Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

System Highjack. Pls Help!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

System Highjack. Pls Help!

Unread postby sammy » September 26th, 2011, 11:10 am

Unfortunately i have opened a exe file disguised as a folder in an email attchment.

My browsesr, firewall and Malwarebytes (mbam) have all been isolated by the malware infection. Lots of banners and freezing going on.. thanks and here are the nessasary logs. Thanks

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26
Run by Kev B at 15:50:06 on 2011-09-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2038.1174 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\437830538:1966925797.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Windows\tsnpstd3.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Users\Kev B\hen.exe
C:\Users\Kev B\gixen.exe
C:\Users\Kev B\fen.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mSearchAssistant = hxxp://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {37483B40-C254-4A72-BDA4-22EE90182C1E} - No File
uRun: [ares] "c:\program files\ares\Ares.exe" -h
uRun: [siiikam] c:\users\kev b\siiikam.exe /N
uRun: [InstallIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun
uRun: [gixen] c:\users\kev b\gixen.exe /K
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"
mRun: [tsnpstd3] c:\windows\tsnpstd3.exe
mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\users\kevb~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{528E4786-4344-46FB-BE69-14D5B7F10E6C} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{6756A43C-7C73-4AE5-BFBB-0A7324897F63} : DhcpNameServer = 192.168.0.1
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\kev b\appdata\roaming\mozilla\firefox\profiles\ic1tlj6a.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 BecHelperService;BecHelperService;c:\program files\3 mobile broadband\3connect\BecHelperService.exe [2011-9-3 1740696]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-26 366152]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2011-9-3 73216]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-10-14 22216]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-14 135664]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2011-9-3 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2011-9-3 11136]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\drivers\ewusbwwan.sys [2011-9-3 353280]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-14 135664]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-10-14 9216]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-24 52224]
S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2011-5-10 252032]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2011-5-10 398720]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-17 1343400]
S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [2010-10-14 114688]
.
=============== Created Last 30 ================
.
2011-09-26 14:41:11 159744 --sh--r- c:\users\kev b\gixen.exe
2011-09-26 14:41:09 49664 ----a-w- c:\users\kev b\hen.exe
2011-09-26 14:41:09 156137 ----a-w- c:\users\kev b\fen.exe
2011-09-26 12:58:49 709968 ----a-w- c:\windows\isRS-000.tmp
2011-09-26 12:19:22 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{803d8f00-34e5-4ba1-a873-8e7575c5e4e8}\offreg.dll
2011-09-26 12:05:18 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-24 11:01:48 -------- d-----w- c:\users\kev b\appdata\local\WinZip
2011-09-24 10:41:23 781272 ----a-w- c:\program files\mozilla firefox\sqlite3.dll
2011-09-24 10:41:05 -------- d-----w- c:\programdata\Premium
2011-09-24 10:41:04 -------- d-----w- c:\programdata\InstallMate
2011-09-23 17:38:11 -------- d-----w- c:\users\kev b\appdata\roaming\Thinstall
2011-09-23 09:27:51 3315200 ----a-w- c:\windows\system32\fbc851b9.exe
2011-09-23 09:15:36 -------- d-----w- c:\windows\Downloaded Installations
2011-09-23 08:54:55 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{803d8f00-34e5-4ba1-a873-8e7575c5e4e8}\mpengine.dll
2011-09-09 01:10:26 57344 ------w- c:\windows\system32\mfc70enu.dll
2011-09-09 01:10:20 -------- d-----w- c:\program files\common files\Macromedia Shared
2011-09-09 01:10:18 -------- d-----w- c:\program files\common files\Macromedia
2011-09-09 01:09:56 -------- d-----w- c:\program files\Macromedia
2011-09-05 17:04:56 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-09-03 14:31:31 -------- d-----w- c:\users\kev b\appdata\roaming\Birdstep Technology
2011-09-03 14:31:26 -------- d-----w- c:\programdata\Birdstep Technology
2011-09-03 14:29:16 -------- d-----w- c:\program files\3 Mobile Broadband
.
==================== Find3M ====================
.
2011-09-24 09:54:02 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-03 14:30:19 67156 ----a-w- c:\windows\Huawei ModemsUninstall.exe
2011-08-31 16:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-23 15:44:16 681 ---ha-w- C:\os848618.bin
2011-07-22 04:54:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-16 04:27:30 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 02:17:19 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-09 04:29:46 2048 ----a-w- c:\windows\system32\tzres.dll
2011-07-09 02:30:00 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
.
============= FINISH: 15:51:05.49 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 14/10/2010 11:41:16
System Uptime: 26/09/2011 15:38:05 (0 hours ago)
.
Motherboard: Gateway | |
