Inactive "show hidden files" disabled by a virus?

Status
Not open for further replies.
J

jaijei17

Posts: 10   +0
i'm currently using mcafee protection so i allowed my friend to insert his flash drive on my laptop and after that i have experienced this problem that i can't show hidden files even if after i check the radio button. it all goes back to don't show.. i have followed the 8 steps and these are the results..

=========================================================
Step 1: Antivirus scanning

McAfee Security Center 10.5.195
McAfee Virus Scan 14.5.113

Results: no virus detected
*done.
=========================================================

Step 2: Temporary File Cleaner

*done.
=========================================================

Step 3: Malwarebytes Anti-Malware

included log file
*done
=========================================================
 
Welcome to TechSpot! I'll help with the problem. It sounds like you friend had an infected flash drive and when he connected to your system, the infection passed on to it,. We will look in to the hidden files problem later.

If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HEREhttps://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/.

Please PASTE the logs in the next reply. Use multiple posts if needed..

Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.

We need to see the logs from Malwarebytes, GMER and the 2 from DDS. None are on your post. Those steps are called 'preliminary' for a reason. Once we view the logs, we can usually learn what infections are present and then determine what's next.

Unfortunately, McAfee can't guaranteee that you won't get malware> nothing can> so we look to see what got by.
 
Here are the log files, other log files will be followed.. sorry for the delay.. im busy in my school works
 

Attachments

  • avscan.log.LOG
    24.9 KB · Views: 1
  • mbam.log.txt
    854 bytes · Views: 1
Please PASTE the logs in the next reply. Use multiple posts if needed..
Click to expand...

So far, these logs are clean. Is there some reason you are trying to display the hidden files and folders? It's not a game of cat and mouse. They are hidden to protect the system from an accidental removal by the user.
 
Sorry,i have overlooked that instruction..apologies..

there are really no reason for me to show those hidden files,i even dont have hidden files but i just really want my system to be in good condition..

Here is the Gmer Log

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-10-06 08:05:07
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\jei\AppData\Local\Temp\uwldypow.sys


---- System - GMER 1.0.15 ----

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83824AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83824104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 838243F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8380C634
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8380C898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 838241DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83824958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 838246F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83824F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 838251A8

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!ZwSaveKeyEx + 13B1 838768E9 1 Byte [06]
.text ntoskrnl.exe!KiDispatchInterrupt + 5A2 838963D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text C:\Windows\system32\DRIVERS\atipmdag.sys section is writeable [0x92833000, 0x2D2B8A, 0xE8000020]
.text peauth.sys 91553C9D 28 Bytes [C4, C2, 85, 03, 0D, 18, DE, ...]
.text peauth.sys 91553CC1 28 Bytes [C4, C2, 85, 03, 0D, 18, DE, ...]
PAGE peauth.sys 91559E20 101 Bytes [C9, 01, 10, 03, A6, 7E, 78, ...]
PAGE peauth.sys 9155A02C 102 Bytes [50, 8E, 93, 78, 66, 91, DE, ...]
.text C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl section is writeable [0x9161E000, 0x2892, 0xE8000020]
.vmp2 C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl entry point in ".vmp2" section [0x91641050]
PAGE spsys.sys!?SPRevision@@3PADA + 4F90 91750000 290 Bytes [8B, FF, 55, 8B, EC, 33, C0, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 50B3 91750123 629 Bytes [B5, 74, 91, FE, 05, 34, B5, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 5329 91750399 101 Bytes [6A, 28, 59, A5, 5E, C6, 03, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 538F 917503FF 118 Bytes [18, 5D, C2, 14, 00, 8B, FF, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 5406 91750476 29 Bytes [91, FF, 15, 10, 60, 74, 91, ...]
PAGE ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe[2460] kernel32.dll!LoadLibraryA 771C2884 5 Bytes JMP 6C2D9A20 C:\Program Files\Common Files\McAfee\McProxy\mcproxy.dll (McAfee Proxy Service Module/McAfee, Inc.)
.text C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe[2460] kernel32.dll!LoadLibraryW 771C28D2 5 Bytes JMP 6C2D9AE2 C:\Program Files\Common Files\McAfee\McProxy\mcproxy.dll (McAfee Proxy Service Module/McAfee, Inc.)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe[2512] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00A977B0] C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee Process Validation Service/McAfee, Inc.)
IAT C:\Windows\system32\rundll32.exe[2596] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [753C5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[2596] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [753C5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[2596] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [753C5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[2596] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [753C5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2772] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [753C5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2772] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [753C5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2772] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [753C5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2772] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [753C5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2772] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [753C5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\0000005b halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313b59c23
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313b59c23@c8979f40e98a 0xAB 0xF5 0x2F 0x8A ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313b59c23@a87b39bb6b76 0x68 0x9A 0x61 0x99 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313b59c23@a8f27480acf6 0xC5 0x4A 0xA0 0xDF ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313b59c23@0012629856bf 0x7E 0x54 0xFA 0xDB ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313b59c23 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313b59c23@c8979f40e98a 0xAB 0xF5 0x2F 0x8A ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313b59c23@a87b39bb6b76 0x68 0x9A 0x61 0x99 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313b59c23@a8f27480acf6 0xC5 0x4A 0xA0 0xDF ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313b59c23@0012629856bf 0x7E 0x54 0xFA 0xDB ...

