Inactive Google Redirect Virus RE: 5-step Removal Instructions

Status
Not open for further replies.
I'm following the instructions as per the 5-step virus/malware removal instructions in relation to the Google redirect virus that is currently plaguing my machine.

Thanks for your time in assisting me with this.
 
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org
Database version: v2012.07.12.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Francis :: FRANCIS-XPS [administrator]
Protection: Enabled
13/07/2012 7:49:32 AM
mbam-log-2012-07-13 (07-49-32).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 229268
Time elapsed: 10 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Users\Francis\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Delete on reboot.
C:\Users\UpdatusUser\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Delete on reboot.
C:\Windows\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Delete on reboot.
(end)
 
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-07-14 13:42:47
Windows 6.1.7601 Service Pack 1
Running: sjsqhg2i.exe

---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77370afef0
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77370afef0@a07591674544 0xB9 0x6F 0xC3 0xEA ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77370afef0@147411aee680 0xC2 0x64 0xC7 0x54 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77370afef0@1474117038fd 0x4F 0xD9 0xC8 0x0B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77370afef0@1474110a7ad8 0xBA 0xE5 0xDF 0x6A ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77370afef0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77370afef0@a07591674544 0xB9 0x6F 0xC3 0xEA ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77370afef0@147411aee680 0xC2 0x64 0xC7 0x54 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77370afef0@1474117038fd 0x4F 0xD9 0xC8 0x0B ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77370afef0@1474110a7ad8 0xBA 0xE5 0xDF 0x6A ...
---- EOF - GMER 1.0.15 ----
 
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514
Run by Francis at 13:48:01 on 2012-07-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.8106.5559 [GMT 10:00]
.
AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}
SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\FOXTEL\Download Player\Download Control\DCBin\DCService.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.au/
uDefault_Page_URL = hxxp://www1.ap.dell.com/content/default.aspx?c=au&l=en&s=gen
uInternet Settings,ProxyServer = www.usyd.edu.au:80
uInternet Settings,ProxyOverride = <local>
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll
BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll
BHO: SSOIEAddonBHO Class: {da5bce70-d057-4d63-943d-5f3927ec59f1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
uRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
uRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [FAStartup]
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
StartupFolder: C:\Users\Francis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
StartupFolder: C:\Users\Francis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: mswsock.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn.usyd.edu.au/CACHE/stc/1/binaries/vpnweb.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.43.1
TCP: Interfaces\{0F3E7463-37B4-498F-A56B-BF852BD99133} : DhcpNameServer = 13.36.0.1 13.36.0.2
TCP: Interfaces\{1A349334-12B6-41DA-AFC3-DAB047D5C4E5} : DhcpNameServer = 192.168.43.1
TCP: Interfaces\{1A349334-12B6-41DA-AFC3-DAB047D5C4E5}\24967605F6E64653831333 : DhcpNameServer = 10.0.0.138
TCP: Interfaces\{1A349334-12B6-41DA-AFC3-DAB047D5C4E5}\4656661657C647 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1A349334-12B6-41DA-AFC3-DAB047D5C4E5}\57E6966756273716C6E6564777F627B6 : DhcpNameServer = 202.96.209.5
TCP: Interfaces\{1A349334-12B6-41DA-AFC3-DAB047D5C4E5}\74271636560284F64756C60294E6475627E65647 : DhcpNameServer = 139.130.4.4 203.50.2.71
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
LSA: Notification Packages = scecli FAPassSync
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll
BHO-X64: Trend Micro NSC BHO - No File
BHO-X64: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO-X64: Trend Micro Toolbar BHO - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll
BHO-X64: TmBpIeBHO - No File
BHO-X64: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO-X64: SSOIEAddonBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [FAStartup]
mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce-x64: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce-x64: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-6-8 275912]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-11-2 2428552]
R2 Foxtel;Foxtel Download Manager;C:\Program Files (x86)\FOXTEL\Download Player\Download Control\DCBin\DCService.exe [2009-9-24 70144]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-12 655944]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-3-11 1997416]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-3-11 689472]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-3-11 2656280]
