Need help!
For the past few days I am having two tabs automatically appearing when I open my Firefox 22.0 browser. It does not go away with scans by Malwarebytes Anti-Malware Pro 1.75.0.1300 and Avira Free Antivirus 13.0.0.3640. Latest scan reports have infections reported but by removing these the problem does not go away.
I ran dds.scr as required here. Appending DDS.txt and Attach.txt logs as well here.
Another observation is that Avira has produced a warning since 7th June on all my hard drives as well as for a USB Flash drive. Here is an e.g. of that warning for the G drive
[Real-Time Protection] Autorun blocked
In accordance with security guidelines, the Administrator has blocked access to file 'G:\AUTORUN.INF'.
Not sure if it is related to all this but my machine restarts unpredictably as well, sometimes even before the Windows loads, and has been happening pretty regularly for the past week.
All log details provided below. Really appreciate any assistance in sorting this out.
Thanks in advance...
Both these tabs have the same name "Install Add-on".
The 1st tab says :
Another program on your computer would like to modify Firefox with the following add-on:
mysearchdial.com 1.6.0
By mysearchdial.com
Location: C:\Documents and Settings\Rajesh\Application
Data\Mozilla\Firefox\Profiles\qr5y908i.default\extensions\ffxtlbr@mysearchdial.com
Install add-ons only from authors whom you trust:
Allow this installation [a check box - deselected]
You can always change your mind at any time by going to the Add-ons Manager.
[Continue button]
The 2nd tab says :
Another program on your computer would like to modify Firefox with the following add-on:
MySearchDial 7.0
By mysearchdial.com
Location: C:\Documents and Settings\Rajesh\Application
Data\Mozilla\Firefox\Profiles\qr5y908i.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Install add-ons only from authors whom you trust:
Allow this installation [a check box - deselected]
You can always change your mind at any time by going to the Add-ons Manager.
[Continue button]
Malwarebytes AntiMalware Pro Scan Report
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
http://www.malwarebytes.org
Database version: v2013.06.22.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Rajesh :: ADMIN-PC [administrator]
Protection: Enabled
6/23/2013 4:44:54 PM
MBAM-log-2013-06-23 (17-41-40).txt
Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 515069
Time elapsed: 56 minute(s), 27 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Documents and Settings\AbhiAnya.ADMIN-PC\My Documents\Downloads\gta_mod_installer_v5.0_beta.zip (Trojan.Dropper) -> No action taken.
G:\New Folder (2)\Downloads\nfmwtrn19.zip (Trojan.Dropper) -> No action taken.
(end)
Avira Free Antivirus 13.0.0.3640 Scan Report
Avira Free Antivirus
Report file date: Sunday, June 23, 2013 17:48
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Microsoft Windows XP
Windows version : (Service Pack 3, v.3264) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : ADMIN-PC
Version information:
BUILD.DAT : 13.0.0.3640 54852 Bytes 4/18/2013 13:36:00
AVSCAN.EXE : 13.6.0.1262 636984 Bytes 5/19/2013 02:46:25
AVSCANRC.DLL : 13.4.0.360 54560 Bytes 3/22/2013 02:39:14
