Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

Please4 Help!! Google redirects!

This is a discussion on Please4 Help!! Google redirects! within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. Hello, I have had this problem for a few days now, every link i click on in google redirects me


 
 
Thread Tools Search this Thread
Old 05-12-2011, 04:17 AM   #1
Registered Member
 
Join Date: May 2011
Posts: 2
OS:



Hello,

I have had this problem for a few days now, every link i click on in google redirects me to some other page that looks like it could contain viruses itself.
I have Mcafee and spybot, i have also run ccleaner just to clean up things.
But nothing has eliminated the problem!
Spybot does pick up something but whenever I click 'fix problems' they are all ticked (so fixed) but when i rescan, they are still there.. or at least similar ones.
Usually entrys like 'DoubleClick' 'MediaPlex' and 'Microsoft.WindowsSecurityCenter_disabled'

Please help! this is driving me barmy!

I have tried to do a gmer scan but i'm having trouble with that too.

Here is my DSS

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Jess at 11:41:53.04 on 12/05/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3767.2434 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\splwow64.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jess\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110307222556.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110307222556.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
mRun-x64: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [PLFSetI] C:\Windows\PLFSetI.exe
mRun-x64: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
mRun-x64: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\ywbbtkfu.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
FF - component: C:\Program Files (x86)\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\ywbbtkfu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-10-13 529128]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-7 283360]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2011-3-7 75032]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-25 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-8-29 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-13 13336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-4-23 523136]
R2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-3-7 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-3-7 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-3-7 149032]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-28 255744]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-13 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-7-13 243232]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-7 62800]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-7-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-7-13 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-13 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-7-13 271872]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-7 190136]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-7 441328]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-10 1153368]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-7 94864]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-27 305520]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-13 246376]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-26 1255736]
.
=============== Created Last 30 ================
.
2011-05-12 09:56:30 -------- d-----w- C:\Users\Jess\AppData\Local\{16F2D345-32B0-4A3E-B04F-CE858B706D2D}
2011-05-11 21:02:16 98544 ----a-w- C:\Users\Jess\cc_20110511_220208.reg
2011-05-11 20:43:12 -------- d-----w- C:\Program Files\CCleaner
2011-05-11 20:28:05 -------- d-----w- C:\Users\Jess\AppData\Local\{C6CDA845-CF43-4E89-B986-9FC66F94CE3D}
2011-05-11 18:27:36 -------- d-----w- C:\PROGRA~3\Skype Extras
2011-05-10 20:32:31 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-10 20:32:31 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2011-05-10 20:28:20 -------- d-----w- C:\Users\Jess\AppData\Roaming\Windows Live Writer
2011-05-10 20:28:20 -------- d-----w- C:\Users\Jess\AppData\Local\Windows Live Writer
2011-05-10 18:56:26 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-10 18:56:25 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-10 18:56:25 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-10 18:56:13 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-05-10 18:56:13 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-05-10 18:56:13 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-05-10 18:56:13 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-05-10 18:56:13 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-05-10 18:56:13 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-05-10 18:56:13 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-05-10 09:46:42 -------- d-----w- C:\Users\Jess\AppData\Local\{C7903B46-60A2-428E-83B2-C91EC54DF708}
2011-05-07 14:36:20 -------- d-----w- C:\Users\Jess\AppData\Local\{7633D9D5-08D3-4CE0-B059-3C75D50A03E9}
2011-05-03 10:25:47 -------- d-----w- C:\Users\Jess\AppData\Local\{10652B72-26B6-416A-8E8F-8A033C94AA88}
2011-05-02 13:56:34 -------- d-----w- C:\Program Files\iTunes
2011-05-02 13:56:34 -------- d-----w- C:\Program Files\iPod
2011-05-02 13:56:34 -------- d-----w- C:\Program Files (x86)\iTunes
2011-05-02 13:53:55 -------- d-----w- C:\Program Files\Bonjour
2011-05-02 13:53:55 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-05-01 21:11:22 -------- d-----w- C:\Users\Jess\AppData\Local\{D855EFA3-09EE-4659-8C3A-05450F147B1C}
