Help with RunDLL (Error loading C:\Users\*******\AppData\Local\Temp\opnnn.dll and xxyvs.dll

Posted 3/16/2008 11:25 AM
#60555
User avatar

skelly87 Member

Date Joined Nov 2016
Total Posts: 5
I had a trojan nebuler and eventually removed, i used hijackthis to remove some selected files and im not sure if it was the opnnn.dll and xxyvs.

i am always getting these RunDLL errors at startup but im wanted to get rid of these hopefully with some help

please help :)
Posted 3/16/2008 11:54 AM
#60556
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello :smurf:




Click here - ->> Before posting a log





After You have run the scan tools -



Reboot normally



Post Hijackthis log along with SuperAntiSpyware log, , C: combofix TXT in this topic




[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/16/2008 1:47 PM
#60558
User avatar

skelly87 Member

Date Joined Nov 2016
Total Posts: 5
is this for windows vista
Posted 3/16/2008 2:55 PM
#60560
User avatar

skelly87 Member

Date Joined Nov 2016
Total Posts: 5
this is combo fix txt

ComboFix 08-03-14.4 - skelly87 2008-03-16 14:43:01.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.856 [GMT 0:00]
Running from: C:\Users\skelly87\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\x64

.
((((((((((((((((((((((((( Files Created from 2008-02-16 to 2008-03-16 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-16 13:58 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-16 13:00 --------- d-----w C:\PROGRA~2\Symantec
2008-03-16 12:59 --------- d-----w C:\Program Files\Norton 360
2008-03-16 12:31 --------- d-----w C:\Users\skelly87\AppData\Roaming\Symantec
2008-03-16 12:29 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF
2008-03-16 12:29 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS
2008-03-16 12:29 10,563 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT
2008-03-16 12:29 --------- d-----w C:\Program Files\Symantec
2008-03-15 23:11 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-15 22:35 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-03-15 11:53 --------- d-----w C:\PROGRA~2\Avg8
2008-03-15 11:11 4,600 ----a-w C:\Windows\System32\tmp.reg
2008-03-14 21:55 --------- d-----w C:\Program Files\AVG
2008-03-12 19:44 --------- d-----w C:\Program Files\Windows Mail
2008-03-12 19:04 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-03-12 18:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-09 15:41 --------- d-----w C:\Users\skelly87\AppData\Roaming\GetRightToGo
2008-03-09 15:39 --------- d-----w C:\Program Files\GoldWave
2008-03-09 11:43 --------- d-----w C:\Program Files\PMFplay H.264 Decoder
2008-03-07 19:48 --------- d-----w C:\Program Files\Drastic
2008-03-07 15:54 --------- d-----w C:\Program Files\MegauploadToolbar
2008-03-03 12:15 --------- d-----w C:\Program Files\Probeers(p)el
2008-03-02 16:12 --------- d-----w C:\Program Files\Pegasys Inc
2008-02-29 15:11 --------- d-----w C:\Users\skelly87\AppData\Roaming\SEGA
2008-02-27 22:39 --------- d-----w C:\Program Files\Windows Live
2008-02-27 19:20 --------- d-----w C:\Program Files\QuickTime Alternative
2008-02-27 19:19 --------- d-----w C:\PROGRA~2\Apple Computer
2008-02-27 18:18 --------- d-----w C:\Users\skelly87\AppData\Roaming\LEAPS
2008-02-27 18:00 --------- d-----w C:\Users\Administrator\AppData\Roaming\Pegasys Inc
2008-02-27 17:46 --------- d-----w C:\Users\Administrator\AppData\Roaming\Talkback
2008-02-27 17:46 --------- d-----w C:\Users\Administrator\AppData\Roaming\Megaupload
2008-02-27 16:47 --------- d-----w C:\Users\skelly87\AppData\Roaming\Pegasys Inc
2008-02-26 10:31 --------- d-----w C:\Users\skelly87\AppData\Roaming\dvdcss
2008-02-24 21:06 --------- d-----w C:\PROGRA~2\FLEXnet
2008-02-24 21:04 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-24 20:59 --------- d-----w C:\PROGRA~2\ALM
2008-02-24 20:39 --------- d-----w C:\Program Files\QuickTime
2008-02-24 20:10 --------- d-----w C:\Program Files\Bonjour
2008-02-24 20:02 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-02-24 00:22 --------- d-----w C:\Users\skelly87\AppData\Roaming\ErrorSmart
2008-02-22 19:53 --------- d-----w C:\Users\skelly87\AppData\Roaming\SystemRequirementsLab
2008-02-22 19:53 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-02-22 19:52 --------- d-----w C:\Program Files\Java