R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-10-10 493248]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/03/10 13:23:17;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-30 236016]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\system32\drivers\btmaud.sys --> C:\Windows\system32\drivers\btmaud.sys [?]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-18 340240]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2011-3-11 79360]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 symantecantibotwatcher;L8042mou;C:\Windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-07-12 22:58:26 21520 ----a-w- C:\Windows\DCEBoot64.exe
2012-07-12 22:15:21 134672 ----a-w- C:\Windows\RegBootClean64.exe
2012-07-12 21:17:36 -------- d-----w- C:\Users\Francis\AppData\Local\ElevatedDiagnostics
2012-07-12 10:33:49 -------- d-----w- C:\Users\Francis\AppData\Roaming\Malwarebytes
2012-07-12 10:33:33 -------- d-----w- C:\ProgramData\Malwarebytes
2012-07-12 10:33:29 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-07-12 10:33:29 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-12 10:08:12 -------- d-----w- C:\Users\Francis\AppData\Local\Apps
2012-07-12 10:08:11 -------- d-----w- C:\Users\Francis\AppData\Local\Deployment
2012-07-11 22:39:25 -------- d-sh--w- C:\Windows\System32\%APPDATA%
2012-07-11 22:35:37 0 --sha-w- C:\Windows\System32\dds_log_ad13.cmd
2012-07-11 17:09:40 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 10:59:20 -------- d--h--w- C:\ProgramData\Common Files
2012-07-11 06:16:46 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2012-07-11 06:16:46 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2012-07-11 06:16:46 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2012-07-11 06:16:45 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-07-11 06:16:45 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll
2012-07-11 06:16:45 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2012-07-11 06:16:45 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2012-07-11 06:16:45 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2012-07-11 06:16:44 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll
2012-07-11 06:16:44 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2012-07-11 06:16:44 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2012-07-11 06:16:44 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll
2012-07-11 06:16:44 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-29 22:03:55 -------- d-----w- C:\Program Files (x86)\directx
2012-06-29 22:03:36 -------- d-----w- C:\Program Files (x86)\Rockstar Games
2012-06-21 08:41:36 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 08:41:16 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 08:41:03 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-21 08:41:03 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-06-07 21:55:49 56 ----a-w- C:\Windows\System32\SupportTool.exe.bat
2012-06-07 21:44:56 70928 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys
2012-06-07 21:44:56 105744 ----a-w- C:\Windows\System32\drivers\tmtdi.sys
2012-06-07 21:44:55 91920 ----a-w- C:\Windows\System32\drivers\tmactmon.sys
2012-06-07 21:44:55 167696 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
.
============= FINISH: 13:48:49.22 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 28/03/2011 8:28:27 PM
System Uptime: 14/07/2012 12:35:30 PM (1 hours ago)
.
Motherboard: Dell Inc. | |
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz | CPU | 880/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 684 GiB total, 556.098 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{426C6163-6B42-6572-7279-427970617373}_LOCALMFG&0002\8&CD9ECF4&0&1474117038FD_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{426C6163-6B42-6572-7279-427970617373}_LOCALMFG&0002\8&CD9ECF4&0&1474117038FD_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{426C6163-6B42-6572-7279-427970617373}_LOCALMFG&0002\8&CD9ECF4&0&147411AEE680_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{426C6163-6B42-6572-7279-427970617373}_LOCALMFG&0002\8&CD9ECF4&0&147411AEE680_C00000000
Service:
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{426C6163-6B42-6572-7279-44736B746F70}_LOCALMFG&0002\8&CD9ECF4&0&1474110A7AD8_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{426C6163-6B42-6572-7279-44736B746F70}_LOCALMFG&0002\8&CD9ECF4&0&1474110A7AD8_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{426C6163-6B42-6572-7279-44736B746F70}_LOCALMFG&0002\8&CD9ECF4&0&1474117038FD_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{426C6163-6B42-6572-7279-44736B746F70}_LOCALMFG&0002\8&CD9ECF4&0&1474117038FD_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_LOCALMFG&0002\8&CD9ECF4&0&147411AEE680_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_LOCALMFG&0002\8&CD9ECF4&0&147411AEE680_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{426C6163-6B42-6572-7279-44736B746F70}_LOCALMFG&0002\8&CD9ECF4&0&147411AEE680_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{426C6163-6B42-6572-7279-44736B746F70}_LOCALMFG&0002\8&CD9ECF4&0&147411AEE680_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{426C6163-6B42-6572-7279-427970617373}_LOCALMFG&0002\8&CD9ECF4&0&1474110A7AD8_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{426C6163-6B42-6572-7279-427970617373}_LOCALMFG&0002\8&CD9ECF4&0&1474110A7AD8_C00000000
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Windows Firewall Authorization Driver
Device ID: ROOT\LEGACY_MPSDRV\0000
Manufacturer:
Name: Windows Firewall Authorization Driver
PNP Device ID: ROOT\LEGACY_MPSDRV\0000
Service: mpsdrv
.