2011-05-01 09:10:00 -------- d-----w- C:\Users\Jess\AppData\Local\{CCEFC56A-1229-429D-8C19-5C4C9D212755}
2011-04-30 06:46:14 -------- d-----w- C:\Users\Jess\AppData\Local\{3B42BD81-FE7D-46ED-A1F3-D3B88CBD8D66}
2011-04-27 08:58:37 2870272 ----a-w- C:\Windows\explorer.exe
2011-04-27 08:58:37 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-04-27 08:58:34 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-04-27 08:58:33 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-04-27 08:57:23 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-04-27 08:57:22 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-04-27 08:57:22 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-04-27 08:57:22 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-04-27 08:57:22 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-04-27 08:57:22 2566144 ----a-w- C:\Windows\System32\esent.dll
2011-04-27 08:57:22 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-04-27 08:57:22 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2011-04-27 08:57:22 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-04-27 08:57:22 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-04-27 08:57:22 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-04-27 08:55:45 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-04-27 08:55:45 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-04-27 06:45:47 -------- d-----w- C:\Users\Jess\AppData\Local\{190D954F-BFCF-4E12-9370-0509C48AC822}
2011-04-26 18:35:38 -------- d-----w- C:\Program Files (x86)\Graboid
2011-04-26 09:38:57 -------- d-----w- C:\Users\Jess\AppData\Local\{07BFAE48-6602-4D8B-8F00-40A0887ADE87}
2011-04-24 05:47:27 -------- d-----w- C:\Users\Jess\AppData\Local\{EFE23019-5B13-412E-A071-197BF30D3937}
2011-04-23 15:17:28 -------- d-----w- C:\Program Files\BT Broadband Desktop Help
2011-04-23 15:16:55 -------- d-----w- C:\Program Files (x86)\Common Files\Motive
2011-04-23 15:16:54 -------- d-----w- C:\Program Files\Common Files\Motive
2011-04-23 15:14:36 -------- d-----w- C:\Program Files (x86)\BT Broadband Desktop Help
2011-04-23 15:11:20 -------- d-----w- C:\PROGRA~3\Citrix
2011-04-23 15:10:47 -------- d-----w- C:\Users\Jess\AppData\Local\Citrix
2011-04-23 15:03:34 -------- d-----w- C:\Users\Jess\AppData\Local\{1727160C-45A2-46E4-A38D-6EDE292C976F}
2011-04-23 13:46:04 -------- d-----w- C:\Program Files (x86)\Citrix
2011-04-23 13:30:09 -------- d-----w- C:\Users\Jess\AppData\Local\{8788BE40-0539-4107-B21D-039A49AD2AAE}
2011-04-23 08:15:46 -------- d-----w- C:\Users\Jess\AppData\Local\{48507644-859E-4522-B3D9-398629FE0556}
2011-04-22 19:12:29 -------- d-----w- C:\Users\Jess\AppData\Local\{1F691AF9-779C-475B-8CDB-ADBF979D9A3D}
2011-04-20 16:41:31 -------- d-----w- C:\Users\Jess\AppData\Local\{E7D637E1-9595-468F-9A11-38D1A439A9F1}
2011-04-18 10:35:54 -------- d-----w- C:\Users\Jess\AppData\Local\{2D0A1ECA-9846-4130-9410-D06B4EAC93F6}
2011-04-18 10:14:10 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-04-13 16:43:04 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2011-04-13 16:42:58 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2011-04-13 16:42:35 -------- d-----w- C:\Program Files (x86)\HP
2011-04-13 16:30:08 -------- d-----w- C:\Users\Jess\AppData\Local\ElevatedDiagnostics
2011-04-12 16:19:12 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
.
==================== Find3M ====================
.
2011-04-08 19:41:53 135168 --sha-r- C:\Windows\SysWow64\LIVESSP1.dll
2011-04-06 15:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 15:26:58 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-04-06 15:26:58 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2011-04-06 15:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 15:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 15:20:16 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-04-06 15:20:16 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-04-06 15:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys
2011-02-24 06:30:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-02-24 06:29:15 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-02-24 06:24:57 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-02-24 05:32:52 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-02-24 05:32:44 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-02-24 05:30:16 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-02-24 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec
2011-02-24 04:24:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-02-24 04:23:48 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-02-24 03:50:26 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-02-23 05:16:28 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-02-23 05:16:01 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-02-23 05:15:50 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-02-23 05:15:27 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-02-23 05:15:14 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-02-23 05:15:13 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 06:36:13 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-18 15:36:58 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2011-02-18 15:36:58 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
2011-02-18 06:37:05 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-02-18 05:36:26 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-02-12 06:14:41 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
.
============= FINISH: 11:42:42.62 ===============

