Yet another with Win32/Small.CA virus detected

Page 1 of 3 123 LastLast

  1. Posts : 40
    Windows 7 Pro 32bit
       #1

    Yet another with Win32/Small.CA virus detected


    I keep getting the annoying message to remove the Win32/Small.CA virus in the message centre, but if I click on the link given, my computer goes off and sulks and never seems to find the message.

    I've run Malwarebytes, BitDefender and before I changed to BitDefender Total Security, I had and ran Sophos AV and I've still got the darn message.

    Any guidance appreciated.
      My Computer


  2. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #2

    Download DDS from one of these links:
    DDS.com
    DDS.pif
    • Disable any script blocking protection
    • Double click the dds icon to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt <--- will be minimized in the task tray
    • Save both reports to your desktop.

    Include the contents of both logs in your next post.
    The scan will instruct you to post Attach.txt as an attachment.
      My Computer


  3. Posts : 40
    Windows 7 Pro 32bit
    Thread Starter
       #3

    Thanks Jacee,

    Here we go:- (Part 1)
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2
    Run by David at 18:26:28 on 2013-09-05
    Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.3071.1099 [GMT 1:00]
    .
    AV: Bitdefender Antivirus *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Bitdefender Antispyware *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
    FW: Bitdefender Firewall *Enabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
    C:\Program Files\Zentimo\ZentimoService.exe
    C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe
    C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Acer\Registration\GregHSRW.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
    C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe
    C:\Windows\system32\PrintCtrl.exe
    C:\Windows\system32\PrintDisp.exe
    C:\Windows\system32\PSIService.exe
    C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
    C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
    C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
    C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
    C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Abelssoft Backup\Backup.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\GO!Suite\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Users\David\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
    C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe
    C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
    C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
    C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe
    C:\Program Files\MagicDisc\MagicDisc.exe
    C:\Program Files\Firetrust\MailWasher\MailWasherPro.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Windows\explorer.exe
    C:\Program Files\Auction Sentry 4\AuctionSentry.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k WindowsMobile
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\svchost.exe -k SDRSVC
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uWindow Title = Internet Explorer
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    BHO: Disabled:{18DF081C-E8AD-4283-A596-FA578C2EBDC3} - <orphaned>
    BHO: Disabled:{724d43a9-0d85-11d4-9908-00400523e39a} - <orphaned>
    BHO: Disabled:{72853161-30C5-4D22-B7F9-0BBC1D38A37E} - <orphaned>
    BHO: Disabled:{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
    BHO: Disabled:{8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - <orphaned>
    BHO: Disabled:{AA58ED58-01DD-4d91-8333-CF10577473F7} - <orphaned>
    BHO: Disabled:{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>
    BHO: Disabled:{B4F3A835-0E21-4959-BA22-42B3008E02FF} - <orphaned>
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - c:\program files\bitdefender\bitdefender\pmbxie.dll
    BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [AdobeBridge] <no file>
