1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Google redirects to spyware site.

Discussion in 'Malware and Virus Removal Archive' started by pamck4, 2009/02/03.

  1. 2009/02/03
    pamck4

    pamck4 Inactive Thread Starter

    Joined:
    2009/02/03
    Messages:
    2
    Likes Received:
    0
    Hi! I want to thank those in advance for help. Starting two days ago, I became infected with spyware/malware. Two main things were happening, one was I had a big red X appear in my toolbar by my clock with a message that popped up every few seconds. The message read "Warning! Security report. You computer is infected. It is recommended to start Spyware cleaning tool ". Also, any time I would make a search with Google on IE, all my search results would direct me to "clickfraudmanager.com ". This does not happen on Firefox. I browsed around different places on the and was able to discover a trojan in one of my registry fields that was causing the red X is my taskbar. It was called frmwrk32.exe. I followed instructions on that site and proceeded to delete the file from registry. Now the red X with the warning message no longer appears, but my Google searches on IE still redirect me to this other site.

    DDS log:
    DDS (Ver_09-02-01.01) - NTFSx86
    Run by Pareen at 22:33:03.44 on Tue 02/03/2009
    Internet Explorer: 7.0.6000.16764
    Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6000.0.1252.1.1033.18.2038.1041 [GMT -6:00]

    AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated)
    AV: avast! antivirus 4.8.1296 [VPS 090203-1] *On-access scanning enabled* (Updated)

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\IPSSVC.EXE
    C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    C:\Windows\system32\agrsmsvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
    C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe
    C:\Program Files\LogMeIn\x86\RaMaint.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
    C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
    C:\Program Files\Lenovo\PM Driver\PMSveH.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Lenovo\System Update\SUService.exe
    C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
    C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
    C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
    C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Southwest Airlines\Ding\Ding.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Pareen\Desktop\dds.com
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    mDefault_Page_URL = hxxp://lenovo.live.com
    uInternet Settings,ProxyOverride = *.local
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptcl.dll
    BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    BHO: NoExplorer - No File
    BHO: Pando Toolbar BHO: {e3ea4fd1-cade-4ae5-84f7-086eee888be4} - c:\program files\pandobar\bar\1.bin\PANDOBAR.DLL
    BHO: CPwmIEBrowserHelper Object: {f040e541-a427-4cf7-85d8-75e3e0f476c5} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
    TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    TB: Pando Toolbar: {e3ea4fd9-cade-4ae5-84f7-086eee888be4} - c:\program files\pandobar\bar\1.bin\PANDOBAR.DLL
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [Aim6]
    uRun: [AdobeUpdater] c:\program files\common files\adobe\updater5\AdobeUpdater.exe
    uRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [<NO NAME>]
    mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
    mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe
    mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe
    mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe "
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [Nitro PDF Printer Monitor] "c:\program files\nitro pdf\professional\NitroPDFPrinterMonitor.exe "
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
    mRun: [UDC Integration]
    mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
    StartupFolder: c:\users\pareen\appdata\roaming\micros~1\windows\startm~1\programs\startup\ding!.lnk - c:\program files\southwest airlines\ding\Ding.exe
    mPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    dPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
    dPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    dPolicies-system: DisableTaskMgr = 1 (0x1)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: {0045D4BC-5189-4b67-969C-83BB1906C421} - {0FE81B52-73FA-425F-8F06-3F32451AC73F} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\ssv.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} - hxxp://p3p.sogou.com/MMCShell.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
    DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
    DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo.walgreens.com/WalgreensActivia.cab
    DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} - hxxp://download.sopcast.com/download/SOPCORE.CAB
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
    Handler: jpip - {B92DD248-E3D5-4A92-B311-C9B841681455} - c:\program files\lizardtech\express view\expressview.dll
    Handler: sidlet - {B92DD248-E3D5-4A92-B311-C9B841681455} - c:\program files\lizardtech\express view\expressview.dll
    Notify: igfxcui - igfxdev.dll
    LSA: Notification Packages = scecli ACGina