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Jess at 11:41:53.04 on 12/05/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3767.2434 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\splwow64.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jess\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110307222556.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110307222556.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
mRun-x64: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [PLFSetI] C:\Windows\PLFSetI.exe
mRun-x64: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
mRun-x64: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\ywbbtkfu.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
FF - component: C:\Program Files (x86)\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\ywbbtkfu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-10-13 529128]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-7 283360]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2011-3-7 75032]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-25 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-8-29 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-13 13336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-4-23 523136]
R2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-3-7 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-3-7 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-3-7 149032]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-28 255744]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-13 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-7-13 243232]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-7 62800]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-7-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-7-13 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-13 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-7-13 271872]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-7 190136]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-7 441328]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-10 1153368]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-7 94864]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-27 305520]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-13 246376]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-26 1255736]
.
=============== Created Last 30 ================
.
2011-05-12 09:56:30 -------- d-----w- C:\Users\Jess\AppData\Local\{16F2D345-32B0-4A3E-B04F-CE858B706D2D}
2011-05-11 21:02:16 98544 ----a-w- C:\Users\Jess\cc_20110511_220208.reg
2011-05-11 20:43:12 -------- d-----w- C:\Program Files\CCleaner
2011-05-11 20:28:05 -------- d-----w- C:\Users\Jess\AppData\Local\{C6CDA845-CF43-4E89-B986-9FC66F94CE3D}
2011-05-11 18:27:36 -------- d-----w- C:\PROGRA~3\Skype Extras
2011-05-10 20:32:31 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-10 20:32:31 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2011-05-10 20:28:20 -------- d-----w- C:\Users\Jess\AppData\Roaming\Windows Live Writer
2011-05-10 20:28:20 -------- d-----w- C:\Users\Jess\AppData\Local\Windows Live Writer
2011-05-10 18:56:26 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-10 18:56:25 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-10 18:56:25 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-10 18:56:13 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-05-10 18:56:13 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-05-10 18:56:13 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-05-10 18:56:13 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-05-10 18:56:13 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-05-10 18:56:13 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-05-10 18:56:13 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-05-10 09:46:42 -------- d-----w- C:\Users\Jess\AppData\Local\{C7903B46-60A2-428E-83B2-C91EC54DF708}
2011-05-07 14:36:20 -------- d-----w- C:\Users\Jess\AppData\Local\{7633D9D5-08D3-4CE0-B059-3C75D50A03E9}
2011-05-03 10:25:47 -------- d-----w- C:\Users\Jess\AppData\Local\{10652B72-26B6-416A-8E8F-8A033C94AA88}
2011-05-02 13:56:34 -------- d-----w- C:\Program Files\iTunes
2011-05-02 13:56:34 -------- d-----w- C:\Program Files\iPod
2011-05-02 13:56:34 -------- d-----w- C:\Program Files (x86)\iTunes
2011-05-02 13:53:55 -------- d-----w- C:\Program Files\Bonjour
2011-05-02 13:53:55 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-05-01 21:11:22 -------- d-----w- C:\Users\Jess\AppData\Local\{D855EFA3-09EE-4659-8C3A-05450F147B1C}
2011-05-01 09:10:00 -------- d-----w- C:\Users\Jess\AppData\Local\{CCEFC56A-1229-429D-8C19-5C4C9D212755}
2011-04-30 06:46:14 -------- d-----w- C:\Users\Jess\AppData\Local\{3B42BD81-FE7D-46ED-A1F3-D3B88CBD8D66}
2011-04-27 08:58:37 2870272 ----a-w- C:\Windows\explorer.exe