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
    mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
    mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [OMEA] c:\program files\go!suite\deployment\functions\{aa58f999-6d97-42c2-a69f-8cc04d18d944}\OMEA.exe
    mRun: [BootNaMir] c:\program files\wondershare\time freeze\BootSP.exe
    mRun: [Bdagent] "c:\program files\bitdefender\bitdefender\bdagent.exe"
    dRun: [Bitdefender Wallet Agent] "c:\program files\bitdefender\bitdefender\pmbxag.exe"
    dRun: [Bitdefender Wallet] "c:\program files\bitdefender\bitdefender\pwdmanui.exe" --hidden --nowizard
    dRun: [Bitdefender Wallet Application Agent] "c:\program files\bitdefender\bitdefender\bdapppassmgr.exe"
    StartupFolder: c:\users\david\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicdisc.lnk - c:\program files\magicdisc\MagicDisc.exe
    StartupFolder: c:\users\david\appdata\roaming\micros~1\windows\startm~1\programs\startup\mailwasherpro.lnk - c:\program files\firetrust\mailwasher\MailWasherPro.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    uPolicies-Explorer: NoSecurityTab = dword:1
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
    IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000
    IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
    IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
    IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105
    IE: Show RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
    IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {E6846530-6088-4AA3-932F-C6245CE59A4C} - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - c:\users\david\appdata\roaming\speckie\bin32\Speckie32.dll
    Trusted Zone: blank
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: desktop
    Trusted Zone: freerealms.com
    Trusted Zone: internet
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
    TCP: NameServer = 192.168.1.1 0.0.0.0
    TCP: Interfaces\{122E73FA-E100-4984-984D-BFF1AA4921C3} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{441DDDD1-1497-48FC-8FE1-F46BD0569067} : DHCPNameServer = 192.168.42.129
    TCP: Interfaces\{7B79E702-DC62-412F-AD11-B7ABDD8535D6} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{C90575FE-E3BA-4E38-939E-8A16C8CFF80F} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{C90575FE-E3BA-4E38-939E-8A16C8CFF80F} : DHCPNameServer = 192.168.1.1 0.0.0.0
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    AppInit_DLLs= c:\windows\system32\acaptuser32.dll,c:\progra~1\sophos\sophos anti-virus\sophos_detoured.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
    LSA: Authentication Packages = msv1_0 wvauth
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\david\appdata\roaming\mozilla\firefox\profiles\1bjpo402.default-1365761907426\
    FF - plugin: c:\progra~1\micros~1\office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\adobe\acrobat 9.0\acrobat\air\nppdf32.dll
    FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin101714.dll
    FF - plugin: c:\program files\bitdefender\bitdefender\npcomm.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
    FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\0\NP_wtapp.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\david\appdata\local\google\update\1.3.21.153\npGoogleUpdate3.dll
    FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll
    FF - plugin: c:\windows\system32\adobe\director\np32dsw_1167637.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
    FF - plugin: c:\windows\system32\npdeployJava1.dll
    FF - plugin: c:\windows\system32\npmproxy.dll
    FF - ExtSQL: 2013-08-19 12:46; ffpwdman@bitdefender.com; c:\program files\bitdefender\bitdefender\ffpwdman
    FF - ExtSQL: 2013-08-31 17:13; feca4b87-3be4-43da-a1b1-137c24220968@jetpack; c:\users\david\appdata\roaming\mozilla\firefox\profiles\1bjpo402.default-1365761907426\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
    .
    Continued below
    Yet another with Win32/Small.CA virus detected Attached Files
      My Computer


