| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 121349 | 2011-10-22 02:02:00 | Issue with some processes and firefox | Heatproof (16598) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1239098 | 2011-10-22 02:02:00 | Hey all, Just signed up to these forums so I could get some help with this issue. About a week ago when I returned from a holiday, I noticed some strange things with my laptop. Things such as the fan, which is normally very quiet and is right now, would suddenly start to get louder and stay loud for around 10 minutes or so randomly, or whenever I was on youtube. When I looked in my processes, I noticed some strange things one of which was called 'z.exe' and had the description Desksave. Thinking nothing of it, I stopped the process from running, to which it started up immediately again. When I looked further down, I noticed other processes that didn't belong, all with the description Desksave. I've uploaded two pictures which show my task manager, along with the certain processes. imageshack.us and imageshack.us When I opened z.exe file location, it took to me a folder called acd, which was located in appdata/local/temp. I've deleted this file multiple times, along with the other two files called hsbca and task (task is a windows command script, hsbca is an application). After all this, I tried to download avast, only to find that I couldn't connect to the site, and other notable antivirus sites also return (on chrome) Oops! Google Chrome could not find www.avast.com and so on. I managed to get spybot sd and ran it, and while it found 7-8 virus/trojans/spybots my issue wasn't resolved. I had also had my firewall disabled for some reason I can't remember. Laptop specs are Intel Core 2 Duo CPU U9400 @ 1.40Ghz, 2gb of Ram (1.81 usable) and 32bit windows 7. Any help would be appreciated as this is turning into a major pain as its affecting video fps and games, and yesterday my firefox was rendered unoperable as every 10 seconds it will lock up requiring it to crash. |
Heatproof (16598) | ||
| 1239099 | 2011-10-22 03:26:00 | Welcome to PressF1 :) Speedy Gonzales, one of our most helpful members, will probably offer some good advice shortly, but in the meantime, post a hijackthis log, and try running search&destroy again, this time in safe mode. While you're in safe mode, have a quick look at the startup programs (Run>msconfig>startup) and see what's in there. Start making backups of your files, incase you end up having to reformat, but if you do reformat, make sure you scan the backups before you restore them. Was someone else using your laptop while you were on holiday? Try downloading Microsoft Security Essentials too. Do you have the factory restore discs for your laptop? |
jareemon (5207) | ||
| 1239100 | 2011-10-22 04:07:00 | Thanks for the reply, Had some trouble getting HijackThis as a lot of the sites refused to load with that problem, the log is Logfile of HijackThis v1.99.1 Scan saved at 4:57:30 p.m., on 22/10/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\winlogon.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\Presen tationFontCache.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\11714\AppData\Roaming\D15D.exe C:\Users\11714\AppData\Local\Temp\acd\z.exe C:\Windows\system32\PnkBstrA.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Windows\system32\rundll32.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Users\11714\AppData\Roaming\regsrv64.exe C:\Windows\system32\taskhost.exe C:\Users\11714\AppData\Roaming\C4C7.exe C:\Users\11714\AppData\Roaming\7217.exe C:\Users\11714\AppData\Roaming\C797.exe C:\Users\11714\AppData\Local\Temp\acd\z.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskmgr.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Windows\system32\igfxsrvc.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Users\11714\AppData\Roaming\3D67.exe C:\Users\11714\AppData\Roaming\8466.exe C:\Users\11714\AppData\Roaming\8F50.exe C:\Users\11714\AppData\Roaming\1054.exe C:\Users\11714\AppData\Roaming\1054.exe C:\Windows\system32\sppsvc.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Progr am Files\Soluto\soluto.exe /userinit O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Microsoft®] C:\Users\11714\AppData\Roaming\Microsoft\csrss.exe O4 - HKCU\..\Run: [Vuxqxl] C:\Users\11714\AppData\Roaming\Vuxqxl.exe O4 - HKCU\..\Run: [TaskUpdate v1.3] "C:\Users\11714\AppData\Roaming\D15D.exe" O4 - HKCU\..\Run: [Microsoft®] C:\Users\11714\AppData\Roaming\Microsoft\csrss.exe O4 - HKCU\..\Run: [Microsoft DLL Registration] C:\Users\11714\AppData\Roaming\regsrv64.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\11714\AppData\Local\Google\Update\GoogleU pdate.exe" /c O4 - Startup: dat.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8 574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: ProxyPal - {B0127AF2-316C-4f1d-BF35-3DE43971EEC5} - C:\Windows\system32\proxypal.exe O9 - Extra 'Tools' menuitem: ProxyPal - {B0127AF2-316C-4f1d-BF35-3DE43971EEC5} - C:\Windows\system32\proxypal.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International O13 - Gopher Prefix: O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - content.systemrequirementslab.com.s3.amazonaws.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = student.sk.edu O17 - HKLM\Software\..\Telephony: DomainName = student.sk.edu O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = student.sk.edu O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = student.sk.edu O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Eraser Service (EraserSvc11120) - Unknown owner - C:\Program Files\Norton 360\Engine\6.0.0.54\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing) I know for sure no-one used my laptop, and I don't have the factory restore disc's as this is a school laptop. I would rather not take it to the technicians at the college, as they are all inept at solving issues and would only offer a re-image at $40, so yeah, I'd like some of your opinions. I will run search and destroy in safe mode, run the Microsoft security essentials and return shortly. |
