Inactive McAfee real time scan will not stay on

Status
Not open for further replies.
A

Abremylin

Problem description:

After suspected infection system periodically exhibited no internet traffic being allowed to even the LAN-router (192.168.1.1). All browsers and tracert returned RTOs. Ping would only ack from 192.168.1.1 and self loop. DNS would propagate IPs however packets would RTO.

Mcaffee RTS would constantly alert to "not running". Firewall activity from router to OS / AV software firewalls all remain active but ineffective on altering symptoms when disabled in any combination.

Downloaded alternate AV - (F-Prot) - to verify AV cleaning. Also ran several Malware cleanings, included the latest.

I have ran several virus and malware cleanings in everything from safemode to normal mode depening on what "seemed best" in terms of the cleaning process.

I eventually found that I could obtain internet connectivity for a limited time (2-4 days) after performing a system restore to a point just before .net 4 was installed automatically by winupdate. It seemed that once .net 4 deployed the system started going to **** and there was no connectivity as above, with Mcaffee RTS being disabled.

I am now at the point where it seems even the sys restore files are possibly infected or there is another "masked piece" of malware that is continuing to propagate. I have looked over the below post and have included it here as a reference as it appears to be similar in nature.

Let me know how best to proceed - PLEASE!?

Related thread:

https://www.techspot.com/vb/topic165201.html

Log paste:


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7482

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

8/22/2011 9:37:44 AM
mbam-log-2011-08-22 (09-37-44).txt

Scan type: Quick scan
Objects scanned: 166889
Time elapsed: 5 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-08-22 10:42:31
Windows 6.0.6002 Service Pack 2
Running: GMER.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e4ccd6768
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001e4ccd6768 (not active ControlSet)

---- Files - GMER 1.0.15 ----

File C:\Users\Owner\AppData\Local\Temp\~DF43B9.tmp 16384 bytes
File C:\Users\Owner\AppData\Local\Temp\~DF43C4.tmp 512 bytes

---- EOF - GMER 1.0.15 ----



.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 7.0.6002.18005
Run by Owner at 10:50:46 on 2011-08-22
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8189.5220 [GMT -8:00]
.
AV: F-PROT Antivirus for Windows *Enabled/Outdated* {31B7FFC6-2716-5A4E-528D-32786E690ED2}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RAVCpl64.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\Alienware\AlienFX\AlienwareAlienFXController.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Alienware\AlienFX\AlienFXHook32Mngr.exe
C:\Program Files\Alienware\AlienFX\AlienFXHook64Mngr.exe
C:\Windows\splwow64.exe
C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\System32\mobsync.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.fnbalaska.com/96.cfm
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110514162900.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [NVIDIA nTune] "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
mRun: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [F-PROT Antivirus Tray application] C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BIGFOO~1.LNK - C:\Program Files (x86)\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERS~1.LNK - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
LSP: %SYSTEMROOT%\system32\BfLLR.dll
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} - hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 209.112.128.2 204.17.139.2
TCP: Interfaces\{2DE2A9F3-7D40-4E0F-9C12-1699300379AE} : DhcpNameServer = 209.112.128.2 204.17.139.2
TCP: Interfaces\{4F837D69-063B-4AD3-AD46-C7B4AF461873} : DhcpNameServer = 209.112.128.2 204.17.139.2
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110514162900.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [(Default)]
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [F-PROT Antivirus Tray application] C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 FPAV_RTP;FPAV_RTP;C:\Windows\system32\DRIVERS\FPAV_RTP.sys --> C:\Windows\system32\DRIVERS\FPAV_RTP.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R2 Bigfoot Networks Killer Service;Bigfoot Networks Killer Service;C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [2011-5-26 467968]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 FPAVServer;F-PROT Antivirus for Windows system;C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe [2010-11-3 83624]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-7-27 366640]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-7-27 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-7-27 355440]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-7-27 355440]
R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-7-27 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-7-27 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-7-27 149032]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-12-16 386344]
R2 X5XSEx;X5XSEx;C:\Program Files (x86)\Free Ride Games\X5XSEx.sys [2011-3-28 55328]
R3 BfEdgeVx64;Bigfoot Networks Killer Ethernet Service;C:\Windows\system32\DRIVERS\VEdgeA64.sys --> C:\Windows\system32\DRIVERS\VEdgeA64.sys [?]
R3 BFNVis64;Bigfoot Networks Killer Gaming Service;C:\Windows\system32\DRIVERS\XenoVa64.sys --> C:\Windows\system32\DRIVERS\XenoVa64.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-28 136176]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-15 183560]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-28 136176]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-3-18 89920]
.
=============== Created Last 30 ================
.
2011-08-11 12:59:54 -------- d-----w- C:\Users\Owner\AppData\Roaming\Tropico 4 Demo
2011-08-10 03:34:35 -------- d-----w- C:\Users\Owner\AppData\Local\Apple Computer
2011-08-08 04:41:41 -------- d-----w- C:\Users\Owner\AppData\Local\ArmA 2 Free
2011-08-08 03:00:35 -------- d-----w- C:\Users\Owner\AppData\Local\PokerStars.NET
2011-08-08 02:59:12 -------- d-----w- C:\Program Files (x86)\PokerStars.NET
2011-08-08 01:45:31 -------- d-----w- C:\Program Files\Common Files\INCA Shared
2011-08-05 20:26:22 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-08-05 20:26:22 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-08-05 20:26:22 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-08-05 20:26:22 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-08-05 20:26:22 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-08-05 20:26:22 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-08-05 20:26:22 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-08-01 22:20:28 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll
2011-07-29 18:42:55 -------- d-----w- C:\PFiles
2011-07-27 23:26:17 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-27 23:26:13 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-07-27 19:31:47 -------- d-----w- C:\Users\Owner\AppData\Roaming\FRISK Software
2011-07-27 19:22:20 836696 ----a-w- C:\Windows\System32\drivers\FPAV_RTP.sys
2011-07-27 19:22:18 -------- d-----w- C:\ProgramData\FRISK Software
2011-07-27 19:22:18 -------- d-----w- C:\Program Files (x86)\FRISK Software
2011-07-26 06:49:59 -------- d-----w- C:\Users\Owner\AppData\Local\CrashRpt
2011-07-26 06:49:59 -------- d-----w- C:\Users\Owner\AppData\Local\Arktos
.
==================== Find3M ====================
.
2011-07-06 02:37:00 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-07-06 02:37:00 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-07-05 16:04:36 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-27 23:14:18 281656 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-06-27 23:14:18 281656 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-06-27 23:12:23 281200 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-06-02 13:50:04 2764288 ----a-w- C:\Windows\System32\win32k.sys
2011-05-30 13:32:13 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-05-26 23:24:58 31336 ----a-w- C:\Windows\System32\drivers\VEdgeA64.sys
2011-05-26 23:24:58 157288 ----a-w- C:\Windows\System32\drivers\XenoVa64.sys
2011-05-26 23:24:52 192616 ----a-w- C:\Windows\System32\BfLLR.dll
2011-05-26 23:24:50 183400 ----a-w- C:\Windows\SysWow64\BfLLR.dll
2011-05-26 23:24:50 164456 ----a-w- C:\Windows\System32\xstat.exe
2011-05-26 23:24:50 155240 ----a-w- C:\Windows\SysWow64\xstat.exe
.
============= FINISH: 10:51:46.34 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 9/17/2009 4:41:30 AM
System Uptime: 8/19/2011 6:51:24 AM (76 hours ago)
.
Motherboard: Dell Inc | | 0C113J
Processor: Intel(R) Core(TM)2 Quad CPU Q9400 @ 2.66GHz | Socket 775 | 2672/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 581 GiB total, 75.236 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 7.38 GiB free.
E: is CDROM (UDF)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP746: 8/10/2011 3:00:14 AM - Windows Update
RP747: 8/10/2011 5:12:13 PM - Scheduled Checkpoint
RP748: 8/11/2011 4:54:33 AM - Installed DirectX
RP749: 8/11/2011 10:12:53 AM - Restore Operation
RP750: 8/11/2011 10:48:25 AM - Windows Update
RP751: 8/12/2011 3:00:12 AM - Windows Update
RP752: 8/13/2011 - Scheduled Checkpoint
RP753: 8/14/2011 12:00:01 AM - Scheduled Checkpoint
RP754: 8/15/2011 12:00:01 AM - Scheduled Checkpoint
RP755: 8/16/2011 12:00:01 AM - Scheduled Checkpoint
RP756: 8/17/2011 12:00:01 AM - Scheduled Checkpoint
RP757: 8/17/2011 8:35:57 AM - Restore Operation
RP758: 8/17/2011 9:15:11 AM - Restore Operation
RP759: 8/17/2011 4:11:20 PM - Restore Operation
RP760: 8/18/2011 2:47:53 PM - Restore Operation
RP761: 8/19/2011 8:04:11 AM - Scheduled Checkpoint
RP762: 8/20/2011 - Scheduled Checkpoint
RP763: 8/21/2011 - Scheduled Checkpoint
RP764: 8/22/2011 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
µTorrent
4Story (4STORY)
7500_7600_7700_Help
ACE Online EP3-2 2.3.0.3 Full
Acrobat.com
Adobe Acrobat 9 Standard - English, Français, Deutsch
Adobe Acrobat 9.4.5 - CPSID_83708
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.4
Age of Booty Demo
Age of Conan - Hyborian Adventures
AikaOnline
Alien Swarm
AlienFX for XPS
Alliance of Valiant Arms
Anomaly Warzone Earth Demo
Apple Application Support
Apple Software Update
ArcaniA - Gothic 4 Demo
ASIO4ALL
Axis and Allies
Bandisoft MPEG-1 Decoder
Battlefield: Bad Company 2
Be a King 2
Be Richer
Big Fish Games: Game Manager
Bigfoot Networks Dashboard
Bigfoot Networks Killer Network Manager
Bing Bar
Black Prophecy
Borderlands
BPD_HPSU
BPD_Scan
BPDSoftware
BPDSoftware_Ini
BufferChm
BugBits
Bulletstorm Demo
Capitalism II
Choice Guard
CyberLink PowerDirector
CyberLink WaveEditor
Dark Messiah Might and Magic Single Player
Dawntide (remove only)
Defender of the Crown Heroes Live Forever
Defense Grid: The Awakening
Dell Getting Started Guide
Dell Video Chat
Delve Deeper
Destinations
DeviceManagementQFolder
Diablo II
DNA
DocProc
DocProcQFolder
Doors of the Mind: Inner Mysteries
Download Manager 2.3.10
Dr Lynch Grave Secrets
Drug Lord 2
Dungeon Siege 2
Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.12.00.803
Earthrise
Empire Builder - Ancient Egypt
eSupportQFolder
F-PROT Antivirus for Windows x64
Face of Mankind
Farm Frenzy 3
Farm Frenzy 3 - Russian Roulette
Farm Frenzy 3: Russian Roulette
Fate of the World
Fax
Fix-it-up: Kate`s Adventure
FL Studio 10
Fraps (remove only)
Free Ride Games Player
Freelancer
Galaxy Online
GamersFirst LIVE!
Gazillionaire III v3.04 (remove only)
GIMP 2.6.6
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Heroes In the Sky
HOARD
Hotel Mogul
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Photosmart Essential
HP Product Assistant
HP Update
HPProductAssistant
HPSSupply
IL Download Manager
Impulse
Island Realms
Japanese Fonts Support For Adobe Reader 9
Java Auto Updater
Java(TM) 6 Update 26
Java(TM) 6 Update 7
Junk Mail filter update
L7500
Launchpad Enhanced
Lead and Gold - Gangs of the Wild West
Left 4 Dead 2 Add-on Support
Left 4 Dead 2 Demo
Little Folk of Faery
Love & Death ™: Bitten ™
Majesty 2
Malwarebytes' Anti-Malware version 1.51.1.1800
Marooned
McAfee SecurityCenter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Default Manager
Microsoft Game Studios Common Redistributables Pack 1
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office Live Meeting 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft XML Parser
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Mortal Online
Mount and Blade: Warband
MPM
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Namco All-Stars by Namco - Dig Dug
Nexon Game Manager
NVIDIA Performance
NVIDIA PhysX
OpenAL
OpenOffice.org 3.0
Overlord II
Overlord: Raising Hell
Pando Media Booster
Perpetuum
Pirates of the Burning Sea (English)
Please choose an option
PokerStars
Port Royale 2
Post Apocalyptic Mayhem
PowerDVD DX
Pristontale 3133
ProductContext
Project S
PunkBuster Services
QualXServ Service Agreement
QuickBooks
QuickBooks Pro 2009
QuickTime
Rachel's Retreat
Realms Online version 1.7.2
Realtek High Definition Audio Driver
Redemption Cemetery: Curse of the Raven
Reincarnations: Uncover the Past Collector's Edition
RETScreen
RETScreen Version 4
RISK Factions Demo
Robin's Quest: A Legend Born
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Sid Meier's Civilization 4
Sid Meier's Civilization V
Sins of a Solar Empire
SlimDX Redistributable (March 2009)
SmartSound Quicktracks 5
Solar 2
SolutionCenter
Space Colony Demo
Space Siege Demo
Star Ruler - Demo
Star Wars Galaxies
StarCraft II
Starport GE v1.0
Status
Steam
Stronghold 2 Deluxe
SupportSoft Assisted Service
System Requirements Lab
Tales of Fantasy
TaxACT 2009
TaxACT 2009 Business 1065 Edition
TaxACT 2010
TaxACT 2010 Business 1065 Edition
TeamSpeak 3 Client
The Battle for Middle-earth (tm) II
The Island - Castaway
Toolbox
Torchlight
Tradewinds Caravans
TrayApp
Two Worlds
Unity Web Player
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Vindictus
Virtual Farm
WebReg
Winamp
Winamp Detector Plug-in
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
Wings of Prey - Demo
Wizard101
World of Zellians: Kingdom Builder ™
Wurm Online 2.7.4-2655
Youda Safari
Youda Survivor
Zombie Driver
.
==== Event Viewer Messages From Past Week ========
.
8/18/2011 9:51:39 AM, Error: EventLog [6008] - The previous system shutdown at 9:36:03 AM on 8/18/2011 was unexpected.
8/18/2011 9:10:27 AM, Error: EventLog [6008] - The previous system shutdown at 8:47:30 AM on 8/18/2011 was unexpected.
8/18/2011 8:37:52 AM, Error: EventLog [6008] - The previous system shutdown at 6:41:03 PM on 8/17/2011 was unexpected.
8/18/2011 2:45:51 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
8/18/2011 2:43:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Eventlog service.
8/18/2011 2:42:45 PM, Error: Service Control Manager [7022] - The McAfee Network Agent service hung on starting.
8/18/2011 2:38:48 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
8/18/2011 2:37:41 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
8/18/2011 11:55:47 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer HP Officejet Pro L7500 Series with shared resource name HP Officejet Pro L7500 Series. Error 65535. The printer cannot be used by others on the network.
8/18/2011 11:55:45 AM, Error: EventLog [6008] - The previous system shutdown at 11:53:37 AM on 8/18/2011 was unexpected.
8/17/2011 9:07:43 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/17/2011 9:07:39 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
8/17/2011 9:07:09 AM, Error: Service Control Manager [7022] - The Windows Font Cache Service service hung on starting.
8/17/2011 9:06:03 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
8/17/2011 9:06:03 AM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/17/2011 8:30:25 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 0019030269EB has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
8/17/2011 8:23:33 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer HP Officejet Pro L7500 Series with shared resource name HP Officejet Pro L7500 Series. Error 2114. The printer cannot be used by others on the network.
.
==== End Of File ===========================
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===================================================================

You can't be running two AV programs.
Assuming you paid for McAfee, please uninstall F-Secure.

Let's try simple approach to your issue first.
Uninstall McAfee using this tool: http://www.softpedia.com/get/Tweak/Uninstallers/McAfee-Consumer-Product-Removal-Tool.shtml
Install fresh copy.
Will it stay on?
 
Thank you for taking the time to address my issue.

I have removed F-Prot and used the tool you linked to remove Mcafee. I then reinstalled Mcafee and performed the on screen prompts.

As a note - as soon as Mcafee was uninstalled I had internet connectivity on the trouble system again; which (thankfully I guess) allowed me to download / install the AV software again.

During the Mcafee install process Windows also decided it needed various updates and we had a reboot that included 9 updates.

After the system started it began the "Removing Existing Mcafee Software" routine and in the middle of it suddenly a service cascade of failures happened. Alienware, BTTray, and Mcafee RT virus scan all disabled at once. The Mcafee installer completed its "removal" and required a reboot.

Rebooted to a stable desktop with internet connection but no AV installed. Windows warning me that there is no AV protecting the system.

I guess I will try to reinstall Mcafee again. Spank me later if I should have just waited for your reply.
 
Ok - did that, after disabling Malware bytes. Reboot - everything appears clean.

Should I just perform a full scan with the AV and Malware bytes and reply?
 
well I did the quick scans for both AV and malware - both clean.

I am going to load test the unit and see if it begins performing normally again.

Looks like it was just a corrupted Mcafee install, and / or AV conflicts?
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
794
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back