Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Virus on a Windows Vista machine

  1. #1
    Join Date
    Dec 2011
    Posts
    9

    Virus on a Windows Vista machine

    Thought I'd give you a bit of background before I post the logs. This is my Dad's windows laptop - I came to visit and he mentions that he can't download any files, and he thinks there's a virus. I take a look - and specifically he can't download .exe files, so I couldn't follow any instructions to get rid of the virus, and on top of that, his laptop no longer seemed to allow me to access msconfig or any other settings that might help.

    I followed the instructions here: http://windowsxp.mvps.org/exefile.htm and I can now download .exe files and all those problems seem to have gone away and I've been able to download spyware blockers and do AV scans.

    However, now whenever I start up the laptop is says that Windows Defender failed to initialize. I'm not too sure what to do with that.

    I haven't used a PC for around 3 years now, so I initially came here with a HickThis log, but realised that's a bit outdated, so followed the instructions on the stickied thread (really helpful! Thanks so much!)

    Thanks in advance for your help.

  2. #2
    Join Date
    Dec 2011
    Posts
    9

    DDS text file (part 1)

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421
    Run by dave at 11:24:39 on 2011-12-26
    Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.2010.845 [GMT 0:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_ae0b52e0\STacSV.exe
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\WLTRYSVC.EXE
    C:\Windows\System32\bcmwltry.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_ae0b52e0\aestsrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\AVG\AVG2012\avgemcx.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\RUNDLL32.EXE
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Program Files\DellTPad\Apoint.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\System32\WLTRAY.EXE
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\Iminent\IMBooster\IMBooster.exe
    C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe
    C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\DllHost.exe
    .

  3. #3
    Join Date
    Dec 2011
    Posts
    9

    DDS text file (part 2)

    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.iminent.com/?appId=CB4A23BE-F5D2-4F49-AD4A-10E5A570C56C
    uSearch Bar = Preserve
    uWindow Title = Internet Explorer provided by Dell
    mStart Page = about:blank
    uInternet Settings,ProxyOverride = *.local
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: TBSB01620 Class: {58124a0b-dc32-4180-9bff-e0e21ae34026} - c:\program files\iminent toolbar\tbcore3.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Iminent.BHO.NavigationError: {84ff7bd6-b47f-46f8-9130-01b2696b36cb} - c:\program files\iminent\searchtheweb\Iminent.BHO.NavigationE rror.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: IMinent WebBooster (BHO): {a09ab6eb-31b5-454c-97ec-9b294d92ee2a} - c:\program files\iminent\imbooster4web\Iminent.WebBooster.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: IMinent Toolbar: {977ae9cc-af83-45e8-9e03-e2798216e2d5} - c:\program files\iminent toolbar\tbcore3.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [BearShareInstall] "c:\users\dave\appdata\local\temp\bearshareinstall er\nswB3C6.tmp.exe" /N
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNo tifier.exe"
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [dRBAHQLTbF] c:\programdata\dRBAHQLTbF.exe
    uRunOnce: [.IMinentUpdate] c:\users\dave\appdata\local\temp\NotifierSetup.exe
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [Apoint] c:\program files\delltpad\Apoint.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
    mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
    mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
    mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
    mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
    mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    mRun: [IMBooster] c:\program files\iminent\imbooster\imbooster.exe /warmup
    mRun: [Iminent.Notifier] c:\program files\iminent\searchtheweb\Iminent.Notifier.exe
    mRun: [ServiceManager.exe] "c:\program files\virgin media\service manager\ServiceManager.exe" /AUTORUN
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [DHSClient.exe] "c:\program files\virgin media\digital home support\DHSClient.exe" /AUTORUN
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    StartupFolder: c:\users\dave\appdata\roaming\micros~1\windows\sta rtm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
    StartupFolder: c:\users\dave\appdata\roaming\micros~1\windows\sta rtm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    uPolicies-explorer: HideSCAHealth = 1 (0x1)
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461 B1589E8B4FB7.dll/cmsidewiki.html
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
    DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
    DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
    TCP: Interfaces\{22C743BB-00C7-4E07-9F29-F2090D617E2A} : DhcpNameServer = 194.168.4.100 194.168.8.100
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    Notify: igfxcui - igfxdev.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGI DSEH.sys [2011-7-11 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboo t.sys [2011-12-24 28552]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
    R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filereposi tory\stwrt.inf_ae0b52e0\AEstSrv.exe [2009-3-31 81920]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-9-24 155648]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
    R2 HsdService;HsdService;c:\program files\virgin media\digital home support\HsdService.exe [2011-8-30 1406264]
    R2 ServicepointService;ServicepointService;c:\program files\virgin media\service manager\ServicepointService.exe [2011-5-14 689464]
    R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\driv ers\AVGIDSDriver.sys [2011-7-11 134736]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\driv ers\AVGIDSFilter.sys [2011-7-11 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\ AVGIDSShim.sys [2011-10-4 16720]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-4 135664]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-4 135664]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30 319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2011-12-26 10:05:27 -------- d-----w- c:\program files\ESET
    2011-12-25 18:00:34 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-12-25 18:00:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-12-25 17:28:55 -------- d-----w- c:\users\dave\appdata\roaming\Radialpoint
    2011-12-24 14:15:35 -------- d--h--w- C:\$AVG
    2011-12-24 13:37:41 388096 ----a-r- c:\users\dave\appdata\roaming\microsoft\installer\ {45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-12-24 13:37:40 -------- d-----w- c:\program files\Trend Micro
    2011-12-24 13:36:11 -------- d-----w- c:\users\dave\appdata\roaming\AVG2012
    2011-12-24 13:35:23 -------- d--h--w- c:\programdata\Common Files
    2011-12-24 13:33:33 -------- d-----w- c:\windows\system32\drivers\AVG
    2011-12-24 13:33:33 -------- d-----w- c:\programdata\AVG2012
    2011-12-24 13:31:13 -------- d-----w- c:\program files\AVG
    2011-12-24 1329 -------- d-----w- c:\programdata\MFAData
    2011-12-24 13:25:27 -------- d-----w- c:\program files\SpywareBlaster
    2011-12-24 13:15:25 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
    2011-12-24 13:15:24 -------- d-----w- c:\program files\Panda Security
    2011-12-15 16:57:00 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-12-15 16:57:00 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-12-15 16:56:56 429056 ----a-w- c:\windows\system32\EncDec.dll
    2011-12-15 16:56:54 2043904 ----a-w- c:\windows\system32\win32k.sys
    2011-12-15 16:56:51 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
    2011-12-15 16:56:48 49152 ----a-w- c:\windows\system32\csrsrv.dll
    2011-12-15 16:56:41 2048 ----a-w- c:\windows\system32\tzres.dll
    .
    ==================== Find3M ====================
    .
    2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
    2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
    2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-10-07 06:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2011-10-04 06:21:16 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
    2011-03-08 19:43:43 675840 ----a-w- c:\program files\Uninstall SoccerInferno.dll
    .
    ============= FINISH: 11:26:51.01 ===============