Class GUID:
Description:
Device ID: ACPI\SMO8800\1
Manufacturer:
Name:
PNP Device ID: ACPI\SMO8800\1
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
==== System Restore Points ===================
.
RP160: 12/07/2012 3:00:21 AM - Windows Update
RP161: 12/07/2012 8:34:34 AM - Removed Sound Blaster X-Fi MB
RP162: 12/07/2012 8:36:03 AM - Removed Host OpenAL
RP163: 12/07/2012 8:37:19 AM - Removed Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
RP164: 12/07/2012 8:37:43 AM - Removed Apple Software Update
RP165: 12/07/2012 8:40:09 AM - Removed Java(TM) 6 Update 22 (64-bit)
RP166: 12/07/2012 8:41:10 AM - Removed Java(TM) 6 Update 22
RP167: 12/07/2012 8:42:01 AM - Removed QuickTime
RP168: 12/07/2012 8:43:07 AM - Removed WinZip 15.5
RP169: 12/07/2012 8:44:11 AM - Removed Apple Application Support
RP170: 12/07/2012 8:45:18 AM - Removed VMD 1.9
RP171: 12/07/2012 8:46:47 AM - Removed Google Earth Plug-in.
RP172: 12/07/2012 8:47:36 AM - Removed Google Talk Plugin
RP173: 12/07/2012 8:48:19 AM - Removed Skype™ 5.5
RP174: 12/07/2012 8:49:13 AM - Removed Skype Click to Call
RP175: 12/07/2012 8:50:46 AM - Removed eBay
RP176: 12/07/2012 9:02:57 AM - Removed Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
RP177: 12/07/2012 9:06:07 AM - Removed Microsoft Silverlight
RP178: 12/07/2012 6:41:48 PM - Removed AccelerometerP11
RP179: 12/07/2012 7:19:01 PM - Removed Microsoft Silverlight
RP180: 12/07/2012 7:34:36 PM - Windows Modules Installer
RP181: 12/07/2012 7:48:04 PM - Windows Modules Installer
RP182: 12/07/2012 7:59:30 PM - Windows Modules Installer
RP183: 13/07/2012 8:06:54 AM - Removed GTA2
RP184: 13/07/2012 8:26:57 AM - Removed Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
RP185: 13/07/2012 8:28:33 AM - Removed Google SketchUp 8
RP186: 13/07/2012 8:32:26 AM - Removed Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
RP187: 13/07/2012 8:33:35 AM - Removed Microsoft Visual C++ 2005 Redistributable
RP188: 13/07/2012 8:34:45 AM - Removed Microsoft Visual C++ 2005 Redistributable (x64)
RP189: 13/07/2012 8:48:06 AM - Restore Operation
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1) MUI
Adobe Shockwave Player 11.6
Advanced Audio FX Engine
Bentley MicroStation V8i 08.11.05.17
BitTorrent
Cisco AnyConnect VPN Client
CyberLink PowerDVD 9.6
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Product Registration
Dell Stage
Dell VideoStage
Dell Webcam Central
DeployCAD for Railcorp
DirectX 9 Runtime
Foxtel Download Manager 4.1.500.11
FOXTEL Download Player
Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2542054)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Wireless Display
Junk Mail filter update
Malwarebytes Anti-Malware version 1.62.0.1300
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Stereoscopic 3D Driver
PDFCreator
PhotoShowExpress
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Samsung Kies
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2345000)
Sonic CinePlayer Decoder Pack
swMSM
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VirtualDJ Home FREE
Visual Basic for Applications (R) Core
Visual Basic for Applications (R) Core - English
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
9/07/2012 8:22:33 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user Francis-XPS\Francis SID (S-1-5-21-3523854785-2371082121-2719146917-1002) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
9/07/2012 8:22:33 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user Francis-XPS\Francis SID (S-1-5-21-3523854785-2371082121-2719146917-1002) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
9/07/2012 3:04:09 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
8/07/2012 11:12:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
14/07/2012 12:37:00 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
14/07/2012 12:36:06 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.
