Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help, Help, Help


  • Please log in to reply
5 replies to this topic

#1 MrD74

MrD74

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:34 PM

Posted 01 August 2014 - 12:58 AM

My son got a new Acer laptop and only had it 2weeks so far.

Last night I called Acer support to talk about the free McAfee that comes with the computer (I thought it was a year, but it's 31 days)

Any way he took control my sons computer remotely and said it also had a CSRSS.exe trojan virus, which had infected my network and my other computers and tablets was a risk. To fix this it would cost me £50 to get a Windows technical expect to remove it.

Is this correct? (I said no, I think about it)

After the callI ran a scan on McAfee and it did detect a Trojan and removed/ quarantine it.

Is he just trying to scare or scam me or do I need to be worried?

I've check my other computer and tablets and can't see any problems


Help please.

Thanks

BC AdBot (Login to Remove)

 


#2 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,787 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:34 AM

Posted 01 August 2014 - 01:35 AM

G'day MrD74, and :welcome: to BC.

 

Please run the following for me, and we will attempt to deduce if there is in fact anything lurking that shouldn't be....

 

You can copy and paste the logs produced into your reply, either both together or separatley, whichever you are comfortable with.

 

 

 

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

Download MiniToolBox, save it to your desktop and run it.
    Checkmark the following checkboxes:
    Flush DNS
    Report IE Proxy Settings
    Reset IE Proxy Settings
    Report FF Proxy Settings
    Reset FF Proxy Settings
    List content of Hosts
    List IP configuration
    List Winsock Entries
    List last 10 Event Viewer log
    List Installed Programs
    List Users, Partitions and Memory size.
    Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#3 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,787 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:34 AM

Posted 01 August 2014 - 01:41 AM

G'day MrD74, and :welcome: to BC.

 

Please run the following for me, and we will attempt to deduce if there is in fact anything lurking that shouldn't be....

 

You can copy and paste the logs produced into your reply, either both together or separatley, whichever you are comfortable with.

 

 

 

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

Download MiniToolBox, save it to your desktop and run it.
    Checkmark the following checkboxes:
    Flush DNS
    Report IE Proxy Settings
    Reset IE Proxy Settings
    Report FF Proxy Settings
    Reset FF Proxy Settings
    List content of Hosts
    List IP configuration
    List Winsock Entries
    List last 10 Event Viewer log
    List Installed Programs
    List Users, Partitions and Memory size.
    Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#4 MrD74

MrD74
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:34 PM

Posted 01 August 2014 - 10:27 AM

Hi


Thanks for helping

Hers the details the details

I hope it's all correct

Results of screen317's Security Check version 0.99.86
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 65
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````






MiniToolBox by Farbar Version: 21-07-2014
Ran by Thomas (administrator) on 01-08-2014 at 16:19:19
Running from "C:\Users\Thomas\Desktop"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Ethernet (Disconnected)
Qualcomm Atheros AR956x Wireless Network Adapter = WiFi (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.120 metric=1 publish=Yes
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ThomasLaptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : A4-DB-30-FE-43-69
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 16-DB-30-FE-02-55
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter WiFi:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Qualcomm Atheros AR956x Wireless Network Adapter
Physical Address. . . . . . . . . : A4-DB-30-FE-02-55
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::257e:cf8f:8329:3f58%6(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.120(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 31 July 2014 22:22:46
Lease Expires . . . . . . . . . . : 02 August 2014 16:03:33
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 111467312
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-29-29-69-20-1A-06-B3-00-10
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 20-1A-06-B3-00-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:811:1da2:ae66:ad40(Preferred)
Link-local IPv6 Address . . . . . : fe80::811:1da2:ae66:ad40%10(Preferred)
Default Gateway . . . . . . . . . : ::
DHCPv6 IAID . . . . . . . . . . . : 369098752
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-29-29-69-20-1A-06-B3-00-10
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: BThomehub.home
Address: 192.168.1.254

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2a00:1450:4009:800::1009
74.125.230.70
74.125.230.71
74.125.230.69
74.125.230.67
74.125.230.68
74.125.230.73
74.125.230.65
74.125.230.72
74.125.230.66
74.125.230.78
74.125.230.64


Pinging google.com [74.125.230.73] with 32 bytes of data:
Reply from 74.125.230.73: bytes=32 time=29ms TTL=52
Reply from 74.125.230.73: bytes=32 time=28ms TTL=52

Ping statistics for 74.125.230.73:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 28ms, Maximum = 29ms, Average = 28ms
Server: BThomehub.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=177ms TTL=44
Reply from 206.190.36.45: bytes=32 time=178ms TTL=44