2008-02-22 19:47 --------- d-----w C:\Program Files\Common Files\Java
2008-02-21 18:06 --------- d-----w C:\Users\skelly87\AppData\Roaming\Megaupload
2008-02-21 18:05 --------- d-----w C:\Users\skelly87\AppData\Roaming\MegauploadToolbar
2008-02-21 18:04 --------- d-----w C:\Users\skelly87\AppData\Roaming\InstallShield
2008-02-21 18:04 --------- d-----w C:\Program Files\Megaupload
2008-02-20 16:33 348,160 ----a-w C:\Windows\System32\pnup0.dll
2008-02-20 16:33 --------- d-----w C:\Program Files\Common Files\xing shared
2008-02-20 16:33 --------- d-----w C:\Program Files\Common Files\Real
2008-02-20 15:55 --------- d-----w C:\Program Files\Real
2008-02-20 01:06 24,112 ----a-w C:\Windows\system32\drivers\SymIMV.sys
2008-02-15 19:21 --------- d-----w C:\Users\skelly87\AppData\Roaming\Download Manager
2008-02-13 16:32 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 16:32 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 16:27 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 16:27 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 16:27 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 16:27 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 16:27 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-13 16:27 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 16:27 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 16:26 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 16:26 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 16:26 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 16:26 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 16:26 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 16:25 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 16:25 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 16:25 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 16:25 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 16:25 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 16:25 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-13 16:22 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-13 16:22 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-13 16:22 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 16:22 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-11 15:40 --------- d-----w C:\Program Files\MarkAny
2008-02-10 18:34 --------- d-----w C:\Program Files\7-Zip
2008-02-10 16:44 --------- d-----w C:\Program Files\Ubisoft
2008-02-08 15:42 --------- d-----w C:\Program Files\Dziobas Rar Player
2008-02-06 21:43 13,021 ----a-w C:\Windows\system32\drivers\SymRedir.cat
2008-02-05 19:34 96,432 ----a-w C:\Windows\system32\drivers\symfw.sys
2008-02-05 19:34 41,008 ----a-w C:\Windows\system32\drivers\symndisv.sys
2008-02-05 19:34 38,576 ----a-w C:\Windows\system32\drivers\symids.sys
2008-02-05 19:34 22,320 ----a-w C:\Windows\system32\drivers\symredrv.sys
2008-02-05 19:34 188,464 ----a-w C:\Windows\system32\drivers\symtdi.sys
2008-02-05 19:34 13,616 ----a-w C:\Windows\system32\drivers\symdns.sys
2008-02-05 19:34 1,612 ----a-w C:\Windows\system32\drivers\SymRedir.inf
2008-02-04 20:27 1,430 ----a-w C:\Windows\system32\drivers\srtspl.inf
2008-02-04 20:27 1,421 ----a-w C:\Windows\system32\drivers\srtspx.inf
2008-02-04 20:27 1,415 ----a-w C:\Windows\system32\drivers\srtsp.inf
2008-02-02 10:58 --------- d-----w C:\Program Files\DOSBox-0.70
2008-02-01 22:55 10,549 ----a-w C:\Windows\system32\drivers\srtspx.cat
2008-02-01 22:55 10,549 ----a-w C:\Windows\system32\drivers\srtspl.cat
2008-02-01 22:55 10,545 ----a-w C:\Windows\system32\drivers\srtsp.cat
2008-02-01 11:11 586,240 ----a-w C:\Windows\WLXPGSS.SCR
2008-02-01 01:51 43,696 ----a-w C:\Windows\system32\drivers\srtspx.sys
2008-02-01 01:51 317,616 ----a-w C:\Windows\system32\drivers\srtspl.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
2008-02-24 02:08 349552 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
2008-03-16 12:28 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2007-12-10 13:46 1510424 --a------ C:\Program Files\free-downloads.net\tbfree.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= "C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll" [2008-02-24 02:08 349552]