---- EOF - GMER 1.0.15 ----
 
DDS log

DDS (Ver_10-03-17.01) - NTFSx86
Run by jei at 8:06:17.32 on Wed 10/06/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.63.1033.18.1911.1099 [GMT 8:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bluetooth Suite\adminservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Windows\system32\lkcitdl.exe
C:\Windows\system32\lkads.exe
C:\Windows\system32\lktsrv.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\Windows\system32\nisvcloc.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Windows\PLFSetI.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Users\jei\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\jei\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uDefault_Page_URL = hxxp://www.google.com
uStart Page = hxxp://www.google.com.ph/intl/en/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20100928165018.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Google Update] "c:\users\jei\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [USB Antivirus] c:\program files\usb disk security\USBGuard.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [RtHDVBg] c:\program files\realtek\audio\hda\RtHDVBg.exe /FORPCEE3
mRun: [AtherosBtStack] c:\program files\bluetooth suite\BtvStack.exe
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [AmIcoSinglun] c:\program files\amicosinglun\AmIcoSinglun.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [UpdatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\8.0"
mRun: [RemoteControl10] "c:\program files\cyberlink\powerdvd10\PDVD10Serv.exe"
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\users\jei\appdata\roaming\micros~1\windows\startm~1\programs\startup\limewire on startup.lnk - c:\program files\limewire\LimeWire.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\microsoft office\office12\ONBttnIE.dll
IE: {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - c:\progra~1\nuclear coffee\videoget\plugins\VideoGet_IE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\microsoft office\office12\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-8-16 386712]
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-8-16 164808]
R1 CopyHDDVDHlp;CopyHDDVDHlp Driver;c:\windows\system32\drivers\copyhddvdhlp.sys [2010-8-23 5632]
R1 DVDHlp;DVDHlp Driver;c:\windows\system32\drivers\dvdhlp.sys [2010-8-23 104512]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-8-16 64304]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/22 22:53:00];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-3-13 87536]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-1-22 172032]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-10-4 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-10-4 267432]
R2 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2010-1-19 20520]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-10-4 60936]
R2 DsiWMIService;Dritek WMI Service;c:\program files\launch manager\dsiwmis.exe [2010-2-25 325200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-8-8 13336]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-9-30 236368]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-16 271480]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-16 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-16 271480]
R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-16 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-8-16 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-8-16 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-8-16 141792]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\drivers\TurboB.sys [2009-11-3 14808]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2010-8-8 2314240]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atipmdag.sys [2010-1-22 5191680]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-1-22 125440]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2010-1-19 27688]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-8-16 55840]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2009-10-26 125696]
R3 intelkmd;intelkmd;c:\windows\system32\drivers\igdpmd32.sys [2010-1-22 7062016]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-8-8 65576]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-9-30 19160]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-8-16 152992]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-8-16 312904]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.sys [2009-5-26 25600]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2010-1-19 42024]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-1-19 291880]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2010-1-19 213032]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2010-1-19 145320]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-8-8 43944]
S3 ElbyCDI0;ElbyCDI0 Driver;c:\windows\system32\drivers\ElbyCDI0.sys [2010-8-23 29864]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2010-9-28 100736]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-8-16 52104]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-16 84264]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 42368]
S3 TurboBoost;TurboBoost;c:\program files\intel\turboboost\TurboBoost.exe [2009-11-3 99728]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-16 1343400]