2011-04-27 08:58:37 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-04-27 08:58:34 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-04-27 08:58:33 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-04-27 08:57:23 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-04-27 08:57:22 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-04-27 08:57:22 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-04-27 08:57:22 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-04-27 08:57:22 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-04-27 08:57:22 2566144 ----a-w- C:\Windows\System32\esent.dll
2011-04-27 08:57:22 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-04-27 08:57:22 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2011-04-27 08:57:22 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-04-27 08:57:22 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-04-27 08:57:22 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-04-27 08:55:45 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-04-27 08:55:45 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-04-27 06:45:47 -------- d-----w- C:\Users\Jess\AppData\Local\{190D954F-BFCF-4E12-9370-0509C48AC822}
2011-04-26 18:35:38 -------- d-----w- C:\Program Files (x86)\Graboid
2011-04-26 09:38:57 -------- d-----w- C:\Users\Jess\AppData\Local\{07BFAE48-6602-4D8B-8F00-40A0887ADE87}
2011-04-24 05:47:27 -------- d-----w- C:\Users\Jess\AppData\Local\{EFE23019-5B13-412E-A071-197BF30D3937}
2011-04-23 15:17:28 -------- d-----w- C:\Program Files\BT Broadband Desktop Help
2011-04-23 15:16:55 -------- d-----w- C:\Program Files (x86)\Common Files\Motive
2011-04-23 15:16:54 -------- d-----w- C:\Program Files\Common Files\Motive
2011-04-23 15:14:36 -------- d-----w- C:\Program Files (x86)\BT Broadband Desktop Help
2011-04-23 15:11:20 -------- d-----w- C:\PROGRA~3\Citrix
2011-04-23 15:10:47 -------- d-----w- C:\Users\Jess\AppData\Local\Citrix
2011-04-23 15:03:34 -------- d-----w- C:\Users\Jess\AppData\Local\{1727160C-45A2-46E4-A38D-6EDE292C976F}
2011-04-23 13:46:04 -------- d-----w- C:\Program Files (x86)\Citrix
2011-04-23 13:30:09 -------- d-----w- C:\Users\Jess\AppData\Local\{8788BE40-0539-4107-B21D-039A49AD2AAE}
2011-04-23 08:15:46 -------- d-----w- C:\Users\Jess\AppData\Local\{48507644-859E-4522-B3D9-398629FE0556}
2011-04-22 19:12:29 -------- d-----w- C:\Users\Jess\AppData\Local\{1F691AF9-779C-475B-8CDB-ADBF979D9A3D}
2011-04-20 16:41:31 -------- d-----w- C:\Users\Jess\AppData\Local\{E7D637E1-9595-468F-9A11-38D1A439A9F1}
2011-04-18 10:35:54 -------- d-----w- C:\Users\Jess\AppData\Local\{2D0A1ECA-9846-4130-9410-D06B4EAC93F6}
2011-04-18 10:14:10 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-04-13 16:43:04 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2011-04-13 16:42:58 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2011-04-13 16:42:35 -------- d-----w- C:\Program Files (x86)\HP
2011-04-13 16:30:08 -------- d-----w- C:\Users\Jess\AppData\Local\ElevatedDiagnostics
2011-04-12 16:19:12 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
.
==================== Find3M ====================
.
2011-04-08 19:41:53 135168 --sha-r- C:\Windows\SysWow64\LIVESSP1.dll
2011-04-06 15:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 15:26:58 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-04-06 15:26:58 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2011-04-06 15:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 15:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 15:20:16 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-04-06 15:20:16 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-04-06 15:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys
2011-02-24 06:30:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-02-24 06:29:15 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-02-24 06:24:57 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-02-24 05:32:52 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-02-24 05:32:44 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-02-24 05:30:16 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-02-24 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec
2011-02-24 04:24:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-02-24 04:23:48 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-02-24 03:50:26 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-02-23 05:16:28 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-02-23 05:16:01 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-02-23 05:15:50 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-02-23 05:15:27 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-02-23 05:15:14 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-02-23 05:15:13 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 06:36:13 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-18 15:36:58 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2011-02-18 15:36:58 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
2011-02-18 06:37:05 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-02-18 05:36:26 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-02-12 06:14:41 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
.
============= FINISH: 11:42:42.62 ===============
Attached Files
File Type: zip Attach.zip (3.7 KB, 14 views)

