I think i have a virus.

JMurr · 18 Apr 2011

I think I have a virus. I deleted a program with Revo Uninstaller and it could not set a restore point as it always does. Further investigation revealed System Restore was turned off by the Administrator (that would be me) and I could not get it turned on. More strange things, Cmd. Prompt would only display in safe mode. SFC found no errors, “restore to last good config” did not help. Windows update errors with 80072efe. I get a blue screen msg. “Internal Power Error” when I shut down and the system restarts, I could no disable the automatic restart feature as un checking the box does not hold. I tried that in Safe and Reg. Mode.

I have done a full virus scan w/McAfee, run Malware Bytes and Super AntiSpyware all in safe mode and MalwareBytes found a tracking cookie but nothing else.

Early on McAfee froze at “goto assist Download Helper.exe, I have no idea what that is and I deleted the folder it was in.
I am running Win7 Home Premium.

Sorry for the long post but I am the point where I am out of ideas. Any help would be appreciated.

Jacee · 18 Apr 2011

Download DDS from one of these links:
Mirror 1 Mirror 2 Mirror 3

Disable any script blocking protection
Double click the dds icon to run the tool.
When done, DDS will open two (2) logs:
1. DDS.txt
2. Attach.txt <--- will be minimized in the task tray
Save both reports to your desktop.

Include the contents of both logs in your next post.

JMurr · 18 Apr 2011

Mirror 1 asks if i want to save file but file is not saved, mirror 2 is "page not found" mirror 3 fills screen with strange characters. sorry, I can not get file.

SIW2 · 18 Apr 2011

Mirror1 should be fine - you may have to click Save button a couple of times.

Jacee · 18 Apr 2011

Yes, you want to save the file. Let it download, don't click run. Open the folder that you saved it to...it will look like this
Right click to run as Administrator.