14/07/2012 12:36:06 PM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.
14/07/2012 12:32:28 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
14/07/2012 12:30:49 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
13/07/2012 9:17:27 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
13/07/2012 8:55:17 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 87
13/07/2012 8:48:39 AM, Error: Service Control Manager [7023] - The Downloadmanagerlite service terminated with the following error: The specified module could not be found.
13/07/2012 8:47:31 AM, Error: Service Control Manager [7023] - The GetPlusHelper service terminated with the following error: The specified module could not be found.
13/07/2012 8:46:31 AM, Error: Service Control Manager [7023] - The RMSvc service terminated with the following error: The specified module could not be found.
13/07/2012 8:45:31 AM, Error: Service Control Manager [7023] - The S125obex service terminated with the following error: The specified module could not be found.
13/07/2012 8:44:31 AM, Error: Service Control Manager [7023] - The Mafwboot service terminated with the following error: The specified module could not be found.
13/07/2012 8:43:31 AM, Error: Service Control Manager [7023] - The S217nd5 service terminated with the following error: The specified module could not be found.
13/07/2012 8:42:31 AM, Error: Service Control Manager [7023] - The Vaiomediaplatform-mobile-gateway service terminated with the following error: The specified module could not be found.
13/07/2012 8:41:31 AM, Error: Service Control Manager [7023] - The WacomVKHid service terminated with the following error: The specified module could not be found.
13/07/2012 8:40:31 AM, Error: Service Control Manager [7023] - The Elbydelay service terminated with the following error: The specified module could not be found.
13/07/2012 8:39:31 AM, Error: Service Control Manager [7023] - The Cam5607 service terminated with the following error: The specified module could not be found.
13/07/2012 8:38:31 AM, Error: Service Control Manager [7023] - The Wlankeeper service terminated with the following error: The specified module could not be found.
13/07/2012 8:37:34 AM, Error: Service Control Manager [7023] - The ASDR service terminated with the following error: The specified module could not be found.
13/07/2012 8:36:30 AM, Error: Service Control Manager [7023] - The Trackcam4 service terminated with the following error: The specified module could not be found.
13/07/2012 8:35:35 AM, Error: Service Control Manager [7023] - The Nabtsfec service terminated with the following error: The specified module could not be found.
13/07/2012 8:34:39 AM, Error: Service Control Manager [7023] - The Atiavaiw service terminated with the following error: The specified module could not be found.
13/07/2012 8:33:32 AM, Error: Service Control Manager [7023] - The Oracle%oracle_home_service%clientcache80 service terminated with the following error: The specified module could not be found.
13/07/2012 8:32:31 AM, Error: Service Control Manager [7023] - The SQLAgent$MICROSOFTBCM service terminated with the following error: The specified module could not be found.
13/07/2012 8:31:31 AM, Error: Service Control Manager [7023] - The Thpsrv service terminated with the following error: The specified module could not be found.
13/07/2012 8:30:31 AM, Error: Service Control Manager [7023] - The Retrowdsvc service terminated with the following error: The specified module could not be found.
13/07/2012 8:29:41 AM, Error: Service Control Manager [7023] - The Aswlsvc service terminated with the following error: The specified module could not be found.
13/07/2012 8:28:31 AM, Error: Service Control Manager [7023] - The IWCA service terminated with the following error: The specified module could not be found.
13/07/2012 8:27:36 AM, Error: Service Control Manager [7023] - The USBCCID service terminated with the following error: The specified module could not be found.
13/07/2012 8:26:31 AM, Error: Service Control Manager [7023] - The Mssqlserveradhelper service terminated with the following error: The specified module could not be found.
13/07/2012 8:25:32 AM, Error: Service Control Manager [7023] - The DLARTL_M service terminated with the following error: The specified module could not be found.
13/07/2012 8:24:31 AM, Error: Service Control Manager [7023] - The Epson_pm_rpcv2_01 service terminated with the following error: The specified module could not be found.
13/07/2012 8:23:31 AM, Error: Service Control Manager [7023] - The Vpctcom service terminated with the following error: The specified module could not be found.
13/07/2012 8:22:31 AM, Error: Service Control Manager [7023] - The Imagedrv service terminated with the following error: The specified module could not be found.