__________________
jess7aylor is offline  
Old 05-13-2011, 02:45 PM   #2
Registered Member
 
Join Date: May 2011
Posts: 2
OS:



Hello,

i have already posted this about 3 days ago! im struggling with the computer, more weird things are happening.

I have had this problem for a few days now, every link i click on in google redirects me to some other page that looks like it could contain viruses itself.
I have Mcafee and spybot, i have also run ccleaner just to clean up things.
But nothing has eliminated the problem!
Spybot does pick up something but whenever I click 'fix problems' they are all ticked (so fixed) but when i rescan, they are still there.. or at least similar ones.
Usually entrys like 'DoubleClick' 'MediaPlex' and 'Microsoft.WindowsSecurityCenter_disabled'

Please help! this is driving me barmy!

I have tried to do a gmer scan but i'm having trouble with that too.

Here is my DSS

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Jess at 11:41:53.04 on 12/05/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3767.2434 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\splwow64.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jess\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110307222556.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110307222556.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
mRun-x64: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [PLFSetI] C:\Windows\PLFSetI.exe
mRun-x64: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
mRun-x64: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\ywbbtkfu.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
FF - component: C:\Program Files (x86)\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\ywbbtkfu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-10-13 529128]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-7 283360]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2011-3-7 75032]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-25 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-8-29 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-13 13336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-4-23 523136]
R2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-3-7 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-3-7 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-3-7 149032]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-28 255744]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-13 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-7-13 243232]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-7 62800]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-7-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-7-13 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-13 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-7-13 271872]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-7 190136]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-7 441328]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-10 1153368]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-7 94864]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-27 305520]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-13 246376]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-26 1255736]
.
=============== Created Last 30 ================
.
2011-05-12 09:56:30 -------- d-----w- C:\Users\Jess\AppData\Local\{16F2D345-32B0-4A3E-B04F-CE858B706D2D}
2011-05-11 21:02:16 98544 ----a-w- C:\Users\Jess\cc_20110511_220208.reg
2011-05-11 20:43:12 -------- d-----w- C:\Program Files\CCleaner
2011-05-11 20:28:05 -------- d-----w- C:\Users\Jess\AppData\Local\{C6CDA845-CF43-4E89-B986-9FC66F94CE3D}
2011-05-11 18:27:36 -------- d-----w- C:\PROGRA~3\Skype Extras
2011-05-10 20:32:31 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-10 20:32:31 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2011-05-10 20:28:20 -------- d-----w- C:\Users\Jess\AppData\Roaming\Windows Live Writer
2011-05-10 20:28:20 -------- d-----w- C:\Users\Jess\AppData\Local\Windows Live Writer
2011-05-10 18:56:26 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-10 18:56:25 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-10 18:56:25 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-10 18:56:13 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-05-10 18:56:13 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-05-10 18:56:13 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-05-10 18:56:13 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-05-10 18:56:13 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-05-10 18:56:13 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-05-10 18:56:13 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-05-10 09:46:42 -------- d-----w- C:\Users\Jess\AppData\Local\{C7903B46-60A2-428E-83B2-C91EC54DF708}
2011-05-07 14:36:20 -------- d-----w- C:\Users\Jess\AppData\Local\{7633D9D5-08D3-4CE0-B059-3C75D50A03E9}
2011-05-03 10:25:47 -------- d-----w- C:\Users\Jess\AppData\Local\{10652B72-26B6-416A-8E8F-8A033C94AA88}
2011-05-02 13:56:34 -------- d-----w- C:\Program Files\iTunes
2011-05-02 13:56:34 -------- d-----w- C:\Program Files\iPod
2011-05-02 13:56:34 -------- d-----w- C:\Program Files (x86)\iTunes
2011-05-02 13:53:55 -------- d-----w- C:\Program Files\Bonjour
2011-05-02 13:53:55 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-05-01 21:11:22 -------- d-----w- C:\Users\Jess\AppData\Local\{D855EFA3-09EE-4659-8C3A-05450F147B1C}