JMurr · 19 Apr 2011

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/10/2010 4:13:31 PM
System Uptime: 4/18/2011 2:37:09 PM (3 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5GC-MX
Processor: Intel(R) Pentium(R) D CPU 3.00GHz | LGA 775 | 3000/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 99.359 GiB free.
D: is FIXED (NTFS) - 455 GiB total, 454.072 GiB free.
E: is FIXED (NTFS) - 476 GiB total, 462.015 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Acer eDisplay Management
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
Aiseesoft Blu-ray Ripper
Aiseesoft MP4 Converter Suite
AMD Drag and Drop Transcoding
Apple Application Support
Apple Software Update
Ashampoo Burning Studio 2010 Advanced
ATI Catalyst Registration
AVS Update Manager 1.0
AVS Video Converter 7
AVS4YOU Software Navigator 1.4
Belarc Advisor 8.1
Bullzip PDF Printer 7.1.0.1195
CameraHelperMsi
Canon iP2600 series
Canon iP2600 series User Registration
Canon My Printer
Canon Utilities Solution Menu
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
ccc-core-static
ccc-utility
CCC Help English
CCleaner
ClipMate 7
Clone2Go Video Converter Free Version 1.9.2
ConvertXtoDVD 3.3.4.107
D3DX10
DVD Decrypter (Remove Only)
DVD Shrink 3.2
EMDB 1.21
EndItAll 2.0
erLT
Everything 1.2.1.371
FastStone Image Viewer 3.7
Feedback Tool
ffdshow
FLV Player 2.0 (build 25)
Foxit Creator
Foxit PDF IFilter
Foxit Reader
Free Video Joiner 1.1
Google Talk Plugin
Google Update Helper
GPL Ghostscript Lite 8.70
HamsterFreeVideoConverter
ImgBurn
Java Auto Updater
Java(TM) 6 Update 24
Kyodai Mahjongg 2006 v1.42
Logitech Harmony Remote Software 7
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Macromedia Flash Player
Malwarebytes' Anti-Malware
McAfee Security Scan Plus
McAfee SecurityCenter
McAfee Virtual Technician
Media Browser
MediaFACE
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable Package
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MozBackup 1.4.9
Mozilla Firefox 4.0 (x86 en-US)
MSVCRT
MySQL Connector/ODBC 3.51
NewsLeecher v4.0 Final
NVIDIA 3D Vision Driver 266.58
NVIDIA Control Panel 266.58
NVIDIA Graphics Driver 266.58
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Stereoscopic 3D Driver
OGA Notifier 2.0.0048.0
OpenAL
PerfectDisk 10 Professional
Pivot Software
Process Lasso
PVSonyDll
QuickPar 0.9
QuickTime
RegistryFix v8.0
Remote Control USB Driver
Revo Uninstaller Pro 2.5.1
SDK
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Sid Meier's Civilization V
Skype Toolbars
Skype™ 5.0
SpywareBlaster 4.4
Steam
SUPERAntiSpyware
TeraCopy 2.12
The Lord of the Rings FREE Trial
TomTom HOME 2.8.1.2218
TomTom HOME Visual Studio Merge Modules
VLC media player 1.1.8
VueScan
WeatherBug
Windows 7 Manager
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR archiver
WMV9/VC-1 Video Playback
WordPerfect Office 11
Xvid 1.2.2 final uninstall
.
==== Event Viewer Messages From Past Week ========
.
4/18/2011 8:56:53 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Update service, but this action failed with the following error: An instance of the service is already running.
4/18/2011 8:56:53 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Background Intelligent Transfer Service service, but this action failed with the following error: An instance of the service is already running.
4/18/2011 8:55:53 AM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/18/2011 8:44:05 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x86674020, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041811-40716-01.
4/18/2011 8:34:05 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x852590f8, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041811-34523-01.
4/18/2011 8:22:02 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x86264630, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041811-35193-01.
4/18/2011 8:00:05 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x86260ae0, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041811-42432-01.
4/18/2011 7:32:22 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.
4/18/2011 7:32:22 AM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 3:57:58 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
4/18/2011 3:57:53 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
4/18/2011 3:57:53 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error: An instance of the service is already running.
4/18/2011 3:57:53 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.
4/18/2011 3:56:53 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The Remote Desktop Configuration service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The Certificate Propagation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/18/2011 3:55:53 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2011 2:39:09 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
4/18/2011 2:39:09 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
4/18/2011 2:39:09 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
4/18/2011 2:38:29 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: UimBus Uim_IM
4/18/2011 2:37:41 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x86e74800, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041811-30560-01.
4/18/2011 2:25:11 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x86e74508, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041811-38797-01.
4/18/2011 2:22:31 PM, Error: Service Control Manager [7022] - The Server service hung on starting.
4/18/2011 2:22:31 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: After starting, the service hung in a start-pending state.
4/18/2011 2:18:25 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service.
4/18/2011 2:12:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
4/18/2011 2:02:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ProfSvc service.