  4. #4
    Join Date
    Dec 2011
    Posts
    9

    DDS Attach text file (part 1)

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft® Windows Vista™ Home Basic
    Boot Device: \Device\HarddiskVolume3
    Install Date: 31/03/2009 04:08:04
    System Uptime: 26/12/2011 10:00:51 (1 hours ago)
    .
    Motherboard: Dell Inc. | | 0G849F
    Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz | Microprocessor | 2167/166mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 134 GiB total, 85.843 GiB free.
    E: is FIXED (NTFS) - 15 GiB total, 8.991 GiB free.
    F: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.4.5
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AVG 2012
    Bonjour
    Choice Guard
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Compatibility Pack for the 2007 Office system
    Dell-eBay
    Dell Dock
    Dell Edoc Viewer
    Dell Getting Started Guide
    Dell Support Center (Support Software)
    Dell Touchpad
    Dell Wireless WLAN Card Utility
    ESET Online Scanner v3
    GearDrvs
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    GoToAssist 8.0.0.514
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Iminent
    IMinent Toolbar
    Intel® Matrix Storage Manager
    iTunes
    Java(TM) 6 Update 11
    Junk Mail filter update
    Malwarebytes' Anti-Malware version 1.51.2.1300
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2007
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    MSVCRT
    OGA Notifier 2.0.0048.0
    Panda ActiveScan 2.0
    PowerDVD
    QuickSet
    QuickTime
    Radialpoint Security Advisor 2.5.19
    Roxio Creator Audio
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator DE
    Roxio Creator Tools
    Roxio Express Labeler 3
    Roxio Update Manager
    RPS CRT
    SearchTheWeb
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2553089)
    Security Update for 2007 Microsoft Office System (KB2553090)
    Security Update for 2007 Microsoft Office System (KB2584063)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Sony Ericsson Media Manager 1.2
    SpywareBlaster 4.5
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
    Update for Microsoft Office 2007 System (KB2539530)
    Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Virgin Media Digital Home Support 2.1.27
    Virgin Media Service Manager 3.7.47
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    .

