dam virus

[podge07]

Hi all,

Need help. Malwarebytes keeps shutting down after a couple of seconds and Macafee isnt working either. I'm having problem using other programs too. I have run the dds program. The logs are. Hope someone can help. Many thanks.

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.6002.18005

Run by Chris at 13:37:04 on 2011-10-19

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3061.1875 [GMT 1:00]

.

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\71463549:2190327291.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\WLANExt.exe

C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe

C:\Windows\system32\agrsmsvc.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\explorer.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\system32\astsrv.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\InternetEverywhere\Launcher.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\UltraMon\UltraMon.exe

C:\Program Files\EDIMAX\Common\RaUI.exe

C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe

C:\Program Files\UltraMon\UltraMonTaskbar.exe

C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Synaptics\SynTP\SynToshiba.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files\Common Files\DesktopUtil\MCTDesktopSvr.exe

C:\Program Files\MCT\VGA0007\Utility\MCTUISvr.exe

C:\Program Files\Common Files\DesktopUtil\MCTDUtil.exe

C:\Program Files\Common Files\DesktopUtil\FDispPos.exe

C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\MCT\VGA0007\Utility\mxvgautil.exe

C:\Program Files\MCT\VGA0007\Utility\MCTCIDUtil.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe

C:\Program Files\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\InternetEverywhere\WTGService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files\UltraMon\UltraMonUiAcc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wermgr.exe

\\?\C:\Windows\system32\wbem\WMIADAP.EXE

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Windows\System32\mobsync.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.channel4.com/programmes/4od

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

uWinlogon: Shell=c:\users\chris\appdata\local\7d724204\X

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110624233200.dll

BHO: {82d2e569-25a7-4e4d-9fa3-c5025b4b7912} - c:\program files\endnote web\ENWIEPlug.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"

TB: {945c8270-a848-11d5-a805-00b0d092f45b} - c:\program files\endnote web\ENWIEPlug.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe

uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [Google Update] "c:\users\chris\appdata\local\google\update\GoogleUpdate.exe" /c

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe

mRun: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [NDSTray.exe] NDSTray.exe

mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup

mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [NotebookHardwareControl] "c:\program files\notebook hardware control\nhc.exe" -quiet

mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 5.0\apdproxy.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [MCTDUtil] c:\program files\common files\desktoputil\Util-Desktop.exe Launch SuperUtil

mRun: [FDispPos] c:\program files\common files\desktoputil\Util-Desktop.exe Launch FixPos

mRun: [mxvgautil] c:\progra~1\mct\vga0007\utility\UTIL-VGA0900.exe Launch 0900

mRun: [uTIL-VGA0900] c:\program files\mct\vga0007\utility\UTIL-VGA0900.exe launch

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\users\chris\appdata\roaming\micros~1\windows\startm~1\programs\startup\3monit~1.lnk - c:\users\chris\appdata\roaming\realtime soft\ultramon\3.1.0\profiles\3 Monitor.umprofile

StartupFolder: c:\users\chris\appdata\roaming\micros~1\windows\startm~1\programs\startup\produc~1.lnk - c:\users\chris\appdata\local\temp\is-dpor1.tmp\ATR1.exe

StartupFolder: c:\users\chris\appdata\roaming\micros~1\windows\startm~1\programs\startup\solidw~1.lnk - c:\program files\solidworks\swscheduler\swBOEngine.exe

StartupFolder: c:\users\chris\appdata\roaming\micros~1\windows\startm~1\programs\startup\standa~1.lnk - c:\users\chris\appdata\roaming\realtime soft\ultramon\3.1.0\profiles\Stand Alone.umprofile

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\drspaw~1.lnk - c:\programdata\asgvis\drspawner\DRSpawner.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\launcher.lnk - c:\program files\interneteverywhere\Launcher.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\start3~1.lnk - c:\program files\3dconnexion\3dconnexion 3dxsoftware\3dxware\3dxsrv.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\ultramon.lnk - c:\windows\installer\{537056b7-32a4-4408-9b54-0341963c7c9c}\IcoUltraMon.ico

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wirele~1.lnk - c:\program files\edimax\common\RaUI.exe

uPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?EN

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

LSP: mswsock.dll

TCP: DhcpNameServer = 208.67.222.222 208.67.220.220

TCP: Interfaces\{1EA87F8B-C0BE-4449-B745-7E0D2478AABA} : DhcpNameServer = 208.67.222.222 208.67.220.220

TCP: Interfaces\{77A3F2B4-BB04-4F9A-AA97-3317E3FC6231} : DhcpNameServer = 208.67.222.222 208.67.220.220