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\pareen\appdata\roaming\mozilla\firefox\profiles\pzteqzi8.default\

    ---- FIREFOX POLICIES ----
    c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.allow_platform_file_picker ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.cookie.p3plevel ", 1); // 0=low, 1=medium, 2=high, 3=custom
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.enablePad ", false); // Allow client to do proxy autodiscovery
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.remember_cert_checkbox_default_setting ", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.urlbar.hideGoButton ", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.search.param.Google.1.default ", "chrome://branding/content/searchconfig.properties ");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.search.param.Google.1.custom ", "chrome://branding/content/searchconfig.properties ");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "signon.prefillForms ", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.enabled ", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.remoteLookups ", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.updateURL ", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}& ");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.lookupURL ", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}& ");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.reportURL ", "http://sb.google.com/safebrowsing/report? ");

    ============= SERVICES / DRIVERS ===============

    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-2-2 111184]
    R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2006-10-20 13744]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-2-2 20560]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-2-2 51792]
    R2 FNF5SVC;Fn+F5 Service;c:\program files\lenovo\hotkey\FnF5svc.exe [2006-11-29 54832]
    R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-7-13 12856]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-7-2 47640]
    R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2006-11-29 55928]
    R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2006-9-13 35264]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936]
    S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-2-2 356920]

    =============== Created Last 30 ================

    2009-02-02 23:39 529 a------- c:\windows\system32\winlogon2.exe
    2009-02-02 02:56 51,792 a------- c:\windows\system32\drivers\aswMonFlt.sys
    2009-02-02 02:31 81,288 a------- c:\windows\system32\drivers\iksyssec.sys
    2009-02-02 02:31 66,952 a------- c:\windows\system32\drivers\iksysflt.sys
    2009-02-02 02:31 42,376 a------- c:\windows\system32\drivers\ikfilesec.sys
    2009-02-02 02:31 29,576 a------- c:\windows\system32\drivers\kcom.sys
    2009-02-02 02:31 <DIR> --d----- c:\users\pareen\appdata\roaming\PC Tools
    2009-02-02 02:31 <DIR> --d----- c:\program files\Spyware Doctor
    2009-02-01 23:31 491 a------- c:\windows\system32\win32hlp.cnf
    2009-02-01 22:46 <DIR> --d----- c:\windows\system32\Client Security Solution
    2009-02-01 22:46 40,448 a------- c:\windows\Xlalafi.dll
    2009-02-01 22:46 40,448 a------- c:\windows\system32\chert11-303350.exe
    2009-02-01 22:31 4,785 a------- c:\windows\system32\warning.gif
    2009-02-01 22:31 1 a------- c:\windows\system32\uniq.tll
    2009-02-01 22:31 1 a------- c:\windows\system32\test.ttt
    2009-02-01 22:31 26,112 a------- c:\windows\system32\frmwrk32.exe
    2009-02-01 22:31 26,112 a------- c:\windows\system32\303350.exe
    2009-01-21 22:45 <DIR> a-d----- c:\programdata\TEMP
    2009-01-21 22:44 <DIR> --d----- c:\program files\Oberon Media
    2009-01-21 22:44 <DIR> --d----- c:\program files\common files\Oberon Media
    2009-01-21 22:44 <DIR> --d----- c:\program files\Chill
    2009-01-14 18:39 <DIR> --d----- c:\program files\DivoCodec

