jusandjan

Members
  • Content Count

    10
  • Joined

  • Last visited

Community Reputation

0 Neutral

About jusandjan

  • Rank
    Member
  1. Theres the logs you require UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 06/02/2008 11:26:49 System Uptime: 05/06/2010 11:20:39 (-715 hours ago) Motherboard: | | K8NF4G-VSTA Processor: AMD Sempron(tm) Processor 3000+ | CPUSocket | 1808/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 117 GiB total, 103.611 GiB free. D: is FIXED (NTFS) - 32 GiB total, 30.036 GiB free. E: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP1: 02/05/2010 13:24:11 - System Checkpoint RP2: 03/05/2010 14:01:16 - System Checkpoint RP3: 04/05/2010 17:31:39 - System Checkpoint RP4: 05/05/2010 18:45:02 - System Checkpoint ==== Installed Programs ====================== Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 8.1.5 Adobe Shockwave Player 11.5 AutoUpdate BT Home Hub CoreAAC Audio Decoder (remove only) Critical Update for Windows Media Player 11 (KB959772) DivX Converter DivX Plus DirectShow Filters DivX Setup DivX Version Checker Elecard MPEG-2 Decoder&Streaming Plug-in for WMP EPSON Attach To Email EPSON Copy Utility 3 EPSON Easy Photo Print EPSON File Manager EPSON Image Clip Palette EPSON Printer Software EPSON Scan EPSON Scan Assistant Google Toolbar for Internet Explorer High Definition Audio Driver Package - KB888111 HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976002-v5) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Intel® 537EP Modem Japanese Fonts Support For Adobe Reader 8 Java Auto Updater Java(tm) 6 Update 19 Java(tm) 6 Update 5 Java(tm) 6 Update 7 KB408682 LogMeIn Malwarebytes' Anti-Malware McAfee Total Protection McAfee Virtual Technician Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft IntelliPoint 5.0 Microsoft IntelliType Pro 5.0 Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft National Language Support Downlevel APIs Microsoft Office Live Add-in 1.3 Microsoft Office XP Professional Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft XML Parser MSVCRT Nokia Connectivity Cable Driver NVIDIA Drivers PCI Audio Driver Philips SPC 700NC PC Camera PIF DESIGNER QuickTime Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Internet Explorer 8 (KB976325) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB980232) Segoe UI Skypeâ„¢ 4.0 SPC 700NC PC Camera Talking Alarm Clock Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Windows (KB971513) Update for Windows Internet Explorer 8 (KB971930) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB976749) Update for Windows Internet Explorer 8 (KB980182) Update for Windows Internet Explorer 8 (KB980302) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VC80CRTRedist - 8.0.50727.4053 WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Toolbar Windows Live Writer Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player Hotfix [See Q828026 for more information] Windows Search 4.0 Windows XP Service Pack 3 ==== End Of File =========================== DDS (Ver_10-03-17.01) - NTFSx86 Run by Mike at 16:18:20.31 on 06/05/2010 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1215.652 [GMT 1:00] AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Mixer.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\WINDOWS\vphc700.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Alarm Clock\Alarm Tray.exe svchost.exe C:\Program Files\Philips\SPC 700NC PC Camera\TrayMin700.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Microsoft Office\Office10\msoffice.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Alarm Clock\AlarmMonitor.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Mike\Desktop\New Briefcase\dds.scr ============== Pseudo HJT Report =============== uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uStart Page = hxxp://www.yahoo.co.uk/ mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q= uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll mURLSearchHooks: H - No File BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20100428070608.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.shockwave.com/gamelanding/driftnburn365.jsp" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [C-Media Mixer] Mixer.exe /startup mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe" mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\point32.exe" mRun: [phc700] c:\windows\vphc700.exe mRun: [EPSON Stylus DX4200 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200" mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [Show missed alarms] c:\program files\alarm clock\Alarm.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\traymi~1.lnk - c:\program files\philips\spc 700nc pc camera\TrayMin700.