Jump to content

Recommended Posts

.

DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20

Run by Cody at 19:54:22 on 2011-10-19

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4029.3019 [GMT -7:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\ctfmon.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=c:\windows\syswow64\userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\PROGRA~1\mcafee\msk\mskapbho.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101106112257.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

BHO: {e3215f20-3212-11d6-9f8b-00d0b743919d} - c:\program files (x86)\stopzilla!\sziebho.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [iSUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

uRun: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [VC10Player] C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [startNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

StartupFolder: C:\Users\Cody\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE

uPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{11AD0B52-F253-47CC-B890-806B7BDD79FD} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{11AD0B52-F253-47CC-B890-806B7BDD79FD}\34F44495D20534F5E4564777F627B6 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{11AD0B52-F253-47CC-B890-806B7BDD79FD}\C696E6B6379737 : DhcpNameServer = 68.87.76.182 68.87.78.134

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\PKMCDO.DLL

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll

BHO-X64: McAfee Phishing Filter - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

BHO-X64: StartNow Toolbar Helper - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO-X64: Search Helper - No File

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101106112257.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

c:\program files (x86)\stopzilla!\sziebho.dll

TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

mRun-x64: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [VC10Player] C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [startNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Cody\AppData\Roaming\Mozilla\Firefox\Profiles\8sypop3l.default\

FF - prefs.js: browser.search.selectedEngine - Bing

FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z192&install_date=20111011

FF - prefs.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npclntax_HBLiteSA.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Cody\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

FF - Ext: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - %profile%\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}

FF - Ext: Move Media Player: moveplayer@movenetworks.com - C:\Users\Cody\AppData\Roaming\Move Networks

.

---- FIREFOX POLICIES ----

FF - user.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=

FF - user.js: keyword.enabled - 1

.

============= SERVICES / DRIVERS ===============

.

R0 ksbus;KernSafe Virtual System Bus;C:\Windows\System32\drivers\KSBus64.sys [2011-8-25 31064]

R0 KScsiPrt;KernSafe Miniport;C:\Windows\System32\drivers\KSPrt64.sys [2011-8-25 128856]

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-8-15 245352]

R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-8-15 149032]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S1 vdrv1000;vdrv1000;C:\Windows\system32\DRIVERS\vdrv1000.sys --> C:\Windows\system32\DRIVERS\vdrv1000.sys [?]

S2 AxiomAudioDevMon;Axiom Audio Device Monitor;C:\Program Files (x86)\M-Audio\Axiom\AudioDevMon.exe [2010-2-19 1632776]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-8 136176]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-4-8 366152]

S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-8-15 355440]

S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-8-15 355440]

S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-8-15 355440]

S2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-8-15 200056]

S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-1-25 689472]

S2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-7-27 267488]

S2 VC10SecS;Virtual CD v10 Management Service;C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [2011-1-5 144712]

S3 AXIOM;Service for M-Audio Axiom;C:\Windows\system32\DRIVERS\MAudioAxiom.sys --> C:\Windows\system32\DRIVERS\MAudioAxiom.sys [?]

S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS --> C:\Windows\system32\drivers\BVRPMPR5a64.SYS [?]

S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-8 136176]

S3 HH10Help.sys;HH10Help.sys;\??\C:\Windows\system32\drivers\HH10Help.sys --> C:\Windows\system32\drivers\HH10Help.sys [?]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]

S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;C:\Windows\system32\DRIVERS\MAudioFastTrackPro.sys --> C:\Windows\system32\DRIVERS\MAudioFastTrackPro.sys [?]

S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 RDID1053;PC-50;C:\Windows\system32\Drivers\rdwm1053.sys --> C:\Windows\system32\Drivers\rdwm1053.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 vcd10bus;Virtual CD v10 Bus Enumerator;C:\Windows\system32\DRIVERS\vcd10bus.sys --> C:\Windows\system32\DRIVERS\vcd10bus.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]

S3 WSDScan;WSD Scan Support via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?]

.

=============== Created Last 30 ================

.

2011-10-17 17:04:42 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-10-16 00:25:08 -------- d-sh--w- C:\Windows\System32\%APPDATA%

2011-10-14 22:58:23 -------- d-----we C:\Windows\system64

2011-10-14 22:57:19 -------- d-sh--w- C:\Users\Cody\AppData\Local\a8544971

2011-10-12 17:31:21 1177600 ----a-w- C:\Windows\SysWow64\SYNSOEMU.DLL

2011-10-12 17:31:12 -------- d-----w- C:\Program Files (x86)\Common Files\VST3

2011-10-12 17:28:44 -------- d-----w- C:\ProgramData\VST3 Presets

2011-10-12 17:10:50 -------- d-----w- C:\ProgramData\Steinberg

2011-10-12 17:10:50 -------- d-----w- C:\Program Files (x86)\Common Files\Steinberg

2011-10-12 16:53:37 -------- d-----w- C:\Program Files\KernSafe

2011-10-11 21:22:11 3134976 ----a-w- C:\Windows\System32\win32k.sys

2011-10-11 16:13:55 -------- d-----w- C:\ProgramData\DAEMON Tools Lite

2011-10-11 16:13:36 -------- d-----w- C:\Program Files (x86)\StartNow Toolbar

2011-10-11 04:00:39 -------- d-----w- C:\Users\Cody\AppData\Local\Dell Edoc Viewer

2011-10-10 19:05:29 -------- d-----w- C:\Program Files\iPod

2011-10-10 19:05:28 -------- d-----w- C:\Program Files\iTunes

2011-10-10 19:05:28 -------- d-----w- C:\Program Files (x86)\iTunes

2011-10-10 19:02:16 -------- d-----w- C:\Program Files\Bonjour

2011-10-10 19:02:16 -------- d-----w- C:\Program Files (x86)\Bonjour

2011-10-07 21:49:08 35840 ----a-r- C:\Windows\System32\drivers\BVRPMPR5a64.SYS

2011-10-07 21:48:35 -------- d-----w- C:\Netgear

.