[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= C:\Program Files\free-downloads.net\tbfree.dll [2007-12-10 13:46 1510424]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [2008-02-24 02:08 349552]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
@={4433A54A-1AC8-432F-90FC-85F045CF383C}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
@={F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
@={476D0EA3-80F9-48B5-B70B-05E677C9C148}

[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
2008-02-26 08:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
2008-02-26 08:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
2008-02-26 08:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 14:34 1232896]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 12:35 125440]
"Acer Tour Reminder"="" []
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 15:30 249856]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 12:36 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-28 21:02 1006264]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 07:38 4390912 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 03:00 815104]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-07 07:04 464168]
"Acer Tour"="" []
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-12-08 12:35 614400]
"eRecoveryService"="" []
"eDSMSNfix"="C:\Acer\Empowering Technology\eDSMSNfix.exe" [2007-02-08 17:40 13312]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-01-17 16:01 151552]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 21:48 57344]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-10-18 09:19 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-10-18 09:18 166424]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-10-18 09:18 133656]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"XboxStat"="C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 18:05 734264]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-20 16:33 185896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 19:54 623992]
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 16:40 1884160]
"QuickTime Task"="C:\Program Files\QuickTime Alternative\QTTask.exe" [2008-01-10 15:27 385024]
"RegistryMechanic"="" []
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-18 19:37 51048]
"osCheck"="C:\Program Files\Norton 360\osCheck.exe" [2008-02-26 14:50 988512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