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll Trusted Zone: internet Trusted Zone: liverpoolfc.tv Trusted Zone: liverpoolfc.tv\www Trusted Zone: mcafee.com Trusted Zone: windowsmedia.com Trusted Zone: yahoo.com\uk DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1202326624140 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game04.zylom.com/activex/zylomgamesplayer.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: LMIinit - LMIinit.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll ============= SERVICES / DRIVERS =============== R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-3-16 385536] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-3-16 82952] R2 AlarmClockMonitor;Talking Alarm Clock user logon monitor;c:\program files\alarm clock\AlarmMonitor.exe [2008-5-31 852144] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-8-3 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-2-16 47640] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-12-20 93320] R2 McMPFSvc;McAfee Personal Firewall;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-3-16 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-3-16 271480] R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-3-16 271480] R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-3-16 170144] R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-3-16 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-3-16 141792] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-3-16 55456] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-3-16 152320] R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-3-16 51688] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-3-16 312616] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-3-16 88480] R3 phc700;USB PC Camera (SPC700NC);c:\windows\system32\drivers\phc700.sys [2008-2-6 644864] S2 BrowserQuest Service;BrowserQuest Service;"c:\documents and settings\all users\application data\browserquest\browserquest121.exe" "c:\program files\browserquest\browserquest.dll" service --> c:\documents and settings\all users\application data\browserquest\browserquest121.exe [?] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-3-16 88480] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-3-16 83496] S4 LMIRfsClientNP;LMIRfsClientNP; [x] =============== Created Last 30 ================ 2010-05-05 10:18:52 0 d-----w- c:\docume~1\alluse~1\applic~1\Symantec 2010-05-05 10:18:52 0 d-----w- c:\docume~1\alluse~1\applic~1\Norton 2010-05-05 10:18:43 0 d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller 2010-05-02 12:26:25 0 d-sha-r- C:\cmdcons 2010-05-02 12:23:49 98816 ----a-w- c:\windows\sed.exe 2010-05-02 12:23:49 77312 ----a-w- c:\windows\MBR.exe 2010-05-02 12:23:49 256512 ----a-w- c:\windows\PEV.exe 2010-05-02 12:23:49 161792 ----a-w- c:\windows\SWREG.exe 2010-04-28 18:09:09 0 d-----w- c:\docume~1\mike\applic~1\Windows Search 2010-04-26 22:04:42 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2010-04-22 15:33:07 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin 2010-04-22 15:32:51 0 d-----w- c:\docume~1\mike\applic~1\Windows Desktop Search 2010-04-22 15:32:19 0 d-----w- c:\program files\Windows Desktop Search 2010-04-22 15:32:18 0 d-----w- c:\windows\system32\GroupPolicy 2010-04-22 14:42:33 14336 ----a-w- c:\windows\system32\svchost.exe 2010-04-22 09:52:53 552 ----a-w- c:\windows\system32\d3d8caps.dat 2010-04-20 21:11:43 293376 ------w- c:\windows\system32\browserchoice.exe 2010-04-18 08:30:28 0 d-----w- c:\program files\Citrix ==================== Find3M ==================== 2010-04-14 11:29:58 95568 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2010-04-14 11:29:58 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2010-04-14 11:29:58 88480 ----a-w- c:\windows\system32\drivers\mfendisk.sys 2010-04-14 11:29:58 83496 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2010-04-14 11:29:58 82952 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys 2010-04-14 11:29:58 55456 ----a-w- c:\windows\system32\drivers\cfwids.sys 2010-04-14 11:29:58 51688 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-04-14 11:29:58 385536 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2010-04-14 11:29:58 312616 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2010-04-14 11:29:58 152320 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-03-29 23:46:30 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-29 23:45:52 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-09 03:28:20 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-08 17:59:18 94208 ----a-w- c:\windows\system32\dpl100.dll 2010-02-25 06:24:37 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-19 19:27:36 720384 ----a-w- c:\windows\system32\DivX.dll 2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx0c.dll 2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx07.dll 2010-02-19 19:27:16 847872 ----a-w- c:\windows\system32\divx_xx0a.dll 2010-02-19 19:27:16 843776 ----a-w- c:\windows\system32\divx_xx16.dll 2010-02-19 19:27:16 839680 ----a-w- c:\windows\system32\divx_xx11.dll 2010-02-17 08:10:28 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 13:25:04 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-12 04:33:11 100864 ----a-w- c:\windows\system32\6to4svc.dll 2009-10-14 10:21:06 245760 --sha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat 2008-09-05 07:11:02 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090520080906\index.dat ============= FINISH: 16:19:46.31 ===============