==================== Find3M ====================

.

2011-10-01 03:21:20 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-10-01 02:59:14 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-09-01 00:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-08-27 05:40:28 861184 ----a-w- C:\Windows\System32\oleaut32.dll

2011-08-27 05:40:28 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-08-27 04:43:07 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-08-27 04:43:06 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2011-08-25 22:54:12 31064 ----a-w- C:\Windows\SysWow64\drivers\KSBus64.sys

2011-08-25 22:54:12 31064 ----a-w- C:\Windows\System32\drivers\ksbus64.sys

2011-08-25 22:54:12 128856 ----a-w- C:\Windows\SysWow64\drivers\KSPrt64.sys

2011-08-25 22:54:12 128856 ----a-w- C:\Windows\System32\drivers\KSPrt64.sys

2011-08-25 22:54:12 120152 ----a-w- C:\Windows\SysWow64\drivers\KScsiPrt.sys

2011-08-25 22:54:10 24408 ----a-w- C:\Windows\SysWow64\drivers\KSBus.sys

2011-08-20 05:45:20 1197568 ----a-w- C:\Windows\System32\wininet.dll

2011-08-20 05:41:16 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2011-08-20 04:38:10 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-08-20 04:35:20 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2011-08-20 04:20:23 482816 ----a-w- C:\Windows\System32\html.iec

2011-08-20 03:26:38 386048 ----a-w- C:\Windows\SysWow64\html.iec

2011-08-17 05:32:24 613888 ----a-w- C:\Windows\System32\psisdecd.dll

2011-08-17 05:27:46 75776 ----a-w- C:\Windows\System32\MSDvbNP.ax

2011-08-17 05:27:46 288256 ----a-w- C:\Windows\System32\MSNP.ax

2011-08-17 05:27:46 108032 ----a-w- C:\Windows\System32\psisrndr.ax

2011-08-17 05:27:46 104960 ----a-w- C:\Windows\System32\Mpeg2Data.ax

2011-08-17 04:26:02 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2011-08-17 04:22:23 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax

2011-08-17 04:22:23 72704 ----a-w- C:\Windows\SysWow64\Mpeg2Data.ax

2011-08-17 04:22:23 59904 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax

2011-08-17 04:22:23 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax

2011-08-07 22:34:10 22992 ----a-r- C:\Windows\SysWow64\SZIO5.dll

2011-08-07 22:34:10 132560 ----a-r- C:\Windows\SysWow64\IS3HTUI5.dll

2011-08-07 22:34:08 99792 ----a-r- C:\Windows\SysWow64\IS3Svc5.dll

2011-08-07 22:34:08 67024 ----a-r- C:\Windows\SysWow64\IS3Hks5.dll

2011-08-07 22:34:08 546256 ----a-r- C:\Windows\SysWow64\SZComp5.dll

2011-08-07 22:34:08 456144 ----a-r- C:\Windows\SysWow64\SZBase5.dll

2011-08-07 22:34:08 398800 ----a-r- C:\Windows\SysWow64\IS3DBA5.dll

2011-08-07 22:34:08 28624 ----a-r- C:\Windows\SysWow64\IS3XDat5.dll

2011-08-07 22:34:06 99792 ----a-r- C:\Windows\SysWow64\IS3Inet5.dll

2011-08-07 22:34:06 738768 ----a-r- C:\Windows\SysWow64\IS3Base5.dll

2011-08-07 22:34:06 390608 ----a-r- C:\Windows\SysWow64\IS3UI5.dll

2011-08-07 22:34:06 230864 ----a-r- C:\Windows\SysWow64\IS3Win325.dll

.

============= FINISH: 19:54:50.17 ===============

computer runs slow and cant complete a full scan on malewarebytes or stopzilla. redricts websites and runs programs barley without crashing or freezing. let me know what logs if needed more.

forgot this log. i check my computer every 10 min. thanks for your help, the sooner the greater :D

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 2/3/2010 5:58:53 PM

System Uptime: 10/19/2011 7:29:21 PM (0 hours ago)

.

Motherboard: Dell Inc. | | 0D176M

Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz | U2E1 | 2194/533mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 283 GiB total, 22.184 GiB free.