  4. Posts : 40
    Windows 7 Pro 32bit
    Thread Starter
       #4

    Part 1 awaiting moderator approval?

    Part 2:
    ============= SERVICES / DRIVERS ===============
    .
    R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2013-9-4 640560]
    R0 eLock2BurnerLockDriver;Disk Performance Monitor Filter Driver;c:\windows\system32\drivers\eLock2burnerlockdriver.sys [2010-1-14 22560]
    R0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\drivers\fltsrv.sys [2012-1-22 77696]
    R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2013-9-4 162976]
    R0 HKDirFlt;Wondershare HKDirFlt;c:\windows\system32\drivers\HKDirFlt.sys [2013-9-3 33896]
    R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2011-1-5 57312]
    R0 MirDisk;Wondershare Time Freeze;c:\windows\system32\drivers\MirDisk.sys [2013-9-3 28648]
    R0 vidsflt61;Acronis Disk Storage Filter (61);c:\windows\system32\drivers\vsflt61.sys [2012-1-22 84544]
    R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2013-9-4 78144]
    R1 bdfwfpf;bdfwfpf;c:\program files\common files\bitdefender\bitdefender firewall\bdfwfpf.sys [2013-9-4 90704]
    R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2013-9-4 72704]
    R1 dvdfabio;dvdfabio;c:\windows\system32\drivers\dvdfabio.sys [2011-1-7 11648]
    R1 RapportCerberus_56758;RapportCerberus_56758;c:\programdata\trusteer\rapport\store\exts\rapportcerber us\baseline\RapportCerberus32_56758.sys [2013-8-21 330960]
    R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-8-19 148688]
    R1 Uim_Vim;UIM Virtual Image Plugin;c:\windows\system32\drivers\Uim_Vim.sys [2011-11-14 277576]
    R2 ASLSvc;Acer SmartBoot Service;c:\program files\acer\acer smartboot\ASLSvc.exe [2010-1-14 417792]
    R2 AVWEBCAM;AV WebCam, WDM Video Capture;c:\windows\system32\drivers\avwebcam.sys [2010-9-23 13696]
    R2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\drivers\eLock2FSCTLDriver.sys [2010-1-14 87072]
    R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2010-1-14 24576]
    R2 Greg_Service;GRegService;c:\program files\acer\registration\GregHSRW.exe [2009-8-28 1150496]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\newtech infosystems\acer backup manager\IScheduleSvc.exe [2009-11-18 255744]
    R2 pdserv;Bitdefender 60-Second Virus Scanner Service;c:\program files\bitdefender\60-second virus scanner\pdscan.exe \svc --> c:\program files\bitdefender\60-second virus scanner\pdscan.exe \svc [?]
    R2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2012-9-5 69632]
    R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-8-19 1435928]
    R2 SafeBox;SafeBox;c:\program files\bitdefender\bitdefender safebox\safeboxservice.exe [2013-9-4 81704]
    R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2013-7-20 5120]
    R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-8-29 4308320]
    R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\bitdefender\bitdefender\updatesrv.exe [2013-9-4 54424]
    R2 WDBackup;WD Backup;c:\program files\western digital\wd smartware\WDBackupEngine.exe [2012-6-14 1151424]
    R2 WDDriveService;WD Drive Manager;c:\program files\western digital\wd drive manager\WDDriveService.exe [2012-9-6 248248]
    R2 WDRulesService;WD Rules;c:\program files\western digital\wd smartware\WDRulesEngine.exe [2012-6-14 1177536]
    R2 WebCamHelper;WebCamHelper;c:\progra~1\av webcam morpher\WebCamHelper.sys [2011-9-10 2688]
    R2 WinisoCDBus;WinISO Virtual CD Drive;c:\windows\system32\drivers\WinisoCDBus.sys [2013-6-28 121600]
    R2 ZentimoService;Zentimo Assistant;c:\program files\zentimo\ZentimoService.exe [2011-12-12 259072]
    R3 APL531;Hercules Dualpix HD Webcam;c:\windows\system32\drivers\HDvidv.sys [2010-9-19 285952]
    R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2012-4-26 16640]
    R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2013-9-4 242504]
    R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2013-9-4 490144]
    R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2010-1-14 274984]
    R3 hxctlflt;hxctlflt;c:\windows\system32\drivers\hxctlflt.sys [2010-9-19 99968]
    R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2010-12-31 734312]
    R3 VCam_WDM;e2eSoft VCam;c:\windows\system32\drivers\VCam_WDM.sys [2012-12-25 104376]
    R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [2011-6-4 17792]
    R3 vdrive;vdrive;c:\windows\system32\drivers\vdrive.sys [2011-1-7 34176]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