LUKE.DLL : 13.6.0.1262 65080 Bytes 5/19/2013 02:47:11
AVSCPLR.DLL : 13.6.0.1262 92216 Bytes 5/19/2013 02:46:25
AVREG.DLL : 13.6.0.1262 247864 Bytes 5/19/2013 02:46:23
avlode.dll : 13.6.2.1262 432184 Bytes 5/19/2013 02:46:22
avlode.rdf : 13.0.1.18 26349 Bytes 6/21/2013 12:34:33
VBASE000.VDF : 7.11.70.0 66736640 Bytes 4/4/2013 19:56:32
VBASE001.VDF : 7.11.74.226 2201600 Bytes 4/30/2013 02:45:27
VBASE002.VDF : 7.11.80.60 2751488 Bytes 5/28/2013 06:25:57
VBASE003.VDF : 7.11.85.214 2162688 Bytes 6/21/2013 12:34:10
VBASE004.VDF : 7.11.85.215 2048 Bytes 6/21/2013 12:34:13
VBASE005.VDF : 7.11.85.216 2048 Bytes 6/21/2013 12:34:13
VBASE006.VDF : 7.11.85.217 2048 Bytes 6/21/2013 12:34:14
VBASE007.VDF : 7.11.85.218 2048 Bytes 6/21/2013 12:34:14
VBASE008.VDF : 7.11.85.219 2048 Bytes 6/21/2013 12:34:15
VBASE009.VDF : 7.11.85.220 2048 Bytes 6/21/2013 12:34:17
VBASE010.VDF : 7.11.85.221 2048 Bytes 6/21/2013 12:34:17
VBASE011.VDF : 7.11.85.222 2048 Bytes 6/21/2013 12:34:18
VBASE012.VDF : 7.11.85.223 2048 Bytes 6/21/2013 12:34:18
VBASE013.VDF : 7.11.85.224 2048 Bytes 6/21/2013 12:34:24
VBASE014.VDF : 7.11.85.225 2048 Bytes 6/21/2013 12:34:24
VBASE015.VDF : 7.11.85.226 2048 Bytes 6/21/2013 12:34:25
VBASE016.VDF : 7.11.85.227 2048 Bytes 6/21/2013 12:34:25
VBASE017.VDF : 7.11.85.228 2048 Bytes 6/21/2013 12:34:25
VBASE018.VDF : 7.11.85.229 2048 Bytes 6/21/2013 12:34:26
VBASE019.VDF : 7.11.85.230 2048 Bytes 6/21/2013 12:34:26
VBASE020.VDF : 7.11.85.231 2048 Bytes 6/21/2013 12:34:26
VBASE021.VDF : 7.11.85.232 2048 Bytes 6/21/2013 12:34:27
VBASE022.VDF : 7.11.85.233 2048 Bytes 6/21/2013 12:34:27
VBASE023.VDF : 7.11.85.234 2048 Bytes 6/21/2013 12:34:29
VBASE024.VDF : 7.11.85.235 2048 Bytes 6/21/2013 12:34:29
VBASE025.VDF : 7.11.85.236 2048 Bytes 6/21/2013 12:34:29
VBASE026.VDF : 7.11.85.237 2048 Bytes 6/21/2013 12:34:30
VBASE027.VDF : 7.11.85.238 2048 Bytes 6/21/2013 12:34:31
VBASE028.VDF : 7.11.85.239 2048 Bytes 6/21/2013 12:34:31
VBASE029.VDF : 7.11.85.240 2048 Bytes 6/21/2013 12:34:32
VBASE030.VDF : 7.11.85.241 2048 Bytes 6/21/2013 12:34:32
VBASE031.VDF : 7.11.86.72 164352 Bytes 6/23/2013 11:12:58
Engine version : 8.2.12.66
AEVDF.DLL : 8.1.3.4 102774 Bytes 6/13/2013 16:06:09
AESCRIPT.DLL : 8.1.4.124 487806 Bytes 6/20/2013 16:32:57
AESCN.DLL : 8.1.10.4 131446 Bytes 3/28/2013 03:56:39
AESBX.DLL : 8.2.5.12 606578 Bytes 8/28/2012 11:28:06
AERDL.DLL : 8.2.0.128 688504 Bytes 6/13/2013 16:06:07
AEPACK.DLL : 8.3.2.24 749945 Bytes 6/20/2013 16:32:54
AEOFFICE.DLL : 8.1.2.60 205181 Bytes 6/19/2013 06:04:56
AEHEUR.DLL : 8.1.4.426 5951866 Bytes 6/20/2013 16:32:48
AEHELP.DLL : 8.1.27.2 266617 Bytes 6/7/2013 01:09:01
AEGEN.DLL : 8.1.7.4 442741 Bytes 5/19/2013 02:45:50
AEEXP.DLL : 8.4.0.34 201079 Bytes 6/7/2013 01:09:46
AEEMU.DLL : 8.1.3.2 393587 Bytes 9/19/2012 09:12:55
AECORE.DLL : 8.1.31.2 201080 Bytes 3/21/2013 17:19:01
AEBB.DLL : 8.1.1.4 53619 Bytes 11/5/2012 09:30:38
AVWINLL.DLL : 13.6.0.480 26480 Bytes 3/22/2013 02:38:41
AVPREF.DLL : 13.6.0.480 51056 Bytes 3/22/2013 02:39:11
AVREP.DLL : 13.6.0.480 178544 Bytes 3/21/2013 17:19:41
AVARKT.DLL : 13.6.0.1262 258104 Bytes 5/19/2013 02:46:09
AVEVTLOG.DLL : 13.6.0.1262 164920 Bytes 5/19/2013 02:46:17
SQLITE3.DLL : 3.7.0.1 397088 Bytes 9/19/2012 12:47:40