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\hw6c9fgb.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.thedailysail.com/|http://www.independent.co.uk/?CMP=ILC-refresh|http://www.sailinganarchy.com/index_page1.php|http://www.silverfishlongboarding.com/|http://www.detailingworld.co.uk/forum/index.php|http://www.bbc.co.uk/6music/|http://www.photoradar.com/|http://wetpixel.com/|http://www.forfolkssake.com/

FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll

FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll

FF - plugin: c:\program files\java\jre1.6.0\bin\npjpi160.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\chris\appdata\local\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

FF - Ext: NASA Night Launch: nasanightlaunch@example.com - %profile%\extensions\nasanightlaunch@example.com

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: Add to Amazon Wish List Button: amznUWL2@amazon.com - %profile%\extensions\amznUWL2@amazon.com

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-10-13 387480]

R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2011-9-25 56336]

R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-11-9 64584]

R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-11-9 165032]

R1 RapportCerberus_32029;RapportCerberus_32029;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\32029\RapportCerberus32_32029.sys [2011-10-18 227312]

R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2011-9-25 70416]

R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2011-9-25 161936]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-11-27 21504]

R2 MCTDesktopSvr;MCTDesktopSvr;c:\program files\common files\desktoputil\MCTDesktopSvr.exe [2011-3-30 192512]

R2 MCTUISvr;MCTUISvr;c:\program files\mct\vga0007\utility\MCTUISvr.exe [2011-3-30 192512]

R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\edimax\common\RalinkRegistryWriter.exe [2011-9-26 69632]

R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2011-9-25 919352]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2010-8-24 92008]

R2 UltraMonUtility;UltraMon Utility Driver;c:\program files\common files\realtime soft\ultramonmirrordrv\x32\UltraMonUtility.sys [2008-11-14 17184]

R2 WTGService;WTGService;c:\program files\interneteverywhere\WTGService.exe [2006-9-26 308688]

R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2006-12-15 7168]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-5-22 22216]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-11-9 153280]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-11-9 314088]

R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2011-9-26 641024]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-6-2 4233728]

R3 xMrMINI;xMrMINI;c:\windows\system32\drivers\xMrMini.sys [2011-3-30 256768]

R3 xVGAMINI;xVGAMINI;c:\windows\system32\drivers\xVgaMini.sys [2011-3-30 260480]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-5-22 366152]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-11-9 271480]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-11-9 271480]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-11-9 271480]

S2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-11-9 271480]

S2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-11-9 171168]

S2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-11-9 188136]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-11-9 141792]

S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-11-9 56064]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-4-3 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]

S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2006-9-26 103040]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-11-9 52320]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-11-9 84488]

S3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [2010-2-1 154784]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S3 xVGAUSB;USB 2.0 VGA DEVICE-1;c:\windows\system32\drivers\xvgausb.sys [2011-3-30 41984]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

.

=============== Created Last 30 ================

.

2011-10-18 22:35:51 6144 ------w- c:\windows\system32\A8AE.tmp

2011-10-18 22:35:41 6144 ------w- c:\windows\system32\820B.tmp

2011-10-18 22:35:23 -------- d-----w- c:\program files\Sophos

2011-10-18 21:17:19 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-10-18 21:08:47 -------- d-sh--w- c:\users\chris\appdata\local\7d724204

2011-10-12 09:03:48 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-10-12 09:03:21 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll

2011-10-12 09:03:21 238080 ----a-w- c:\windows\system32\oleacc.dll

2011-10-12 09:03:20 563712 ----a-w- c:\windows\system32\oleaut32.dll

2011-10-12 09:03:20 4096 ----a-w- c:\windows\system32\oleaccrc.dll

2011-10-12 08:57:39 293376 ----a-w- c:\windows\system32\psisdecd.dll

2011-10-12 08:57:39 217088 ----a-w- c:\windows\system32\psisrndr.ax

2011-10-12 08:57:38 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax

2011-10-12 08:57:35 57856 ----a-w- c:\windows\system32\MSDvbNP.ax

2011-10-12 08:57:23 2043392 ----a-w- c:\windows\system32\win32k.sys

2011-09-28 20:18:03 -------- d-----w- c:\users\chris\appdata\local\Trusteer

2011-09-28 20:07:40 -------- d-----w- c:\windows\system32\(commonprograms)

2011-09-28 20:07:39 -------- d-----w- c:\program files\Fluid Mechanics Simulations

2011-09-27 06:47:28 -------- d-----w- c:\users\chris\appdata\roaming\InternetEverywhere