13/07/2012 8:21:31 AM, Error: Service Control Manager [7023] - The Thinkpadmodemservice service terminated with the following error: The specified module could not be found.
13/07/2012 8:20:31 AM, Error: Service Control Manager [7023] - The Srservice service terminated with the following error: The specified module could not be found.
13/07/2012 8:19:31 AM, Error: Service Control Manager [7023] - The Dlaudfam service terminated with the following error: The specified module could not be found.
13/07/2012 8:18:31 AM, Error: Service Control Manager [7023] - The RIOXDRV service terminated with the following error: The specified module could not be found.
13/07/2012 8:17:31 AM, Error: Service Control Manager [7023] - The S616nd5 service terminated with the following error: The specified module could not be found.
13/07/2012 8:16:31 AM, Error: Service Control Manager [7023] - The Ixiaendpoint service terminated with the following error: The specified module could not be found.
13/07/2012 8:15:31 AM, Error: Service Control Manager [7023] - The SiS300i service terminated with the following error: The specified module could not be found.
13/07/2012 8:14:31 AM, Error: Service Control Manager [7023] - The Mssql$sqlexpress service terminated with the following error: The specified module could not be found.
13/07/2012 8:13:31 AM, Error: Service Control Manager [7023] - The Bridgemp service terminated with the following error: The specified module could not be found.
13/07/2012 8:12:37 AM, Error: Service Control Manager [7023] - The AdfuUd service terminated with the following error: The specified module could not be found.
13/07/2012 8:11:32 AM, Error: Service Control Manager [7023] - The Datunidr service terminated with the following error: The specified module could not be found.
13/07/2012 8:10:33 AM, Error: Service Control Manager [7023] - The Lxbt_device service terminated with the following error: The specified module could not be found.
13/07/2012 8:09:33 AM, Error: Service Control Manager [7023] - The Snmptrapdservice service terminated with the following error: The specified module could not be found.
13/07/2012 8:08:38 AM, Error: Service Control Manager [7023] - The SrvcEKIOMngr service terminated with the following error: The specified module could not be found.
13/07/2012 8:07:33 AM, Error: Service Control Manager [7023] - The Tones service terminated with the following error: The specified module could not be found.
13/07/2012 8:06:33 AM, Error: Service Control Manager [7023] - The IOSLINK service terminated with the following error: The specified module could not be found.
13/07/2012 8:06:01 AM, Error: Service Control Manager [7023] - The Epgspooler service terminated with the following error: The specified module could not be found.
13/07/2012 7:51:49 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Peer Networking Identity Manager service to connect.
13/07/2012 7:51:49 AM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Networking Identity Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
13/07/2012 7:51:49 AM, Error: Service Control Manager [7001] - The Peer Name Resolution Protocol service depends on the Peer Networking Identity Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
13/07/2012 7:51:49 AM, Error: Service Control Manager [7000] - The Peer Networking Identity Manager service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
13/07/2012 7:36:45 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
13/07/2012 7:22:54 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
13/07/2012 7:16:11 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
13/07/2012 7:16:11 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
13/07/2012 7:16:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
13/07/2012 7:16:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
13/07/2012 7:16:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
13/07/2012 7:15:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
13/07/2012 7:15:48 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx tmactmon tmcomm tmevtmgr tmtdi vwififlt Wanarpv6 WfpLwf
13/07/2012 7:15:48 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
13/07/2012 7:15:48 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
13/07/2012 7:15:48 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
13/07/2012 7:15:48 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
13/07/2012 7:15:48 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
13/07/2012 7:15:48 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
13/07/2012 7:15:47 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
13/07/2012 7:15:47 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
13/07/2012 7:15:47 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
13/07/2012 7:15:47 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
12/07/2012 8:42:50 PM, Error: Service Control Manager [7023] - The Awlegacy service terminated with the following error: The specified module could not be found.
12/07/2012 8:41:50 PM, Error: Service Control Manager [7023] - The Digirefresh service terminated with the following error: The specified module could not be found.
12/07/2012 8:40:50 PM, Error: Service Control Manager [7023] - The DcLps service terminated with the following error: The specified module could not be found.
12/07/2012 8:39:50 PM, Error: Service Control Manager [7023] - The Autostore service terminated with the following error: The specified module could not be found.
12/07/2012 8:38:50 PM, Error: Service Control Manager [7023] - The Ndasbus service terminated with the following error: The specified module could not be found.