D: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: sptd

Device ID: ROOT\LEGACY_SPTD\0000

Manufacturer:

Name: sptd

PNP Device ID: ROOT\LEGACY_SPTD\0000

Service: sptd

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Windows Firewall Authorization Driver

Device ID: ROOT\LEGACY_MPSDRV\0000

Manufacturer:

Name: Windows Firewall Authorization Driver

PNP Device ID: ROOT\LEGACY_MPSDRV\0000

Service: mpsdrv

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

µTorrent

7-Zip 4.57

Adobe Audition 3.0

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Photoshop 7.0.1

Adobe Reader 9.1.2

Advanced Audio FX Engine

Antares Autotune VST v5.09

Apple Application Support

Apple Software Update

ASIO4ALL

Audacity 1.3.12 (Unicode)

Banctec Service Agreement

BassStation

BitZipper 2009

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Compatibility Pack for the 2007 Office system

Cozi

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Getting Started Guide

Dell Support Center (Support Software)

Dell Webcam Central

Digidesign Command8

Digidesign Pro Tools M-Powered Demo 7.1

Digidesign Shared Plug-Ins 7.0

Digidesign Shared Plug-Ins 7.4

Enigma

FL Studio 9

Free RAR Extract Frog

Google Chrome

Google Update Helper

GoToAssist 8.0.0.514

IL Download Manager

InterLok Driver Kit

Java Auto Updater

Java 6 Update 20

Junk Mail filter update

Live! Cam Avatar Creator

M-Audio Reason Control Surface

Malwarebytes' Anti-Malware version 1.51.2.1300

McAfee SecurityCenter

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Office XP Professional with FrontPage

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Move Media Player

Mozilla Firefox (3.6.17)

MSVCRT

Native Instruments Massive v1.0.1.008 VSTi DXi RTAS

Native.Instruments.Pro.53.v3.02.004-DAC

Ninja

PCM Native Reverb RTAS Plug-in

PCM Native Reverb VST Plug-in

PoiZone

PowerDVD DX

QuickTime

REAPER

Reason 5.0

ReCycle Demo 2.1.2

ReCycle v2.1

reFX Vanguard VSTi v1.6.1

Rob Papen Albino 3

Roxio Burn

Safari

SampleTank 2.5

Sawer

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553074)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft Office Excel 2007 (KB2553073)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Skype Toolbars

Skype™ 4.2

Sonic

StartNow Toolbar

Steinberg Cubase 5

Steinberg Drum Loop Expansion 01

Steinberg Groove Agent ONE Content

Steinberg HALionOne

Steinberg HALionOne Additional Content Set 01

Steinberg HALionOne Expression Set

Steinberg HALionOne GM Drum Set

Steinberg HALionOne GM Set

Steinberg HALionOne Pro Set

Steinberg HALionOne Studio Drum Set

Steinberg HALionOne Studio Set

Steinberg LoopMash Content

Steinberg REVerence Content 01

STOPzilla

Super Winspy v3.5

TotalMounter V1.50 (Remove only)

Toxic Biohazard

TurboEDIT (remove only)

Update for 2007 Microsoft Office System (KB2284654)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Virtual CD v10

Waves Diamond Bundle v5.2

WildTangent Games

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

Windows Media Player Firefox Plugin

.

==== Event Viewer Messages From Past Week ========

.

10/19/2011 7:33:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

10/19/2011 7:32:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

10/19/2011 7:32:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

10/19/2011 7:32:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

10/19/2011 7:32:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

10/19/2011 7:31:51 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

10/19/2011 7:30:23 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

10/19/2011 7:30:08 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21

10/19/2011 7:29:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: DigiFilter discache is3srv spldr sptd vdrv1000 Wanarpv6

10/19/2011 7:29:50 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start.

10/19/2011 7:29:49 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.

10/19/2011 7:29:49 PM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.

10/19/2011 7:29:26 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .

10/19/2011 7:27:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

10/19/2011 7:18:43 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.

10/19/2011 7:14:24 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

10/19/2011 7:13:28 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004

10/19/2011 7:12:52 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: DigiFilter is3srv

10/18/2011 7:10:15 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

10/18/2011 7:02:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

10/18/2011 7:01:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

10/18/2011 7:01:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

10/18/2011 7:01:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC DigiFilter discache is3srv mfehidk mfenlfk mfewfpk NetBIOS NetBT nsiproxy Psched rdbss spldr sptd Tcpip tdx vdrv1000 vwififlt Wanarpv6 WfpLwf

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The TCP/IP Registry Compatibility service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

10/18/2011 7:01:03 PM, Error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

10/18/2011 6:57:34 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

10/18/2011 6:45:36 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 3 time(s).

10/18/2011 6:44:47 PM, Error: Service Control Manager [7031] - The McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

10/18/2011 6:43:52 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

10/18/2011 6:40:58 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

10/18/2011 6:40:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.

10/18/2011 6:25:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

10/18/2011 6:25:59 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/17/2011 10:57:51 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x0000000000000003, 0xfffffa80052e62c0, 0xfffffa80052e65a0, 0xfffff80002996300). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101711-21309-01.

10/17/2011 10:52:55 AM, Error: Service Control Manager [7031] - The RPC Endpoint Mapper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/17/2011 10:52:55 AM, Error: Service Control Manager [7031] - The Remote Procedure Call (RPC) service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.

10/17/2011 10:34:14 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Network Store Interface Service service, but this action failed with the following error: An instance of the service is already running.

10/17/2011 10:32:14 PM, Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 1 time(s).