    S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\wcmvcam.sys [2012-4-15 1068216]
    S2 XAMPP;XAMPP Service;c:\xampp\service.exe --> c:\xampp\service.exe [?]
    S3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\common files\bitdefender\bitdefender firewall\bdfwfpf_pc.sys [2013-9-4 96160]
    S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2013-9-4 66832]
    S3 camfilt2;camfilt2;c:\windows\system32\drivers\camfilt2.sys [2010-10-24 103720]
    S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
    S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2012-9-14 14216]
    S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2012-9-14 8456]
    S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-1-19 36640]
    S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
    S3 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-8-19 97008]
    S3 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-8-19 222416]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-18 14848]
    S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-1 34384]
    S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-18 49664]
    S3 v3core;v3core;c:\windows\system32\drivers\v3core.sys [2010-9-14 270720]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-13 1343400]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
    S4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\bitdefender\bitdefender\bdparentalservice.exe [2013-9-4 68344]
    S4 gfi_backup_mcs;GFI Backup Management Console Service;c:\program files\gfi\gfi backup administration console\backupmcs.exe [2010-4-27 99840]
    S4 GFIBackupAdministrationConsole;GFI Backup Administration Console;c:\program files\gfi\gfi backup administration console\apache\bin\httpd.exe [2010-7-22 24645]
    S4 GFIBckBAtt;GFI Backup Attendant Service;c:\progra~1\gfi\gfibac~3\GFIBInst.exe [2011-7-13 945520]
    S4 GFIBckBSched;GFI Backup Scheduler Service;c:\progra~1\gfi\gfibac~3\GFIBSC~1.EXE [2011-7-13 2613616]
    S4 GFIBckDiskImage;GFI Backup DiskImage;c:\progra~1\gfi\gfibac~3\diskimage\win32\oodiag.exe [2011-7-13 2699264]
    S4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2012-9-4 95232]
    S4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.207\McCHSvc.exe [2011-6-17 237008]
    S4 Realtek11nCU;Realtek11nCU;c:\program files\realtek\11n usb wireless lan utility\RtlService.exe [2011-3-30 36864]
    S4 Updater Service;Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2010-1-14 240160]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile="c:\program files\jgsoft\editpadpro6\EditPadPro.exe" "%1"
    FileExt: .inf: inffile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2013-09-05 12:44:00 -------- d-----w- c:\windows\ERUNT
    2013-09-04 11:11:37 794392 ----a-w- c:\programdata\1378290538.bdinstall.bin
    2013-09-04 10:38:09 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys
    2013-09-04 10:38:08 78144 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
    2013-09-04 10:38:08 66832 ----a-w- c:\windows\system32\drivers\bdsandbox.sys
    2013-09-04 10:37:59 640560 ----a-w- c:\windows\system32\drivers\avc3.sys
    2013-09-04 10:37:59 490144 ----a-w- c:\windows\system32\drivers\avckf.sys
    2013-09-04 10:37:59 242504 ----a-w- c:\windows\system32\drivers\avchv.sys
    2013-09-04 10:31:34 -------- d-----w- c:\users\david\appdata\roaming\Bitdefender
    2013-09-04 10:29:16 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys
    2013-09-04 10:29:14 355744 ----a-w- c:\windows\system32\drivers\trufos.sys
    2013-09-04 09:21:55 255995 ----a-w- c:\programdata\1378286392.bdinstall.bin
    2013-09-04 09:18:28 -------- d-----w- C:\Sophos103
    2013-09-03 11:07:08 21464 ----a-w- c:\windows\system32\NaBootMir.exe
    2013-09-03 11:06:40 37016 ----a-w- c:\windows\system32\drivers\FolderHK.sys
    2013-09-03 11:06:40 33896 ----a-w- c:\windows\system32\drivers\HKDirFlt.sys
    2013-09-03 11:06:40 28648 ----a-w- c:\windows\system32\drivers\MirDisk.sys
    2013-09-03 11:06:40 -------- d-----w- c:\program files\Wondershare
    2013-09-02 10:46:06 49935 ----a-w- c:\programdata\1378118679.bdinstall.bin
    2013-09-02 10:37:16 848725 ----a-w- c:\programdata\1378117318.bdinstall.bin
    2013-09-02 10:33:37 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
    2013-09-02 10:33:28 -------- d-----w- c:\programdata\BDLogging