2011-05-01 09:10:00 -------- d-----w- C:\Users\Jess\AppData\Local\{CCEFC56A-1229-429D-8C19-5C4C9D212755}
2011-04-30 06:46:14 -------- d-----w- C:\Users\Jess\AppData\Local\{3B42BD81-FE7D-46ED-A1F3-D3B88CBD8D66}
2011-04-27 08:58:37 2870272 ----a-w- C:\Windows\explorer.exe
2011-04-27 08:58:37 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-04-27 08:58:34 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-04-27 08:58:33 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-04-27 08:57:23 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-04-27 08:57:22 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-04-27 08:57:22 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-04-27 08:57:22 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-04-27 08:57:22 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-04-27 08:57:22 2566144 ----a-w- C:\Windows\System32\esent.dll
2011-04-27 08:57:22 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-04-27 08:57:22 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2011-04-27 08:57:22 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-04-27 08:57:22 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-04-27 08:57:22 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-04-27 08:55:45 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-04-27 08:55:45 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-04-27 06:45:47 -------- d-----w- C:\Users\Jess\AppData\Local\{190D954F-BFCF-4E12-9370-0509C48AC822}
2011-04-26 18:35:38 -------- d-----w- C:\Program Files (x86)\Graboid
2011-04-26 09:38:57 -------- d-----w- C:\Users\Jess\AppData\Local\{07BFAE48-6602-4D8B-8F00-40A0887ADE87}
2011-04-24 05:47:27 -------- d-----w- C:\Users\Jess\AppData\Local\{EFE23019-5B13-412E-A071-197BF30D3937}
2011-04-23 15:17:28 -------- d-----w- C:\Program Files\BT Broadband Desktop Help
2011-04-23 15:16:55 -------- d-----w- C:\Program Files (x86)\Common Files\Motive
2011-04-23 15:16:54 -------- d-----w- C:\Program Files\Common Files\Motive
2011-04-23 15:14:36 -------- d-----w- C:\Program Files (x86)\BT Broadband Desktop Help
2011-04-23 15:11:20 -------- d-----w- C:\PROGRA~3\Citrix
2011-04-23 15:10:47 -------- d-----w- C:\Users\Jess\AppData\Local\Citrix
2011-04-23 15:03:34 -------- d-----w- C:\Users\Jess\AppData\Local\{1727160C-45A2-46E4-A38D-6EDE292C976F}
2011-04-23 13:46:04 -------- d-----w- C:\Program Files (x86)\Citrix
2011-04-23 13:30:09 -------- d-----w- C:\Users\Jess\AppData\Local\{8788BE40-0539-4107-B21D-039A49AD2AAE}
2011-04-23 08:15:46 -------- d-----w- C:\Users\Jess\AppData\Local\{48507644-859E-4522-B3D9-398629FE0556}
2011-04-22 19:12:29 -------- d-----w- C:\Users\Jess\AppData\Local\{1F691AF9-779C-475B-8CDB-ADBF979D9A3D}
2011-04-20 16:41:31 -------- d-----w- C:\Users\Jess\AppData\Local\{E7D637E1-9595-468F-9A11-38D1A439A9F1}
2011-04-18 10:35:54 -------- d-----w- C:\Users\Jess\AppData\Local\{2D0A1ECA-9846-4130-9410-D06B4EAC93F6}
2011-04-18 10:14:10 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-04-13 16:43:04 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2011-04-13 16:42:58 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2011-04-13 16:42:35 -------- d-----w- C:\Program Files (x86)\HP
2011-04-13 16:30:08 -------- d-----w- C:\Users\Jess\AppData\Local\ElevatedDiagnostics
2011-04-12 16:19:12 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
.
==================== Find3M ====================
.
2011-04-08 19:41:53 135168 --sha-r- C:\Windows\SysWow64\LIVESSP1.dll
2011-04-06 15:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 15:26:58 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-04-06 15:26:58 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2011-04-06 15:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 15:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 15:20:16 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-04-06 15:20:16 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-04-06 15:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys
2011-02-24 06:30:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-02-24 06:29:15 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-02-24 06:24:57 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-02-24 05:32:52 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-02-24 05:32:44 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-02-24 05:30:16 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-02-24 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec
2011-02-24 04:24:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-02-24 04:23:48 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-02-24 03:50:26 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-02-23 05:16:28 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-02-23 05:16:01 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-02-23 05:15:50 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-02-23 05:15:27 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-02-23 05:15:14 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-02-23 05:15:13 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 06:36:13 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-18 15:36:58 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2011-02-18 15:36:58 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
2011-02-18 06:37:05 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-02-18 05:36:26 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-02-12 06:14:41 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
.
============= FINISH: 11:42:42.62 ===============

