Jump to content

ashyy

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Just to update this thread, i am now able to get into W7. Updated the graphics driver and oddly that seems to of fixed it. :S I still get very slow startups but there are no infected items and redirects are gone. Please disregard this thread.
  2. Hi guys, i recently had the google redirect virus and after some attempts with various scanners i found something using Avast and they have just stopped. I believe Avast cleaned it because i stopped getting redirects and security centre/essentials started working again. However, i have a much more serious problem now basically last night i rebooted following installing security essentials again and i cannot get into Windows 7. Upon starting up the Welcome message appears as usual. Following this the screen goes black with just the mouse pointer, after about half a minute my desktop appears with just a start bar, without shortcuts or anything and everything begins to load very slowly. My network in the bottom right at this point has the icon showing an attempt is being made to connect to my router. Everything at this point is frozen and the circling "doing something" icon appears as my pointer. After a short period the entire desktop becomes unresponsive. I can move my mouse and click around but nothing will open and the entire system just hangs. I left it for nearly 10 minutes and still nothing changes so it is obviously in some sort of loop. Thankfully i have managed to get into safe mode with networking and everything in here works perfect! I get no redirects in here either so i believe that is fixed. Obviously the problem must be a suspicious driver or startup file that has been tampered with which is preventing windows starting up as normal. I am also on 64bit if that helps. I checked my event viewer and get a array of errors similar to these. The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. The Background Intelligent Transfer Service service depends on the COM+ Event System service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. I'm by no means assuming that my infection was cleared but i have run various scanners such as TDSSkiller and got nothing. The only potential result i got was in ASWMBR.exe which told me the file Mpnwmon.sys is locked. Thank you so much for any help, i have posted my DDS log below, please bare in mind i am only able to run anything from safe mode. . DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.3.1 Run by Lawrence at 14:35:08 on 2012-03-26 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4095.2691 [GMT 1:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{A50071CD-BFDA-4A9D-A5DB-6E7D7A02E6B9} : DhcpNameServer = 192.168.1.254 Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll mRun-x64: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Lawrence\AppData\Roaming\Mozilla\Firefox\Profiles\s4fhh83v.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Windows\system32\npdeployJava1.dll FF - plugin: C:\Windows\system32\npmproxy.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-12 140672] R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] S1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\system32\DRIVERS\ctxusbm.sys --> C:\Windows\system32\DRIVERS\ctxusbm.sys [?] S1 LUM;LUM;\??\C:\Windows\system32\drivers\LUM.sys --> C:\Windows\system32\drivers\LUM.sys [?] S1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] S2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-12-22 328536] S2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] S2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-3-24 44768] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?] S2 KMService;KMService;C:\Windows\System32\srvany.exe [2012-2-20 8192] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2012-3-20 2152152] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-23 652360] S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-2-28 2348352] S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-22 1153368] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-9 382272] S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2011-1-8 87336] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-20 79360] S3 DraftSight API Service;DraftSight API Service;C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-1-24 78336] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-1-4 1431888] S3 hitmanpro35;Hitman Pro 3.5 Support Driver;\??