12/07/2012 8:37:50 PM, Error: Service Control Manager [7023] - The Cwbrxd service terminated with the following error: The specified module could not be found.
12/07/2012 8:36:49 PM, Error: Service Control Manager [7023] - The W700mdm service terminated with the following error: Access is denied.
12/07/2012 8:35:50 PM, Error: Service Control Manager [7023] - The Vc8secs service terminated with the following error: Access is denied.
12/07/2012 8:34:51 PM, Error: Service Control Manager [7023] - The Co_mon service terminated with the following error: Access is denied.
12/07/2012 8:33:49 PM, Error: Service Control Manager [7023] - The Qbreminderflash service terminated with the following error: Access is denied.
12/07/2012 8:32:49 PM, Error: Service Control Manager [7023] - The Usbsermptxp service terminated with the following error: Access is denied.
12/07/2012 8:31:49 PM, Error: Service Control Manager [7023] - The Winss service terminated with the following error: Access is denied.
12/07/2012 8:30:49 PM, Error: Service Control Manager [7023] - The Symndis service terminated with the following error: Access is denied.
12/07/2012 8:29:49 PM, Error: Service Control Manager [7023] - The S616bus service terminated with the following error: Access is denied.
12/07/2012 8:28:48 PM, Error: Service Control Manager [7023] - The Bdss service terminated with the following error: Access is denied.
12/07/2012 8:27:48 PM, Error: Service Control Manager [7023] - The Dktknsrv service terminated with the following error: Access is denied.
12/07/2012 8:26:49 PM, Error: Service Control Manager [7023] - The Nicconfigsvc service terminated with the following error: Access is denied.
12/07/2012 8:25:49 PM, Error: Service Control Manager [7023] - The StkAMini service terminated with the following error: Access is denied.
12/07/2012 8:24:48 PM, Error: Service Control Manager [7023] - The Gusvc service terminated with the following error: Access is denied.
12/07/2012 8:23:48 PM, Error: Service Control Manager [7023] - The Pchost service terminated with the following error: Access is denied.
12/07/2012 8:22:48 PM, Error: Service Control Manager [7023] - The S217mdfl service terminated with the following error: Access is denied.
12/07/2012 8:21:49 PM, Error: Service Control Manager [7023] - The Dcpflics service terminated with the following error: Access is denied.
12/07/2012 8:20:49 PM, Error: Service Control Manager [7023] - The Olregcap service terminated with the following error: Access is denied.
12/07/2012 8:19:49 PM, Error: Service Control Manager [7023] - The Swmsflt service terminated with the following error: Access is denied.
12/07/2012 8:18:48 PM, Error: Service Control Manager [7023] - The Mwagent service terminated with the following error: Access is denied.
12/07/2012 8:17:48 PM, Error: Service Control Manager [7023] - The SaiH040B service terminated with the following error: Access is denied.
12/07/2012 8:16:38 PM, Error: Service Control Manager [7023] - The Firelm01 service terminated with the following error: Access is denied.
12/07/2012 8:15:38 PM, Error: Service Control Manager [7023] - The SetupSys service terminated with the following error: Access is denied.
12/07/2012 8:14:43 PM, Error: Service Control Manager [7023] - The Avipbb service terminated with the following error: Access is denied.
12/07/2012 8:13:38 PM, Error: Service Control Manager [7023] - The Roammgr service terminated with the following error: Access is denied.
12/07/2012 8:12:38 PM, Error: Service Control Manager [7023] - The Atinevxx service terminated with the following error: Access is denied.
12/07/2012 8:11:39 PM, Error: Service Control Manager [7023] - The Servidor service terminated with the following error: Access is denied.
12/07/2012 8:10:39 PM, Error: Service Control Manager [7023] - The Tdrpman service terminated with the following error: Access is denied.
12/07/2012 8:09:39 PM, Error: Service Control Manager [7023] - The DLH5X service terminated with the following error: Access is denied.
12/07/2012 7:38:23 PM, Error: Service Control Manager [7023] - The Mpfirewl service terminated with the following error: Access is denied.
12/07/2012 7:37:21 PM, Error: Service Control Manager [7023] - The TBPanel service terminated with the following error: Access is denied.
12/07/2012 7:36:23 PM, Error: Service Control Manager [7023] - The Perc2hib service terminated with the following error: Access is denied.