4/18/2011 2:02:59 PM, Error: Service Control Manager [7000] - The User Profile Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 2:02:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service.
4/18/2011 2:02:29 PM, Error: Service Control Manager [7000] - The System Event Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 2:01:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CertPropSvc service.
4/18/2011 2:01:29 PM, Error: Service Control Manager [7000] - The Certificate Propagation service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 12:35:20 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x86263370, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041811-25350-01.
4/18/2011 12:04:41 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
4/18/2011 11:52:30 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/18/2011 11:52:30 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/18/2011 11:52:30 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/18/2011 11:19:52 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
4/18/2011 11:19:33 AM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 11:17:44 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 11:17:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/18/2011 11:17:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/18/2011 11:17:42 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/18/2011 11:17:33 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache SASDIFSV SASKUTIL spldr UimBus Uim_IM Wanarpv6
4/18/2011 11:17:33 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
4/18/2011 11:17:33 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/18/2011 11:17:18 AM, Error: Service Control Manager [7001] - The Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 11:17:17 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x86e75aa0, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041811-23166-01.
4/18/2011 11:10:02 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x86e75208, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041811-35303-01.
4/18/2011 10:57:11 AM, Error: Service Control Manager [7031] - The McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
4/18/2011 10:18:59 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x85e57708, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041811-29000-01.
4/18/2011 10:09:16 AM, Error: Service Control Manager [7001] - The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 10:06:41 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache mfehidk mfenlfk mfewfpk NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx UimBus Uim_IM Wanarpv6 WfpLwf
4/18/2011 10:06:41 AM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 10:06:41 AM, Error: Service Control Manager [7001] - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 10:06:41 AM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 10:06:41 AM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7022] - The User Profile Service service hung on starting.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/18/2011 10:06:11 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/18/2011 10:02:12 AM, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).
4/18/2011 1:59:37 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gpsvc service.
4/18/2011 1:59:37 PM, Error: Service Control Manager [7000] - The Group Policy Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 1:59:07 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Windows Management Instrumentation service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 1:57:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
4/18/2011 1:57:15 PM, Error: Service Control Manager [7000] - The Task Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 1:56:45 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SessionEnv service.
4/18/2011 1:56:45 PM, Error: Service Control Manager [7000] - The Remote Desktop Configuration service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 1:56:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
4/18/2011 1:55:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Themes service.
4/18/2011 1:55:44 PM, Error: Service Control Manager [7000] - The Themes service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 1:55:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.
4/18/2011 1:55:14 PM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 1:54:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service.
4/18/2011 1:54:44 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 1:54:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service.
4/18/2011 1:54:14 PM, Error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2011 1:53:42 PM, Error: Service Control Manager [7022] - The IKE and AuthIP IPsec Keying Modules service hung on starting.
4/18/2011 1:52:12 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2011 1:07:05 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: labpborv UimBus Uim_IM
4/18/2011 1:06:20 PM, Error: Microsoft-Windows-Eventlog [106] - Corruption was detected in the log for the Application channel and some data was erased.
4/18/2011 1:06:08 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x85e6a020, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041811-37268-01.
4/18/2011 1:04:45 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
4/17/2011 11:44:01 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x86264bf8, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041711-29343-01.
4/17/2011 11:40:37 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x86261b28, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041711-29094-01.
4/17/2011 11:32:19 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000a0 (0x00000001, 0x00000006, 0x85e65800, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041711-38844-01.
4/17/2011 11:00:03 PM, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on \\?\Volume{5ae98c13-8c77-11df-b82b-806e6f6e6963} cannot be read.
.
==== End Of File ===========================