\C:\Windows\system32\drivers\hitmanpro36.sys --> C:\Windows\system32\drivers\hitmanpro36.sys [?] S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536] S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?] S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-24 136176] S4 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-24 136176] . =============== Created Last 30 ================ . 2012-03-26 12:19:56 -------- d-----w- C:\ProgramData\InstallMate 2012-03-26 11:34:44 -------- d-----w- C:\Program Files (x86)\RegistryNuke 2012 2012-03-26 11:00:47 -------- d-sh--w- C:\$RECYCLE.BIN 2012-03-25 21:05:35 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{948F0553-4B42-44FD-A651-A83A8D11AE0B}\offreg.dll 2012-03-25 20:56:16 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6912DAFA-3635-447E-AB17-F940BADC9463}\gapaengine.dll 2012-03-25 20:56:11 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{948F0553-4B42-44FD-A651-A83A8D11AE0B}\mpengine.dll 2012-03-24 15:53:43 -------- d-----w- C:\CompChecker 2012-03-24 13:39:33 -------- d-----w- C:\madrid centro 2012-03-24 12:02:52 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-03-24 12:02:49 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-03-24 12:02:47 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-03-24 12:02:26 41184 ----a-w- C:\Windows\avastSS.scr 2012-03-24 12:02:16 -------- d-----w- C:\ProgramData\AVAST Software 2012-03-24 12:02:16 -------- d-----w- C:\Program Files\AVAST Software 2012-03-24 01:52:16 -------- d-----w- C:\saasaa 2012-03-24 01:08:55 287304 ----a-w- C:\Windows\System32\drivers\TrufosAlt.sys 2012-03-24 01:07:32 -------- d-----w- C:\ProgramData\SUPERSetup 2012-03-24 01:05:52 -------- d-----w- C:\Program Files (x86)\Tweaking.com 2012-03-24 00:56:58 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2012-03-24 00:56:54 -------- d-----w- C:\Program Files\Microsoft Security Client 2012-03-23 23:51:14 16200 ----a-w- C:\Windows\stinger.sys 2012-03-23 23:50:50 -------- d-----w- C:\Program Files (x86)\stinger 2012-03-23 23:15:44 714526 ----a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\Addon Scenery\Bajasim SJD\unins000.exe 2012-03-23 18:20:33 16432 ----a-w- C:\Windows\System32\lsdelete.exe 2012-03-23 18:15:23 -------- d-----w- C:\Program Files\trend micro 2012-03-23 18:06:31 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys 2012-03-23 18:00:24 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys 2012-03-23 18:00:19 -------- d-----w- C:\Program Files (x86)\Lavasoft 2012-03-23 17:03:33 962612 ----a-w- C:\Windows\SysWow64\mfc42d.dll 2012-03-23 17:03:33 434252 ----a-w- C:\Windows\SysWow64\MSVCRTD.DLL 2012-03-23 17:03:31 24576 ----a-w- C:\Windows\SysWow64\AsIO.dll 2012-03-23 17:03:31 13368 ----a-w- C:\Windows\SysWow64\drivers\AsIO.sys 2012-03-23 17:03:29 -------- d-----w- C:\Program Files (x86)\ASUS 2012-03-23 17:00:27 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-03-23 13:06:36 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% 2012-03-23 12:28:42 -------- d-----w- C:\College Area 2012-03-23 12:12:00 42672 ----a-w- C:\Windows\SysWow64\drivers\fsbts.sys 2012-03-23 11:56:18 -------- d-----w- C:\TDSSKiller_Quarantine 2012-03-23 11:46:09 -------- d-----w- C:\ProgramData\fssg 2012-03-23 11:42:39 -------- d-----w- C:\ProgramData\F-Secure 2012-03-23 11:31:21 27424 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys 2012-03-23 11:31:05 -------- d-----w- C:\ProgramData\HitmanPro 2012-03-23 11:22:06 -------- d-----w- C:\Program Files (x86)\ESET 2012-03-23 10:52:44 -------- d-----w- C:\Users\Lawrence\AppData\Roaming\WinPatrol 2012-03-23 10:52:41 -------- d-----w- C:\Program Files (x86)\BillP Studios 2012-03-23 10:52:00 388096 ----a-r- C:\Users\Lawrence\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-23 03:19:27 -------- d-----w- C:\Program Files (x86)\Oracle 2012-03-23 03:19:20 637848 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-03-23 02:23:21 -------- d-----w- C:\Program Files\Enigma Software Group 2012-03-23 02:03:47 2 --shatr- C:\Windows\winstart.bat 2012-03-23 02:03:41 -------- d-----w- C:\Program Files (x86)\UnHackMe 2012-03-23 01:46:08 -------- d-----w- C:\Program Files (x86)\Sophos 2012-03-22 16:13:26 98816 ----a-w- C:\Windows\sed.exe 2012-03-22 16:13:26 518144 ----a-w- C:\Windows\SWREG.exe 2012-03-22 16:13:26 256000 ----a-w- C:\Windows\PEV.exe 2012-03-22 16:13:26 208896 ----a-w- C:\Windows\MBR.exe 2012-03-22 16:05:31 -------- d-----w- C:\Users\Lawrence\AppData\Roaming\SUPERAntiSpyware.com 2012-03-22 16:05:17 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2012-03-22 16:05:17 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2012-03-22 16:04:25 -------- d-----w- C:\Program Files (x86)\SpywareBlaster 2012-03-22 15:55:00 -------- d-----w- C:\Users\Lawrence\AppData\Local\Lunarsoft 2012-03-22 15:55:00 -------- d-----w- C:\Program Files (x86)\Lunarsoft 2012-03-22 15:53:22 -------- d-----w- C:\Program Files (x86)\Nsasoft 2012-03-22 01:50:01 -------- d-----w- C:\Program Files (x86)\hj 2012-03-21 18:17:57 47950 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\737evocall-uninst-fs9.exe 2012-03-21 17:47:37 -------- d-----w- C:\he 2012-03-21 14:17:01 14336 ----a-r- C:\Users\Lawrence\AppData\Roaming\Microsoft\Installer\{DA46AA5F-4934-4DAC-94E4-7D84AD9A4090}\IconDA46AA5F.exe 2012-03-21 14:14:28 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2012-03-21 14:00:00 470016 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\uninstall_RG2.exe 2012-03-21 13:39:10 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes 2012-03-21 12:47:04 98263 ----a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\Uninstal-pic737v2-fs9.exe 2012-03-21 12:47:03 -------- d-----w- C:\testtting 2012-03-17 12:34:25 -------- d-----w- C:\Program Files\iPod 2012-03-17 12:34:24 -------- d-----w- C:\Program Files\iTunes 2012-03-17 12:34:24 -------- d-----w- C:\Program Files (x86)\iTunes 2012-03-14 13:39:47 74827 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\Active Camera 2004 update to 2_1 for FS 9_1 uninstal.exe 2012-03-14 13:39:29 74524 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\Active Camera 2004 patch for FS 9_1 uninstal.exe 2012-03-14 13:39:20 75386 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\Active Camera 2004 2_0 uninstal.exe 2012-03-14 13:29:23 47948 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\uninstall-igfly-dbswaf.exe 2012-03-14 13:17:09 -------- d-----w- C:\Program Files (x86)\TSS Airbus 380 GP7000 Sound FS2004 2012-03-14 13:06:31 90228 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\Uninstal_WilcoA380.exe 2012-03-14 11:57:04 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-03-14 11:57:02 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-14 11:57:02 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-03-14 11:39:06 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-03-14 11:39:04 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-03-14 11:39:04 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-03-14 11:38:11 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-03-14 11:38:11 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-03-14 11:38:11 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-03-14 11:38:09 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-03-14 11:38:09 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-03-14 11:38:09 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-03-14 11:38:09 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-03-08 15:35:09 -------- d-----w- C:\temp 2012-03-07 15:10:41 -------- d-----w- C:\Users\Lawrence\AppData\Local\{32E268A7-51EC-43D9-BAD8-A70FE632752C} 2012-03-07 15:10:30 -------- d-----w- C:\Users\Lawrence\AppData\Local\{05693713-5481-4FFC-BE5F-BA18D1AAE382} 2012-03-07 14:49:01 155136 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\Taxi2005.exe 2012-03-04 12:45:51 -------- d-----w- C:\Users\Lawrence\AppData\Local\Google 2012-03-01 17:51:44 48315 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\ftlandfl-uninst.exe 