=============== Created Last 30 ================

2010-10-05 13:35:40 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-10-05 04:50:12 0 d-----w- c:\users\jei\appdata\roaming\Avira
2010-10-04 06:33:46 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-10-04 06:28:26 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-10-04 06:28:26 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2010-10-04 06:28:25 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2010-10-04 06:28:25 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-10-04 06:27:42 0 d-----w- c:\windows\system32\xlive
2010-10-04 06:27:41 0 d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-10-04 04:44:40 249856 ----a-w- c:\windows\system32\uxtheme.dll.backup
2010-10-04 04:44:38 2755072 ----a-w- c:\windows\system32\themeui.dll.backup
2010-10-04 04:44:35 37376 ----a-w- c:\windows\system32\themeservice.dll.backup
2010-10-04 04:00:56 0 d-----w- c:\program files\iPod
2010-10-04 03:55:10 0 d-----w- c:\program files\Bonjour
2010-10-04 03:47:36 0 d-----w- c:\users\jei\appdata\roaming\funkitron
2010-10-04 03:42:35 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-10-04 03:42:30 0 d-----w- c:\programdata\Avira
2010-10-04 03:42:30 0 d-----w- c:\program files\Avira
2010-10-04 03:18:21 0 d-----w- c:\program files\VST
2010-10-03 20:42:44 0 ----a-w- c:\windows\Infob.dat
2010-10-03 20:42:44 0 ----a-w- c:\windows\Infoa.dat
2010-10-03 15:16:26 0 d-----w- c:\program files\Acoustica Mixcraft 4
2010-10-03 13:14:05 0 d-----w- c:\windows\pss
2010-09-30 07:55:38 305475949 ----a-w- c:\windows\MEMORY.DMP
2010-09-30 07:06:50 0 d-----w- c:\program files\Smart Virus Remover
2010-09-30 06:32:03 0 d-----w- c:\users\jei\appdata\roaming\Malwarebytes
2010-09-30 06:31:40 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-30 06:31:38 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-30 06:31:38 0 d-----w- c:\programdata\Malwarebytes
2010-09-30 06:31:38 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-30 06:25:02 0 d-----w- c:\program files\Trend Micro
2010-09-30 05:07:58 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-09-30 05:07:58 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-09-30 05:03:28 0 d-----w- c:\program files\Microsoft Security Essentials
2010-09-30 05:01:15 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-28 08:12:56 65536 --sha-w- c:\users\jei\ntuser.dat{1a5bf727-cac9-11df-b9fc-c80aa950b147}.TM.blf
2010-09-28 08:12:56 524288 --sha-w- c:\users\jei\ntuser.dat{1a5bf727-cac9-11df-b9fc-c80aa950b147}.TMContainer00000000000000000002.regtrans-ms
2010-09-28 08:12:56 524288 --sha-w- c:\users\jei\ntuser.dat{1a5bf727-cac9-11df-b9fc-c80aa950b147}.TMContainer00000000000000000001.regtrans-ms
2010-09-28 06:25:23 65536 --sha-w- c:\users\jei\ntuser.dat{38742e87-cac6-11df-9b77-c80aa950b147}.TM.blf
2010-09-28 06:25:23 524288 --sha-w- c:\users\jei\ntuser.dat{38742e87-cac6-11df-9b77-c80aa950b147}.TMContainer00000000000000000002.regtrans-ms
2010-09-28 06:25:23 524288 --sha-w- c:\users\jei\ntuser.dat{38742e87-cac6-11df-9b77-c80aa950b147}.TMContainer00000000000000000001.regtrans-ms
2010-09-28 04:00:43 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2010-09-28 04:00:43 112128 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2010-09-28 04:00:43 102912 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2010-09-28 04:00:43 100736 ----a-w- c:\windows\system32\drivers\ewusbdev.sys
2010-09-22 04:00:28 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-22 03:54:40 0 d-----w- c:\program files\Sun Broadband Wireless
2010-09-19 08:19:32 0 d-----r- c:\users\jei\iTunes
2010-09-14 08:30:21 0 d-----w- c:\program files\WinMend
2010-09-14 08:23:15 0 d-----w- c:\program files\SmartUndelete
2010-09-14 08:20:38 66800 ----a-w- c:\windows\UnDeployV.exe
2010-09-10 05:00:16 0 d-----w- c:\users\jei\Office Genuine Advantage
2010-09-08 03:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 03:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-07 16:02:26 0 d-----w- c:\windows\PCHEALTH
2010-09-07 16:00:42 0 d-----w- c:\program files\Microsoft Visual Studio 8
 
