Inactive Google searches redirected

Status
Not open for further replies.
You expressed 2 problems:
1. Redirects on searches. I did ask about the 'different country' and you told me it meant the redirects appeared to be specific for whatever country you were in-or-whichever country the website was in.
2. You have not been able to run Combofix.
My request for an update meant to ask if these were still the problems, or if anything had changed.

I went though you logs again. I noted several different encryption protocols, install of what appear to be programming and developers tools, an install of Gadu-Gadu 7.7 , a Polish Instant Messenger. There is an entry indicating a possible problem with logging in, but you don't mention that.

The rootkit was removed as were Trojan.FakeAlert & Rogue.Protection. Clearly we are not working with the usual 'home computer.' So if I am to continue helping you, Please give me some idea of whether this is a work system and/or an indication of how you're using the system.
 
Yes, both redirections and problems with running Combofix are still the case.
I don't have any problems with logging into whatever.
It is my home computer. I occasionally use it for coding random stuff, and some engineering projects, but far more often it's just leisure.

When I tried running Combofix over the weekend a weird thing transpired that maybe will be of some help to you. I launched Combofix and left the room, totally forgetting to disable Avast prior to running Combofix. When I returned an Avast prompt asked me whether to run the 'dodgy' application in safebox, and I chose to cancel the application altogether. However, the effect was that, after a few more similar alerts, Combofix console came up, but it printed out a list of 'Access denied' communicates. So now I'm wondering whether the problem with running Combofix isn't maybe due to Avast not actually disabling its activity fully when indicated to do so.

When I disable Avast and try to run Combofix either it doesn't load, or the PC crashes after a couple of minutes, just like before.
 
Let's see if we can chase down an Error Event that may be causing the problem. I need you to force the problem with Combofix " the PC crashes after a couple of minutes, just like before."so you can check the time on the computer clock. Events are time-coded- you'll be finding 20 Errors and I need you to tell me what the clock time was when this happens.

Please run this in Normal Mode if you can. When in Safe Mode, some processes don't run and Errors will show because of that. I don't want to 'waste' errors on that!

Please download VEW and save it to your Desktop:

Setting up the program

Double-click VEW.exe to run.

  • Select log to query, select
  • Application
  • System

    Under Select type to list, select:
  • Critical (Vista only)
  • Error

    Click the radio button for Number of events
  • Type 20 in the 1 to 20 box
  • Then click the Run button.
  • Notepad will open with the output log.

    Load the log
  • In Notepad, click Edit> Select all
  • Then press Edit > Copy
  • Press Ctrl+V on your keyboard to paste the log to your next reply.
(Courtesy rev-Olie)
 
No luck this time either, it seems.
I tried rerunning Combofix twice. Once around 8pm on 27/04/2011 and once around 11pm on 27/04/2011. In the first case Combofix again failed to load, but PC continued to run, in the second case my laptop crashed. I attached logs from VEW for both cases, but it doesn't look it was able to retrieve any related error messages. Well, hopefully you'll be able to read something useful out of them, though:

First log:

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 27/04/2011 20:32:37

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/04/2011 12:14:10
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 27/04/2011 12:08:20
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 27/04/2011 09:46:09
Type: Error Category: 0
Event: 11 Source: Microsoft-Windows-CAPI2
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid. .

Log: 'Application' Date/Time: 27/04/2011 09:37:00
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 26/04/2011 15:00:16
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program fdm.exe version 3.0.852.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 161c Start Time: 01cc0421ce3f7980 Termination Time: 11

Log: 'Application' Date/Time: 26/04/2011 14:53:47
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program fdm.exe version 3.0.852.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 660 Start Time: 01cc041f8be798d0 Termination Time: 23

Log: 'Application' Date/Time: 26/04/2011 14:37:16
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program fdm.exe version 3.0.852.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 16d8 Start Time: 01cc041b43283b80 Termination Time: 13

Log: 'Application' Date/Time: 26/04/2011 13:52:26
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:26
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:26
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:25
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:25
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:25
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:24
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:24
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:24
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:23
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:23
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:23
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 10:21:02
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 05/04/2011 17:06:42
Type: Critical Category: 0
Event: 41 Source: Microsoft-Windows-Kernel-Power
The last sleep transition was unsuccessful. This error could be caused if the system stopped responding, failed, or lost power during the sleep transition.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/04/2011 12:14:21
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 27/04/2011 12:14:10
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 27/04/2011 12:08:21
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 27/04/2011 09:37:01
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 27/04/2011 09:36:38
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 26/04/2011 10:21:03
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 25/04/2011 10:24:36
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 25/04/2011 10:18:29
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 24/04/2011 13:34:01
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 24/04/2011 09:47:04
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 24/04/2011 09:28:52
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 24/04/2011 01:58:15
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 23/04/2011 16:37:38
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 23/04/2011 16:36:03
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 0:34:44 on 2011/04/24 was unexpected.

Log: 'System' Date/Time: 23/04/2011 16:33:03
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HP Network Devices Support service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 23/04/2011 16:33:03
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the HP Network Devices Support service to connect.

Log: 'System' Date/Time: 23/04/2011 16:32:33
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

Log: 'System' Date/Time: 23/04/2011 16:29:30
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 23/04/2011 16:25:19
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 23/04/2011 15:27:58
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

/****************************************************/

Second log:

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 28/04/2011 00:05:48

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/04/2011 15:53:16
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 27/04/2011 15:44:24
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 27/04/2011 12:14:10
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 27/04/2011 12:08:20
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 27/04/2011 09:46:09
Type: Error Category: 0
Event: 11 Source: Microsoft-Windows-CAPI2
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid. .