DDS (Ver_11-03-05.01) - NTFSx86
Run by J. Murray at 17:17:01.90 on Mon 04/18/2011
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2047.991 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
D:\Everything\Everything.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
D:\Process Lasso\ProcessLasso.exe
D:\Process Lasso\ProcessGovernor.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Acer Display\eDisplay Management\DTHtml.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Users\J. Murray\AppData\Roaming\Microsoft\Windows Media\12.0\wmpacm.exe
d:\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\ClipMate7\ClipMate.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
D:\aws\WeatherBug\Weather.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\qigct.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
D:\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\J. Murray\Desktop\dds.com
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110301045433.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
EB: ClipMate ClipBar 7: {f60c63ce-52af-4915-aac9-f100fcde270f} - c:\progra~1\clipma~1\CLIPMA~1.DLL
uRun: [ClipMate7] c:\program files\clipmate7\ClipMate.exe
uRun: [Weather] d:\aws\weatherbug\Weather.exe 1
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "c:\users\j. murray\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [TomTomHOME.exe] "d:\tomtom home 2\TomTomHOMERunner.exe" -s
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [Everything] "d:\everything\Everything.exe" -startup
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [PivotSoftware] "c:\program files\portrait displays\pivot software\wpctrl.exe"
mRun: [DT ACR] c:\program files\common files\portrait displays\shared\DT_startup.exe -ACR
mRun: [ProcessLassoManagementConsole] d:\process lasso\processlasso.exe
mRun: [ProcessGovernor] d:\process lasso\processgovernor.exe
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [MediaFace Integration] d:\mediaface 5.0\SetHook.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Windows Media Player ACM] c:\users\j. murray\appdata\roaming\microsoft\windows media\12.0\wmpacm.exe
mRun: [cftmon] c:\windows\system32\qigct.exe
StartupFolder: c:\users\j2bba~1.mur\appdata\roaming\micros~1\windows\startm~1\programs\startup\window~1.lnk - c:\users\j. murray\appdata\roaming\microsoft\windows media\12.0\wmpacm.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
uPolicies-explorer: NoThumbnailCache = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {6F14ABCC-F8C8-4F45-8181-C8CB825FF5ED} = 68.94.156.1,68.94.157.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\j2bba~1.mur\appdata\roaming\mozilla\firefox\profiles\0fhecy32.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=ZUGO&form=ZGAPHP
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=ZUGO&form=ZGAADF&q=
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\users\j. murray\appdata\roaming\mozilla\firefox\profiles\0fhecy32.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\j. murray\appdata\roaming\mozilla\firefox\profiles\0fhecy32.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mcafee\supportability\mvt\NPMVTPlugin.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60129.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\users\j. murray\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\j. murray\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\j. murray\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-5-31 386840]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-3-1 64304]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-3-1 164840]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-1-3 176128]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-7-10 203280]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2011-3-1 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2011-3-1 271480]
R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2011-3-1 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-3-1 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-3-1 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-3-1 141792]
R2 PdiService;Portrait Displays SDK Service;c:\program files\common files\portrait displays\drivers\pdisrvc.exe [2010-8-20 109168]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-1-7 378984]
R2 TomTomHOMEService;TomTomHOMEService;d:\tomtom home 2\TomTomHOMEService.exe [2011-3-9 92592]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-4-1 428640]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\drivers\l260x86.sys [2009-6-10 29184]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-3-1 55840]
R3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [2011-4-1 20448]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-7-10 152960]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-7-10 52104]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-3-1 313288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-23 136176]
S3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-1-3 6650368]
S3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-1-3 231936]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-1-3 102416]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-3-1 84264]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-7-10 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-7-10 40552]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-7-19 27192]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-4 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-10 1343400]
.
=============== Created Last 30 ================
.
2011-04-18 18:49:29 405504 ----a-w- c:\windows\system32\qigct.exe
2011-04-18 18:07:49 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{0C896934-EC5C-4FF2-9451-A180E650209E}
2011-04-18 05:47:49 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{6C833206-37AE-4040-8796-C821A3992F7A}
2011-04-18 04:18:58 -------- d-----w- c:\program files\Search Toolbar
2011-04-18 04:18:45 129536 ----a-w- c:\users\j2bba~1.mur\appdata\roaming\microsoft\windows media\12.0\wmpacm.exe
2011-04-18 04:18:34 -------- d-----w- C:\Temp
2011-04-18 04:18:19 254464 --sha-r- c:\windows\system32\d3dim7003.dll
2011-04-18 04:18:18 232916 ---h--w- c:\temp\ee896009-2241-4d1a-94b7-8f476921cf1c\OfferApp-2538.exe
2011-04-17 18:36:08 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\Microsoft Help
2011-04-17 17:47:08 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{40B81EB1-C182-4966-B0AC-C3199F58947F}
2011-04-17 01:19:48 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{5195E87E-E1D7-47F7-B9AC-3F22165C5991}
2011-04-16 13:19:23 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{9C968D5B-A383-4FEE-8F75-82C88169FE5D}
2011-04-15 15:57:18 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{CD083303-686D-4382-A308-6CAC54FE3BBE}
2011-04-15 03:56:39 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{DDCDF254-576A-4E16-89D8-BC6F1E5BA02B}
2011-04-15 03:47:28 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{CF7635A9-047C-42D7-9888-DF7FACA78EB2}
2011-04-14 13:28:39 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{9D4E3B2D-BDEE-470E-A792-1569631FC82E}
2011-04-14 03:11:21 -------- d-----w- c:\program files\Help
2011-04-14 02:48:35 2333184 ----a-w- c:\windows\system32\win32k.sys
2011-04-14 02:48:32 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-14 02:48:31 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-04-14 02:48:18 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-14 02:48:00 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-14 02:48:00 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-14 02:47:59 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-14 02:47:57 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-14 02:47:57 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-04-14 02:47:54 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-14 02:47:51 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-14 02:47:51 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-04-14 02:47:48 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-14 02:47:32 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-14 02:47:32 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-14 02:47:32 223232 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-14 02:47:32 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-13 01:27:11 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{C3765AB2-2B5D-4045-A97F-1ACA2ECE8D45}