2011-09-26 22:45:19 -------- d-----w- c:\program files\iPod

2011-09-26 19:07:15 -------- d-----w- c:\programdata\Ralink

2011-09-26 19:01:40 4096 ----a-w- c:\windows\system32\drivers\rt2870.bin

2011-09-26 19:01:37 641024 ----a-w- c:\windows\system32\drivers\netr28u.sys

2011-09-26 19:01:37 217088 ----a-w- c:\windows\system32\RaCoInst.dll

2011-09-26 19:01:34 -------- d-----w- c:\programdata\Edimax Driver

2011-09-26 19:01:08 -------- d-----w- c:\program files\Cisco

2011-09-26 19:00:55 476160 ----a-w- c:\windows\system32\RAIHV.dll

2011-09-26 19:00:55 20480 ----a-w- c:\windows\system32\RAEXTUI.dll

2011-09-26 19:00:51 -------- d-----w- c:\program files\EDIMAX

2011-09-25 18:00:08 56336 ----a-w- c:\windows\system32\drivers\RapportKELL.sys

.

==================== Find3M ====================

.

2011-09-02 17:12:36 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll

2011-09-02 13:39:07 1383424 ----a-w- c:\windows\system32\mshtml.tlb

2011-08-31 16:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-16 16:15:15 834048 ----a-w- c:\windows\system32\wininet.dll

2011-08-16 14:20:55 389632 ----a-w- c:\windows\system32\html.iec

2011-07-26 22:29:52 53248 ----a-w- c:\windows\system32\unrar.dll

2011-07-22 09:41:09 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

============= FINISH: 13:39:16.37 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 24/11/2009 11:24:23

System Uptime: 19/10/2011 13:31:34 (0 hours ago)

.

Motherboard: Intel Corporation | | CAPELL VALLEY(NAPA) CRB

Processor: Intel® Core2 CPU T5200 @ 1.60GHz | U2E1 | 800/mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 148 GiB total, 27.974 GiB free.

D: is Removable

E: is CDROM ()

H: is Removable

I: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

3Dconnexion 3DxSoftware

3Dconnexion 3DxWare

3Dconnexion Add-In for AutoCAD 2007 - 2010

3Dconnexion Add-In for Inventor 11 - 2011

3Dconnexion Add-In for Solid Edge V18 - ST3

3Dconnexion Add-In for SolidWorks 2005 - 2011

3Dconnexion Add-On for XSI v5.0 - 2011

3Dconnexion Collage

3Dconnexion Extension for SketchUp

3Dconnexion Plug-In for 3ds Max v9 - 2011

3Dconnexion Plug-in for Acrobat 3D

3Dconnexion Plug-In for Maya v8.5 - 2011

3Dconnexion Plug-In for NX v3.0 - v7.5

3Dconnexion Plug-In for Photoshop CS3 - CS5

3Dconnexion Plug-In for Pro/ENGINEER WF3 - WF5

3Dconnexion Trainer

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Help Center 2.1

Adobe Photoshop Elements 5.0

Adobe Reader 7.0.8

Amazon Kindle

Apple Application Support

Apple Mobile Device Support

Apple Software Update

BBC iPlayer Desktop

Bing Bar

Bluetooth Stack for Windows by Toshiba

Bonjour

Canon MP600

CD/DVD Drive Acoustic Silencer

CDDRV_Installer

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Cossacks - European Wars

Cossacks - The Art Of War

Creative Live! Cam Center

Creative Live! Cam Vista IM Driver (1.11.02.00)

D3DX10

Delftship

Delftship free edition version 3.2

DVD MovieFactory for TOSHIBA

EasyBits GO

EDIMAX Edimax Wireless LAN

EndNote Web

EPSON Printer Software

erLT

FileOpen Client

Flamingo 2.0

Fluid Mechanics Simulations 2.0

Google Chrome

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Intel® Graphics Media Accelerator Driver

Internet Everywhere

iTunes

Java SE Runtime Environment 6

Junk Mail filter update

KhalInstallWrapper

Logitech SetPoint

Malwarebytes' Anti-Malware version 1.51.2.1300

McAfee SecurityCenter

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2003 Web Components

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Live Add-in 1.5

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Ultimate 2007

Microsoft Office Word MUI (English) 2007

Microsoft Report Viewer Redistributable 2008 (KB971119)

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 8.0 Support DLLs

Microsoft XML Parser

MobileMe Control Panel

Modeling in Rhino 4 version 4.0

Mozilla Firefox (3.6.23)