2012-03-01 16:45:42 85696 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\unFS2Crew_FS9_Airbus_Evolution.exe 2012-03-01 16:45:19 83073 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\unFS2CrewStartCenterFS9.exe 2012-03-01 16:42:04 120441 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\UnFS2CrewWilcoAirbusSpecialFS9.exe 2012-03-01 15:51:21 -------- d-----w- C:\Windows\Downloaded Installations 2012-03-01 15:09:01 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll 2012-03-01 15:09:01 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll 2012-03-01 15:09:01 155648 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll 2012-03-01 15:09:00 696320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll 2012-03-01 15:09:00 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe 2012-03-01 15:08:59 282756 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll 2012-03-01 15:08:59 163972 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll 2012-03-01 02:11:55 366181 -c--a-w- C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\UnFokker70-FS9.exe 2012-02-29 17:01:15 -------- d-----w- C:\Users\Lawrence\AppData\Local\CrashRpt 2012-02-29 17:00:52 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2012-02-29 17:00:24 -------- d-----w- C:\Users\Lawrence\AppData\Roaming\DraftSight 2012-02-29 17:00:23 -------- d-----w- C:\ProgramData\Dassault Systemes 2012-02-29 17:00:12 -------- d-----w- C:\Program Files (x86)\Dassault Systemes 2012-02-29 16:40:03 -------- d-----w- C:\Users\Lawrence\AppData\Local\TempSWBackupDirectory 2012-02-29 16:39:57 -------- d-----w- C:\Users\Lawrence\AppData\Roaming\SolidWorks 2011 2012-02-28 15:42:09 889664 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-02-28 15:42:09 63296 ----a-w- C:\Windows\System32\nvshext.dll 2012-02-28 15:42:09 3089728 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-02-28 15:42:08 6074176 ----a-w- C:\Windows\System32\nvcpl.dll 2012-02-28 15:42:08 2497985 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-02-28 15:42:08 118080 ----a-w- C:\Windows\System32\nvmctray.dll 2012-02-28 15:41:47 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2012-02-26 20:53:33 -------- d-----r- C:\Users\Lawrence\Dropbox 2012-02-26 20:52:03 -------- d-----w- C:\Users\Lawrence\AppData\Roaming\Dropbox . ==================== Find3M ==================== . 2012-03-04 12:42:55 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-20 12:53:10 8192 ----a-w- C:\Windows\SysWow64\srvany.exe 2012-02-15 17:07:00 180 ----a-w- C:\Users\Lawrence\Cloud9_Los Angeles.reg 2012-02-09 20:05:44 416064 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-02-08 13:14:14 286720 ----a-w- C:\Windows\iun506.exe 2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-01-17 12:46:01 31040 ----a-w- C:\Windows\System32\nvhdap64.dll 2012-01-17 12:45:56 188224 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys 2012-01-17 12:45:55 1451840 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll 2012-01-12 17:09:55 61 --sha-w- C:\Windows\cnerolf.bin 2012-01-10 13:57:10 567696 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-01-04 19:37:01 180 ----a-w- C:\Users\Lawrence\FSDreamTeam_JFK.reg 2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-01-03 19:52:34 181 ----a-w- C:\Users\Lawrence\FSDreamTeam_KLAS.reg 2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl 2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys . ============= FINISH: 14:38:46.43 =============== And the attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 20/12/2011 7:57:25 PM System Uptime: 26/03/2012 12:54:47 PM (2 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5N-E SLI Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 466 GiB total, 198.921 GiB free. D: is FIXED (NTFS) - 114 GiB total, 71.288 GiB free. E: is CDROM (UDF) F: is CDROM (UDF) G: is Removable H: is Removable I: is Removable J: is Removable K: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: avast! Network Shield Support Device ID: ROOT\LEGACY_ASWTDI\0000 Manufacturer: Name: avast! Network Shield Support PNP Device ID: ROOT\LEGACY_ASWTDI\0000 Service: aswTdi . Class GUID: {4d36e978-e325-11ce-bfc1-08002be10318} Description: Printer Port Device ID: ACPI\PNP0400\1 Manufacturer: (Standard port types) Name: Printer Port (LPT1) PNP Device ID: ACPI\PNP0400\1 Service: Parport . Class GUID: {4d36e978-e325-11ce-bfc1-08002be10318} Description: Communications Port Device ID: ACPI\PNP0501\1 Manufacturer: (Standard port types) Name: Communications Port (COM1) PNP Device ID: ACPI\PNP0501\1 Service: Serial . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Security Processor Loader Driver Device ID: ROOT\LEGACY_SPLDR\0000 Manufacturer: Name: Security Processor Loader Driver PNP Device ID: ROOT\LEGACY_SPLDR\0000 Service: spldr . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 50N Boeing 737 Family Base Pack 1.1.0 737 Pilot in Command Active Camera 2004 patch for FS 9.1 Active Camera 2004 update to version 2.1 (FS 9.1) Active Camera 2004 version 2.0 ActiveSky Version 6.5 and ActiveSky Graphics Ad-Aware Adobe AIR Adobe Community Help Adobe Content Viewer Adobe InDesign CS5.5 Adobe Photoshop CS5.1 Adobe Reader X (10.1.2) Advanced SystemCare 4 Aerosoft's - Airbus X aerosoft's - German Airports 3-Berlin Tegel aerosoft's - German Airports 3 - Hamburg aerosoft's - Ibiza X for FS2004 aerosoft's - Keflavik aerosoft's - Lissabon 2008 aerosoft's - London Heathrow 2008 aerosoft's - Madrid 2008 aerosoft's - Mallorca X for FS2004 aerosoft's - Mega Airport Amsterdam aerosoft's - Mega Airport Frankfurt - FS2004 aerosoft's - Mega Airport Munich aerosoft's - Mega Airport Paris CDG aerosoft's - Mega Airport Stockholm Arlanda aerosoft's - Mega Airport Zurich 2012 - FS2004 aerosoft's - Nice Cote dAzur aerosoft's - Real Germany 1 - FS2004 aerosoft's - Real Germany 2 - FS2004 aerosoft's - Real Germany 3 - FS2004 aerosoft's - Wonderful Madeira - FS2004 Aerosoft - Gibraltar FS2004 Airbus Series Vol.1 Deluxe (FS2004) AirSimmer A320 Basic Edition 1.3 Anti-Malware Toolkit 1.13.326 Apple Application Support Apple Software Update Ariane Boeing CFM56 Engine Sounds & FX Atlanta µTorrent avast! Free Antivirus Bajasim SJD fs9 S03 1.01b version 1.0 BhoScanner 1.9 Cancún 2011 MMUN Citrix online plug-in - web Citrix online plug-in (DV) Citrix online plug-in (HDX) Citrix online plug-in (USB) Citrix online plug-in (Web) Cloud9 Los Angeles FS9 1.0.2 CLS A330/A340 SP3 CLS DC10 CLS DC10 Service Pack 01 CLS DC10 Service Pack 02 Combi Livery Pack CONCORDE SSTSIM Contrails Pro Creative Audio Control Panel Creative Software AutoUpdate Creative Sound Blaster Properties x64 Edition CYVR 1.0 D3DX10 DraftSight DSDG Dubai, The Burj Dubai eReg ESET Online Scanner v3 FeelThere - Phenom 100 feelThere Florida Landings 1.0 FlightAlpes BasePack Nord FlightBeam San Francisco International FS9 2.0.1 FlightMediterranee BasePack FlightParis CityPack FlightPyrénées Atlantiques BasePack FlightPyrénées Orientales BasePack FlightRiviera BasePack Fokker 70-100 Football Manager 2012 FormatFactory 2.80 FranceVFR FlightParis - VFR Pack FS2Crew Start Center April 2009 FS2Crew: Airbus Evolution Upgrade FS2Crew: iFly737NG Button Control Edition FS2Crew: Wilco-Feelthere Airbus Special Edition FS2Crew: Wilco-Feelthere Airbus Special Edition Service Update 2 FSDreamTeam JFK FS9 1.0.3 FSDreamTeam Las Vegas McCarran FS9 1.1 FSDreamTeam Los Angeles International FS9 1.3 FSDreamTeam Ohare9 2.0 FSDreamTeam OHareX 2.0 FSNavigator Google Update Helper Ground Environment Professional HiJackThis Hitman 2 Silent Assassin HP Deskjet 3050 J610 series Help iFly Jets - The 737NG for FS2004 Islamabad INTL Chaklala AB Java Auto Updater Java 7 Update 3 JavaFX 2.0.3 Jinnah International Airport FS2004 Just Flight - FSceneX FS2004 Just Flight VFR Photographic Scenery: C & S England v1.01 Just Flight VFR Photographic Scenery: E & SE England v1.01 Just Flight VFR Photographic Scenery: Northern England v1.00 KATL Atlanta KPHL FS9 LAGO Male Scenery FS2004 2.00 Level-D Simulations 767-300 Magic ISO Maker v5.5 (build 0281) Malwarebytes Anti-Malware version 1.60.1.1000 Mega Airport Barcelona Update 1.01 Microsoft Flight Simulator 2004 A Century of Flight Microsoft Flight Simulator X Microsoft Flight Simulator X Service Pack 1 Microsoft Flight Simulator