AVSMTP.DLL : 13.6.0.480 62832 Bytes 3/22/2013 02:39:17
NETNT.DLL : 13.6.0.480 16240 Bytes 3/22/2013 02:40:53
RCIMAGE.DLL : 13.4.0.360 4782880 Bytes 3/22/2013 02:38:41
RCTEXT.DLL : 13.6.0.976 67296 Bytes 3/28/2013 14:47:23
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Ignore
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, F:, G:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Start of the scan: Sunday, June 23, 2013 17:48
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'G:\'
[INFO] No virus was found!
Starting search for hidden objects.
The scan of running processes will be started:
Scan process 'rsmsink.exe' - '28' Module(s) have been scanned
Scan process 'msdtc.exe' - '44' Module(s) have been scanned
Scan process 'dllhost.exe' - '63' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '94' Module(s) have been scanned
Scan process 'NOTEPAD.EXE' - '26' Module(s) have been scanned
Scan process 'notepad.exe' - '26' Module(s) have been scanned
Scan process 'avcenter.exe' - '108' Module(s) have been scanned
Scan process 'mbam.exe' - '78' Module(s) have been scanned
Scan process 'notepad.exe' - '66' Module(s) have been scanned
Scan process 'NOTEPAD.EXE' - '26' Module(s) have been scanned
Scan process 'NOTEPAD.EXE' - '26' Module(s) have been scanned
Scan process 'plugin-container.exe' - '61' Module(s) have been scanned
Scan process 'alg.exe' - '35' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '40' Module(s) have been scanned
Scan process 'unsecapp.exe' - '37' Module(s) have been scanned
Scan process 'AVWEBGRD.EXE' - '50' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '67' Module(s) have been scanned
Scan process 'WebCakeDesktop.Updater.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'RichVideo.exe' - '22' Module(s) have been scanned
Scan process 'mbamgui.exe' - '37' Module(s) have been scanned
Scan process 'PandoraService.exe' - '53' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '39' Module(s) have been scanned
Scan process 'mbamservice.exe' - '39' Module(s) have been scanned
Scan process 'mbamscheduler.exe' - '27' Module(s) have been scanned
Scan process 'BCUService.exe' - '21' Module(s) have been scanned
Scan process 'avguard.exe' - '62' Module(s) have been scanned
Scan process 'firefox.exe' - '124' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'BCU.exe' - '56' Module(s) have been scanned
Scan process 'avgnt.exe' - '77' Module(s) have been scanned
Scan process 'Explorer.EXE' - '122' Module(s) have been scanned
Scan process 'OptimizerPro.exe' - '20' Module(s) have been scanned
Scan process 'sched.exe' - '44' Module(s) have been scanned
Scan process 'spoolsv.exe' - '57' Module(s) have been scanned
Scan process 'svchost.exe' - '51' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '166' Module(s) have been scanned
Scan process 'svchost.exe' - '44' Module(s) have been scanned
Scan process 'svchost.exe' - '54' Module(s) have been scanned
Scan process 'lsass.exe' - '68' Module(s) have been scanned
Scan process 'services.exe' - '31' Module(s) have been scanned
Scan process 'winlogon.exe' - '74' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting to scan executable files (registry):
The registry was scanned ( '2052' files ).