  2. No problem, thanks for all help ComboFix 10-05-04.06 - Mike 05/05/2010 17:58:03.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1215.566 [GMT 1:00] Running from: c:\documents and settings\Mike\Desktop\New Briefcase\ComboFix.exe AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . ((((((((((((((((((((((((( Files Created from 2010-04-05 to 2010-05-05 ))))))))))))))))))))))))))))))) . 2010-05-05 10:18 . 2010-05-05 16:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2010-05-05 10:18 . 2010-05-05 10:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec 2010-05-05 10:18 . 2010-05-05 10:18 -------- d-----w- c:\program files\NortonInstaller 2010-05-05 10:18 . 2010-05-05 10:18 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2010-05-05 07:19 . 2010-05-05 07:19 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-05-05 07:19 . 2010-05-05 07:19 56766 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe 2010-05-05 07:19 . 2010-05-05 07:19 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe 2010-05-05 07:19 . 2010-05-05 07:19 57679 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe 2010-05-05 07:18 . 2010-05-05 07:18 84040 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe 2010-05-05 07:18 . 2010-05-05 07:18 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe 2010-05-05 07:18 . 2010-05-05 07:18 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe 2010-05-05 07:18 . 2010-05-05 07:18 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe 2010-05-05 07:18 . 2010-05-05 07:18 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe 2010-05-05 07:18 . 2010-05-05 07:18 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe 2010-05-05 07:16 . 2010-05-05 07:16 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-04-28 18:09 . 2010-04-28 18:09 -------- d-----w- c:\documents and settings\Mike\Application Data\Windows Search 2010-04-22 15:34 . 2010-04-22 15:34 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe 2010-04-22 15:33 . 2008-07-08 07:45 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin 2010-04-22 15:32 . 2010-04-22 15:32 -------- d-----w- c:\documents and settings\Mike\Application Data\Windows Desktop Search 2010-04-22 15:32 . 2010-04-23 22:32 -------- d-----w- c:\program files\Windows Desktop Search 2010-04-22 15:32 . 2010-04-22 15:32 -------- d-----w- c:\windows\system32\GroupPolicy 2010-04-22 14:42 . 2004-08-03 23:56 14336 ----a-w- c:\windows\system32\svchost.exe 2010-04-22 14:41 . 2010-04-22 14:41 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2010-04-22 09:52 . 2010-04-22 09:52 552 ----a-w- c:\windows\system32\d3d8caps.dat 2010-04-20 21:11 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2010-04-18 08:30 . 2010-04-18 08:30 -------- d-----w- c:\program files\Citrix . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-05 07:19 . 2010-03-29 18:41 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX 2010-05-05 07:19 . 2009-01-17 15:53 -------- d-----w- c:\program files\DivX 2010-05-05 07:16 . 2010-03-29 18:46 754984 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll 2010-05-05 07:16 . 2010-03-29 18:46 1180952 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe 2010-05-05 05:51 . 2008-02-16 10:58 -------- d-----w- c:\program files\LogMeIn 2010-05-01 22:19 . 2008-02-06 19:22 -------- d-----w- c:\documents and settings\Mike\Application Data\Skype 2010-05-01 15:00 . 2008-02-06 19:23 -------- d-----w- c:\documents and settings\Mike\Application Data\skypePM 2010-04-22 09:17 . 2009-07-31 14:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-18 08:12 . 2009-12-20 11:35 -------- d-----w- c:\program files\McAfee 2010-04-16 16:56 . 2010-04-04 14:22 -------- d-----w- c:\documents and settings\Mike\Application Data\OfferBox 2010-04-16 16:56 . 2008-02-06 19:34 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-04-14 11:29 . 2010-03-16 11:05 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2010-04-14 11:29 . 2010-03-16 11:05 95568 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2010-04-14 11:29 . 2010-03-16 11:05 88480 ----a-w- c:\windows\system32\drivers\mfendisk.sys 2010-04-14 11:29 . 2010-03-16 11:05 83496 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2010-04-14 11:29 . 