2011-04-12 13:26:33 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{9D502D34-181C-4397-83FA-2623C150E8CF}
2011-04-12 02:47:27 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-04-12 01:25:54 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{54A2C61C-8033-4F84-B39A-A819B86F6096}
2011-04-11 13:25:16 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{32F937FF-2C47-457F-9C71-EEA90BD4AFDF}
2011-04-11 01:17:14 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{AE19BFE7-3406-4759-BA36-462982107884}
2011-04-10 00:38:57 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{C590D389-E855-4C92-BD8F-E61D2B1B9F91}
2011-04-08 12:27:44 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{F2E7254F-6B96-4A81-9DE0-AF51C739F94F}
2011-04-07 14:27:13 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{190A1BBB-284F-4601-9927-657B8AB81881}
2011-04-07 02:26:28 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{FED643B7-7333-423F-AAA3-62E9A958B2C0}
2011-04-06 14:25:38 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{ECAC4129-A9B4-4B62-B137-5A142725E19F}
2011-04-05 23:26:11 -------- d-----w- C:\VueScan
2011-04-05 14:24:32 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{DF491593-9FFF-4B76-A5CD-F64D61F2D5F5}
2011-04-05 03:18:31 -------- d-----w- c:\windows\system32\SPReview
2011-04-05 03:17:21 -------- d-----w- c:\windows\system32\EventProviders
2011-04-05 03:11:59 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-04-05 03:10:59 89600 ----a-w- c:\windows\system32\wbem\WmiApRpl.dll
2011-04-05 03:09:51 780288 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-04-05 03:09:51 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-04-05 03:09:51 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2011-04-05 03:09:51 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-04-05 03:09:33 697344 ----a-w- c:\windows\system32\SmiEngine.dll
2011-04-05 03:09:19 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2011-04-05 03:09:19 189952 ----a-w- c:\windows\system32\wdscore.dll
2011-04-05 03:08:23 323072 ----a-w- c:\windows\system32\drvstore.dll
2011-04-05 03:08:23 257024 ----a-w- c:\windows\system32\dpx.dll
2011-04-05 02:23:52 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{372EAB8B-5C65-408A-AE98-E64417BACD04}
2011-04-05 02:12:31 219136 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-04-05 02:12:31 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-04-03 23:00:38 -------- d-----w- c:\users\j2bba~1.mur\appdata\roaming\The Complete Genealogy Reporter
2011-04-03 23:00:08 372736 ----a-w- c:\windows\system32\ijl15.dll
2011-04-03 14:22:22 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{7C12317F-9182-4E8E-A8A3-114BE6CA8C24}
2011-04-03 02:21:32 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{13E62D8B-7EB9-4178-B579-072DC444A271}
2011-04-02 14:20:54 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{3B068E25-7073-4B7F-BEA1-9A2905126413}
2011-04-02 02:20:15 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{A5A9F4CF-AEA2-4D85-A445-A0A156786AB6}
2011-04-02 00:33:23 -------- d-----w- c:\users\j2bba~1.mur\appdata\roaming\ThumbGen
2011-04-02 00:30:50 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\IsolatedStorage
2011-04-01 14:19:36 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{B36F8EDE-EAB9-4898-8433-C1AA9DD5254E}
2011-04-01 05:09:48 291424 ----a-w- c:\windows\system32\drivers\lvrs.sys
2011-04-01 05:08:56 195168 ----a-w- c:\windows\system32\lvci13251014.dll
2011-04-01 05:07:52 20448 ----a-w- c:\windows\system32\drivers\lvbusflt.sys
2011-04-01 05:07:02 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
2011-04-01 05:07:02 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2011-04-01 05:06:56 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
2011-04-01 04:56:20 39318 ----a-w- c:\windows\system32\Repository.reg
2011-04-01 02:18:58 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{5A14A2E6-345B-4DD9-87CC-EFD444C1BC15}
2011-03-31 14:18:19 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{97150094-6B74-4B67-B1C6-BFD647F53C42}
2011-03-30 14:17:15 -------- d-----w- c:\users\j2bba~1.mur\appdata\local\{22A49CA8-D2CD-4831-A314-E7B8409667BF}
2011-03-25 00:18:43 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-03-25 00:18:41 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-03-25 00:18:41 728024 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-03-25 00:18:41 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-03-25 00:18:41 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-03-25 00:18:41 142296 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-03-25 00:18:40 1975768 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
2011-03-25 00:18:40 1893336 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-03-23 04:58:22 14168 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
.
==================== Find3M ====================
.
2011-04-05 03:26:09 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-04-01 05:10:46 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
2011-04-01 05:10:24 543328 ----a-w- c:\windows\system32\LVUI2.dll
2011-04-01 05:08:36 301664 ----a-w- c:\windows\system32\LVCodec2.dll
2011-02-23 13:27:00 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-02-23 13:27:00 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-02-23 13:27:00 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-02-23 13:27:00 5654120 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-02-23 13:27:00 4942952 ----a-w- c:\windows\system32\nvcuda.dll
2011-02-23 13:27:00 2895976 ----a-w- c:\windows\system32\nvcuvid.dll
2011-02-23 13:27:00 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-02-23 13:27:00 1965672 ----a-w- c:\windows\system32\nvapi.dll
2011-02-23 13:27:00 15047272 ----a-w- c:\windows\system32\nvoglv32.dll
2011-02-23 13:27:00 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-02-23 13:27:00 10079336 ----a-w- c:\windows\system32\nvd3dum.dll
2011-02-19 06:30:54 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:30:51 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:30:50 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-03 03:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 23:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 17:23:45.63 ===============

nchoma · 19 Apr 2011

I am so glad you posted this - just happened to me as well only on shut down. All the other links show a problem with hibernating not shutdown.

Hope someone can solve this for you, and it works for me too.

Jacee · 19 Apr 2011

JMurr, go to VirusTotal - Free Online Virus, Malware and URL Scanner and upload this file to be scanned:
C:\Windows\System32\qigct.exe
Save the results and post them back in your next reply.

Next,
I'd like you to scan your machine with ESET OnlineScan

Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
1. Click on to download the ESET Smart Installer. Save it to your desktop.
2. Double click on the icon on your desktop.
Check
Click the button.
Accept any security warnings from your browser.
Check
Push the Start button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push
Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Push the button.
Push

nchoma · 19 Apr 2011

not to steal his thread but i dont have qigct.exe

Jacee · 19 Apr 2011

nchoma, you most likely don't have exactly the same thing as JMurr.

It's always best to start your own topic so that you can get individual help :)