Starting the file scan:
Begin scan in 'C:\'
[0] Archive type: NSIS
--> ProgramFilesDir/WUDFUpdate_01007.dll
[1] Archive type: RSRC
--> C:\Documents and Settings\AbhiAnya.ADMIN-PC\My Documents\Downloads\128764_pspdisp06.rar
[2] Archive type: RAR
--> pspdisp06\PSPdisp_v0.6_setup_all_platforms.exe
[3] Archive type: NSIS
--> C:\Documents and Settings\AbhiAnya.ADMIN-PC\My Documents\Downloads\PSPdisp_v0.6_setup_all_platforms.exe
[4] Archive type: NSIS
--> ProgramFilesDir/WUDFUpdate_01007.dll
[5] Archive type: RSRC
--> C:\Documents and Settings\AbhiAnya.ADMIN-PC\My Documents\Downloads\RemoteJoy Lite.rar
[6] Archive type: RAR
--> RemoteJoy Lite\drivers\usb_driver\PSPDriver.EXE
[7] Archive type: Portable Executable Resource
--> CABINET
[8] Archive type: CAB (Microsoft)
--> pspicon.ico
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Graybird.1.81 back-door program
[WARNING] Infected files in archives cannot be repaired
C:\Documents and Settings\AbhiAnya.ADMIN-PC\My Documents\Downloads\RemoteJoy Lite.rar
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Graybird.1.81 back-door program
[WARNING] The file was ignored.
Begin scan in 'D:\'
Begin scan in 'E:\'
Begin scan in 'F:\'
Begin scan in 'G:\'
--> C:\Documents and Settings\Rajesh\My Documents\Downloads\JavaSetup7u9.exe
[6] Archive type: Runtime Packed
--> C:\Program Files\The KMPlayer\KMPlayer.exe
[7] Archive type: RSRC
--> C:\WINDOWS\system32\WudfUpdate_01007.dll
[8] Archive type: RSRC
--> D:\Abhi\PSP\PSPdisp\bin\driver_usb_type_c_winusb\x86\WUDFUpdate_01007.dll
[9] Archive type: RSRC
--> D:\Abhi\PSP\PSPdisp\bin\driver_usb_type_c_winusb\x64\WUDFUpdate_01007.dll
[10] Archive type: RSRC
--> E:\Backup-29-Nov-2012\My Documents\Downloads\jxpiinstall.exe
[11] Archive type: Runtime Packed
--> G:\New Folder (2)\Downloads\ikesim15win.exe
[12] Archive type: LZH (+.LHA) SFX (self extracting)
--> data/m01.swf
[WARNING] The file could not be read!
G:\New Folder (2)\Downloads\ikesim15win.exe
[WARNING] The file could not be read!
End of the scan: Sunday, June 23, 2013 19:08
Used time: 1:20:21 Hour(s)
The scan has been done completely.
20727 Scanned directories
1002401 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
1002399 Files not concerned
9404 Archives were scanned
3 Warnings
0 Notes
326409 Objects were scanned with rootkit scan
0 Hidden objects were found
DDS Log
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 10.21.2
Run by Rajesh at 15:43:53 on 2013-06-23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2233 [GMT 5.5:30]
.
