Help
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
This topic is locked
1) Completed steps in Prep Guide however please be advised I got the following error messages
a) Hijack This : User Logs not listed due to something about administrator not being logged on, which is not correct. I am logged in as administrator and the file ran. Not sure what that meant.
Defogger: Did not get prompt to restart. but is 'off'" anyway.c) My Virus Scan program thought that the GE program was a virus and tried to elimate it.
2) PROBLEM DESCRIPTION: I first had a problem with the MS REMOVAL TOOL and sought assistance with a tech support person from MS Securties. I thought the problem had been resolved until I went on Facebook and found I was getting pop ups. I downloaded HIJACK THIS and ran the scan. The scan revealed a number of items of which I have the option to delete or not. Since I do not know what to do with the log, it offered me the opportunity to use your website to seek assistance, which I am doing. Below, per your proceedure are the logs you asked for along with the Hijack Logs.
3) DDS Log (also attached)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 2/9/2009 5:43:53 PM
System Uptime: 7/3/2011 6:10:23 AM (0 hours ago)
.
Motherboard: eMachines | | MCP61PM-GM
Processor: AMD Athlon™ Processor LE-1620 | Socket AM2 | 2400/201mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 139 GiB total, 73.948 GiB free.
D: is CDROM (CDFS)
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0000
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter
PNP Device ID: ROOT\*6TO4MP\0000
Service: tunnel
.
Class GUID:
Description:
Device ID: ROOT\*6TO4MP\0001
Manufacturer:
Name:
PNP Device ID: ROOT\*6TO4MP\0001
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0004
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #4
PNP Device ID: ROOT\*6TO4MP\0004
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0023
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #23
PNP Device ID: ROOT\*6TO4MP\0023
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0001
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter
PNP Device ID: ROOT\*ISATAP\0001
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.3.0
Adobe Shockwave Player 11.6
Agere Systems PCI-SV92PP Soft Modem
AIM 7
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
Bonjour
BufferChm
Canon Digital Camera Solution Disk 40-46 Software Starter Guide
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon Personal Printing Guide
Canon PowerShot A1100 IS Camera User Guide
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCScore
Chuzzle Deluxe 1.0
Compatibility Pack for the 2007 Office system
Copy
CustomerResearchQFolder
CyberLink DVD Suite
CyberLink LabelPrint
CyberLink Power2Go
CyberLink PowerDVD
Destinations
DeviceManagementQFolder
Digital Media Reader
DocProc
DocProcQFolder
Download Updater (AOL LLC)
eMachines Games
eMachines Recovery Management
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
eSupportQFolder
F300
F300_Help
F300Trb
Facetheme
Fax
fflink
GearDrvs
Google Advertising Cookie Opt-out
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 8.0
HP Driver Diagnostics
HP Imaging Device Functions 8.0
HP OCR Software 8.0
HP Photosmart Essential
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
HP Product Detection
HP Solution Center 8.0
HP Update
HPProductAssistant
HPSSupply
iTunes
Java Auto Updater
Java™ 6 Update 26
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
Malwarebytes' Anti-Malware version 1.51.0.1200
MarketResearch
McAfee Security Scan Plus
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2000 Disc 2
Microsoft Office Click-to-Run 2010
Microsoft Office Home and Business 2010 - English
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft Works 6-9 Converter
Mozilla Firefox (3.6.3)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
netbrdg
NVIDIA Drivers
Octoshape add-in for Adobe Flash Player
OfotoXMI
OGA Notifier 2.0.0048.0
PDF reDirect (remove only)
Qloud Plugin for iTunes
Qloud Plugin for Windows Media Player
QuickTime
Realtek High Definition Audio Driver
Road Runner Install
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
SFR
SHASTA
Shutterfly Express Uploader
Simple Sticky Notes Version 1.4.1.1
skin0001
SKINXSDK
SolutionCenter
staticcr
Status
swMSM
Toolbox
tooltips
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VideoLAN VLC media player 0.8.6f
VPRINTOL
VSO Image Resizer 1.3.4d
WebReg
Windows Live ID Sign-in Assistant
WIRELESS
.
==== Event Viewer Messages From Past Week ========
.
7/2/2011 7:18:21 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {4991D34B-80A1-4291-83B6-3328366B9097} to the user kathy-PC\kathy SID (S-1-5-21-3338126048-2294745703-2548884017-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/1/2011 7:06:48 AM, Error: EventLog [6008] - The previous system shutdown at 7:04:42 AM on 7/1/2011 was unexpected.
6/30/2011 9:14:48 PM, Error: Microsoft Antimalware [2001] -
6/30/2011 9:14:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
6/30/2011 9:05:34 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 MpFilter spldr Wanarpv6
6/30/2011 9:05:34 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
6/30/2011 9:05:34 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
6/30/2011 9:05:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
6/30/2011 9:05:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/30/2011 9:05:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
6/30/2011 7:13:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx86 Avgmfx86 Avgtdix DfsC MpFilter NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx Wanarpv6
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/30/2011 7:13:51 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
6/30/2011 7:11:25 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/30/2011 7:11:24 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
6/30/2011 7:11:24 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
6/30/2011 6:08:44 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows Vista.
6/29/2011 1:34:53 PM, Error: PlugPlayManager [11] - The device Root\LEGACY_SMR200\0000 disappeared from the system without first being prepared for removal.
6/29/2011 1:22:06 PM, Error: EventLog [6008] - The previous system shutdown at 1:15:17 PM on 6/29/2011 was unexpected.
6/26/2011 9:19:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
6/26/2011 9:19:10 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC MpFilter NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx Wanarpv6
6/26/2011 9:19:10 PM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
6/26/2011 9:18:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
6/26/2011 9:18:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
6/26/2011 1:55:28 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 76.170.32.223 for the Network Card with network address 002197D4D086 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
6/26/2011 1:49:32 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{96954827-1A4A-4AFA-A116-909AA33AAFDC} because another computer on the network has the same name. The server could not start.
6/26/2011 1:46:16 PM, Error: Service Control Manager [7000] - The BVRPMPR5 NDIS Protocol Driver service failed to start due to the following error: The system cannot find the file specified.
6/26/2011 1:30:27 PM, Error: EventLog [6008] - The previous system shutdown at 1:29:13 PM on 6/26/2011 was unexpected.
.
==== End Of File ===========================
4) Attached is Ark file
5) Attached is Hijack this file
In closing, I need help with: Determining which files in the HIJACK THIS log I can safely delete AND any help you can provide in eliminating the POP UPS in FACE BOOK. Thank you
PS: I am a novice and will need very specific instructions! Thank you so very very much!
Kathy
removed email address--ST
Attached File(s)
-
ark.txt (37.13K)
Number of downloads: 2 -
hijackthis.log (8.78K)
Number of downloads: 0
This post has been edited by SweetTech: 11 July 2011 - 12:01 PM
Reason for edit: removed email address--ST
Back to top