    ==================== Find3M ====================

    2008-12-20 09:53 174 a--sh--- c:\program files\desktop.ini
    2008-12-20 09:48 665,600 a------- c:\windows\inf\drvindex.dat
    2008-12-20 09:48 51,200 a------- c:\windows\inf\infpub.dat
    2008-12-20 09:48 86,016 a------- c:\windows\inf\infstrng.dat
    2008-12-20 09:48 86,016 a------- c:\windows\inf\infstor.dat
    2008-08-25 20:44 87,608 a------- c:\users\pareen\appdata\roaming\inst.exe
    2008-08-25 20:44 47,360 a------- c:\users\pareen\appdata\roaming\pcouffin.sys
    2006-11-02 06:42 287,440 -------- c:\windows\inf\perflib\0409\perfi.dat
    2006-11-02 06:42 287,440 -------- c:\windows\inf\perflib\0409\perfh.dat
    2006-11-02 06:42 30,674 -------- c:\windows\inf\perflib\0409\perfd.dat
    2006-11-02 06:42 30,674 -------- c:\windows\inf\perflib\0409\perfc.dat
    2006-11-02 03:20 287,440 -------- c:\windows\inf\perflib\0000\perfi.dat
    2006-11-02 03:20 287,440 -------- c:\windows\inf\perflib\0000\perfh.dat
    2006-11-02 03:20 30,674 -------- c:\windows\inf\perflib\0000\perfd.dat
    2006-11-02 03:20 30,674 -------- c:\windows\inf\perflib\0000\perfc.dat
    2008-08-01 21:08 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
    2008-08-01 21:08 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
    2008-08-01 21:08 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
    2007-06-26 09:50 8,192 ---sh--- c:\windows\users\default\NTUSER.DAT




    Attach Log:

    Microsoft® Windows Vistaâ„¢ Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 6/26/2007 10:56:00 AM
    System Uptime: 2/3/2009 9:41:35 PM (1 hours ago)

    Motherboard: LENOVO | | CAPELL VALLEY(NAPA) CRB
    Processor: Genuine Intel(R) CPU T2060 @ 1.60GHz | U2E1 | 1600/133mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 105 GiB total, 34.024 GiB free.
    D: is CDROM (CDFS)

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP493: 2/2/2009 12:11:33 AM - Scheduled Checkpoint
    RP495: 2/2/2009 2:11:55 AM - Windows Defender Checkpoint
    RP497: 2/2/2009 2:28:52 AM - Windows Defender Checkpoint
    RP498: 2/3/2009 2:16:38 AM - Windows Update

    ==== Installed Programs ======================

    µTorrent
    Access Help
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 8.1.0
    Adobe Shockwave Player
    Agere Systems HDA Modem
    AIM 6
    Alt.Binz 0.24.2
    ALUpdate
    ALZip
    Apple Mobile Device Support
    Apple Software Update
    avast! Antivirus
    Bonjour
    Broadcom 802.11 Wireless LAN Adapter
    Bubbletown
    Client Security Solution
    Compatibility Pack for the 2007 Office system
    DING!
    Diskeeper Home
    DivX Web Player
    DjVuLibre+DjView
    DVD Shrink 3.2
    DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.8.5
    eFax Messenger 4.3
    FRED
    Full Tilt Poker
    Help Center
    Hitman - Codename 47
    Intel(R) Graphics Media Accelerator Driver
    IsoBuster 2.1
    iTunes
    Java(TM) SE Runtime Environment 6
    K-Lite Codec Pack 3.2.5 Full
    Lenovo Care
    Lenovo Care Supplement
    Lenovo Registration
    Lenovo System Interface Driver
    Lizardtech Express View Browser Plug-in
    LogMeIn
    Maintenance Manager
    McAfee VirusScan Enterprise
    Message Center
    MetaFrame Presentation Server Web Client for Win32
    Microsoft Office Professional Edition 2003
    Move Networks Media Player for Internet Explorer
    Mozilla Firefox (2.0.0.20)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB941833)
    MSXML 4.0 SP2 (KB954430)
    Music Alarm Clock
    Nero 7 Ultra Edition
    NewsBin Pro
    Nitro PDF Professional
    NZBPlayer 0.2.02
    Octoshape add-in for Adobe Flash Player
    On Screen Display
    Pando Toolbar
    PC-Doctor 5 for Windows
    Picasa 2
    PM Driver
    Power Ux Customization
    Presentation Director
    PrimoPDF
    QuickBooks Financial Center
    QuickPar 0.9
    QuickTime
    Realtek High Definition Audio Driver
    Registry patch for Windows Vista USB S3 PM Enablement
    Respondus LockDown Browser
    SopCast 1.1.2
    SopCore 1.1.2
    Spyware Doctor 6.0
    Synaptics Pointing Device Driver
    System Update
    TBS WMP Plug-in
    ThinkPad Hotkey Features Setup
    ThinkVantage Access Connections
    ThinkVantage Technologies Welcome Message
    Total Video Converter 3.11 070908
    TVAnts 1.0
    TVUPlayer 2.3.2.52
    Universal Document Converter
    UpToDate
    USMLE Board Simulator
    Usmleworld Step1 QBank
    VideoLAN VLC media player 0.8.6b
    Wallpapers
    Windows Live Toolbar
    Windows Media Player Firefox Plugin
    WinRAR archiver
    Yahoo! Messenger