Processor: Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz | uFCPGA2 | 1500/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 99.754 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.306 GiB free.
E: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: CSN5PDTS82 NDIS Protocol Driver
Device ID: ROOT\LEGACY_CSN5PDTS82\0000
Manufacturer:
Name: CSN5PDTS82 NDIS Protocol Driver
PNP Device ID: ROOT\LEGACY_CSN5PDTS82\0000
Service: CSN5PDTS82
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&0191\7&82C4AD6&0&347E3972D939_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&0191\7&82C4AD6&0&347E3972D939_C00000000
Service:
.
==== System Restore Points ===================
.
RP180: 02/08/2011 09:24:11 - Windows Update
RP181: 05/08/2011 17:11:00 - Windows Update
RP182: 09/08/2011 09:31:49 - Windows Update
RP183: 11/08/2011 09:11:39 - Windows Update
RP184: 11/08/2011 09:51:06 - Installed InstallIQ Updater
RP185: 13/08/2011 20:02:15 - Installed InstallIQ Updater
RP186: 16/08/2011 23:02:53 - Windows Update
RP187: 21/08/2011 10:03:56 - Installed InstallIQ Updater
RP188: 23/08/2011 11:32:06 - Installed O2 Connection Manager
RP190: 23/08/2011 11:33:12 - Installed ZTE Drivers v1.2059.0.4
RP191: 24/08/2011 16:25:05 - Windows Update
RP193: 25/08/2011 09:47:59 - Windows Update
RP194: 27/08/2011 11:02:51 - Removed O2 Connection Manager
RP195: 27/08/2011 11:07:51 - Installed O2 Connection Manager
RP197: 27/08/2011 11:09:03 - Installed ZTE Drivers v1.2059.0.4
RP198: 31/08/2011 09:50:04 - Windows Update
RP200: 02/09/2011 08:42:23 - Installed ZTE Drivers v1.2059.0.4
RP201: 03/09/2011 15:12:45 - Removed O2 Connection Manager
RP202: 03/09/2011 15:29:01 - Installed 3Connect
RP203: 06/09/2011 13:35:19 - Windows Update
RP204: 08/09/2011 02:25:33 - Windows Update
RP206: 09/09/2011 02:09:38 - Installed Fireworks
RP208: 10/09/2011 00:29:20 - Windows Defender Checkpoint
RP209: 13/09/2011 11:16:53 - Windows Update
RP210: 15/09/2011 15:42:41 - Windows Update
RP211: 20/09/2011 10:30:31 - Windows Update
RP212: 23/09/2011 10:34:42 - Installed Adobe Audition 1.5
RP213: 23/09/2011 10:36:34 - Removed Adobe Audition 1.5
RP214: 23/09/2011 11:05:22 - Installed Adobe Audition 1.5
RP215: 24/09/2011 12:00:34 - Installed WinZip 15.5
.
==== Installed Programs ======================
.
3Connect
Adobe AIR
Adobe Audition 1.5
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Professional CS5
Adobe Media Player
Adobe Photoshop 7.0
Adobe Reader X (10.1.1)
Adobe Shockwave Player 11.5
Ares 2.1.6
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Converter 7
AVS Video Recorder 2.4
AVS Video ReMaker 4.0.4.134
AVS4YOU Software Navigator 1.4
Canon MP Navigator 3.1
Canon MP140 series
Canon MP140 series User Registration
Canon Utilities Easy-LayoutPrint
Canon Utilities Easy-PhotoPrint
CCleaner
Digital microscope
Digital Photo Navigator 1.5
Google Chrome
Google Earth
Google Update Helper
Huawei modem
ieSpell
InstaCodecs
InstallIQ Updater
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 26
K-Lite Codec Pack 7.1.0 (Full)
Macromedia Fireworks MX 2004
Malwarebytes' Anti-Malware version 1.51.2.1300
MediaCoder 2011
MicroCapture 2.0
Microsoft .NET Framework 4 Client Profile
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 5.0.1 (x86 en-GB)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OpenOffice.org 3.2
PDF Settings CS5
PIXMA Extended Survey Program
ScanSoft OmniPage SE 4
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
USB PC Camera Plus
Windows Movie Maker 2.6
WinZip 15.5
ZTE USB Driver
.
==== Event Viewer Messages From Past Week ========
.
26/09/2011 15:39:34, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
26/09/2011 15:38:38, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CSN5PDTS82 CSN5PDTS82x64
26/09/2011 15:37:14, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.
26/09/2011 15:37:14, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
26/09/2011 15:36:44, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RasMan service.
26/09/2011 15:22:38, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service.
26/09/2011 15:22:38, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
26/09/2011 14:22:17, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
26/09/2011 14:20:17, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/09/2011 14:20:17, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/09/2011 13:46:32, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.
26/09/2011 13:46:32, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.
25/09/2011 17:57:19, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
24/09/2011 12:02:24, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
.
==== End Of File ===========================
sammy
Active Member
 
Posts: 2
Joined: September 26th, 2011, 10:08 am
Advertisement
Register to Remove

Re: System Highjack. Pls Help!

Unread postby deltalima » September 27th, 2011, 1:09 pm

Checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: System Highjack. Pls Help!

Unread postby sammy » September 27th, 2011, 1:12 pm

Hi. Would a Mod please close my request? I'd like to thank the forum for its offer of help in my time of need. Fortunatly some bright techi guys on mse saved the day for me.

Thanks again mods..
sammy
Active Member
 
Posts: 2
Joined: September 26th, 2011, 10:08 am

Re: System Highjack. Pls Help!

Unread postby deltalima » September 27th, 2011, 1:34 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 108 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware