2012-12-25 12:50:24 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32A3EB35-65F1-4908-874D-42E7C1239416}\mpengine.dll

2012-12-22 17:06:49 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-22 17:06:49 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-22 17:06:47 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-22 17:06:45 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-13 00:26:20 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-12-13 00:26:20 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-12-13 00:24:26 3149824 ----a-w- C:\Windows\System32\win32k.sys

2012-12-13 00:21:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

2012-12-13 00:15:47 478208 ----a-w- C:\Windows\System32\dpnet.dll

2012-12-13 00:15:47 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

2012-12-09 16:35:41 -------- d-----w- C:\Users\falconer\AppData\Local\DDMSettings

2012-12-09 16:29:35 -------- d-----w- C:\Program Files\DivX

2012-12-09 16:29:09 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared

2012-12-09 16:24:24 -------- d-----w- C:\Program Files (x86)\DivX

2012-12-09 16:23:49 -------- d-----w- C:\ProgramData\DivX

.

==================== Find3M ====================

.

2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-13 20:29:04 354216 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll

2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll

2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll

2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll

2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll

2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll

2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll

2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll

2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll

2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll

2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

.

============= FINISH: 22:00:01.64 ===============

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 4/14/2012 10:23:01 AM

System Uptime: 12/27/2012 9:55:19 PM (1 hours ago)

.

Motherboard: Acer | | JE10-BZ

Processor: AMD C-60 APU with Radeon HD Graphics | Socket FT1 | 1000/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 285 GiB total, 219.542 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP86: 11/27/2012 2:42:41 PM - Windows Update

RP87: 11/27/2012 7:53:13 PM - Windows Update

RP88: 12/4/2012 3:46:54 PM - Windows Update

RP89: 12/7/2012 6:59:36 PM - Windows Update

RP90: 12/12/2012 7:05:13 PM - Windows Update

RP91: 12/12/2012 7:43:27 PM - Windows Update

RP92: 12/17/2012 8:01:08 PM - Windows Update

RP93: 12/22/2012 12:06:02 PM - Windows Update

RP94: 12/26/2012 10:19:42 PM - Removed Keyspan USB Serial Adapter

.

==== Installed Programs ======================

.

Acer Crystal Eye Webcam

Acer ePower Management

Acer eRecovery Management

Acer Games

Acer Registration

Acer ScreenSaver

Acer Updater

Acer VCM

Acronis True Image Home

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4) MUI

Agatha Christie - Death on the Nile

AMD APP SDK Runtime

AMD Media Foundation Decoders

AMD VISION Engine Control Center

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

ATI Catalyst Install Manager

AutoHotkey 1.0.48.05

Bejeweled 2 Deluxe

Bing Bar

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

Conexant HD Audio

D3DX10

DivX Setup

eBay Worldwide

ESET Smart Security

Evernote v. 4.5.1

FATE

Final Drive: Nitro

Fooz Kids

Fooz Kids Platform

Galerie de photos Windows Live

Identity Card

Insaniquarium Deluxe

Java 7 Update 7

Java Auto Updater

JavaFX 2.1.1

Jewel Match 3

Jewel Quest Solitaire

Junk Mail filter update

Launch Manager

McAfee SiteAdvisor

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MyWinLocker

MyWinLocker 4

MyWinLocker Suite

newsXpresso

NOOK for PC

Norton Online Backup

Oracle VM VirtualBox 4.1.16

Penguins!

Plants vs. Zombies - Game of the Year

Polar Bowler

Realtek USB 2.0 Card Reader

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

SharpKeys

Shredder

Skip-Bo - Castaway Caper

Skype™ 5.5

Slingo Deluxe

Synaptics Pointing Device Driver

Torchlight

Tradewinds Legends

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update Installer for WildTangent Games App

VC80CRTRedist - 8.0.50727.6195

Virtual Villagers 4 - The Tree of Life

Wedding Dash

Welcome Center

WildTangent Games App (Acer Games)

Windows Live

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.20 (64-bit)

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

12/27/2012 9:56:04 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891

12/27/2012 9:56:04 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891

12/27/2012 9:56:00 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom

12/27/2012 9:55:46 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

12/27/2012 9:55:46 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

12/27/2012 9:55:46 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

12/27/2012 7:59:19 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

12/27/2012 7:59:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

12/27/2012 7:59:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

12/27/2012 7:59:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

12/27/2012 7:59:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

12/27/2012 7:59:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache eamonm ehdrv mwlPSDFilter mwlPSDNServ mwlPSDVDisk spldr VBoxDrv VBoxUSBMon Wanarpv6

12/27/2012 7:59:02 PM, Error: Service Control Manager [7001] - The Conexant Audio Message Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.

12/27/2012 7:59:02 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

12/26/2012 8:47:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom discache eamonm ehdrv mwlPSDFilter mwlPSDNServ mwlPSDVDisk spldr VBoxDrv VBoxUSBMon Wanarpv6

12/23/2012 7:40:04 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000116 (0xfffffa800434b010, 0xfffff88003f86a1c, 0x0000000000000000, 0x0000000000000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122312-28173-01.

12/23/2012 12:34:49 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

.

==== End Of File ===========================

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:02:10 PM, on 12/27/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Windows\syswow64\svchost.exe

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Windows\Temp\temp04.exe

C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\HJT\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

F3 - REG:win.ini: load=C:\Users\falconer\LOCALS~1\Temp\msqiaheza.pif

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKCU\..\Run: [Netscape] C:\Users\falconer\AppData\Roaming\78BD2D\78BD2D.exe

O4 - HKCU\..\Run: [sonyAgent] C:\Windows\Temp\temp04.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O4 - Startup: Menu Starter - Shortcut.lnk = C:\HTV Script\Menu Starter.ahk

O4 - Global Startup: Acer VCM.lnk = ?

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 11764 bytes

Link to comment
Share on other sites

Hi Obuntu,

 

:wp:

 

My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:

 

  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Let's try this:

 

Download ComboFix:

 

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

* IMPORTANT !!! Save ComboFix.exe to your Desktop

 

 

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link --> http://forums.whatthetech.com/How_Disable_your_Security_Programs_t96260.html

     

  • Double click on ComboFix.exe & follow the prompts.

     

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

     

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

 

 

Posted Image

 

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

 

Posted Image

 

 

Click on Yes, to continue scanning for malware.

 

When finished, it shall produce a log for you. Please include the C:ComboFix.txt in your next reply.

 

 

Notes:

 

1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Link to comment
Share on other sites

Hi TomK, thank you very much for your help. I have restored my computer and it seemed to take care of the problem for now. You can close this thread. If there is any other issue I will post a new thread. Thank you again and have a happy new year!!!

Link to comment
Share on other sites

 Share

×
×
  • Create New...