    2013-09-02 10:33:15 511328 ----a-w- c:\windows\capicom.dll
    2013-09-02 10:22:18 -------- d-----w- c:\programdata\Bitdefender
    2013-09-02 10:22:15 -------- d-----w- c:\program files\Bitdefender
    2013-09-02 10:21:58 -------- d-----w- c:\users\david\appdata\roaming\QuickScan
    2013-09-02 10:12:51 -------- d-----w- c:\program files\common files\Bitdefender
    2013-09-01 07:40:21 -------- d-----w- c:\programdata\Balls
    2013-08-31 16:32:18 -------- d-----w- c:\users\david\appdata\local\Halvar Information
    2013-08-31 09:05:52 -------- d-----w- c:\program files\Wise
    2013-08-31 08:40:17 -------- d-----w- c:\programdata\Islands
    2013-08-29 21:56:53 -------- d-sh--w- C:\Boot
    2013-08-29 20:51:53 -------- d-----w- c:\users\david\appdata\roaming\SUPERAntiSpyware.com
    2013-08-29 17:24:56 -------- d-sh--w- C:\$RECYCLE.BIN
    2013-08-29 17:03:26 208896 ----a-w- c:\windows\MBR.exe
    2013-08-29 17:03:25 256000 ----a-w- c:\windows\PEV.exe
    2013-08-29 17:03:24 98816 ----a-w- c:\windows\sed.exe
    2013-08-29 17:02:50 -------- d-s---w- C:\ComboFix
    2013-08-29 16:32:52 -------- d-----w- c:\users\david\appdata\roaming\FolderSync
    2013-08-29 16:32:48 -------- d-----w- c:\users\david\appdata\roaming\OutlookSync
    2013-08-29 16:31:13 -------- d-----w- c:\users\david\appdata\roaming\OTi
    2013-08-29 16:20:45 -------- d-----w- c:\program files\GO!Suite
    2013-08-28 06:06:20 7166848 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ce059028-7dc4-4f80-9017-a5786c165865}\mpengine.dll
    2013-08-26 12:12:29 -------- d-----w- c:\users\david\appdata\roaming\Hornil
    2013-08-26 12:12:27 -------- d-----w- c:\program files\Hornil
    2013-08-25 19:53:10 -------- d-----w- c:\users\david\appdata\local\SCE
    2013-08-24 10:35:41 -------- d-----w- c:\users\david\IOption
    2013-08-24 09:41:11 -------- d-----w- c:\programdata\clonehdd
    2013-08-23 07:32:52 -------- dc----w- c:\users\david\appdata\local\MigWiz
    2013-08-22 20:30:21 -------- d-----w- c:\users\david\appdata\roaming\MoonriseInteractive
    2013-08-21 13:40:39 -------- d-----w- c:\users\david\appdata\roaming\iPubsoft
    2013-08-19 10:50:13 -------- d-----w- c:\program files\WinMerge
    2013-08-19 10:01:36 97008 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
    2013-08-19 09:10:54 -------- d-----w- c:\program files\Firetrust
    2013-08-15 06:52:57 652800 ----a-w- c:\windows\system32\rpcrt4.dll
    2013-08-15 06:51:30 175104 ----a-w- c:\windows\system32\wintrust.dll
    2013-08-15 06:51:30 140288 ----a-w- c:\windows\system32\cryptsvc.dll
    2013-08-15 06:51:30 1166848 ----a-w- c:\windows\system32\crypt32.dll
    2013-08-15 06:51:30 103936 ----a-w- c:\windows\system32\cryptnet.dll
    2013-08-15 06:49:56 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-08-15 06:49:55 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-08-15 06:49:55 1289096 ----a-w- c:\windows\system32\ntdll.dll
    2013-08-15 06:48:25 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-08-15 06:46:55 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
    2013-08-15 06:43:57 2048 ----a-w- c:\windows\system32\tzres.dll
    2013-08-15 06:42:22 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
    .
    ==================== Find3M ====================
    .
    2013-09-03 09:24:00 848 --sha-w- c:\windows\system32\KGyGaAvL.sys
    2013-08-21 09:28:20 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-08-21 09:28:19 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-08-01 11:51:58 32459 ----a-w- c:\programdata\1375357889.bdinstall.bin
    2013-07-26 03:13:24 1767936 ----a-w- c:\windows\system32\wininet.dll
    2013-07-26 03:12:04 2877440 ----a-w- c:\windows\system32\jscript9.dll
    2013-07-26 03:12:00 61440 ----a-w- c:\windows\system32\iesetup.dll
    2013-07-26 03:12:00 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2013-07-26 02:49:14 2706432 ----a-w- c:\windows\system32\mshtml.tlb
    2013-07-26 01:59:38 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2013-07-10 10:16:13 12872 ----a-w- c:\windows\system32\bootdelete.exe
    2013-06-12 21:50:38 114 ----a-w- c:\windows\Printdir.bat
    2013-06-12 20:48:23 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
    2013-06-12 20:48:17 789416 ----a-w- c:\windows\system32\deployJava1.dll
    2013-06-12 20:48:00 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    .
    ============= FINISH: 18:28:55.20 ===============
      My Computer


  5. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #5

    I see you've used Combofix: 2013-08-29 17:02:50 -------- d-s---w- C:\ComboFix

    Please go to C:\qoobox and/or C:\QooBox\combofix-quarantine-files.txt
    copy and paste the .txt log for me to see.
      My Computer


  6. Posts : 40
    Windows 7 Pro 32bit
    Thread Starter
       #6

    Jacee said:
    I see you've used Combofix: 2013-08-29 17:02:50 -------- d-s---w- C:\ComboFix

    Please go to C:\qoobox and/or C:\QooBox\combofix-quarantine-files.txt
    copy and paste the .txt log for me to see.
    Right, Don't remember downloading or running this, but no text files in any folders in C:\QooBox and no txt files at all in QooBox directory, just mainly empty folders: BackEnv, LastRun, Quarantine, Test & TestC. Only files are in BackEnv and they are all dat files.
      My Computer


  7. Posts : 2,470
    Windows 7 Home Premium
       #7

    Dragonride,

    Can you use the Snipping Tool to obtain a capture of the Action Center notification:

    How to Use the Snipping Tool in Vista and Windows 7
    How to Use the Snipping Tool in Vista

    Can you click on 'problem details' in the warning, and also provide a capture?

    Last, in Action Center > Security
    What does it say underneath: Virus Protection
    Last edited by cottonball; 05 Sep 2013 at 21:42.
      My Computer


  8. Posts : 40
    Windows 7 Pro 32bit
    Thread Starter
       #8

    for cottonball


    Action Center Notification:



    Click on link, resulting Non-reponsive AC:



    Action Center Security:



    Clicking on the View Message Details button returns me to the second image.
      My Computer


  9. Posts : 2,470
    Windows 7 Home Premium
       #9

    Thanks for providing the images.

    The following program should pick up the event that occurred on 30August2013.

    The Event Viewer tool (VEW) by Vino Rosso is free and can help look at system event logs for error messages and other information that may be pertinent.
     
    : VEW download:
    http://images.malwareremoval.com/vino/VEW.exe
    Save to the Desktop
    Right-click the icon on the Desktop (VEW.exe), and select: Run as Administrator
    Click Allow at the User Account Control (UAC) prompt.

    At the VEW program console:
    In the Select log to query section, check:
    Application
    System

    In the Select type to list section, check:
    Critical (not XP)
    Error
    Warning

    In the Number or date of events section, check:
    Number of events
    Type 20 in the 1 -20 box

    Now, press the Run button.

    A Notepad report opens on the Desktop when the program is done.

    Please post it in your reply.


    Also, download Farbar Service Scanner
    Save to the Desktop
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center
      • Windows Update
      • Windows Defender
    • Press: Scan
    • FSS creates a log, FSS.txt, on the Desktop.
    Please provide the FSS.txt in your reply.
      My Computer


  10. Posts : 40
    Windows 7 Pro 32bit
    Thread Starter
       #10

    I seem to have rather a number of events since the 30/8

    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 06/09/2013 14:27:00

    Note: All dates below are in the format dd/mm/yyyy

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'Application' Date/Time: 06/09/2013 09:50:21
    Type: Error Category: 0
    Event: 2001 Source: Microsoft Office 14
    Microsoft Outlook: Rejected Safe Mode action : Outlook failed to start correctly last time. Starting Outlook in safe mode will help you correct or isolate a startup problem in order to successfully start the program. Some functionality may be disabled in this mode.

    Do you want to start Outlook in safe mode?.

    Log: 'Application' Date/Time: 06/09/2013 09:49:57
    Type: Error Category: 100
    Event: 1000 Source: Application Error
    Faulting application name: OUTLOOK.EXE, version: 14.0.6131.5000, time stamp: 0x509b1020 Faulting module name: spCapBtn.dll_unloaded, version: 0.0.0.0, time stamp: 0x51fa250c Exception code: 0xc0000005 Fault offset: 0x023b0b44 Faulting process id: 0x1544 Faulting application start time: 0x01ceaae58a71e760 Faulting application path: C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE Faulting module path: spCapBtn.dll Report Id: b0077156-16d9-11e3-a15d-90fba684c135

    Log: 'Application' Date/Time: 06/09/2013 05:47:26
    Type: Error Category: 101
    Event: 1002 Source: Application Hang
    The program explorer.exe version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1358 Start Time: 01ceaac3c9b11448 Termination Time: 40 Application Path: C:\Windows\explorer.exe Report Id: cc02b26e-16b7-11e3-9dc8-90fba684c135

    Log: 'Application' Date/Time: 06/09/2013 05:41:52
    Type: Error Category: 101
    Event: 1002 Source: Application Hang
    The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 11cc Start Time: 01ceaac2a5c9adb5 Termination Time: 33 Application Path: C:\Windows\Explorer.EXE Report Id: 02c577d9-16b7-11e3-9dc8-90fba684c135

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'Application' Date/Time: 06/09/2013 09:51:13
    Type: Warning Category: 0
    Event: 36 Source: Outlook
    Search cannot complete the indexing of your Outlook data. Indexing cannot continue for C:\Users\David\AppData\Local\Microsoft\Outlook\archive (1).pst (error=0x8134081f). If this error continues, contact Microsoft Support.

    Log: 'Application' Date/Time: 05/09/2013 15:16:31
    Type: Warning Category: 3
    Event: 3036 Source: Microsoft-Windows-Search
    The content source <mapi://{S-1-5-21-392035571-2704842777-1394014257-1004}/> cannot be accessed.