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 177ms, Maximum = 178ms, Average = 177ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
8...a4 db 30 fe 43 69 ......Bluetooth Device (Personal Area Network)
7...16 db 30 fe 02 55 ......Microsoft Wi-Fi Direct Virtual Adapter
6...a4 db 30 fe 02 55 ......Qualcomm Atheros AR956x Wireless Network Adapter
3...20 1a 06 b3 00 10 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
4...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.120 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.120 26
169.254.255.255 255.255.255.255 On-link 192.168.1.120 281
192.168.1.0 255.255.255.0 On-link 192.168.1.120 281
192.168.1.120 255.255.255.255 On-link 192.168.1.120 281
192.168.1.255 255.255.255.255 On-link 192.168.1.120 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.120 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.120 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.1.120 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 306 ::/0 On-link
1 306 ::1/128 On-link
10 306 2001::/32 On-link
10 306 2001:0:9d38:6ab8:811:1da2:ae66:ad40/128
On-link
6 281 fe80::/64 On-link
10 306 fe80::/64 On-link
10 306 fe80::811:1da2:ae66:ad40/128
On-link
6 281 fe80::257e:cf8f:8329:3f58/128
On-link
1 306 ff00::/8 On-link
6 281 ff00::/8 On-link
10 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/01/2014 10:19:09 AM) (Source: .NET Runtime) (User: )
Description: Application: Asphalt8_w8.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 00007FFB55232EE0

Error: (07/31/2014 10:33:41 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.17126 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12a8

Start Time: 01cfad06c7579ff9

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 52a2342a-18fa-11e4-8264-a4db30fe4369

Faulting package full name:

Faulting package-relative application ID:

Error: (07/31/2014 09:02:12 PM) (Source: Application Hang) (User: )
Description: The program Netflix.exe version 2.8.0.27 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2644

Start Time: 01cface9f02fed1a

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8\Netflix.exe

Report Id: 8b687e2e-18ed-11e4-8263-a4db30fe4369

Faulting package full name: 4DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8

Faulting package-relative application ID: App

Error: (07/31/2014 09:02:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: THOMASLAPTOP)
Description: Package 4DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8+App was terminated because it took too long to suspend.

Error: (07/31/2014 07:03:50 PM) (Source: Application Hang) (User: )
Description: The program Netflix.exe version 2.8.0.27 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 20f8

Start Time: 01cfacdd63531e74

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8\Netflix.exe

Report Id: 0524b480-18dd-11e4-8263-a4db30fe4369

Faulting package full name: 4DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8

Faulting package-relative application ID: App

Error: (07/31/2014 07:03:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: THOMASLAPTOP)
Description: Package 4DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8+App was terminated because it took too long to suspend.

Error: (07/31/2014 05:37:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: BackgroundAgent.exe, version: 1.0.1.3, time stamp: 0x53ce1fc8
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process ID: 0x2054
Faulting application start time: 0xBackgroundAgent.exe0
Faulting application path: BackgroundAgent.exe1
Faulting module path: BackgroundAgent.exe2
Report ID: BackgroundAgent.exe3
Faulting package full name: BackgroundAgent.exe4
Faulting package-relative application ID: BackgroundAgent.exe5

Error: (07/31/2014 05:34:46 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (07/30/2014 02:38:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: BackgroundAgent.exe, version: 1.0.1.3, time stamp: 0x53ce1fc8
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process ID: 0x2604
Faulting application start time: 0xBackgroundAgent.exe0
Faulting application path: BackgroundAgent.exe1
Faulting module path: BackgroundAgent.exe2
Report ID: BackgroundAgent.exe3
Faulting package full name: BackgroundAgent.exe4
Faulting package-relative application ID: BackgroundAgent.exe5

Error: (07/29/2014 08:27:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: BackgroundAgent.exe, version: 1.0.1.3, time stamp: 0x53ce1fc8
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process ID: 0x1b74
Faulting application start time: 0xBackgroundAgent.exe0
Faulting application path: BackgroundAgent.exe1
Faulting module path: BackgroundAgent.exe2
Report ID: BackgroundAgent.exe3
Faulting package full name: BackgroundAgent.exe4
Faulting package-relative application ID: BackgroundAgent.exe5


System errors:
=============
Error: (07/31/2014 10:27:05 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Home Network service did not respond on starting.

Error: (07/31/2014 10:02:04 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (07/31/2014 09:10:48 PM) (Source: DCOM) (User: THOMASLAPTOP)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (07/31/2014 09:35:52 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (07/29/2014 05:34:51 PM) (Source: DCOM) (User: THOMASLAPTOP)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (07/28/2014 09:32:58 AM) (Source: DCOM) (User: THOMASLAPTOP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (07/28/2014 09:32:52 AM) (Source: DCOM) (User: THOMASLAPTOP)
Description: App

Error: (07/28/2014 09:32:30 AM) (Source: DCOM) (User: THOMASLAPTOP)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (07/28/2014 09:32:30 AM) (Source: DCOM) (User: THOMASLAPTOP)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (07/28/2014 09:32:29 AM) (Source: DCOM) (User: THOMASLAPTOP)
Description: Microsoft.Reader


Microsoft Office Sessions:
=========================
Error: (08/01/2014 10:19:09 AM) (Source: .NET Runtime)(User: )
Description: Application: Asphalt8_w8.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 00007FFB55232EE0

Error: (07/31/2014 10:33:41 PM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.1712612a801cfad06c7579ff90C:\Program Files\Internet Explorer\iexplore.exe52a2342a-18fa-11e4-8264-a4db30fe4369

Error: (07/31/2014 09:02:12 PM) (Source: Application Hang)(User: )
Description: Netflix.exe2.8.0.27264401cface9f02fed1a4294967295C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8\Netflix.exe8b687e2e-18ed-11e4-8263-a4db30fe43694DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8App

Error: (07/31/2014 09:02:06 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: THOMASLAPTOP)
Description: 4DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8+App

Error: (07/31/2014 07:03:50 PM) (Source: Application Hang)(User: )
Description: Netflix.exe2.8.0.2720f801cfacdd63531e744294967295C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8\Netflix.exe0524b480-18dd-11e4-8263-a4db30fe43694DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8App

Error: (07/31/2014 07:03:48 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: THOMASLAPTOP)
Description: 4DF9E0F8.Netflix_2.8.0.27_x64__mcm4njqhnhss8+App

Error: (07/31/2014 05:37:36 PM) (Source: Application Error)(User: )
Description: BackgroundAgent.exe1.0.1.353ce1fc8MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d205401cfacdd6c5e2fecC:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dllf9d6213c-18d0-11e4-8263-a4db30fe4369

Error: (07/31/2014 05:34:46 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (07/30/2014 02:38:54 PM) (Source: Application Error)(User: )
Description: BackgroundAgent.exe1.0.1.353ce1fc8MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d260401cfabf188c5b02fC:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dlld8cd76f0-17ee-11e4-8263-a4db30fe4369

Error: (07/29/2014 08:27:44 PM) (Source: Application Error)(User: )
Description: BackgroundAgent.exe1.0.1.353ce1fc8MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d1b7401cfab5ce23acfbbC:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll6989183f-1756-11e4-8263-a4db30fe4369


CodeIntegrity Errors:
===================================
Date: 2014-07-31 22:02:04.522
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.



=========================== Installed Programs ============================
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.04.3004 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2004.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2007.1 - Acer Incorporated)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.01.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2010.0 - Acer Incorporated)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.)
Canon MG3500 series User Registration (HKLM-x32\...\Canon MG3500 series User Registration) (Version: - ?Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.0 - Canon Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.3126.57 - CyberLink Corp.) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Nero BackItUp (x32 Version: 12.5.11000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15900 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20900 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Pokki (HKCU\...\Pokki) (Version: 0.266.1.172 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 8072.27 MB
Available physical RAM: 6028.04 MB
Total Pagefile: 16264.27 MB
Available Pagefile: 13796.26 MB
Total Virtual: 4095.88 MB
Available Virtual: 3981 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:681.19 GB) (Free:627.53 GB) NTFS

========================= Users: ========================================

User accounts for \\THOMASLAPTOP

Administrator Guest Thomas


**** End of log ****
Sent from Windows Mail

#5 MrD74

MrD74
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:34 PM

Posted 01 August 2014 - 03:16 PM

Here's the details it's meant to say

#6 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,787 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:34 AM

Posted 01 August 2014 - 05:52 PM

All appears ok there....try these...we will look a little deeper....

 

Please Note : When you have run RKILL, follow immediately with the TDSS scan.DO NOT reboot between the two scans.

 

 

 

Please download and runRKill by Grinler.
 A black DOS box will appear for a short time and then disappear.
 This is normal and indicates the tool ran successfully.
 At most the tool will usually run for about 2 minutes
 Please Copy / Paste the small log back here.

 

Important: Do not reboot your computer until you complete the next step.

 

 

TDSS
Download TDSSKiller and save it to your desktop.
* Extract (unzip) its contents to your desktop.
* Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
* If an infected file is detected, the default action will be Cure, click on Continue.
* If a suspicious file is detected, the default action will be Skip, click on Continue.
* It may ask you to reboot the computer to complete the process. Click on Reboot Now.
* If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
* If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users