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Documents and Settings\All Users\Application Data\BetterSoft\OptimizerPro\OptimizerPro.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\WebCake\WebCakeDesktop.Updater.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.avira.com/?l=dis&o=APN102 ... cale=en_IN
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: SearchHook Class: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - c:\program files\devicevm\browser configuration utility\AddressBarSearch.dll
BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - c:\documents and settings\abhianya.admin-pc\application data\complitly\Complitly.dll
BHO: privitize Helper Object: {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - c:\program files\industriya\privitize\1.8.21.6\bh\privitize.dll
BHO: WebCake: {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - c:\program files\webcake\WebCakeIEClient.dll
BHO: BRowse2save: {6BCEC96A-41B5-EEDE-F37D-1655A3C8CD79} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
BHO: Avira SearchFree Toolbar plus Web Protection: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
BHO: EpsonToolBandKicker Class: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: Avira SearchFree Toolbar plus Web Protection: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: EPSON Web-To-Page: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: Avira SearchFree Toolbar plus Web Protection: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [BCU] "c:\program files\devicevm\browser configuration utility\BCU.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} - hxxps://xwebmain.eyme.net/,DanaInfo=ino ... /dwa8W.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: Interfaces\{AD8D227E-5EDE-4781-BE06-3CF097A487F8} : NameServer = 218.248.255.141 218.248.245.5
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: AtiExtEvent - <no file>
AppInit_DLLs= c:\progra~1\browse~1\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rajesh\application data\mozilla\firefox\profiles\qr5y908i.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://start.mysearchdial.com/?f=1&a=co ... 397408&ir=
FF - prefs.js: keyword.URL -
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.mysearchdial.hmpg - true
FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=co ... 397408&ir=
FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false
FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=co ... 397408&ir=
FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=co ... 408&ir=&q=
FF - user.js: extensions.mysearchdial.id - E0CB4EE9A4CC0A3D
FF - user.js: extensions.mysearchdial.instlDay - 15874
FF - user.js: extensions.mysearchdial.vrsn -
FF - user.js: extensions.mysearchdial.vrsni -
FF - user.js: extensions.mysearchdial_i.vrsnTs - 16:12:20
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - coolmsd
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef -
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial_i.hmpg - true
FF - user.js: extensions.mysearchdial.cr - 953397408
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0Ezy0AyE0C0CtD0AtA0DtN0D0Tzu0CyDtAyDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q
FF - user.js: extensions.irmysearch.aflt - coolmsd
FF - user.js: extensions.irmysearch.instlRef -
FF - user.js: extensions.irmysearch.cr - 953397408
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0Ezy0AyE0C0CtD0AtA0DtN0D0Tzu0CyDtAyDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-3-21 37352]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2013-3-21 86752]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2013-3-21 110816]
R2 AntiVirWebService;Avira Web Protection;c:\program files\avira\antivir desktop\avwebgrd.exe [2013-3-21 562744]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-3-21 84744]
R2 BCUService;Browser Configuration Utility Service;c:\program files\devicevm\browser configuration utility\BCUService.exe [2010-3-5 235752]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-3-21 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-3-21 701512]
R2 PanService;PandoraService;c:\program files\pandora.tv\panservice\PandoraService.exe [2012-11-29 578264]
R2 WebCake Desktop Updater;WebCake Desktop Updater;c:\program files\webcake\WebCakeDesktop.Updater.exe [2013-6-18 23552]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-3-21 22856]
R3 pspdisp;pspdisp;c:\windows\system32\drivers\pspdisp.sys [2011-3-19 3072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-11-29 1691480]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\drivers\clwvd.sys --> c:\windows\system32\drivers\clwvd.sys [?]
S3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2010-10-2 35392]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-6-19 40776]
S3 RHDISK;RHDISK;\??\j:\_rohos\rhdisk.sys --> j:\_rohos\RHDISK.SYS [?]