12/07/2012 7:35:23 PM, Error: Service Control Manager [7023] - The Fasttrackinstallerservice service terminated with the following error: Access is denied.
12/07/2012 7:34:21 PM, Error: Service Control Manager [7023] - The AEADIFilters service terminated with the following error: Access is denied.
12/07/2012 7:33:22 PM, Error: Service Control Manager [7023] - The Rpcsvr4x service terminated with the following error: Access is denied.
12/07/2012 7:32:21 PM, Error: Service Control Manager [7023] - The Iaimtv3 service terminated with the following error: Access is denied.
12/07/2012 7:31:21 PM, Error: Service Control Manager [7023] - The DcPTP service terminated with the following error: Access is denied.
12/07/2012 7:30:21 PM, Error: Service Control Manager [7023] - The De_serv service terminated with the following error: Access is denied.
12/07/2012 7:29:21 PM, Error: Service Control Manager [7023] - The Clcapsvc service terminated with the following error: Access is denied.
12/07/2012 7:28:21 PM, Error: Service Control Manager [7023] - The Dlbx_device service terminated with the following error: Access is denied.
12/07/2012 7:27:21 PM, Error: Service Control Manager [7023] - The Rtl8187Se service terminated with the following error: Access is denied.
12/07/2012 7:26:21 PM, Error: Service Control Manager [7023] - The Btwusb service terminated with the following error: Access is denied.
12/07/2012 7:25:21 PM, Error: Service Control Manager [7023] - The Scan service terminated with the following error: Access is denied.
12/07/2012 7:24:21 PM, Error: Service Control Manager [7023] - The Afs2k service terminated with the following error: Access is denied.
12/07/2012 7:23:21 PM, Error: Service Control Manager [7023] - The Asctrm service terminated with the following error: Access is denied.
12/07/2012 7:22:21 PM, Error: Service Control Manager [7023] - The Bc_tdi_f service terminated with the following error: Access is denied.
12/07/2012 7:21:21 PM, Error: Service Control Manager [7023] - The Smbios service terminated with the following error: Access is denied.
12/07/2012 7:20:21 PM, Error: Service Control Manager [7023] - The VC4CB104 service terminated with the following error: Access is denied.
12/07/2012 7:19:23 PM, Error: Service Control Manager [7023] - The VC6SecS service terminated with the following error: Access is denied.
12/07/2012 7:18:21 PM, Error: Service Control Manager [7023] - The Atmarpc service terminated with the following error: Access is denied.
12/07/2012 7:17:21 PM, Error: Service Control Manager [7023] - The MA8032U service terminated with the following error: Access is denied.
12/07/2012 7:16:21 PM, Error: Service Control Manager [7023] - The IPassP service terminated with the following error: Access is denied.
12/07/2012 7:15:21 PM, Error: Service Control Manager [7023] - The StickyMesger service terminated with the following error: Access is denied.
12/07/2012 7:14:21 PM, Error: Service Control Manager [7023] - The TCtrlIO service terminated with the following error: Access is denied.
12/07/2012 7:13:22 PM, Error: Service Control Manager [7023] - The Rt73 service terminated with the following error: Access is denied.
12/07/2012 7:12:22 PM, Error: Service Control Manager [7023] - The Toshidpt service terminated with the following error: Access is denied.
12/07/2012 7:11:21 PM, Error: Service Control Manager [7023] - The Cpuz132 service terminated with the following error: Access is denied.
12/07/2012 7:10:21 PM, Error: Service Control Manager [7023] - The Xpadminserver service terminated with the following error: Access is denied.
12/07/2012 7:09:22 PM, Error: Service Control Manager [7023] - The VX3000 service terminated with the following error: Access is denied.
12/07/2012 7:08:21 PM, Error: Service Control Manager [7023] - The Tvald service terminated with the following error: Access is denied.
12/07/2012 7:07:21 PM, Error: Service Control Manager [7023] - The Tsddd service terminated with the following error: Access is denied.
12/07/2012 7:06:21 PM, Error: Service Control Manager [7023] - The Se2Cunic service terminated with the following error: Access is denied.
12/07/2012 7:05:21 PM, Error: Service Control Manager [7023] - The Dmload service terminated with the following error: Access is denied.
12/07/2012 7:04:21 PM, Error: Service Control Manager [7023] - The KMW_USB service terminated with the following error: Access is denied.