DDS log 2

==================== Find3M ====================

2010-10-04 04:44:40 249856 ----a-w- c:\windows\system32\uxtheme.dll
2010-10-04 04:44:38 2755072 ----a-w- c:\windows\system32\themeui.dll
2010-10-04 04:44:35 37376 ----a-w- c:\windows\system32\themeservice.dll
2010-08-24 06:57:38 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2010-08-24 06:57:38 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2010-08-24 06:57:38 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2010-08-24 06:57:38 64304 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2010-08-24 06:57:38 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys
2010-08-24 06:57:38 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-08-24 06:57:38 386712 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2010-08-24 06:57:38 312904 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2010-08-24 06:57:38 164808 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2010-08-24 06:57:38 152992 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-08-22 14:48:04 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-08-19 08:41:07 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-08-19 07:50:51 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-08-09 03:38:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2010-08-08 14:40:52 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-08-08 14:29:33 246804 ----a-w- c:\windows\system32\drivers\AtherosBT.bin
2010-08-08 06:58:01 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-27 10:44:10 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 10:44:10 107808 ----a-w- c:\windows\system32\dns-sd.exe
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 8:06:43.94 ===============
 
Attach

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 8/8/2010 2:45:07 PM
System Uptime: 10/6/2010 7:44:54 AM (1 hours ago)

Motherboard: Acer | | ZQ1
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz | CPU | 2133/1066mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 298 GiB total, 238.936 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP126: 9/30/2010 1:27:45 PM - Windows Update
RP127: 9/30/2010 2:07:14 PM - Windows Update
RP128: 9/30/2010 2:32:38 PM - Windows Update
RP129: 9/30/2010 2:47:04 PM - Windows Update
RP130: 10/4/2010 10:20:54 AM - Windows Update
RP132: 10/4/2010 2:28:05 PM - Installed DirectX
RP133: 10/4/2010 2:28:44 PM - RESIDENT EVIL 5 ‚ðƒCƒ“ƒXƒg[ƒ‹‚µ‚Ü‚µ‚½B
RP134: 10/4/2010 2:35:59 PM - Windows Update
RP135: 10/5/2010 6:15:54 AM - RESIDENT EVIL 5 ‚ðƒCƒ“ƒXƒg[ƒ‹‚µ‚Ü‚µ‚½B
RP136: 10/5/2010 9:34:25 PM - Windows Update