S3 u302bus;HSPADataCard WMC Bus Driver (WDM);c:\windows\system32\drivers\u302bus.sys [2013-1-5 119112]
S3 u302mdfl;HSPADataCard Modem Filter;c:\windows\system32\drivers\u302mdfl.sys [2013-1-5 14920]
S3 u302mdm;HSPADataCard Modem Driver;c:\windows\system32\drivers\u302mdm.sys [2013-1-5 135880]
S3 u302mgmt;HSPADataCard USB Device Management Drivers (WDM);c:\windows\system32\drivers\u302mgmt.sys [2013-1-5 129992]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-06-23 07:36:01 -------- d-----w- c:\program files\DownLite
2013-06-23 07:35:02 -------- d-----w- c:\program files\Industriya
2013-06-22 10:12:27 -------- d-----w- c:\windows\pss
2013-06-21 05:28:19 -------- d-----w- c:\program files\BetterAds
2013-06-19 06:10:51 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-06-18 10:41:56 -------- d-----w- c:\program files\WebCake
2013-06-18 10:41:20 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer
2013-06-18 10:40:55 -------- d-----w- c:\program files\TornTV.com
2013-06-18 10:23:27 -------- d-----w- c:\program files\Vittalia
2013-06-10 17:01:49 -------- d-----w- c:\program files\USB Disk Security
2013-06-10 16:40:22 1516496 ----a-w- C:\ij.exe
2013-06-10 16:36:07 -------- d-----w- c:\program files\KASHU
2013-06-10 15:10:21 -------- d-----w- c:\program files\TrueCrypt
2013-06-10 14:20:55 231760 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2013-06-09 08:45:05 -------- d-----w- c:\documents and settings\all users\application data\StarApp
2013-06-09 08:44:51 -------- d-----w- c:\program files\ContinueToSave
2013-06-09 08:44:42 -------- d-----w- c:\documents and settings\all users\application data\cOOntiinuetoosave
2013-06-09 05:37:21 270336 ----a-w- c:\windows\system32\cximagecrt.dll
2013-06-09 05:37:20 -------- d-----w- c:\program files\Rohos
2013-06-09 04:20:25 -------- d-----w- c:\program files\Any to Icon
2013-06-08 16:30:01 -------- d-----w- c:\program files\Delta
2013-06-08 16:29:49 -------- d-----w- c:\program files\Image Converter
2013-06-08 16:29:24 -------- d-----w- c:\documents and settings\all users\application data\Babylon
2013-05-28 09:13:13 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-05-28 09:13:10 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-28 06:58:19 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2013-05-25 09:29:22 -------- d-----w- c:\windows\system32\SoftwareDistribution
.
==================== Find3M ====================
.
2013-06-13 17:36:23 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-13 17:36:23 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-28 09:12:59 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-28 09:12:59 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-19 23:02:58 1094820 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-05-19 23:02:58 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-05-19 23:02:55 1094820 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-04-04 09:20:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-28 14:50:48 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-03-28 14:50:48 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
.
============= FINISH: 15:44:13.48 ===============
Attach.txt log
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/29/2012 12:13:40 PM
System Uptime: 6/23/2013 2:52:05 PM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5KPL-AM/PS
Processor: Intel Pentium III Xeon processor | Socket 775 | 2699/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 28 GiB total, 3.714 GiB free.
D: is FIXED (FAT32) - 28 GiB total, 7.131 GiB free.
E: is FIXED (FAT32) - 28 GiB total, 11.616 GiB free.
F: is FIXED (FAT32) - 28 GiB total, 6.541 GiB free.
G: is FIXED (FAT32) - 42 GiB total, 5.045 GiB free.
H: is CDROM (CDFS)
I: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_81791043&REV_01\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_81791043&REV_01\3&11583659&0&FB
Service:
.
==== System Restore Points ===================
.
RP112: 6/8/2013 4:48:36 PM - System Checkpoint
RP113: 6/9/2013 11:31:14 AM - Removed ATI Catalyst Control Center
RP114: 6/10/2013 4:30:38 PM - System Checkpoint
RP115: 6/11/2013 6:30:27 PM - System Checkpoint
RP116: 6/13/2013 11:13:50 PM - System Checkpoint
RP117: 6/17/2013 6:05:19 PM - System Checkpoint
RP118: 6/18/2013 5:28:24 PM - Installed Windows NLSDownlevelMapping.
RP119: 6/18/2013 5:28:40 PM - Installed Windows IDNMitigationAPIs.
RP120: 6/18/2013 5:28:50 PM - Installed Windows Internet Explorer 7.
RP121: 6/19/2013 8:07:13 PM - System Checkpoint
RP122: 6/23/2013 2:19:39 PM - System Checkpoint
.