X Service Pack 2 Microsoft Office 2003 Web Components Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Visio 2007 Service Pack 3 (SP3) Microsoft Office Visio MUI (English) 2007 Microsoft Office Visio Professional 2007 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2005 Tools for Applications - ENU Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 MixMeister Fusion 7.2.2 Morten's AI Traffic 2.2 Mozilla Firefox 11.0 (x86 en-US) Mozilla Thunderbird 11.0 (x86 en-US) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Northern California Scenery NVIDIA PhysX NVIDIA Stereoscopic 3D Driver PAOB-Fokker50-V1.0 PDF Settings CS5 PIC 737 Evolution Call for FS9 2.0.1 PMDG 737 8900 NGX PMDG747_400 Queen of the Skies PowerISO Project Canarias 2006 Project Canarias 2006 by CanarySim PSS - Boeing 757 Pro. v1.3 PSS Airbus A330 v1.2 [FSSR] PSS Airbus A340 v1.2 [FSSR] PUERTO VALLARTA SCENERY FOR FS2004 QuickTime Ready for Pushback V2_10 Full Version Real Environment Xtreme for FS2004 Real Environment Xtreme for FS2004 - Overdrive RegistryNuke 2012 version 2.0.0.86 Remove UK2000 Edinburgh Xtreme files Remove UK2000 Glasgow Xtreme files RODOS International 2010 Safari Samsung_MonSetup Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Shade Simview Sky Max FS2004 SolidWorks 2011 x64 Edition SP02 Sophos Anti-Rootkit 1.5.20 Spotify Spybot - Search & Destroy SpywareBlaster 4.6 Texture Ground Plus TJSJ San Juan TropicalSim / Bilbao Airport TSS 777 RR Trent fs2004 TSS A330 RR sound FS2004 TSS Airbus 380 GP7000 Sound FS2004 TSS BOEING 747 RR SOUND FSX TSS Boeing 757 Rolls Royce RB211 sound Tweaking.com - Windows Repair (All in One) UK2000 Gatwick Xtreme FS9 UK2000 Liverpool Xtreme FS9 UK2000 London City Xtreme FS9 UK2000 Manchester Xtreme FS9 Ultimate Terrain - Europe Ultimate Terrain - USA Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Visio 2007 Help (KB963666) Vancouver+ VHHH Hong Kong FS2004 VirtualCloneDrive VIRTUALI Addon Manager 1.81 Visual Flight London VLC media player 1.1.11 Wilco Fleet : A380 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Messenger Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack World of Warcraft XNResourceEditor 3.0.0.1 . ==== Event Viewer Messages From Past Week ======== . 26/03/2012 2:07:15 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 26/03/2012 12:57:46 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 26/03/2012 12:56:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 26/03/2012 12:56:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 26/03/2012 12:55:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 26/03/2012 12:55:46 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AsIO aswSnx aswSP aswTdi ctxusbm discache ElbyCDIO LUM MpFilter SASDIFSV SASKUTIL SCDEmu spldr Wanarpv6 26/03/2012 12:55:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 26/03/2012 12:55:13 PM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start. 26/03/2012 12:53:52 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service. 26/03/2012 12:53:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the seclogon service. 26/03/2012 12:53:22 PM, Error: Service Control Manager [7000] - The Secondary Logon service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 26/03/2012 12:48:54 PM, Error: Service Control Manager [7001] - The Background Intelligent Transfer Service service depends on the COM+ Event System service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 26/03/2012 12:46:54 PM, Error: Service Control Manager [7001] - The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 26/03/2012 12:43:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 26/03/2012 12:12:35 PM, Error: nvstor64 [3] - Data error on device. Device: \Device\RaidPort1 Model: Maxtor 6Y120M0 Firmware Version: YAR5 Serial Number: Y3Q0FBQE Port: 1 26/03/2012 12:08:21 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 26/03/2012 12:07:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 26/03/2012 12:07:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 26/03/2012 12:07:25 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO aswRdr aswSnx aswSP aswTdi ctxusbm