  5. #5
    Join Date
    Dec 2011
    Posts
    9

    DSS Attach file (part2)

    ==== Event Viewer Messages From Past Week ========
    .
    26/12/2011 10:09:15, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Silverlight (KB2617986).
    26/12/2011 10:02:28, Error: Service Control Manager [7000] - The Intel(R) PRO/1000 PCI Express Network Connection Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    26/12/2011 10:02:28, Error: Service Control Manager [7000] - The Intel(R) PRO/1000 NDIS 6 Adapter Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    25/12/2011 19:55:43, Error: Service Control Manager [7034] - The Marvell Yukon Service service terminated unexpectedly. It has done this 1 time(s).
    25/12/2011 18:11:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
    25/12/2011 18:08:50, Error: EventLog [6008] - The previous system shutdown at 18:07:33 on 25/12/2011 was unexpected.
    25/12/2011 1703, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\dave\AppData\Local\Microsoft\Windows \UsrClass.dat' was corrupted and it has been recovered. Some data might have been lost.
    24/12/2011 13:08:58, Error: EventLog [6008] - The previous system shutdown at 13:07:19 on 24/12/2011 was unexpected.
    24/12/2011 13:00:36, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx Wanarpv6
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    24/12/2011 13:00:36, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    24/12/2011 13:00:33, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    24/12/2011 13:00:33, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    24/12/2011 12:59:59, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    24/12/2011 12:59:59, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    24/12/2011 12:59:57, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    24/12/2011 12:59:47, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    .
    ==== End Of File ===========================

  6. #6
    Join Date
    Mar 2008
    Location
    London England
    Posts
    103
    Hi janine.
    Our resident Security Expert has not logged on for some time and so, not being an expert - I offer these suggestions.

    Check Malwarebytes for updates and run a full scan - remove all that it finds.
    Download - update and scan with Superantispyware.
    Download and scan with HitMan Pro.

    http://www.superantispyware.com
    http://www.malwarebytes.org/products/malwarebytes_free
    http://www.surfright.nl/en/hitmanpro

    Run TDSSKiller
    You may be asked to reboot after cleaning.
    http://support.kaspersky.com/viruses...?qid=208280684

    Reset your Host files.
    HostExpert.
    http://www.funkytoad.com/index.php?o..._content&id=13

    Click on Restore MS Host Files

    What are Host Files.
    http://winhelp2002.mvps.org/hosts.htm

    Windows Defender - is not the best Windows Security program, I'd leave it turned off.
    Click on Windows Updates - check that all Windows Updates are installed.
    Last edited by S Templar; 12-26-2011 at 03:53 PM.

  7. #7
    Join Date
    Dec 2011
    Posts
    9
    Thanks so much! I'll try your suggestions.

  8. #8
    Join Date
    Dec 2011
    Posts
    9
    I have got to the root of some of the issues - my Dad wanted to watch football online and it 'made' him download some files including Iminent Search (which I have unistalled), and along with that it's also downloaded Bear Share. From what I can see online, Bear Share isn't bad in itself, but in order to make money they install lots of spyware and malware. I can't work out how to uninstall it, as when I go into contol panel it just isn't there, and it's not in the start menu, but it is in the program files folder.

    Any help?

    Thanks!

  9. #9
    Join Date
    Dec 2011
    Posts
    9
    And a program called Soccer Inferno. I can't remove this

  10. #10
    Join Date
    Mar 2008
    Location
    London England
    Posts
    103
    BearShare seems to be legal - but streaming football can bring some adware with it.
    A bit of a pain to remove it seems.
    I am still checking suggestions - some listed here.

    How to Remove Bearshare | eHow.com
    http://www.ehow.com/how_5091477_remove-bearshare.html

    But make a backup of the registry first - before using eHow suggestions.
    How To Backup Registry In Windows Vista
    http://www.pcruneasy.com/tutorials/v...dit/backup.php

    Uninstall / Install | BearShare Support
    http://support.bearshare.com/index.p...stall--install

    Edit.
    Check if they show up in Revo Uninstaller.
    Download Revo Uninstaller 1.93 Free.
    http://www.softpedia.com/get/Tweak/U...nstaller.shtml

    Have you run all the scans in post #6?
    Last edited by S Templar; 12-26-2011 at 05:05 PM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •