ramza19
2009-11-23, 06:51
Hello all, and thank you in advance for any input on these errors. I'm having more than just malware issues, although I know my most prominent problems are with malware. If this thread needs to be moved, I apologize, I'm just very much at a loss of what to do with this. I frequent forums a lot (for general role playing though :)) and I understand all the formalities that must be taken with a thread in the wrong area, but I'd really appreciate if we could skip that. Not trying to be rude or pushy but, I am taking my courses online and I can be booted for lack of attendance, so I need a resolution to the first issue as quickly as possible. Sorry to be making demands like this folks. :(
I'd first like to mention as many of the issues I've been having with my laptop as I can remember. I am more than certain that many of these are coincidences, but there's only one that I really need solved urgently, which will be the first and bolded issue. Of course, aid with any of the other issues would be appreciated too. :)
I don't know what exactly everyone needs to diagnose me, so if I'm missing anything, speak up! Running Vista Home Professional on an Acer Aspire laptop.
So, let's get to the problems, shall we? The first and most obnoxious would be my issues with my web browsers. My Browsers (I've tried multiple to see if it was just firefox or not) all crash spontaneously, without warning. It also seems to happen when I access certain sites, but they're not sites that I would pin the issue on, as I've been using this site for a very long time and this issue is recent. Regardless it still never ceases to crash eventually, those sites just make it more.... frequent. <_<;
Now, on to other things.
-Can't uninstall programs from the control panel. All programs get the same message, "An error has occured when trying to uninstall _____. It may have already been uninstalled. Would you like to remove _____ from the Programs and Features list?"
I get an embarrassing amount of error messages upon start up.
Symantec User Session "a necessary file could not be loaded: fwAlert"
Symantec User Session "a necessary file could not be loaded: NAVProd"
Symantec User Session "a necessary file could not be loaded: NisProd"
Daemons Tools Pro "This program requires at least Windows 2000 with SPTD Kernal Debugger...." sorry that one closed on me and I don't want to restart quite yet. Bug me for it if it's relevant.
I also used to get a message saying something along the lines of "cannot locate missing file system32.dll" or something like that. It didn't come up this time. That one scares the life out of me. I'm not a computer pro, but I know your system 32's are just a little important. :P
All messengers refuse to work, for whatever reasons. MSN gives me "Contact list not available" and also tells me I need to update to the newer version. But when I try to do that it says the install failed.
"The Windows Installer Service could not be accessed. This can occur if the Installer is not correctly installed. Contact your support personnel for assistance. Please try installing Windows Live programs again. Unknown error occurred. hr:0x80070641"
errrr. k. Similar messages for Yahoo, Trillian, ect.
Occasionally when I try to shut down the computer or put it in sleep mode (never when I restart) I get blue screened, telling me something along the lines of "an unknown thread has failed to connect to it's host". Or something like that. I'll post with more on than next time it comes up.
Here's one that's left everyone stumped. My computer randomly plays sound. Maybe once a day, for anywhere from 5-30 seconds, it'll play something random. It usually sounds like very corny infomercials or the news. o_O;;
On to hardware for a moment. My build in touch pad has had a mind of it's own for months. Once every 3 hours or so, it will do any combination of the following.
-Move on it's own.
-Lock up so I can't move it (it can still move itself sometimes)
-Lose the ability to click with the touchpad
-Click on it's own
Most commonly it just whirs about, clicking pretty much everything in it's wake and making my life a mess. I can't stop it or anything. My old solution used to be to disable the touchpad in the system tray in the bottom and turn it back on. But for some reason, where the touchpad used to be there's now just an empty space in the tray. It disappeared after I used a program recommended by a friend called Smitfruad. Haven't used that again. <_<;;
I was also told to post with this, my Hijack This report. It's really large, I apologize if it was unneeded. This was done upon start up, immediately after clearing out previous error messages.
Logfile of HijackThis v1.99.1
Scan saved at 23:42:21, on 11/22/2009
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\photo_id.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Acer Valued Customer\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [photo_id] C:\Windows\system32\photo_id.exe
O4 - HKLM\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - HKLM\..\RunOnce: [áN@] áN@
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ter8m] RUNDLL32.EXE C:\Windows\TEMP\msxm192z.dll,w
O4 - HKCU\..\Run: [photo_id] C:\Users\Acer Valued Customer\photo_id.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\system32\rdolib.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Windows\TEMP\VRTA4AA.tmp (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ccEvtMgr - Unknown owner - C:\Windows\TEMP\VRT421F.tmp (file missing)
O23 - Service: ccSetMgr - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: CLTNetCnService - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: comHost - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: COMSysApp - Unknown owner - C:\Windows\system32\dllhost.exe (file missing)
O23 - Service: DFSR - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: eLockService - Unknown owner - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (file missing)
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecoveryService - Unknown owner - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (file missing)
O23 - Service: eSettingsService - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe (file missing)
O23 - Service: fastnetsrv - Netopsystems A - C:\Windows\system32\FastNetSrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISPwdSvc - Unknown owner - C:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: LightScribeService - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Ex - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: msiserver - Unknown owner - C:\Windows\system32\msiexec.exe (file missing)
O23 - Service: nvsvc - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: Spooler - Unknown owner - C:\Windows\TEMP\VRTE7DE.tmp (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymAppCore - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TrustedInstaller - Unknown owner - C:\Windows\TEMP\VRTA4AA.tmp (file missing)
O23 - Service: UI0Detect - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: vds - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: VSS - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: wmiApSrv - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: WMIService - Unknown owner - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WSearch - Unknown owner - C:\Windows\TEMP\VRTA4AA.tmp (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Unknown owner - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (file missing)
So this about wraps up what I can remember being my issues for the moment. I'm at a local internet cafe for the time being, but I don't think I can rely on this too long. I'd appreciate some swift actions here if possible. Don't hesitate to tell me what I've done wrong or what else you might need to diagnose... Just please, keep in in mind I only need my browser, if nothing else.
I'm getting a new computer in 3 weeks so I'm not too worried about totally fixing this all if it's going to be terribly confusing.
Thanks for your time ladies and gentlemen. :)
~Ramza
Ahh, I did forget one very annoying issue. I apologize for the double post, I can't seem to find the 'modify' button I'm used to using on proboards.
I frequently get routed from sites I try to access to stupid little search pages. As an example, when I type anything into google.ca, and click ANY link, it brings me to something really stupid, like those sites with domain names purposefully picked to be similar to frequently used sites. This happens with pretty much any site I try to access that isn't some kind of forum, which I find rather strange.
---------------------------------------------
"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)
I'd first like to mention as many of the issues I've been having with my laptop as I can remember. I am more than certain that many of these are coincidences, but there's only one that I really need solved urgently, which will be the first and bolded issue. Of course, aid with any of the other issues would be appreciated too. :)
I don't know what exactly everyone needs to diagnose me, so if I'm missing anything, speak up! Running Vista Home Professional on an Acer Aspire laptop.
So, let's get to the problems, shall we? The first and most obnoxious would be my issues with my web browsers. My Browsers (I've tried multiple to see if it was just firefox or not) all crash spontaneously, without warning. It also seems to happen when I access certain sites, but they're not sites that I would pin the issue on, as I've been using this site for a very long time and this issue is recent. Regardless it still never ceases to crash eventually, those sites just make it more.... frequent. <_<;
Now, on to other things.
-Can't uninstall programs from the control panel. All programs get the same message, "An error has occured when trying to uninstall _____. It may have already been uninstalled. Would you like to remove _____ from the Programs and Features list?"
I get an embarrassing amount of error messages upon start up.
Symantec User Session "a necessary file could not be loaded: fwAlert"
Symantec User Session "a necessary file could not be loaded: NAVProd"
Symantec User Session "a necessary file could not be loaded: NisProd"
Daemons Tools Pro "This program requires at least Windows 2000 with SPTD Kernal Debugger...." sorry that one closed on me and I don't want to restart quite yet. Bug me for it if it's relevant.
I also used to get a message saying something along the lines of "cannot locate missing file system32.dll" or something like that. It didn't come up this time. That one scares the life out of me. I'm not a computer pro, but I know your system 32's are just a little important. :P
All messengers refuse to work, for whatever reasons. MSN gives me "Contact list not available" and also tells me I need to update to the newer version. But when I try to do that it says the install failed.
"The Windows Installer Service could not be accessed. This can occur if the Installer is not correctly installed. Contact your support personnel for assistance. Please try installing Windows Live programs again. Unknown error occurred. hr:0x80070641"
errrr. k. Similar messages for Yahoo, Trillian, ect.
Occasionally when I try to shut down the computer or put it in sleep mode (never when I restart) I get blue screened, telling me something along the lines of "an unknown thread has failed to connect to it's host". Or something like that. I'll post with more on than next time it comes up.
Here's one that's left everyone stumped. My computer randomly plays sound. Maybe once a day, for anywhere from 5-30 seconds, it'll play something random. It usually sounds like very corny infomercials or the news. o_O;;
On to hardware for a moment. My build in touch pad has had a mind of it's own for months. Once every 3 hours or so, it will do any combination of the following.
-Move on it's own.
-Lock up so I can't move it (it can still move itself sometimes)
-Lose the ability to click with the touchpad
-Click on it's own
Most commonly it just whirs about, clicking pretty much everything in it's wake and making my life a mess. I can't stop it or anything. My old solution used to be to disable the touchpad in the system tray in the bottom and turn it back on. But for some reason, where the touchpad used to be there's now just an empty space in the tray. It disappeared after I used a program recommended by a friend called Smitfruad. Haven't used that again. <_<;;
I was also told to post with this, my Hijack This report. It's really large, I apologize if it was unneeded. This was done upon start up, immediately after clearing out previous error messages.
Logfile of HijackThis v1.99.1
Scan saved at 23:42:21, on 11/22/2009
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\photo_id.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Acer Valued Customer\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [photo_id] C:\Windows\system32\photo_id.exe
O4 - HKLM\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - HKLM\..\RunOnce: [áN@] áN@
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ter8m] RUNDLL32.EXE C:\Windows\TEMP\msxm192z.dll,w
O4 - HKCU\..\Run: [photo_id] C:\Users\Acer Valued Customer\photo_id.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\system32\rdolib.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Windows\TEMP\VRTA4AA.tmp (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ccEvtMgr - Unknown owner - C:\Windows\TEMP\VRT421F.tmp (file missing)
O23 - Service: ccSetMgr - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: CLTNetCnService - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: comHost - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: COMSysApp - Unknown owner - C:\Windows\system32\dllhost.exe (file missing)
O23 - Service: DFSR - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: eLockService - Unknown owner - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (file missing)
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecoveryService - Unknown owner - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (file missing)
O23 - Service: eSettingsService - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe (file missing)
O23 - Service: fastnetsrv - Netopsystems A - C:\Windows\system32\FastNetSrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISPwdSvc - Unknown owner - C:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: LightScribeService - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Ex - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: msiserver - Unknown owner - C:\Windows\system32\msiexec.exe (file missing)
O23 - Service: nvsvc - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: Spooler - Unknown owner - C:\Windows\TEMP\VRTE7DE.tmp (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymAppCore - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TrustedInstaller - Unknown owner - C:\Windows\TEMP\VRTA4AA.tmp (file missing)
O23 - Service: UI0Detect - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: vds - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: VSS - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: wmiApSrv - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: WMIService - Unknown owner - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WSearch - Unknown owner - C:\Windows\TEMP\VRTA4AA.tmp (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Unknown owner - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (file missing)
So this about wraps up what I can remember being my issues for the moment. I'm at a local internet cafe for the time being, but I don't think I can rely on this too long. I'd appreciate some swift actions here if possible. Don't hesitate to tell me what I've done wrong or what else you might need to diagnose... Just please, keep in in mind I only need my browser, if nothing else.
I'm getting a new computer in 3 weeks so I'm not too worried about totally fixing this all if it's going to be terribly confusing.
Thanks for your time ladies and gentlemen. :)
~Ramza
Ahh, I did forget one very annoying issue. I apologize for the double post, I can't seem to find the 'modify' button I'm used to using on proboards.
I frequently get routed from sites I try to access to stupid little search pages. As an example, when I type anything into google.ca, and click ANY link, it brings me to something really stupid, like those sites with domain names purposefully picked to be similar to frequently used sites. This happens with pretty much any site I try to access that isn't some kind of forum, which I find rather strange.
---------------------------------------------
"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)