10/17/2011 10:32:14 PM, Error: Service Control Manager [7031] - The WinHTTP Web Proxy Auto-Discovery Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

10/17/2011 10:32:14 PM, Error: Service Control Manager [7031] - The Network Store Interface Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/17/2011 10:32:14 PM, Error: Service Control Manager [7031] - The Network List Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

10/17/2011 10:32:14 PM, Error: Service Control Manager [7031] - The COM+ Event System service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

10/16/2011 8:00:34 PM, Error: Service Control Manager [7031] - The McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

10/16/2011 7:56:49 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McShield service.

10/16/2011 7:40:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc50013118, 0xffffffffc0000185, 0x000000004d1b3880, 0xfffff8a002623778). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101611-21294-01.

10/16/2011 6:35:39 PM, Error: Service Control Manager [7034] - The McShield service terminated unexpectedly. It has done this 6 time(s).

10/16/2011 6:17:31 PM, Error: Service Control Manager [7031] - The McShield service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

10/16/2011 6:15:59 PM, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/16/2011 6:13:17 PM, Error: Service Control Manager [7031] - The McShield service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

10/16/2011 6:05:19 PM, Error: Service Control Manager [7031] - The McShield service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

10/16/2011 6:00:11 PM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/16/2011 6:00:11 PM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/16/2011 6:00:11 PM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/16/2011 6:00:11 PM, Error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/16/2011 6:00:11 PM, Error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/16/2011 6:00:00 PM, Error: Service Control Manager [7034] - The Function Discovery Provider Host service terminated unexpectedly. It has done this 1 time(s).

10/16/2011 5:54:14 PM, Error: Microsoft-Windows-Eventlog [23] - The event logging service encountered an error (res=1117) while initializing logging resources for channel Microsoft-Windows-WER-Diag/Operational.

10/16/2011 5:37:57 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1005] - Unable to produce a minidump file from the full dump file.

10/16/2011 5:37:57 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000001 (0x0000000075132dd9, 0x0000000000000000, 0x000000000000ffff, 0xfffff880054eec60). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: .

10/16/2011 5:31:05 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x0000000000000003, 0xfffffa8006537060, 0xfffffa8006537340, 0xfffff800035cb300). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: .

10/16/2011 5:26:39 PM, Error: Service Control Manager [7031] - The Diagnostic Policy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/16/2011 5:26:36 PM, Error: Service Control Manager [7031] - The Base Filtering Engine service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/16/2011 4:29:15 PM, Error: Service Control Manager [7023] - The Workstation service terminated with the following error: Error performing inpage operation.

10/16/2011 4:20:39 PM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/16/2011 4:20:39 PM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

10/16/2011 4:20:39 PM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/16/2011 4:20:39 PM, Error: Service Control Manager [7031] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/16/2011 3:25:43 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/16/2011 3:25:43 PM, Error: Service Control Manager [7031] - The Windows Event Log service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/16/2011 3:25:43 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/16/2011 3:25:43 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

10/16/2011 3:25:43 PM, Error: Service Control Manager [7031] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/16/2011 11:43:55 AM, Error: Service Control Manager [7000] - The STOPzilla Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/16/2011 11:43:54 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the STOPzilla Service service to connect.

10/16/2011 1:57:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

10/15/2011 9:54:36 AM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

10/15/2011 9:54:20 AM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).

10/15/2011 9:54:20 AM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/15/2011 9:54:20 AM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/15/2011 9:54:20 AM, Error: Service Control Manager [7031] - The PnP-X IP Bus Enumerator service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 9:54:20 AM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 9:54:20 AM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 9:54:16 AM, Error: Service Control Manager [7031] - The Windows Font Cache Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/15/2011 9:54:16 AM, Error: Service Control Manager [7031] - The UPnP Device Host service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

10/15/2011 9:54:16 AM, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

10/15/2011 9:07:02 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

10/15/2011 9:07:02 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.

10/15/2011 9:06:02 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.

10/15/2011 9:05:06 AM, Error: Service Control Manager [7023] - The IKE and AuthIP IPsec Keying Modules service terminated with the following error: Load failed

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/15/2011 9:05:02 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/15/2011 7:57:10 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc50012b00, 0xffffffffc0000185, 0x0000000085d77880, 0xfffff8a002560018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101511-18142-01.

10/15/2011 7:55:01 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.

10/15/2011 7:55:01 AM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/15/2011 7:53:36 AM, Error: Service Control Manager [7034] - The Problem Reports and Solutions Control Panel Support service terminated unexpectedly. It has done this 1 time(s).

10/15/2011 7:53:36 AM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/15/2011 7:53:36 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {8F5DF053-3013-4DD8-B5F4-88214E81C0CF}

10/15/2011 7:53:34 AM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).

10/15/2011 5:57:40 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc50014688, 0xffffffffc0000185, 0x0000000121c2c880, 0xfffff8a0028d14f0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101511-18283-01.

10/15/2011 5:37:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

10/15/2011 5:37:31 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/15/2011 5:37:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

10/15/2011 5:33:23 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Error Reporting Service service, but this action failed with the following error: An instance of the service is already running.

10/15/2011 5:31:23 PM, Error: Service Control Manager [7031] - The Windows Error Reporting Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

10/15/2011 5:08:17 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

10/15/2011 4:00:04 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc50062560, 0xffffffffc0000185, 0x000000004c03d880, 0xfffff8a00c4ac8f0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101511-25459-01.