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Navionics Chart Installer

Notebook Hardware Control 2.0 Pre-Release-06 Bugfix

NVIDIA Drivers

OGA Notifier 2.0.0048.0

Orca3D

QuickTime

Rapport

Realtek High Definition Audio Driver

ResearchSoft Direct Export Helper

Rhino RDK

Rhinoceros 4.0 SR4b

Rhinoceros 4.0 SR7

Rhinoceros 4.0 SR8

Rhinoceros 4.0 SR9

RhinOffsets version 4.0

RhinoParametrics 1.4.1

RollerCoaster Tycoon 3

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553074)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2553073)

Security Update for Microsoft Office Groove 2007 (KB2552997)

Security Update for Microsoft Office InfoPath 2007 (KB2510061)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Security Update for Windows Media Encoder (KB979332)

Segoe UI

Skype Toolbars

Skype™ 5.3

SolidWorks 2008-2009 Student Edition

Sophos Anti-Rootkit 1.5.4

Spotify

Synaptics Pointing Device Driver

System Requirements Lab

T-Splines 3.0 r7217 for Rhino

Texas Instruments PCIxx21/x515/xx12 drivers.

TidySongs

TidySongs (remove only)

TIKI NAVIONICS GOLD

TIPCI

TomTom HOME 2.7.6.2056

TomTom HOME Visual Studio Merge Modules

TOSHIBA Assist

TOSHIBA ConfigFree

TOSHIBA Disc Creator

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Hardware Setup

TOSHIBA Manuals

Toshiba Online Product Information

TOSHIBA SD Memory Utilities

TOSHIBA Software Modem

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

Ugrib RC1

UltraMon

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2583910)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Outlook 2007 Junk Email Filter (KB2596560)

USB 2.0 VGA Device (Multiple) 10.04.0706.0153

V-Ray for Rhinoceros

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Encoder 9 Series

Windows Media Player Firefox Plugin

WinDVD for TOSHIBA

.

==== Event Viewer Messages From Past Week ========

.

19/10/2011 13:38:22, Error: Service Control Manager [7000] - The McAfee Services service failed to start due to the following error: McAfee Services is not a valid Win32 application.

19/10/2011 13:38:21, Error: Service Control Manager [7000] - The McAfee VirusScan Announcer service failed to start due to the following error: McAfee VirusScan Announcer is not a valid Win32 application.

19/10/2011 13:38:21, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "193" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

19/10/2011 13:37:02, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Validation Trust Protection Service service to connect.

19/10/2011 13:37:02, Error: Service Control Manager [7001] - The McAfee Network Agent service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.

19/10/2011 13:37:02, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.

19/10/2011 13:37:02, Error: Service Control Manager [7000] - The McAfee Validation Trust Protection Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

19/10/2011 13:36:51, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.

19/10/2011 13:36:51, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

19/10/2011 13:36:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

19/10/2011 13:34:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "193" attempting to start the service mcmscsvc with arguments "" in order to run the server: {9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}

19/10/2011 13:34:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

19/10/2011 13:34:39, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

19/10/2011 13:34:37, Error: netbt [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.114. The computer with the IP address 192.168.1.107 did not allow the name to be claimed by this computer.

19/10/2011 13:34:35, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.

19/10/2011 13:33:37, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Tosrfcom

19/10/2011 13:33:35, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Bonjour Service service to connect.

19/10/2011 13:33:35, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.

19/10/2011 13:33:35, Error: Service Control Manager [7001] - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.

19/10/2011 13:33:35, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.

19/10/2011 13:33:35, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.

19/10/2011 13:33:35, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

19/10/2011 13:33:35, Error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: McAfee SiteAdvisor Service is not a valid Win32 application.

19/10/2011 13:33:35, Error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

19/10/2011 13:33:35, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

19/10/2011 13:32:08, Error: EventLog [6008] - The previous system shutdown at 12:54:44 on 19/10/2011 was unexpected.

19/10/2011 12:53:53, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "193" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

19/10/2011 10:12:01, Error: EventLog [6008] - The previous system shutdown at 09:46:53 on 19/10/2011 was unexpected.

18/10/2011 23:41:30, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.

18/10/2011 23:41:30, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

18/10/2011 23:05:21, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

18/10/2011 23:05:10, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

18/10/2011 23:05:03, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

18/10/2011 23:04:54, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

18/10/2011 23:03:16, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Firewall Core Service service to connect.

18/10/2011 23:03:16, Error: Service Control Manager [7001] - The McAfee Network Agent service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.