Log: 'Application' Date/Time: 27/04/2011 09:37:00
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 26/04/2011 15:00:16
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program fdm.exe version 3.0.852.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 161c Start Time: 01cc0421ce3f7980 Termination Time: 11

Log: 'Application' Date/Time: 26/04/2011 14:53:47
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program fdm.exe version 3.0.852.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 660 Start Time: 01cc041f8be798d0 Termination Time: 23

Log: 'Application' Date/Time: 26/04/2011 14:37:16
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program fdm.exe version 3.0.852.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 16d8 Start Time: 01cc041b43283b80 Termination Time: 13

Log: 'Application' Date/Time: 26/04/2011 13:52:26
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:26
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:26
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:25
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:25
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:25
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:24
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:24
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:24
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:23
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

Log: 'Application' Date/Time: 26/04/2011 13:52:23
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 05/04/2011 17:06:42
Type: Critical Category: 0
Event: 41 Source: Microsoft-Windows-Kernel-Power
The last sleep transition was unsuccessful. This error could be caused if the system stopped responding, failed, or lost power during the sleep transition.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/04/2011 15:53:16
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 27/04/2011 15:51:43
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 23:47:57 on 27/04/2011 was unexpected.

Log: 'System' Date/Time: 27/04/2011 15:48:33
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HP Network Devices Support service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 27/04/2011 15:48:33
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the HP Network Devices Support service to connect.

Log: 'System' Date/Time: 27/04/2011 15:44:25
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 27/04/2011 13:14:12
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 27/04/2011 12:38:52
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 27/04/2011 12:14:21
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 27/04/2011 12:14:10
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 27/04/2011 12:08:21
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 27/04/2011 09:37:01
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 27/04/2011 09:36:38
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 26/04/2011 10:21:03
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 25/04/2011 10:24:36
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 25/04/2011 10:18:29
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 24/04/2011 13:34:01
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 24/04/2011 09:47:04
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 24/04/2011 09:28:52
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-Dhcp-Client
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B15ACE9. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 24/04/2011 01:58:15
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 23/04/2011 16:37:38
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
I've gone back-again- and checked all of the logs and posts in this thread and the one in the Windows OS forum. I am not seeing any reason for these crashes.

I am going to ask you to be as descriptive as possible about the redirects. The strange thing is about them being 'country related'. I'd like you to give me some of the domains you've being redirected to> do not set up clickable hyperlinks the the domains before the .com or .net or anything else after the 'dot'.

I think that the massive mount of encryption processes you have on the system are a possible source of this. The Events don't tell us anything related to this and as far as I read, you have never fully installed Combofix> is that right?

I would suggest you do something about the Bonjour Service.
Log: 'Application' Date/Time: 26/04/2011 13:52:25
Type: Error Category: 0
Event: 100 Source: Bonjour Service
The event description cannot be found.

12 of these between Date/Time: 26/04/2011 13:52:23 and 26/04/2011 13:52:26
Go to Start> Run> type in services.msc> enter> If you no longer have or use the msresponder, then change the Service Startup type to Disabled. Additionally, take it off of the Startup menu. Either uninstall it or reinstall it.

There are also several errors for: The program fdm.exe version 3.0.852.0 stopped interacting with Windows and was closed This is a download manager. Is it possible that this isn't working properly to allow downloads? The company that puts it out is FreeDownloadManager.ORG It describes itself as A download manager that supports resumable downloads and multiple simultaneous downloads.
It might be a good idea to check into this: http://www.freedownloadmanager.org/
[/B]
The only other event currently that you should check into is Event 10> See if you can make sense out of THIS for Event #10, Source Microsoft WMI.

It's possible some of the Events have been suppressed.
 
Hmm, I don't think there's anything useful I can add, though. When my PC got infected with that redirecting stuff I was living in UK. My searches were then frequently redirected to three different webpages, but I didn't really pay much attention to what were they exactly and can't come remember their names, sorry. One was an online store, another some strange search engine, and third an online drug store.
Not long after the redirections problem began I moved to Poland, and as I said, I experienced no redirections there. However, once I would click on a link I found in Google, the loading bar would first change to some long string that contained the address of webpage I wished to go to plus a lot of other characters, and only after a while I would be actually forwarded to the intended webpage. That's what gave me impression that whatever infected my system tried to comp up with a webpage it would like to redirect me to, but couldn't find one, gave up, and let me through to where I wanted to go in the first place.
Btw, while living in Poland I returned to UK for a week, and experienced redirections issue just as before. And they went dormant once again when I got back to Poland.
Few months afterwards I moved to Singapore, and in here I am again experiencing redirections problem, only that for a different set of webpages than in UK. Namely, I'm being redirect to either stulus dot com, or sg dot yahoo dot com.

Redirections don't happen on every single link, but vast majority of them. And there's always a noticeable lag between the time I click on a lnk and when the webpage I want to go to begins to load. Plus during that lag the search bar changes into a long string that contains my intended webpage and a lot of other characters. If you think this might give you any insight into what's going on, I can provide a few examples of what the search bar content looks like when I click on a link.
 
As I mentioned previously, I think you have to consider the great number of encryption processes you have running. I can't tell you why you get redirected in one country but not another! Maybe the ISP is better.

When you see those entries on the lower left of the screen, those are the ads and banners for 3rd party Cookies. We all have that to some degree and it depends on what we have for security as to whether they will actually load.,

Have you been able to run Combofix? If not, I think you will need to stop by a PC store in one of the countries and have them check the system. It isn't something that can be handled under the circumstances of a free, online computer forum.
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
785
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back