    Context: Application, SystemIndex Catalog

    Details:
    A server error occurred. Check that the server is available. (HRESULT : 0x80041206) (0x80041206)


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 06/09/2013 06:54:01
    Type: Error Category: 0
    Event: 14349 Source: Microsoft-Windows-WMPNSS-Service
    A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x800700b7'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.

    Log: 'System' Date/Time: 06/09/2013 06:54:01
    Type: Error Category: 0
    Event: 14353 Source: Microsoft-Windows-WMPNSS-Service
    A media delivery engine with ID '0' was not initialized due to error '0x800700b7' when adding the URL 'http://+:10243/WMPNSSv4/4040352340/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.

    Log: 'System' Date/Time: 06/09/2013 06:54:01
    Type: Error Category: 0
    Event: 14349 Source: Microsoft-Windows-WMPNSS-Service
    A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x800700b7'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.

    Log: 'System' Date/Time: 06/09/2013 06:54:01
    Type: Error Category: 0
    Event: 14353 Source: Microsoft-Windows-WMPNSS-Service
    A media delivery engine with ID '0' was not initialized due to error '0x800700b7' when adding the URL 'http://+:10243/WMPNSSv4/4040352340/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.

    Log: 'System' Date/Time: 06/09/2013 06:53:24
    Type: Error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load: SBRE

    Log: 'System' Date/Time: 06/09/2013 06:53:23
    Type: Error Category: 0
    Event: 7034 Source: Service Control Manager
    The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s).

    Log: 'System' Date/Time: 06/09/2013 06:53:22
    Type: Error Category: 0
    Event: 11 Source: Disk
    The driver detected a controller error on \Device\Harddisk5\DR5.

    Log: 'System' Date/Time: 06/09/2013 06:53:21
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The XAMPP Service service failed to start due to the following error: The system cannot find the file specified.

    Log: 'System' Date/Time: 06/09/2013 06:53:15
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The WebcamMax, WDM Video Capture service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Log: 'System' Date/Time: 06/09/2013 06:53:09
    Type: Error Category: 0
    Event: 24620 Source: Microsoft-Windows-BitLocker-Driver
    Encrypted volume check: Volume information on \\?\Volume{d9751ffb-476c-11df-bd9e-806e6f6e6963} cannot be read.

    Log: 'System' Date/Time: 06/09/2013 06:53:09
    Type: Error Category: 0
    Event: 24620 Source: Microsoft-Windows-BitLocker-Driver
    Encrypted volume check: Volume information on \\?\Volume{d9751ffa-476c-11df-bd9e-806e6f6e6963} cannot be read.

    Log: 'System' Date/Time: 06/09/2013 05:35:17
    Type: Error Category: 0
    Event: 14349 Source: Microsoft-Windows-WMPNSS-Service
    A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x800700b7'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.

    Log: 'System' Date/Time: 06/09/2013 05:35:17
    Type: Error Category: 0
    Event: 14353 Source: Microsoft-Windows-WMPNSS-Service
    A media delivery engine with ID '0' was not initialized due to error '0x800700b7' when adding the URL 'http://+:10243/WMPNSSv4/4040352340/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.

    Log: 'System' Date/Time: 06/09/2013 05:35:16
    Type: Error Category: 0
    Event: 14349 Source: Microsoft-Windows-WMPNSS-Service
    A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x800700b7'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.

    Log: 'System' Date/Time: 06/09/2013 05:35:16
    Type: Error Category: 0
    Event: 14353 Source: Microsoft-Windows-WMPNSS-Service
    A media delivery engine with ID '0' was not initialized due to error '0x800700b7' when adding the URL 'http://+:10243/WMPNSSv4/4040352340/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.

    Log: 'System' Date/Time: 06/09/2013 05:33:02
    Type: Error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load: SBRE

    Log: 'System' Date/Time: 06/09/2013 05:33:02
    Type: Error Category: 0
    Event: 7034 Source: Service Control Manager
    The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s).

    Log: 'System' Date/Time: 06/09/2013 05:32:59
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The XAMPP Service service failed to start due to the following error: The system cannot find the file specified.

    Log: 'System' Date/Time: 06/09/2013 05:32:53
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The WebcamMax, WDM Video Capture service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Log: 'System' Date/Time: 06/09/2013 05:32:38
    Type: Error Category: 0
    Event: 24620 Source: Microsoft-Windows-BitLocker-Driver
    Encrypted volume check: Volume information on \\?\Volume{d9751ffb-476c-11df-bd9e-806e6f6e6963} cannot be read.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 06/09/2013 06:53:24
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#7&2C5E86A3&0&058F63636476&0#.