==== Installed Programs ======================

7-Zip 4.65
Acer Crystal Eye Webcam
Acoustica Effects Pack
Acoustica Mixcraft 4.5
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3.4 MUI
Alcor Micro USB Card Reader
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
ATI Catalyst Install Manager
Attribute Changer 6.20
Avira AntiVir Personal - Free Antivirus
BitTorrent
Blu-ray/HD DVD Copy helper V1.6.0.3
Bluetooth Win7 Suite
Boggle Supreme
Bonjour
BookWorm Deluxe
Broadcom Wireless LAN Driver Installation Program for Windows7
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CyberLink PowerDirector
CyberLink PowerDVD 10
DivX Setup
Easy Icon Maker
Feeding Frenzy
Feeding Frenzy 2
Globe Broadband
Google Chrome
HangARoo v2.05
HI-TECH C51-lite V9.60PL0
HI-TECH PICC lite V9.60PL0
iLumina Gold
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Driver
Intel(R) Turbo Boost Technology Monitor
Intel(R) TV Wizard
iTunes
Java(TM) 6 Update 18
Launch Manager
LimeWire 5.5.8
Magic DVD Ripper V5.5.0
Malwarebytes' Anti-Malware
Mathcad 14.0 M020
Mathcad 14.0 M020 Help
Mathcad 14.0 M020 Resource Center
McAfee Total Protection
Microsoft Antimalware
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Reader
Microsoft Security Essentials
Microsoft Visual Basic 6.0 Professional Edition
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Web Publishing Wizard 1.53
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
National Instruments Software
Nero 6 Demo
neroxml
NI Circuit Design Suite 10 Core
NI Circuit Design Suite 10 Pro
NI Circuit Design Suite Support and Upgrade Utility
NI EULA Depot
NI LabVIEW Run-Time Engine 8.0.1
NI LabVIEW Run-Time Engine 8.2
NI LabWindows/CVI 8.0.1 Run-Time Engine
NI License Manager
NI Logos 4.7
NI Math Kernel Libraries
NI MDF Support
NI Service Locator
NI TDMS
NI Uninstaller
NI USI 1.3.0
Nuclear Coffee - VideoGet
OGA Notifier 2.0.0048.0
Photodex Presenter
Plants vs. Zombies
PowerISO
ProShow Producer
PSP ISO Compressor
QuickTime
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
SmartSound Quicktracks Plugin
SmartUndelete
Sun Broadband Wireless
Super TextTwist
Synaptics Pointing Device Driver
Total Video Converter 3.60 100127
Uniblue RegistryBooster 2009
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb2291599)
USB Disk Security 5.1.0.15
VC80CRTRedist - 8.0.50727.4053
VCRedistSetup
VideoLAN VLC media player 0.8.6f
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
WinMend Data Recovery 1.3.6
WinZip 14.5
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

9/30/2010 3:55:47 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x00000003, 0x880f08a0, 0x880f0a0c, 0x835f3830). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 093010-16536-01.
9/30/2010 2:12:39 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Allow Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:11:59 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:05:24 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:03:36 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:03:11 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:02:52 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:02:32 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0
 
Attach

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 8/8/2010 2:45:07 PM
System Uptime: 10/6/2010 7:44:54 AM (1 hours ago)

Motherboard: Acer | | ZQ1
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz | CPU | 2133/1066mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 298 GiB total, 238.936 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP126: 9/30/2010 1:27:45 PM - Windows Update
RP127: 9/30/2010 2:07:14 PM - Windows Update
RP128: 9/30/2010 2:32:38 PM - Windows Update
RP129: 9/30/2010 2:47:04 PM - Windows Update
RP130: 10/4/2010 10:20:54 AM - Windows Update
RP132: 10/4/2010 2:28:05 PM - Installed DirectX
RP133: 10/4/2010 2:28:44 PM - RESIDENT EVIL 5 ‚ðƒCƒ“ƒXƒg[ƒ‹‚µ‚Ü‚µ‚½B
RP134: 10/4/2010 2:35:59 PM - Windows Update
RP135: 10/5/2010 6:15:54 AM - RESIDENT EVIL 5 ‚ðƒCƒ“ƒXƒg[ƒ‹‚µ‚Ü‚µ‚½B
RP136: 10/5/2010 9:34:25 PM - Windows Update