2010-03-16 11:05 82952 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys 2010-04-14 11:29 . 2010-03-16 11:05 55456 ----a-w- c:\windows\system32\drivers\cfwids.sys 2010-04-14 11:29 . 2010-03-16 11:05 51688 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-04-14 11:29 . 2010-03-16 11:05 385536 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2010-04-14 11:29 . 2010-03-16 11:05 312616 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2010-04-14 11:29 . 2010-03-16 11:05 152320 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-04-04 14:23 . 2010-04-04 14:23 -------- d-----w- c:\documents and settings\Mike\Application Data\widestream 2010-03-31 07:39 . 2010-03-31 07:39 503808 ----a-w- c:\documents and settings\Mike\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3f2a1649-n\msvcp71.dll 2010-03-31 07:39 . 2010-03-31 07:39 499712 ----a-w- c:\documents and settings\Mike\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3f2a1649-n\jmc.dll 2010-03-31 07:39 . 2010-03-31 07:39 348160 ----a-w- c:\documents and settings\Mike\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3f2a1649-n\msvcr71.dll 2010-03-31 07:39 . 2010-03-31 07:39 61440 ----a-w- c:\documents and settings\Mike\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6a3b480a-n\decora-sse.dll 2010-03-31 07:39 . 2010-03-31 07:39 12800 ----a-w- c:\documents and settings\Mike\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6a3b480a-n\decora-d3d.dll 2010-03-31 07:38 . 2008-04-03 20:50 -------- d-----w- c:\program files\Common Files\Java 2010-03-31 07:38 . 2008-04-03 20:50 -------- d-----w- c:\program files\Java 2010-03-29 23:46 . 2009-07-31 14:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-29 23:45 . 2009-07-31 14:14 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-29 18:47 . 2009-01-17 15:57 -------- d-----w- c:\documents and settings\Mike\Application Data\DivX 2010-03-29 18:46 . 2010-03-29 18:46 56978 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe 2010-03-29 18:45 . 2010-03-29 18:45 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe 2010-03-29 18:45 . 2010-03-29 18:45 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-03-29 18:45 . 2010-03-29 18:45 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe 2010-03-29 18:44 . 2010-03-29 18:44 54629 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe 2010-03-29 18:44 . 2010-03-29 18:44 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe 2010-03-29 18:44 . 2010-03-29 18:44 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-03-29 18:44 . 2010-03-29 18:44 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe 2010-03-29 18:44 . 2009-09-11 18:11 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-03-29 18:44 . 2010-03-29 18:44 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe 2010-03-16 23:06 . 2009-12-20 11:35 -------- d-----w- c:\program files\McAfee.com 2010-03-16 13:50 . 2008-02-06 17:45 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-03-16 13:49 . 2009-12-20 11:35 -------- d-----w- c:\program files\Common Files\McAfee 2010-03-10 06:15 . 2004-08-04 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-09 03:28 . 2008-12-26 17:25 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-08 17:59 . 2010-03-08 17:59 94208 ----a-w- c:\windows\system32\dpl100.dll 2010-02-25 06:24 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2004-08-04 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-19 19:27 . 2010-02-19 19:27 720384 ----a-w- c:\windows\system32\DivX.dll 2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- c:\windows\system32\divx_xx0c.dll 2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- c:\windows\system32\divx_xx07.dll 2010-02-19 19:27 . 2010-02-19 19:27 847872 ----a-w- c:\windows\system32\divx_xx0a.dll 2010-02-19 19:27 . 2010-02-19 19:27 843776 ----a-w- c:\windows\system32\divx_xx16.dll 2010-02-19 19:27 . 2010-02-19 19:27 839680 ----a-w- c:\windows\system32\divx_xx11.dll 2010-02-19 17:49 . 2008-02-06 17:45 288096 -c--a-r- c:\documents and settings\Mike\Application Data\McAfee\Supportability\MVTLogs\Results\detect.dll 2010-02-17 08:10 . 2004-08-04 12:00 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 13:25 . 2004-08-03 22:59 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-12 04:33 . 2004-08-04 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll 2010-02-11 12:02 . 2004-08-04 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys . ((((((((((((((((((((((((((((( [email protected]_12.38.02 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-05 05:51 . 2010-05-05 05:51 16384 c:\windows\Temp\Perflib_Perfdata_740.dat + 2008-02-06 11:27 . 2010-05-05 15:36 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2008-02-06 11:27 . 2010-05-02 11:19 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2010-05-02 16:23 . 