DfsC discache ElbyCDIO LUM MpFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl 26/03/2012 12:07:23 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 26/03/2012 12:07:23 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 26/03/2012 12:07:23 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 26/03/2012 12:07:23 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 26/03/2012 12:07:23 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 26/03/2012 12:07:23 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 26/03/2012 12:07:22 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 26/03/2012 12:07:06 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 26/03/2012 12:07:06 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 26/03/2012 12:07:06 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 26/03/2012 12:07:06 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 26/03/2012 12:02:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 26/03/2012 12:02:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect. 26/03/2012 12:02:17 PM, Error: Service Control Manager [7001] - The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 26/03/2012 12:02:17 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Windows Management Instrumentation service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 26/03/2012 12:02:17 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 26/03/2012 11:50:07 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found. 26/03/2012 11:48:50 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 26/03/2012 11:07:17 AM, Error: Service Control Manager [7022] - The Background Intelligent Transfer Service service hung on starting. 26/03/2012 11:04:01 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 26/03/2012 1:43:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 26/03/2012 1:28:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 26/03/2012 1:02:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C} 25/03/2012 9:53:36 PM, Error: Service Control Manager [7001] - The SBSD Security Center Service service depends on the Security Center service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 24/03/2012 12:34:36 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 24/03/2012 12:14:45 PM, Error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s). 23/03/2012 2:31:41 AM, Error: Service Control Manager [7000] - The MEMSWEEP2 service failed to start due to the following error: This driver has been blocked from loading 23/03/2012 2:31:41 AM, Error: Application Popup [1060] - \??\C:\Windows\system32\15E0.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 23/03/2012 11:51:16 PM, Error: Service Control Manager [7034] - The Creative Audio Service service terminated unexpectedly. It has done this 1 time(s). 23/03/2012 11:51:16 PM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). 23/03/2012 11:39:36 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 23/03/2012 11:38:46 PM, Error: Application Popup [1060] - \??\C:\Users\Lawrence\AppData\Local\Temp\mbr.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 23/03/2012 11:13:14 AM, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s). 23/03/2012 1:47:25 AM, Error: Application Popup [1060] - \??\C:\Windows\system32\2DC5.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 23/03/2012 1:06:37 PM, Error: Service Control Manager [7000] - The F-Secure Content Control Driver service failed to start due to the following error: The system cannot find the file specified. 22/03/2012 4:24:03 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 22/03/2012 4:23:31 PM, Error: Service Control Manager [7031] - The KMService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 22/03/2012 4:07:18 PM, Error: Application Popup [1060] - \??\C:\Windows\SysWow64\Drivers\PAGEDFRG.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 22/03/2012 2:35:10 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 21/03/2012 11:45:20 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. . ==== End Of File =========================== Again thank you so much.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.