==== Installed Programs ======================

7-Zip 4.65
Acer Crystal Eye Webcam
Acoustica Effects Pack
Acoustica Mixcraft 4.5
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3.4 MUI
Alcor Micro USB Card Reader
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
ATI Catalyst Install Manager
Attribute Changer 6.20
Avira AntiVir Personal - Free Antivirus
BitTorrent
Blu-ray/HD DVD Copy helper V1.6.0.3
Bluetooth Win7 Suite
Boggle Supreme
Bonjour
BookWorm Deluxe
Broadcom Wireless LAN Driver Installation Program for Windows7
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CyberLink PowerDirector
CyberLink PowerDVD 10
DivX Setup
Easy Icon Maker
Feeding Frenzy
Feeding Frenzy 2
Globe Broadband
Google Chrome
HangARoo v2.05
HI-TECH C51-lite V9.60PL0
HI-TECH PICC lite V9.60PL0
iLumina Gold
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Driver
Intel(R) Turbo Boost Technology Monitor
Intel(R) TV Wizard
iTunes
Java(TM) 6 Update 18
Launch Manager
LimeWire 5.5.8
Magic DVD Ripper V5.5.0
Malwarebytes' Anti-Malware
Mathcad 14.0 M020
Mathcad 14.0 M020 Help
Mathcad 14.0 M020 Resource Center
McAfee Total Protection
Microsoft Antimalware
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Reader
Microsoft Security Essentials
Microsoft Visual Basic 6.0 Professional Edition
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Web Publishing Wizard 1.53
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
National Instruments Software
Nero 6 Demo
neroxml
NI Circuit Design Suite 10 Core
NI Circuit Design Suite 10 Pro
NI Circuit Design Suite Support and Upgrade Utility
NI EULA Depot
NI LabVIEW Run-Time Engine 8.0.1
NI LabVIEW Run-Time Engine 8.2
NI LabWindows/CVI 8.0.1 Run-Time Engine
NI License Manager
NI Logos 4.7
NI Math Kernel Libraries
NI MDF Support
NI Service Locator
NI TDMS
NI Uninstaller
NI USI 1.3.0
Nuclear Coffee - VideoGet
OGA Notifier 2.0.0048.0
Photodex Presenter
Plants vs. Zombies
PowerISO
ProShow Producer
PSP ISO Compressor
QuickTime
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
SmartSound Quicktracks Plugin
SmartUndelete
Sun Broadband Wireless
Super TextTwist
Synaptics Pointing Device Driver
Total Video Converter 3.60 100127
Uniblue RegistryBooster 2009
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb2291599)
USB Disk Security 5.1.0.15
VC80CRTRedist - 8.0.50727.4053
VCRedistSetup
VideoLAN VLC media player 0.8.6f
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
WinMend Data Recovery 1.3.6
WinZip 14.5
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
 
attach 2

==== Event Viewer Messages From Past Week ========

9/30/2010 3:55:47 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x00000003, 0x880f08a0, 0x880f0a0c, 0x835f3830). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 093010-16536-01.
9/30/2010 2:12:39 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Allow Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:11:59 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:05:24 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:03:36 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:03:11 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:02:52 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 2:02:32 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Comisproc&threatid=2147625386 User: jei-PC\jei Name: Trojan:Win32/Comisproc ID: 2147625386 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 1:28:22 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Startpage.gen!A&threatid=2147576379 User: jei-PC\jei Name: Trojan:Win32/Startpage.gen!A ID: 2147576379 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.830.0, AS: 1.91.830.0 Engine Version: 1.1.6201.0
9/30/2010 1:09:12 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
9/30/2010 1:09:12 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
9/30/2010 1:09:12 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/6/2010 7:47:56 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
10/6/2010 7:45:13 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xba3c5000, 0x00000001, 0x8386bd13, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 100610-16224-01.
10/5/2010 9:38:08 PM, Error: Service Control Manager [7038] - The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
10/5/2010 9:38:08 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
10/5/2010 9:38:08 PM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
10/5/2010 9:38:08 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not start due to a logon failure.
10/5/2010 9:38:08 PM, Error: Service Control Manager [7000] - The Portable Device Enumerator Service service failed to start due to the following error: A system shutdown is in progress.
10/5/2010 9:38:08 PM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The service did not start due to a logon failure.
10/5/2010 9:38:08 PM, Error: Service Control Manager [7000] - The Network Connections service failed to start due to the following error: A system shutdown is in progress.
10/5/2010 9:38:08 PM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The pipe has been ended.
10/5/2010 9:38:08 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure.
10/5/2010 9:38:08 PM, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: A system shutdown is in progress.
10/5/2010 9:38:08 PM, Error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: A system shutdown is in progress.
10/5/2010 9:38:08 PM, Error: Service Control Manager [7000] - The Application Information service failed to start due to the following error: A system shutdown is in progress.
10/5/2010 9:37:30 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Rapid Storage Technology service to connect.
10/5/2010 9:37:30 PM, Error: Service Control Manager [7000] - The Intel(R) Rapid Storage Technology service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/5/2010 7:19:58 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the defragsvc service.
10/5/2010 6:11:43 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
10/5/2010 4:06:55 PM, Error: Disk [11] - The driver detected a controller error on \...\DR22.
10/5/2010 3:58:22 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR8.
10/5/2010 12:50:11 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: jei-PC\jei Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 12:49:51 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: jei-PC\jei Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Quarantine Error Code: 0x80070032 Error description: The request is not supported. Status: Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 12:49:46 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: jei-PC\jei Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80070032 Error description: The request is not supported. Status: Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
 