2010-05-05 15:36 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat - 2008-02-06 11:27 . 2010-05-02 11:19 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-21 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144] "nwiz"="nwiz.exe" [2008-10-07 1630208] "C-Media Mixer"="Mixer.exe" [2002-10-15 1818624] "type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2003-05-15 114688] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2003-05-15 163840] "phc700"="c:\windows\vphc700.exe" [2006-10-16 344064] "EPSON Stylus DX4200 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE" [2005-03-07 98304] "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2007-08-03 63048] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016] "Show missed alarms"="c:\program files\Alarm Clock\Alarm.exe" [2008-05-31 376944] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-04-01 1180976] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] TrayMin700.exe.lnk - c:\program files\Philips\SPC 700NC PC Camera\TrayMin700.exe [2008-2-6 278528] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoActiveDesktop"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] 2009-10-02 06:14 87352 ----a-w- c:\windows\system32\LMIinit.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [16/03/2010 12:05 82952] R2 AlarmClockMonitor;Talking Alarm Clock user logon monitor;c:\program files\Alarm Clock\AlarmMonitor.exe [31/05/2008 13:49 852144] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [03/08/2007 16:09 12856] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [20/12/2009 12:40 93320] R2 McMPFSvc;McAfee Personal Firewall;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [16/03/2010 12:05 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [16/03/2010 12:05 271480] R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [16/03/2010 12:06 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [16/03/2010 12:05 141792] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [16/03/2010 12:05 55456] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [16/03/2010 12:05 312616] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [16/03/2010 12:05 88480] R3 phc700;USB PC Camera (SPC700NC);c:\windows\system32\drivers\phc700.sys [06/02/2008 20:34 644864] S2 BrowserQuest Service;BrowserQuest Service;"c:\documents and settings\All Users\Application Data\BrowserQuest\browserquest121.exe" "c:\program files\BrowserQuest\browserquest.dll" Service --> c:\documents and settings\All Users\Application Data\BrowserQuest\browserquest121.exe [?] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [16/03/2010 12:05 88480] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [16/03/2010 12:05 83496] --- Other Services/Drivers In Memory --- *Deregistered* - mfeavfk01 . Contents of the 'Scheduled Tasks' folder 2010-04-14 c:\windows\Tasks\Diabetes Session.job - c:\program files\Alarm Clock\Alarm.exe [2008-05-31 12:49] 2010-02-04 c:\windows\Tasks\Heart Clinic.job - c:\program files\Alarm Clock\Alarm.exe [2008-05-31 12:49] 2010-02-04 c:\windows\Tasks\Pacermaker.job - c:\program files\Alarm Clock\Alarm.exe [2008-05-31 12:49] 2010-04-22 c:\windows\Tasks\Practice Nurse.job - c:\program files\Alarm Clock\Alarm.exe [2008-05-31 12:49] . . ------- Supplementary Scan ------- . uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uStart Page = hxxp://www.yahoo.co.uk/ mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q= uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s Trusted Zone: internet Trusted Zone: liverpoolfc.tv Trusted Zone: liverpoolfc.tv\www Trusted Zone: mcafee.com Trusted Zone: windowsmedia.com Trusted Zone: yahoo.com\uk DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game04.zylom.com/activex/zylomgamesplayer.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url] Rootkit scan 2010-05-05 18:06 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1052) c:\windows\system32\LMIinit.dll c:\windows\system32\LMIRfsClientNP.dll - - - - - - - > 'explorer.exe'(3048) c:\windows\system32\WININET.dll c:\progra~1\mcafee\SITEAD~1\saHook.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\LMIRfsClientNP.dll . Completion time: 2010-05-05 18:12:14 ComboFix-quarantined-files.txt 2010-05-05 17:11 ComboFix2.txt 2010-05-02 12:42 Pre-Run: 111,403,606,016 bytes free Post-Run: 111,367,221,248 bytes free - - End Of File - - 34E6DE4FF4DE9F6E32BC7AF3CE6DB6B4