10/15/2011 3:09:26 AM, Error: Service Control Manager [7034] - The Windows Modules Installer service terminated unexpectedly. It has done this 3 time(s).

10/15/2011 2:59:22 AM, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

10/15/2011 2:43:51 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.

10/15/2011 2:33:18 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error: An instance of the service is already running.

10/14/2011 9:29:12 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.

10/14/2011 9:11:00 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc500225e8, 0xffffffffc0000185, 0x000000001966f880, 0xfffff8a0044bddd8). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101411-27019-01.

10/14/2011 8:33:43 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Modules Installer service, but this action failed with the following error: An instance of the service is already running.

10/14/2011 8:32:52 PM, Error: Service Control Manager [7034] - The McAfee Services service terminated unexpectedly. It has done this 3 time(s).

10/14/2011 8:32:52 PM, Error: Service Control Manager [7034] - The McAfee Proxy Service service terminated unexpectedly. It has done this 3 time(s).

10/14/2011 8:32:52 PM, Error: Service Control Manager [7034] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 3 time(s).

10/14/2011 8:32:52 PM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/14/2011 8:31:43 PM, Error: Microsoft-Windows-CorruptedFileRecovery-Server [10] - The system file C:\Windows\System32\mssrch.dll may be corrupted, but Windows could not determine if the file was actually damaged (error code 2147944126). No repair action was taken. Run the command "sfc /scannow" at an administrative command prompt to check for errors and to repair the file if necessary.

10/14/2011 8:23:45 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

10/14/2011 8:20:35 PM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/14/2011 8:20:35 PM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/14/2011 8:20:35 PM, Error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/14/2011 8:18:37 PM, Error: Service Control Manager [7023] - The McAfee VirusScan Announcer service terminated with the following error: %%-2147024890

10/14/2011 8:12:29 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: Software Protection is not a valid Win32 application.

10/14/2011 8:11:12 PM, Error: Service Control Manager [7022] - The McAfee VirusScan Announcer service hung on starting.

10/14/2011 6:08:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

10/14/2011 5:46:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

10/14/2011 3:20:48 AM, Error: volsnap [67] - The shadow copy of volume C: being created failed to install.

10/14/2011 2:55:14 PM, Error: Service Control Manager [7022] - The McAfee Network Agent service hung on starting.

10/14/2011 2:47:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

10/14/2011 2:43:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

10/14/2011 2:42:08 PM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: Error performing inpage operation.

10/14/2011 2:41:34 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: Error performing inpage operation.

10/14/2011 2:31:13 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: Windows Media Player Network Sharing Service is not a valid Win32 application.

10/14/2011 11:26:11 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/14/2011 11:25:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

10/14/2011 11:03:23 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.

10/14/2011 10:54:53 AM, Error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/14/2011 10:38:20 PM, Error: Microsoft-Windows-Eventlog [23] - The event logging service encountered an error (res=1117) while initializing logging resources for channel Microsoft-Windows-CodeIntegrity/Operational.

10/14/2011 10:25:51 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0x0000000000000040, 0xfffff880079abc50, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: .

10/14/2011 10:19:14 PM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: Error performing inpage operation.

10/14/2011 10:17:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.

10/14/2011 10:17:44 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/14/2011 10:17:14 PM, Error: Service Control Manager [7000] - The McShield service failed to start due to the following error: Error performing inpage operation.

10/13/2011 6:47:04 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa8003d06040, 0xfffff800048024d0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101311-23571-01.

10/13/2011 6:08:28 PM, Error: KScsiPrt [9] -

10/13/2011 5:27:08 PM, Error: Service Control Manager [7034] - The Audio Service service terminated unexpectedly. It has done this 1 time(s).

10/13/2011 5:26:50 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000001 (0x00000000751b2dd9, 0x0000000000000000, 0x000000000000ffff, 0xfffff880033e5c60). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: .

10/13/2011 5:24:11 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

10/13/2011 12:41:09 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa8003cf6040, 0xfffff800047fb4d0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101311-26208-01.

10/12/2011 9:46:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa8004bcb050, 0xfffff80000ba2748, 0xfffffa800426f1f0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101211-22947-01.

10/12/2011 10:23:09 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa8003cf7b60, 0xfffff800047fd4d0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101211-23259-01.

.

==== End Of File ===========================

Link to post
Share on other sites

:welcome:

Whether you wish to continue with cleaning or not, you should be aware that you may have been infected by a backdoor trojan. This type of program has the ability to steal passwords and other information from your system. If you are using your computer for sensitive purposes such as internet banking then I recommend you take the following steps immediately:

  • Use another, uninfected computer to change all your internet passwords, especially ones with financial implications such as banks, paypal, ebay, etc. You should also change the passwords for any other site you use.
  • Call your bank(s), credit card company or any other institution which may be affected and advise them that your login/password or credit card information may have been stolen and ask what steps to take with regard to your account.
  • Consider what other private information could possibly have been taken from your computer and take appropriate steps
  • Removing this infection can also disable the ability to connect to the internet.

This infection can almost certainly be cleaned, but as the malware could be configured to run any program a remote attacker requires, it will be impossible to be 100% sure that the machine is clean, if this is unacceptable to you then you should consider reformatting the system partition and reinstalling Windows as this is the only 100% sure answer.