    ==== Event Viewer Messages From Past Week ========

    1/27/2009 12:53:13 AM, Error: Service Control Manager [7034] - The TVT Scheduler service terminated unexpectedly. It has done this 1 time(s).
    1/28/2009 7:05:33 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 172.20.15.204 for the Network Card with network address 00197E30BFBA has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
    1/28/2009 7:06:42 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume SW_Preload.
    1/28/2009 7:07:05 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    1/29/2009 12:44:51 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
    2/1/2009 10:16:12 PM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    2/2/2009 2:21:22 AM, Error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
    2/2/2009 2:21:22 AM, Error: Service Control Manager [7031] - The Plug and Play service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
    2/2/2009 2:21:22 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the DCOM Server Process Launcher service, but this action failed with the following error: A system shutdown has already been scheduled.
    2/2/2009 2:45:07 AM, Error: EventLog [6008] - The previous system shutdown at 2:43:26 AM on 2/2/2009 was unexpected.
    2/2/2009 2:50:10 AM, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
    2/2/2009 2:50:20 AM, Error: Service Control Manager [7034] - The P4P Service service terminated unexpectedly. It has done this 1 time(s).
    2/2/2009 2:50:45 AM, Error: Service Control Manager [7034] - The PMSveH service terminated unexpectedly. It has done this 1 time(s).
    2/2/2009 2:51:13 AM, Error: Service Control Manager [7034] - The On Screen Display service terminated unexpectedly. It has done this 1 time(s).
    2/2/2009 2:56:41 AM, Error: Service Control Manager [7030] - The avast! Antivirus service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    2/2/2009 2:56:41 AM, Error: Service Control Manager [7030] - The avast! iAVS4 Control Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    2/2/2009 2:56:42 AM, Error: Service Control Manager [7030] - The avast! Mail Scanner service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    2/2/2009 2:56:43 AM, Error: Service Control Manager [7030] - The avast! Web Scanner service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.




    thanks for your help,
    P.M.
     
    pamck4,
    #1
  2. 2009/02/05
    pamck4

    pamck4 Inactive Thread Starter

    Joined:
    2009/02/03
    Messages:
    2
    Likes Received:
    0
    Hey guys,

    So All of my problems seem to be fixed now. The problems were solved by running Spybot Search and Destroy and then by running Malwarebytes. These spyware removal programs cleaned out my registry and fixed all of the annoying problems I had.

    Thanks for your help!
     
    pamck4,
    #2


  3. to hide this advert.

  4. 2009/02/10
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Welcome to WindowsBBS pamck4 :)

    So sorry you didn't get a response sooner, and I'm happy to hear your problems appear resolved. I do recommend you followup with an online scan with Kaspersky as outlined here, then post the results in a reply to this topic.
     
    noahdfear,
    #3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...