attach 3

10/5/2010 12:49:08 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: jei-PC\jei Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Quarantine Error Code: 0x80070032 Error description: The request is not supported. Status: Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 12:49:03 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: jei-PC\jei Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80070032 Error description: The request is not supported. Status: Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 12:48:12 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: jei-PC\jei Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Quarantine Error Code: 0x80070032 Error description: The request is not supported. Status: Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 12:48:07 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: jei-PC\jei Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80070032 Error description: The request is not supported. Status: Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 12:42:47 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: jei-PC\jei Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Quarantine Error Code: 0x80070032 Error description: The request is not supported. Status: To finish removing spyware and other potentially unwanted software, restart the computer. Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 12:41:56 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: jei-PC\jei Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80070032 Error description: The request is not supported. Status: To finish removing spyware and other potentially unwanted software, restart the computer. Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 12:37:54 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: NT AUTHORITY\SYSTEM Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80070032 Error description: The request is not supported. Status: To finish removing spyware and other potentially unwanted software, restart the computer. Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 12:28:05 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Startpage.gen!A&threatid=2147576379 User: jei-PC\jei Name: Trojan:Win32/Startpage.gen!A ID: 2147576379 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 12:28:04 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: jei-PC\jei Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Quarantine Error Code: 0x80070032 Error description: The request is not supported. Status: To finish removing spyware and other potentially unwanted software, restart the computer. Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 12:27:17 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Rimecud.A&threatid=2147632584 User: jei-PC\jei Name: Trojan:Win32/Rimecud.A ID: 2147632584 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80070032 Error description: The request is not supported. Status: To finish removing spyware and other potentially unwanted software, restart the computer. Signature Version: AV: 1.91.1023.0, AS: 1.91.1023.0 Engine Version: 1.1.6201.0
10/5/2010 11:35:14 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR7.
10/5/2010 11:32:29 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.91.1023.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6201.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/4/2010 7:59:08 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
10/4/2010 3:38:44 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.91.854.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6201.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/4/2010 3:20:53 AM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/CeeInject.gen!CS&threatid=2147633326 User: NT AUTHORITY\SYSTEM Name: VirTool:Win32/CeeInject.gen!CS ID: 2147633326 Severity: Severe Category: Tool Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.91.854.0, AS: 1.91.854.0 Engine Version: 1.1.6201.0
10/4/2010 12:57:06 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x00000003, 0x8589c6f8, 0x8589c864, 0x83a45830). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 100410-14632-01.
10/4/2010 12:50:00 PM, Error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).
10/4/2010 12:50:00 PM, Error: Service Control Manager [7034] - The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly. It has done this 1 time(s).
10/4/2010 12:50:00 PM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/4/2010 12:50:00 PM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/4/2010 12:50:00 PM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/4/2010 12:50:00 PM, Error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/4/2010 12:50:00 PM, Error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/4/2010 12:50:00 PM, Error: Service Control Manager [7031] - The Intel(R) Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/4/2010 12:50:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
10/4/2010 12:49:45 PM, Error: Service Control Manager [7031] - The Windows Error Reporting Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/4/2010 12:49:43 PM, Error: Service Control Manager [7034] - The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
10/4/2010 12:46:55 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x00000003, 0x883eed40, 0x883eeeac, 0x83a35830). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 100410-16270-01.
10/4/2010 12:35:19 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x00000003, 0x88e99d40, 0x88e99eac, 0x83a35830). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 100410-29905-01.
10/4/2010 12:30:39 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x00000003, 0x888bb030, 0x888bb19c, 0x839f4830). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 100410-27658-01.
10/4/2010 12:10:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
10/4/2010 12:10:14 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/4/2010 12:10:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
10/4/2010 12:07:35 PM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
10/4/2010 11:57:25 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.
10/4/2010 11:56:25 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/4/2010 11:55:44 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/4/2010 11:43:16 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
10/4/2010 11:39:39 AM, Error: Microsoft-Windows-Application-Experience [205] - The Program Compatibility Assistant service failed to perform the phase two initialization.
10/4/2010 11:15:48 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
10/4/2010 1:44:26 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x00000003, 0x8851b7a0, 0x8851b90c, 0x83a2d830). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 100410-13868-01.
10/4/2010 1:38:45 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
10/4/2010 1:38:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
10/4/2010 1:38:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
10/4/2010 1:38:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
10/4/2010 1:38:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
10/4/2010 1:38:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/4/2010 1:38:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
10/4/2010 1:38:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x00000003, 0x88778030, 0x8877819c, 0x83a0b830). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 100410-14944-01.
10/4/2010 1:38:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avipbb CopyHDDVDHlp CSC DfsC discache mfehidk mfenlfk MpFilter NetBIOS NetBT nsiproxy Psched rdbss SCDEmu spldr ssmdrv tdx vwififlt Wanarpv6 WfpLwf
10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
 