Please post back to let me know how you wish to proceed.

Link to post
Share on other sites

Please do not attach the scan results from Combofx. Use copy/paste.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Download ComboFix from one of these locations:

Link 1

Link 2 If using this link, Right Click and select Save As.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
  • Double click on ComboFix.exe & follow the prompts.
    Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
    Note: If you have XP SP3, use the XP SP2 package.
    If Vista or Windows 7, skip the Recovery Console part
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RC1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

ComboFix 11-10-23.02 - Cody 10/23/2011 14:36:34.2.2 - x64 NETWORK

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4029.3217 [GMT -7:00]

Running from: c:\users\Cody\Downloads\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Cody\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe

.

---- Previous Run -------

.

C:\install.exe

c:\program files (x86)\StartNow Toolbar\Resources\images\engine_images.png

c:\program files (x86)\StartNow Toolbar\Resources\images\engine_maps.png

c:\program files (x86)\StartNow Toolbar\Resources\images\engine_news.png

c:\program files (x86)\StartNow Toolbar\Resources\images\engine_videos.png

c:\program files (x86)\StartNow Toolbar\Resources\images\engine_web.png

c:\program files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png

c:\program files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png

c:\program files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png

c:\program files (x86)\StartNow Toolbar\Resources\images\icon_games.png

c:\program files (x86)\StartNow Toolbar\Resources\images\icon_msn.png

c:\program files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png

c:\program files (x86)\StartNow Toolbar\Resources\images\icon_travel.png

c:\program files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png

c:\program files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png

c:\program files (x86)\StartNow Toolbar\Resources\installer.xml

c:\program files (x86)\StartNow Toolbar\Resources\protect\index.html

c:\program files (x86)\StartNow Toolbar\Resources\protect\NotIE6.css

c:\program files (x86)\StartNow Toolbar\Resources\protect\OnlyIE6.css

c:\program files (x86)\StartNow Toolbar\Resources\protect\SearchProtectIcon.png

c:\program files (x86)\StartNow Toolbar\Resources\protect\window.css

c:\program files (x86)\StartNow Toolbar\Resources\protect\window.js

c:\program files (x86)\StartNow Toolbar\Resources\reactivate\index.html

c:\program files (x86)\StartNow Toolbar\Resources\reactivate\LeftImage.png

c:\program files (x86)\StartNow Toolbar\Resources\reactivate\NotIE6.css

c:\program files (x86)\StartNow Toolbar\Resources\reactivate\OnlyIE6.css

c:\program files (x86)\StartNow Toolbar\Resources\reactivate\window.css

c:\program files (x86)\StartNow Toolbar\Resources\reactivate\window.js

c:\program files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_hover.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_normal.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_background.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_left.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_middle.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\separator.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\splitter.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png

c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png

c:\program files (x86)\StartNow Toolbar\Resources\toolbar.xml

c:\program files (x86)\StartNow Toolbar\Resources\update.xml

c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe

c:\program files (x86)\StartNow Toolbar\ToOLbar32.dll

c:\program files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe

c:\program files (x86)\StartNow Toolbar\uninstall.dat

c:\users\Cody\AppData\Local\a8544971\@

c:\users\Cody\AppData\Local\a8544971\U\80000000.@

c:\users\Cody\AppData\Local\a8544971\U\800000cb.@

c:\users\Cody\AppData\Local\a8544971\X

c:\users\Cody\AppData\Local\kjs.exe

c:\users\Cody\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe

c:\windows\assembly\tmp\U\000000c0.@

c:\windows\assembly\tmp\U\000000cb.@

c:\windows\assembly\tmp\U\000000cf.@

c:\windows\assembly\tmp\U\80000000.@

c:\windows\assembly\tmp\U\800000c0.@

c:\windows\assembly\tmp\U\800000cb.@

c:\windows\assembly\tmp\U\800000cf.@

c:\windows\system32\consrv.dll

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_Updater Service for StartNow Toolbar

-------\Service_Updater Service for StartNow Toolbar

.

.

((((((((((((((((((((((((( Files Created from 2011-09-23 to 2011-10-23 )))))))))))))))))))))))))))))))

.

.

2011-10-23 21:47 . 2011-10-23 21:47 -------- d-----w- c:\users\TEMP\AppData\Local\temp

2011-10-23 21:47 . 2011-10-23 21:47 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-10-23 19:05 . 2011-10-23 21:17 -------- d-----w- c:\users\Cody\AppData\Roaming\SanDisk

2011-10-23 19:03 . 2011-10-23 19:03 -------- d-----w- c:\users\Cody\AppData\Local\Proxure

2011-10-23 19:03 . 2011-10-23 19:03 -------- d-----w- c:\programdata\ClubSanDisk

2011-10-20 22:03 . 2011-10-21 05:10 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-10-16 21:08 . 2011-10-16 21:08 -------- d-----w- c:\windows\Sun

2011-10-16 00:25 . 2011-10-16 00:25 -------- d-sh--w- c:\windows\system32\%APPDATA%

2011-10-14 10:23 . 2011-10-14 10:23 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2011-10-12 17:31 . 2009-10-12 04:58 1177600 ----a-w- c:\windows\SysWow64\SYNSOEMU.DLL