Heatproof (16598) | ||
| 1239101 | 2011-10-22 05:13:00 | Speedy hasn't been around for a few days. | Snorkbox (15764) | ||
| 1239102 | 2011-10-22 07:16:00 | After booting in safe mode, I checked the startup and found something called vuxqxl, which I disabled. Spybot found 19 problems and fixed them all, restarting now. | Heatproof (16598) | ||
| 1239103 | 2011-10-22 08:03:00 | I assume you are part of a domain or connect to one called "student.sk.edu" with the user name of 11714 ??? This thing still has infections. Its part of the WEBUS TROJAN.( goes by several other names as well) The file REGSRV64.EXE is also a known infection Download and run the following programs: Trojan Remover (http://www.simplysup.com/) Also from my sig below, get Ccleaner, install and run that - then download and install / Run Super Antispyware - run in full scan mode. Get a better Antivirus, Avast is hopeless these days, its falling behind, while Microsoft Security Essentials is better, its still not the best ( maybe the best free one). if you want a good Av then download the trial version of Nod32 (www.eset.com) -- the trial is 30 days, when you install it you have the option to enter a paid code or the trial. The following will hunt out just about anything if you follow the instructions: Note: the pictures below show Eset Smart Security,(you dont need this) the Nod32 antivirus is the same as pictured instructions. Once installed -- open the program -- on the left, go to Setup / Computer(to the right / middle of the window)Configure/ Setup/ -- Under objects/optons, put ticks in every thing. ( see attachment) Next set up the scan -- Click on Computer Scan -- Custom Scan - under Computer, select the whole drive, Under scan profile, select in depth - then on setup, under Objects & options, tick every thing, under cleaning, move slider to Strict ( 2nd attachment) --- Save, hit scan -- it will find any thing left and remove them |
wainuitech (129) | ||
| 1239104 | 2011-10-22 09:40:00 | That is correct. Downloaded Trojan removal, it found quite a few things and z.exe and the other things are gone from my processes. SuperAntiSpyware has found a lot of tracking cookies, but nothing else. Thank you Jareemon and Wainuitech, also, could I upload another HijackThis log and get a more veteran eye to look through it? Thanks. | Heatproof (16598) | ||
| 1239105 | 2011-10-22 09:45:00 | Upload another log -- Many people like myself work on these types of things every day for a living, and are regulars here. More than one person who knows how to read a HJT log ;) Some files can look like legit exe files, but are in fact infections. Did you run nod32 through the Computer as well ? |
wainuitech (129) | ||
| 1239106 | 2011-10-22 09:54:00 | "More than one person who knows how to read a HJT log." Yep. |
Snorkbox (15764) | ||
| 1239107 | 2011-10-22 10:18:00 | Logfile of HijackThis v1.99.1 Scan saved at 11:18:13 p.m., on 22/10/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\Presen tationFontCache.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Windows\system32\rundll32.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Windows\system32\taskmgr.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Windows\system32\PnkBstrA.exe C:\Users\11714\AppData\Local\Google\Chrome\Applica tion\chrome.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Windows\system32\taskhost.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKCU\..\Run: [Google Update] "C:\Users\11714\AppData\Local\Google\Update\GoogleU pdate.exe" /c O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8 574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: ProxyPal - {B0127AF2-316C-4f1d-BF35-3DE43971EEC5} - C:\Windows\system32\proxypal.exe O9 - Extra 'Tools' menuitem: ProxyPal - {B0127AF2-316C-4f1d-BF35-3DE43971EEC5} - C:\Windows\system32\proxypal.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International O13 - Gopher Prefix: O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - content.systemrequirementslab.com.s3.amazonaws.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = student.sk.edu O17 - HKLM\Software\..\Telephony: DomainName = student.sk.edu O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = student.sk.edu O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = student.sk.edu O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Eraser Service (EraserSvc11120) - Unknown owner - C:\Program Files\Norton 360\Engine\6.0.0.54\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing) There's the logfile. I was and still unable to download nod32, though i think this may be my college blocking sites through the hosts file or something, as it has blocked every antivirus site since I got the laptop 2 years ago. |
Heatproof (16598) | ||
| 1 2 | |||||