  3. hope this is the right one UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-06-26.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 06/02/2008 11:26:49 System Uptime: 25/04/2010 07:07:03 (3 hours ago) Motherboard: | | K8NF4G-VSTA Processor: AMD Sempron(tm) Processor 3000+ | CPUSocket | 1808/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 117 GiB total, 99.925 GiB free. D: is FIXED (NTFS) - 32 GiB total, 30.036 GiB free. E: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== No restore point in system. ==== Installed Programs ====================== Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 8.1.5 Adobe Shockwave Player 11.5 AutoUpdate BT Home Hub CoreAAC Audio Decoder (remove only) Critical Update for Windows Media Player 11 (KB959772) DivX Converter DivX Plus DirectShow Filters DivX Setup DivX Version Checker Elecard MPEG-2 Decoder&Streaming Plug-in for WMP EPSON Attach To Email EPSON Copy Utility 3 EPSON Easy Photo Print EPSON File Manager EPSON Image Clip Palette EPSON Printer Software EPSON Scan EPSON Scan Assistant Google Toolbar for Internet Explorer High Definition Audio Driver Package - KB888111 HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976002-v5) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Intel® 537EP Modem Japanese Fonts Support For Adobe Reader 8 Java Auto Updater Java(tm) 6 Update 19 Java(tm) 6 Update 5 Java(tm) 6 Update 7 KB408682 LogMeIn Malwarebytes' Anti-Malware McAfee Total Protection McAfee Virtual Technician Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft IntelliPoint 5.0 Microsoft IntelliType Pro 5.0 Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft National Language Support Downlevel APIs Microsoft Office Live Add-in 1.3 Microsoft Office XP Professional Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft XML Parser MSVCRT Nokia Connectivity Cable Driver NVIDIA Drivers PCI Audio Driver Philips SPC 700NC PC Camera PIF DESIGNER QuickTime Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Internet Explorer 8 (KB976325) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB980232) Segoe UI Skypeâ„¢ 4.0 SPC 700NC PC Camera Talking Alarm Clock Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Windows (KB971513) Update for Windows Internet Explorer 8 (KB971930) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB976749) Update for Windows Internet Explorer 8 (KB980182) Update for Windows Internet Explorer 8 (KB980302) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VC80CRTRedist - 8.0.50727.4053 WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Toolbar Windows Live Writer Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player Hotfix [See Q828026 for more information] Windows Search 4.0 Windows XP Service Pack 3 ==== Event Viewer Messages From Past Week ======== 22/04/2010 17:50:39, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found. 22/04/2010 15:47:31, error: Dhcp [1002] - The IP address lease 192.168.1.64 for the Network Card with network address 00138FAB9893 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message). 22/04/2010 15:45:50, error: System Error [1003] - Error code 000000c2, parameter1 00000007, parameter2 00000cd4, parameter3 07ae7d00, parameter4 89431008. 22/04/2010 15:45:46, error: System Error [1003] - Error code 100000d1, parameter1 00000000, parameter2 00000002, parameter3 00000000, parameter4 ba650b49. ==== End Of File ===========================
  4. [attachment=8035:dds_log.txt]as requested please find the logs you require [quote name='Blade81' post='119143' date='Apr 20 2010, 07:28 PM']Hi, Download DDS and save it to your desktop from [url="http://download.bleepingcomputer.com/sUBs/dds.com"][b][color="seagreen"]here[/color][/b][/url] or [url="http://download.bleepingcomputer.com/sUBs/dds.scr"][b][color="seagreen"]here[/color][/b][/url] or [url="http://www.forospyware.com/sUBs/dds"][b][color="seagreen"]here[/color][/b][/url]. Disable any script blocker, and then double click [b]dds.scr [/b]to run the tool. [list] [*]When done, DDS will open two (2) logs: [list=1] [*] DDS.txt [*] Attach.txt [/list] [*]Save both reports to your desktop. Post them back to your topic. [/list]--- Download [url="http://www.gmer.net"][color="blue"]GMER[/color][/url] here by clicking download exe -button and then saving it your desktop:[list] [*]Double-click [b].exe[/b] that you downloaded [*]Click [b]rootkit[/b]-tab, uncheck files option and then click [b]scan.[/b] [*][color="red"][b]Don't check Show All box while scanning in progress![/color][/b] [*]When scanning is ready, click [b]Copy[/b]. [*]This copies log to clipboard [*]Post log (if the log is long, archive it into a zip file and attach instead of posting) in your reply. [/list][/quote]
  5. I can't seem to get rid of adware ONESTEP. I've attached my hijack log. anyone help please thanks
  6. I can't seem to get rod of adware ONESTEP. I've attached my hijack log. anyone help please thanks
  7. I seem to have the "adware Onestep" and can't seem to get removed. can anyone offer any advice please Before I purchase the lavasoft program I want to know what percentage will it actually remove adware from my PC. I currently have the ADWARE ONE STEP and can't seem to get rid of it. I'm reluctant to purchase this program if it can not get this adware removed 100%