18/10/2011 23:03:16, Error: Service Control Manager [7000] - The McAfee Firewall Core Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

18/10/2011 23:02:11, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RapportKELL spldr Tosrfcom Wanarpv6

18/10/2011 23:02:11, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.

18/10/2011 23:02:11, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.

18/10/2011 23:02:11, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

18/10/2011 23:01:20, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\RAIHV.dll Error Code: 21

18/10/2011 23:00:55, Error: EventLog [6008] - The previous system shutdown at 22:59:25 on 18/10/2011 was unexpected.

18/10/2011 22:27:49, Error: Service Control Manager [7000] - The McShield service failed to start due to the following error: Access is denied.

18/10/2011 22:25:27, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: Access is denied.

18/10/2011 22:21:07, Error: EventLog [6008] - The previous system shutdown at 22:18:34 on 18/10/2011 was unexpected.

18/10/2011 22:09:04, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

18/10/2011 22:09:04, Error: Service Control Manager [7031] - The McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

18/10/2011 18:41:28, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.

17/10/2011 08:21:40, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{77A3F2B4-BB04-4F9A-AA97-3317E3FC6231} because another computer on the network has the same name. The server could not start.

16/10/2011 17:08:42, Error: Microsoft-Windows-PrintSpooler [6161] - The document Microsoft Word - Current Weeks 2-12 MSc MES Timetables, owned by Chris, failed to print on printer Canon MP600 Printer. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 1066608. Number of bytes printed: 857020. Total number of pages in the document: 6. Number of pages printed: 0. Client computer: \\CHRISTOPHER-PC. Win32 error code returned by the print processor: 1. Incorrect function.

15/10/2011 10:12:55, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.

15/10/2011 09:43:05, Error: netbt [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.104. The computer with the IP address 192.168.1.145 did not allow the name to be claimed by this computer.

14/10/2011 22:39:21, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

14/10/2011 22:39:21, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

14/10/2011 22:39:21, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

13/10/2011 22:09:48, Error: Microsoft-Windows-PrintSpooler [6161] - The document Microsoft Word - Extracts_from_the_United_Convention_on_the_Law_of_the_Sea, owned by Chris, failed to print on printer Canon MP600 Printer. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 1089796. Number of bytes printed: 45692. Total number of pages in the document: 36. Number of pages printed: 0. Client computer: \\CHRISTOPHER-PC. Win32 error code returned by the print processor: 1. Incorrect function.

13/10/2011 19:14:17, Error: bowser [8003] - The master browser has received a server announcement from the computer PCHOME that believes that it is the master browser for the domain on transport NetBT_Tcpip_{77A3F2B4-BB04-4F9A-AA97-3317E3FC623. The master browser is stopping or an election is being forced.

13/10/2011 08:25:10, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the stisvc service.

12/10/2011 22:21:41, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WPDBusEnum service.

12/10/2011 22:21:11, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

12/10/2011 22:20:41, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EMDMgmt service.

12/10/2011 22:20:11, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

12/10/2011 22:19:41, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.

12/10/2011 21:06:01, Error: netbt [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.103. The computer with the IP address 192.168.1.108 did not allow the name to be claimed by this computer.

12/10/2011 19:32:03, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UxSms service.

12/10/2011 19:31:33, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TabletInputService service.

12/10/2011 19:30:32, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

12/10/2011 19:30:02, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hidserv service.

12/10/2011 19:27:38, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

12/10/2011 13:49:47, Error: netbt [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.

.

==== End Of File ===========================

Hi Sorry to be impatient but could someone please help me or direct me how to get help. I realise that this site is not people only jobs. Sorry to be impatient. Cheers.

[LDTate]

Whether you wish to continue with cleaning or not, you should be aware that you may have been infected by a backdoor trojan. This type of program has the ability to steal passwords and other information from your system. If you are using your computer for sensitive purposes such as internet banking then I recommend you take the following steps immediately:

• Use another, uninfected computer to change all your internet passwords, especially ones with financial implications such as banks, paypal, ebay, etc. You should also change the passwords for any other site you use.
  
• Call your bank(s), credit card company or any other institution which may be affected and advise them that your login/password or credit card information may have been stolen and ask what steps to take with regard to your account.
  
• Consider what other private information could possibly have been taken from your computer and take appropriate steps
  
• Removing this infection can also disable the ability to connect to the internet.

This infection can almost certainly be cleaned, but as the malware could be configured to run any program a remote attacker requires, it will be impossible to be 100% sure that the machine is clean, if this is unacceptable to you then you should consider reformatting the system partition and reinstalling Windows as this is the only 100% sure answer.

Please post back to let me know how you wish to proceed.

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!