==== Installed Programs ======================
.
toolbar
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe PageMaker 7.0
Adobe Photoshop 7.0
Adobe Reader X (10.1.7)
AGEIA PhysX v8.01.18
Ahead Nero Burning ROM
Ask Toolbar
Ask Toolbar Updater
ATI - Software Uninstall Utility
Avira Free Antivirus
BRowse2save
Browser Configuration Utility
BrowseToSave 1.74
Cheat Engine 6.2
Cheatbook Database 2013
Complitly
DownLite
EPSON Attach To Email
EPSON Easy Photo Print
EPSON File Manager
EPSON Scan Assistant
EPSON Stylus T11 Manual
EPSON Stylus T11 Series Printer Uninstall
EPSON Web-To-Page
Facebook Video Calling 1.2.0.287
Free YouTube Downloader 3.5.134
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB954550-v5)
Java 7 Update 21
Java Auto Updater
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Flight Simulator X
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WinUsb 1.0
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSN
MSXML 4.0 SP2 Parser and SDK
NVIDIA Drivers
Optimizer Pro v3.0
OptimizerPro
Pandora Service
PowerDVD
PSPdisp v0.6
RAR Password Recovery Magic v6.1.1.232
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Search Assistant WebSearch 1.74
The KMPlayer (remove only)
Touchstone Installer
TrueCrypt
Turok
Update for Windows XP (KB942763)
USB Flash Security Ver.4.1.6
VISIONTEK 82GH 3G Modem version 2.0
Vittalia Installer
VLC media player 0.9.2
WebCake 3.00
WebFldrs XP
Winamp
Windows Driver Package - Sony PSP Type B (11/20/2005 20051120)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Rights Management Client with Service Pack 2
WinRAR 4.00 (32-bit)
WinZip
.
==== Event Viewer Messages From Past Week ========
.
6/22/2013 5:49:17 PM, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address E0CB4EE9A4CC has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
6/19/2013 9:42:03 PM, error: DCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.
6/19/2013 9:41:27 PM, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: The system cannot find the path specified.
6/19/2013 9:41:27 PM, error: Service Control Manager [7000] - The ASInsHelp service failed to start due to the following error: The system cannot find the file specified.
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Windows Time service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The System Restore Service service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The System Event Notification service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Security Center service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Logical Disk Manager service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Error Reporting Service service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7034] - The Automatic Updates service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 9:21:31 AM, error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/19/2013 9:21:31 AM, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
6/19/2013 9:21:31 AM, error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/19/2013 9:21:31 AM, error: Service Control Manager [7000] - The Network Location Awareness (NLA) service failed to start due to the following error: The pipe state is invalid.
6/19/2013 3:45:15 PM, error: Service Control Manager [7022] - The PandoraService service hung on starting.
6/19/2013 12:14:50 PM, error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 12:14:50 PM, error: Service Control Manager [7034] - The Wireless Zero Configuration service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 12:14:50 PM, error: Service Control Manager [7034] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 12:14:50 PM, error: Service Control Manager [7034] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 12:14:50 PM, error: Service Control Manager [7034] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s).
6/19/2013 12:14:50 PM, error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/19/2013 12:14:50 PM, error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
6/19/2013 12:14:50 PM, error: Service Control Manager [7022] - The Workstation service hung on starting.
6/19/2013 12:14:50 PM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
6/19/2013 12:14:50 PM, error: Service Control Manager [7001] - The Windows Firewall/Internet Connection Sharing (ICS) service depends on the Network Connections service which failed to start because of the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7001] - The System Event Notification service depends on the COM+ Event System service which failed to start because of the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7001] - The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: After starting, the service hung in a start-pending state.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The Windows Time service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The Telephony service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The System Restore Service service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The Server service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The Network Connections service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The Logical Disk Manager service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The Help and Support service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The Distributed Link Tracking Client service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The Cryptographic Services service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The COM+ Event System service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:14:50 PM, error: Service Control Manager [7000] - The Automatic Updates service failed to start due to the following error: The pipe state is invalid.
6/19/2013 12:06:03 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
6/19/2013 12:06:03 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Background Intelligent Transfer Service service, but this action failed with the following error: An instance of the service is already running.
6/18/2013 6:23:16 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address E0CB4EE9A4CC has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
6/16/2013 6:34:19 PM, error: ipnathlp [31008] - The DNS proxy agent was unable to read the local list of name-resolution servers from the registry. The data is the error code.
.
==== End Of File ===========================