attach 4

10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start.
10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
10/4/2010 1:38:22 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/4/2010 1:38:20 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
10/4/2010 1:38:20 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/4/2010 1:38:20 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
10/4/2010 1:30:56 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x00000003, 0x88e87398, 0x88e87504, 0x839f2830). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 100410-13540-01.
10/4/2010 1:10:12 PM, Error: Service Control Manager [7023] - The McAfee VirusScan Announcer service terminated with the following error: Incorrect function.
10/3/2010 9:23:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNASvc service.
10/3/2010 9:23:54 PM, Error: Service Control Manager [7000] - The McAfee Network Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/3/2010 9:23:24 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNaiAnn service.
10/3/2010 9:23:24 PM, Error: Service Control Manager [7000] - The McAfee VirusScan Announcer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/3/2010 9:22:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mcmscsvc service.
10/3/2010 9:22:54 PM, Error: Service Control Manager [7000] - The McAfee Services service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/3/2010 9:22:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service mcmscsvc with arguments "" in order to run the server: {9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
10/3/2010 8:44:38 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.91.854.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6201.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/1/2010 10:13:07 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.91.854.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6201.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

==== End Of File ===========================
 
You are also running the Microsoft Security Essentials I note the antimalware part has issued numerous notices of malware Trojan:Win32/Rimecud.A in the Event Viewer. Apparently it does not alert the user:

There are multiple antivirus programs running: McAfee, AntiVir and the Security Essentials. Please remove 2 of these and get it down to one AV. Be sure to reboot the computer when done.
=====================================
Run Eset NOD32 Online AntiVirus scan HEREhttp://www.eset.eu/online-scanner
  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the Active X control to install
  4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
  5. Click Start
  6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
  7. Click Scan
  8. Wait for the scan to finish
  9. Re-enable your Antivirus software.
  10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
===============================
Please download ComboFix from Here and save to your Desktop.

  • [1]. Do NOT rename Combofix unless instructed.
    [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    [3].Close any open browsers.
    [4]. Double click combofix.exe & follow the prompts to run.
  • NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
    [5]. If Combofix asks you to install Recovery Console, please allow it.
    [6]. If Combofix asks you to update the program, always allow.
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    [7]. A report will be generated after the scan. Please paste the C:\ComboFix.txt in next reply.
Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
Note: Make sure you re-enable your security programs, when you're done with Combofix..
===================================
Note: Do not use BitTorrent, LimeWire or any other file sharing programs while I'm helping you. Consider removing the Registry Cleaner.

I'll be away from the computer until early afternoon. I will check the additional logs then if available.
 
Status
Not open for further replies.

Similar threads

A
Pirated Windows installer found to contain crypto-hijacker, exploit EFI partition
Replies
11
Views
695
AndreV
A
A
A clever trick turns antivirus software into unstoppable data wiping scourges
Replies
1
Views
595
johnhzzz16
J
PriyaWalia
Malware delivery through Microsoft OneNote files is growing in a post-macro world
Replies
4
Views
512
BadThad
BadThad

Latest posts

Back