    Log: 'System' Date/Time: 06/09/2013 06:53:05
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

    Log: 'System' Date/Time: 06/09/2013 06:52:33
    Type: Warning Category: 0
    Event: 4 Source: b57nd60x
    Broadcom NetXtreme Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.

    Log: 'System' Date/Time: 06/09/2013 06:14:43
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped.

    Log: 'System' Date/Time: 06/09/2013 06:14:43
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped. Module Path: C:\Windows\system32\Rtlihvs.dll

    Log: 'System' Date/Time: 06/09/2013 05:33:03
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#7&2C5E86A3&0&058F63636476&0#.

    Log: 'System' Date/Time: 06/09/2013 05:32:19
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

    Log: 'System' Date/Time: 06/09/2013 05:31:49
    Type: Warning Category: 0
    Event: 4 Source: b57nd60x
    Broadcom NetXtreme Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.

    Log: 'System' Date/Time: 05/09/2013 21:15:58
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped.

    Log: 'System' Date/Time: 05/09/2013 21:15:56
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped. Module Path: C:\Windows\system32\Rtlihvs.dll

    Log: 'System' Date/Time: 05/09/2013 20:56:34
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#7&2C5E86A3&0&058F63636476&0#.

    Log: 'System' Date/Time: 05/09/2013 20:55:55
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

    Log: 'System' Date/Time: 05/09/2013 20:55:25
    Type: Warning Category: 0
    Event: 4 Source: b57nd60x
    Broadcom NetXtreme Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.

    Log: 'System' Date/Time: 05/09/2013 17:44:37
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped.

    Log: 'System' Date/Time: 05/09/2013 17:44:37
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped. Module Path: C:\Windows\system32\Rtlihvs.dll
    And the FSS Log:
    Farbar Service Scanner Version: 05-09-2013
    Ran by David (administrator) on 06-09-2013 at 14:29:12
    Running from "C:\Users\David\Downloads"
    Microsoft Windows 7 Professional Service Pack 1 (X86)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Action Center:
    ============


    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============
    WinDefend Service is not running. Checking service configuration:
    The start type of WinDefend service is set to Demand. The default start type is Auto.
    The ImagePath of WinDefend service is OK.
    The ServiceDll of WinDefend service is OK.


    Windows Defender Disabled Policy:
    ==========================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware"=DWORD:1


    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\system32\nsisvc.dll => MD5 is legit
    C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
    C:\Windows\system32\dhcpcore.dll => MD5 is legit
    C:\Windows\system32\Drivers\afd.sys => MD5 is legit
    C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
    C:\Windows\system32\Drivers\tcpip.sys
    [2013-08-15 07:48] - [2013-07-06 06:05] - 1293760 ____A (Microsoft Corporation) 4E8B9BE71B807B3BAEDB7F4243F85E3C

    C:\Windows\system32\dnsrslvr.dll => MD5 is legit
    C:\Windows\system32\mpssvc.dll => MD5 is legit
    C:\Windows\system32\bfe.dll => MD5 is legit
    C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
    C:\Windows\system32\SDRSVC.dll => MD5 is legit
    C:\Windows\system32\vssvc.exe => MD5 is legit
    C:\Windows\system32\wscsvc.dll => MD5 is legit
    C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\Windows\system32\wuaueng.dll => MD5 is legit
    C:\Windows\system32\qmgr.dll => MD5 is legit
    C:\Windows\system32\es.dll => MD5 is legit
    C:\Windows\system32\cryptsvc.dll
    [2013-08-15 07:51] - [2013-07-09 05:46] - 0140288 ____A (Microsoft Corporation) 7CA1BECEA5DE2643ADDAD32670E7A4C9

    C:\Program Files\Windows Defender\MpSvc.dll
    [2013-07-10 10:57] - [2013-05-27 05:57] - 0680960 ____A (Microsoft Corporation) 082CF481F659FAE0DE51AD060881EB47

    C:\Windows\system32\svchost.exe => MD5 is legit
    C:\Windows\system32\rpcss.dll => MD5 is legit


    **** End of log ****
      My Computer


 
Page 1 of 3 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 13:59.
Find Us