2011-10-12 17:31 . 2011-10-12 17:31 -------- d-----w- c:\program files (x86)\Common Files\VST3

2011-10-12 17:28 . 2011-10-12 17:28 -------- d-----w- c:\programdata\VST3 Presets

2011-10-12 17:10 . 2011-10-12 17:10 -------- d-----w- c:\programdata\Steinberg

2011-10-12 17:10 . 2011-10-12 17:10 -------- d-----w- c:\program files (x86)\Common Files\Steinberg

2011-10-12 16:53 . 2011-10-12 16:53 -------- d-----w- c:\program files\KernSafe

2011-10-11 21:22 . 2011-09-06 03:07 3134976 ----a-w- c:\windows\system32\win32k.sys

2011-10-11 16:13 . 2011-10-11 16:13 -------- d-----w- c:\programdata\DAEMON Tools Lite

2011-10-11 04:00 . 2011-10-11 04:00 -------- d-----w- c:\users\Cody\AppData\Local\Dell Edoc Viewer

2011-10-10 19:10 . 2011-10-10 19:10 -------- d-----w- c:\program files (x86)\Safari

2011-10-10 19:05 . 2011-10-10 19:05 -------- d-----w- c:\program files\iPod

2011-10-10 19:05 . 2011-10-10 19:06 -------- d-----w- c:\program files\iTunes

2011-10-10 19:05 . 2011-10-10 19:06 -------- d-----w- c:\program files (x86)\iTunes

2011-10-10 19:02 . 2011-10-10 19:02 -------- d-----w- c:\program files\Bonjour

2011-10-10 19:02 . 2011-10-10 19:02 -------- d-----w- c:\program files (x86)\Bonjour

2011-10-10 18:57 . 2011-10-10 18:57 -------- d-----w- c:\program files (x86)\Apple Software Update

2011-10-07 21:49 . 2009-08-19 21:49 35840 ----a-r- c:\windows\system32\drivers\BVRPMPR5a64.SYS

2011-10-07 21:48 . 2011-10-09 00:43 -------- d-----w- C:\Netgear

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-22 18:30 . 2010-02-15 16:45 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2011-10-22 18:29 . 2010-10-30 04:10 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2011-10-22 18:29 . 2010-10-30 03:59 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2011-10-22 18:29 . 2010-02-27 15:04 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2011-10-18 05:37 . 2010-02-04 15:30 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll

2011-10-18 05:37 . 2010-02-04 15:30 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2011-10-18 05:37 . 2011-08-10 07:05 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2011-10-18 05:37 . 2010-02-04 15:30 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2011-09-01 00:00 . 2011-04-09 01:43 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-25 22:54 . 2011-08-25 22:54 31064 ----a-w- c:\windows\SysWow64\drivers\KSBus64.sys

2011-08-25 22:54 . 2011-08-25 22:54 31064 ----a-w- c:\windows\system32\drivers\ksbus64.sys

2011-08-25 22:54 . 2011-08-25 22:54 128856 ----a-w- c:\windows\SysWow64\drivers\KSPrt64.sys

2011-08-25 22:54 . 2011-08-25 22:54 128856 ----a-w- c:\windows\system32\drivers\KSPrt64.sys

2011-08-25 22:54 . 2011-08-25 22:54 120152 ----a-w- c:\windows\SysWow64\drivers\KScsiPrt.sys

2011-08-25 22:54 . 2011-08-25 22:54 24408 ----a-w- c:\windows\SysWow64\drivers\KSBus.sys

2011-08-07 22:34 . 2011-08-07 22:34 22992 ----a-r- c:\windows\SysWow64\SZIO5.dll

2011-08-07 22:34 . 2011-08-07 22:34 132560 ----a-r- c:\windows\SysWow64\IS3HTUI5.dll

2011-08-07 22:34 . 2011-08-07 22:34 99792 ----a-r- c:\windows\SysWow64\IS3Svc5.dll

2011-08-07 22:34 . 2011-08-07 22:34 67024 ----a-r- c:\windows\SysWow64\IS3Hks5.dll

2011-08-07 22:34 . 2011-08-07 22:34 546256 ----a-r- c:\windows\SysWow64\SZComp5.dll

2011-08-07 22:34 . 2011-08-07 22:34 456144 ----a-r- c:\windows\SysWow64\SZBase5.dll

2011-08-07 22:34 . 2011-08-07 22:34 398800 ----a-r- c:\windows\SysWow64\IS3DBA5.dll

2011-08-07 22:34 . 2011-08-07 22:34 28624 ----a-r- c:\windows\SysWow64\IS3XDat5.dll

2011-08-07 22:34 . 2011-08-07 22:34 99792 ----a-r- c:\windows\SysWow64\IS3Inet5.dll

2011-08-07 22:34 . 2011-08-07 22:34 738768 ----a-r- c:\windows\SysWow64\IS3Base5.dll

2011-08-07 22:34 . 2011-08-07 22:34 390608 ----a-r- c:\windows\SysWow64\IS3UI5.dll

2011-08-07 22:34 . 2011-08-07 22:34 230864 ----a-r- c:\windows\SysWow64\IS3Win325.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"ISUSPM Startup"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]

"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]