12/07/2012 7:03:21 PM, Error: Service Control Manager [7023] - The Usbatapi2000 service terminated with the following error: Access is denied.
12/07/2012 7:02:21 PM, Error: Service Control Manager [7023] - The Ql12160 service terminated with the following error: Access is denied.
12/07/2012 7:01:21 PM, Error: Service Control Manager [7023] - The P3 service terminated with the following error: Access is denied.
12/07/2012 7:00:21 PM, Error: Service Control Manager [7023] - The Sprtsvc_dellsupportcenter service terminated with the following error: Access is denied.
12/07/2012 6:59:21 PM, Error: Service Control Manager [7023] - The SE2Bobex service terminated with the following error: Access is denied.
12/07/2012 6:58:21 PM, Error: Service Control Manager [7023] - The Trcboot service terminated with the following error: Access is denied.
12/07/2012 6:57:21 PM, Error: Service Control Manager [7023] - The Fsks service terminated with the following error: Access is denied.
12/07/2012 6:56:21 PM, Error: Service Control Manager [7023] - The Pclepci service terminated with the following error: Access is denied.
12/07/2012 6:55:21 PM, Error: Service Control Manager [7023] - The DVDVRRdr_xp service terminated with the following error: Access is denied.
12/07/2012 6:54:21 PM, Error: Service Control Manager [7023] - The Proxyserverservice service terminated with the following error: Access is denied.
12/07/2012 6:53:21 PM, Error: Service Control Manager [7023] - The Prtg4service service terminated with the following error: Access is denied.
12/07/2012 6:52:22 PM, Error: Service Control Manager [7023] - The Nimcrpcsu service terminated with the following error: Access is denied.
12/07/2012 6:51:21 PM, Error: Service Control Manager [7023] - The Mstdc service terminated with the following error: Access is denied.
12/07/2012 6:50:21 PM, Error: Service Control Manager [7023] - The Remotelyanywhere service terminated with the following error: Access is denied.
12/07/2012 6:49:21 PM, Error: Service Control Manager [7023] - The Pcdrndisuio service terminated with the following error: Access is denied.
12/07/2012 6:48:20 PM, Error: Service Control Manager [7023] - The L8042mou service terminated with the following error: Access is denied.
12/07/2012 6:47:22 PM, Error: Service Control Manager [7023] - The Elbycdio service terminated with the following error: Access is denied.
12/07/2012 6:46:21 PM, Error: Service Control Manager [7023] - The Nla service terminated with the following error: Access is denied.
12/07/2012 6:45:21 PM, Error: Service Control Manager [7023] - The Regmanserv service terminated with the following error: Access is denied.
12/07/2012 6:44:22 PM, Error: Service Control Manager [7023] - The Ihcservice service terminated with the following error: Access is denied.
12/07/2012 6:43:27 PM, Error: Service Control Manager [7023] - The Adiusbaw service terminated with the following error: Access is denied.
12/07/2012 6:42:25 PM, Error: Service Control Manager [7023] - The P1131vid service terminated with the following error: Access is denied.
12/07/2012 6:41:22 PM, Error: Service Control Manager [7023] - The Nuvaud2 service terminated with the following error: Access is denied.
12/07/2012 6:40:22 PM, Error: Service Control Manager [7023] - The Icm10blk service terminated with the following error: Access is denied.
12/07/2012 6:39:23 PM, Error: Service Control Manager [7023] - The Wstcodec service terminated with the following error: Access is denied.
12/07/2012 6:27:52 PM, Error: Service Control Manager [7023] - The Wceusbsh service terminated with the following error: Access is denied.
12/07/2012 6:26:52 PM, Error: Service Control Manager [7023] - The Starwindserviceae service terminated with the following error: Access is denied.
12/07/2012 6:25:51 PM, Error: Service Control Manager [7023] - The 61883 service terminated with the following error: Access is denied.
12/07/2012 6:24:52 PM, Error: Service Control Manager [7023] - The Vsdatant service terminated with the following error: Access is denied.
11/07/2012 3:59:18 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{1A349334-12B6-41DA-AFC3-DAB047D5C4E5} because another computer on the network has the same name. The server could not start.
11/07/2012 3:59:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
10/07/2012 7:20:25 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Francis-XPS\Francis SID (S-1-5-21-3523854785-2371082121-2719146917-1002) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

====================================================

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 
Status
Not open for further replies.
Back