C:\Users\skelly87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 11:44:06 29696]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-03-22 10:56:44 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=eNetHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9AD97BE8-9399-41D8-A697-4600EF8BD101}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{A466396A-B9D7-44F7-9D60-3BAE64855644}"= C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
"{B97FC05B-7756-43D0-B0D3-97D89F6D51F5}"= C:\Program Files\Acer Arcade Deluxe\VideoMagician\MagicDirector.exe:CyberLink MagicDirector
"{10A600E2-1475-4D64-97C2-BCAE74289E8F}"= C:\Program Files\Acer Arcade Deluxe\DV Wizard\PowerDV.exe:CyberLink PowerDV
"{8C75BAA3-A66D-40DA-987C-A9B3E2A42DD6}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E68602A6-FF59-4238-980E-8F99D65D7629}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E0BFCC31-01F9-4CE9-9D75-0CDFEBD230FE}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{A507FA44-AB7D-49A2-9252-D2BAAACB4181}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6EEE9DA0-6D9F-443E-B922-535D393BF70D}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{A746282E-F68E-437E-BFE9-31CC12C5D4F8}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{22A74B1D-08D1-4062-A59C-2C175DC8BE62}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{4A7933B0-7A90-4FF0-9285-E21A03B6C14C}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8ED1E511-C465-46CD-815A-ABAEA5207A9C}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{FA4B69FC-F5AD-4DAA-96B5-29227F4DAEB7}"= UDP:5555:Ehshell.exe
"{A3BC9F64-4F61-4E88-B542-23AD8F561CC6}"= TCP:7777:Ehshell.exe
"{5930BA2F-21FE-4582-9978-1F403043BFEE}"= TCP:3776:Mcrdsvc.exe
"{AA1E44A7-28E9-4E10-9AD3-6D008B8C2307}"= TCP:1900:Svchost.exe
"{4857BAD2-4202-421A-9AC6-A4FB617410BC}"= UDP:3390:Svchost.exe
"{3DA11680-7E00-4719-BF49-D453143B657A}"= UDP:3932:Mcrmgr.exe
"{4AAC70DD-9D80-4C23-A51B-E63BD4D96B03}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{E60B3A8B-C509-4420-83D3-A993799BA0E3}"= UDP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player
"{0BE5F716-E1A3-407F-85C7-AA8C6650C776}"= TCP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player
"{970D962A-D283-4563-82C7-2A7D04FAF738}"= UDP:C:\Program Files\Megaupload\Mega Manager\MegaManager.exe:Mega Manager
"{1A8E32E8-3141-48EE-BE53-1D88D6A9DEAC}"= TCP:C:\Program Files\Megaupload\Mega Manager\MegaManager.exe:Mega Manager
"{980FC77D-50DE-41D1-BEE1-958515B359A3}"= UDP:3703:Adobe Version Cue CS3 Server
"{5D7C7DE6-B18F-4401-BFD3-F7B9A48C9FCB}"= UDP:3704:Adobe Version Cue CS3 Server
"{835E6196-8F42-4AF1-9A81-88B0144BD62B}"= UDP:50900:Adobe Version Cue CS3 Server
"{C4495A40-D055-48A5-9DD1-C752D546D56B}"= UDP:50901:Adobe Version Cue CS3 Server
"{DCBCF23D-F28B-4B0D-8C68-3928DFEC0D5A}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{CBF67664-A5AE-44CA-A557-4A2E6C343B01}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-07 07:04]
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-02-07 07:04]
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2007-02-07 07:04]
R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080314.001\IDSvix86.sys [2008-02-15 14:56]
R1 SymIM;Symantec Network Security Intermediate Filter Driver;C:\Windows\system32\DRIVERS\SymIMv.sys [2008-02-20 01:06]
R2 ALaunchService;ALaunch Service;C:\Acer\ALaunch\ALaunchSvc.exe [2007-01-26 21:24]
R2 eDataSecurity Service;eDataSecurity Service;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-02-07 07:04]
R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-29 03:07]
R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-04-25 02:17]
R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon []
R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 19:57]
R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 16:33]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 00:39]
R3 COH_Mon;COH_Mon;C:\Windows\system32\Drivers\COH_Mon.sys [2008-01-13 02:32]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-10-18 09:05]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;C:\Windows\system32\drivers\libusb0.sys [2005-03-09 20:50]
R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-02-05 19:34]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 04:18]
S3 UMPass;Microsoft UMPass Driver;C:\Windows\system32\DRIVERS\umpass.sys [2006-11-02 08:55]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b22018f-b599-11dc-855d-0016d4de0dfe}]
\shell\AutoRun\command - G:\autorun.exe

*Newly Created Service* - COH_MON
*Newly Created Service* - COMHOST
*Newly Created Service* - EECTRL
*Newly Created Service* - ERASERUTILDRV10741
.
Contents of the 'Scheduled Tasks' folder
"2008-02-24 07:50:05 C:\Windows\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-16 14:47:21
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-16 14:48:39
.
2008-03-15 10:54:07 --- E O F ---
Posted 3/16/2008 3:04 PM
#60561
User avatar

skelly87 Member

Date Joined Nov 2016
Total Posts: 5
this is hijackme txt log

Logfile of HijackThis v1.99.1
Scan saved at 14:51:30, on 16/03/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Acer\Empowering Technology\eDSMSNfix.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Windows\system32\igfxext.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
C:\Program Files\Pegasys Inc\TMPGEnc 4.0 XPress\TMPGEnc4XP.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 - Unknown owner - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service (file missing)
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Posted 3/17/2008 7:53 AM
#60582
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Looks clean to Me. How are things running now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/17/2008 6:26 PM
#60604
User avatar

skelly87 Member

Date Joined Nov 2016
Total Posts: 5
I started up about 2 hours ago and the popups didnt appear anymore (STRANGE)

Well i guessed its all fixed now lol

Thanks for the Help
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Friday, July 28, 2017, 3:01 PM (GMT +2)
There are a total of 61,311 posts in 13,484 threads.
In the last 3 days there were 1 new threads and 5 reply posts.

Who's online

This forum has 38,066 registered members. Please welcome our newest member, MaxSlo.
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.