"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"DigidesignMMERefresh"="c:\program files (x86)\Digidesign\Drivers\MMERefresh.exe" [2006-02-15 61440]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-09-30 1484856]

"VC10Player"="c:\program files (x86)\Virtual CD v10\System\VC10Play.exe" [2010-04-14 411464]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-06 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2010-09-27 560128]

.

c:\users\Cody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-5-9 113664]

Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R0 is3srv;is3srv;c:\windows\SySWOW64\drivers\is3srv64.sys [2011-06-02 74768]

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

R1 vdrv1000;vdrv1000;c:\windows\system32\DRIVERS\vdrv1000.sys [x]

R2 AxiomAudioDevMon;Axiom Audio Device Monitor;c:\program files (x86)\M-Audio\Axiom\AudioDevMon.exe [2010-02-19 1632776]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-09 136176]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-09-01 366152]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]

R2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]

R2 VC10SecS;Virtual CD v10 Management Service;c:\program files (x86)\Virtual CD v10\System\VC10SecS.exe [2010-04-14 144712]

R3 AXIOM;Service for M-Audio Axiom;c:\windows\system32\DRIVERS\MAudioAxiom.sys [x]

R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [x]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-09 136176]

R3 HH10Help.sys;HH10Help.sys;c:\windows\system32\drivers\HH10Help.sys [x]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]

R3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [x]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 RDID1053;PC-50;c:\windows\system32\Drivers\rdwm1053.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 vcd10bus;Virtual CD v10 Bus Enumerator;c:\windows\system32\DRIVERS\vcd10bus.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]

R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x]

S0 ksbus;KernSafe Virtual System Bus;c:\windows\system32\DRIVERS\ksbus64.sys [2011-08-25 31064]

S0 KScsiPrt;KernSafe Miniport;c:\windows\system32\DRIVERS\KSPrt64.sys [2011-08-25 128856]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S0 szkg5;szkg5;c:\windows\SySWOW64\DRIVERS\szkg64.sys [2011-06-02 74768]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]

S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-14 245352]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-10-14 149032]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2011-10-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-09 06:04]

.

2011-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-09 06:04]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]

"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]

"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]

"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2009-11-09 798216]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office10\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Cody\AppData\Roaming\Mozilla\Firefox\Profiles\8sypop3l.default\

FF - prefs.js: browser.search.selectedEngine - Bing

FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z192&install_date=20111011

FF - prefs.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

FF - Ext: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - %profile%\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}

FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\users\Cody\AppData\Roaming\Move Networks

FF - user.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=

FF - user.js: keyword.enabled - 1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-SanDiskSecureAccess_Manager.exe - c:\users\Cody\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe

Wow6432Node-HKLM-Run-StartNowToolbarHelper - c:\program files (x86)\StartNow Toolbar\ToolbarHelper.exe

Toolbar-Locked - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

HKLM-Run-combofix - c:\combofix\CF18623.3XE

AddRemove-StartNow Toolbar - c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe

AddRemove-@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe - c:\users\Cody\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vdrv1000]

"ImagePath"="system32\DRIVERS\vdrv1000.sys"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2011-10-23 14:50:39

ComboFix-quarantined-files.txt 2011-10-23 21:50

.

Pre-Run: 35,804,336,128 bytes free

Post-Run: 36,120,752,128 bytes free

.

- - End Of File - - E6319EF26B11DA5445F68735234D305B

Link to post
Share on other sites

Copy/paste the text in the Codebox below into notepad:

Here's how to do that:

Click Start > Run type Notepad click OK.

This will open an empty notepad file:

Take your mouse, and place your cursor at the beginning of the text in the box below, then click and hold the left mouse button, while pulling your mouse over the text. This should highlight the text. Now release the left mouse button. Now, with the cursor over the highlighted text, right click the mouse for options, and select 'copy'. Now over the empty Notepad box, right click your mouse again, and select 'paste' and you will have copied and pasted the text.

KillAll::

FireFox::
FF - ProfilePath - c:\users\Cody\AppData\Roaming\Mozilla\Firefox\Profiles\8sypop3l.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - %profile%\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
FF - prefs.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\users\Cody\AppData\Roaming\Move Networks
FF - user.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=

Save this file to your desktop, Save this as "CFScript"

Here's how to do that:

1.Click File;

2.Click Save As... Change the directory to your desktop;

3.Change the Save as type to "All Files";

4.Type in the file name: CFScript

5.Click Save ...

CFScriptB-4.gif

Drag CFScript.txt into ComboFix.exe

Then post the results log using Copy / Paste

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

MBAM quick scan? stopzilla ran a scan and found a bunch of high risk infections,(31). Iry to run the CFscript + combofix

but it says somting like the NIRKMD file is missing? btw thanks for your help a ton, i already feel like i made progress getting stopzilla to actually read the viruses.

Link to post
Share on other sites

Scan type: Quick scan

Objects scanned: 195431

Time elapsed: 3 minute(s), 48 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Lets see if this helps

The following will implement some cleanup procedures as well as reset System Restore points:

For XP:

  • Click START run
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

For Vista / Windows 7

  • Click START Search
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

If you used DeFogger

To re-enable your Emulation drivers, double click DeFogger to run the tool.

  • The application window will appear
  • Click the Re-enable button to re-enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.

Your Emulation drivers are now re-enabled.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.