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Jess at 11:41:53.04 on 12/05/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3767.2434 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\splwow64.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jess\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l175l04h4z1j5v47n21568
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110307222556.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110307222556.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
mRun-x64: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [PLFSetI] C:\Windows\PLFSetI.exe
mRun-x64: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
mRun-x64: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\ywbbtkfu.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
FF - component: C:\Program Files (x86)\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\ywbbtkfu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-10-13 529128]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-7 283360]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2011-3-7 75032]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-25 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-8-29 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-13 13336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-4-23 523136]
R2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-7 355440]
R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-3-7 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-3-7 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-3-7 149032]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-28 255744]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-13 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-7-13 243232]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-7 62800]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-7-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-7-13 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-13 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-7-13 271872]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-7 190136]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-7 441328]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-10 1153368]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-7 94864]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-27 305520]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-13 246376]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-26 1255736]
.
=============== Created Last 30 ================
.
2011-05-12 09:56:30 -------- d-----w- C:\Users\Jess\AppData\Local\{16F2D345-32B0-4A3E-B04F-CE858B706D2D}
2011-05-11 21:02:16 98544 ----a-w- C:\Users\Jess\cc_20110511_220208.reg
2011-05-11 20:43:12 -------- d-----w- C:\Program Files\CCleaner
2011-05-11 20:28:05 -------- d-----w- C:\Users\Jess\AppData\Local\{C6CDA845-CF43-4E89-B986-9FC66F94CE3D}
2011-05-11 18:27:36 -------- d-----w- C:\PROGRA~3\Skype Extras
2011-05-10 20:32:31 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-10 20:32:31 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2011-05-10 20:28:20 -------- d-----w- C:\Users\Jess\AppData\Roaming\Windows Live Writer
2011-05-10 20:28:20 -------- d-----w- C:\Users\Jess\AppData\Local\Windows Live Writer
2011-05-10 18:56:26 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-10 18:56:25 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-10 18:56:25 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-10 18:56:13 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-05-10 18:56:13 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-05-10 18:56:13 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-05-10 18:56:13 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-05-10 18:56:13 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-05-10 18:56:13 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-05-10 18:56:13 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-05-10 09:46:42 -------- d-----w- C:\Users\Jess\AppData\Local\{C7903B46-60A2-428E-83B2-C91EC54DF708}
2011-05-07 14:36:20 -------- d-----w- C:\Users\Jess\AppData\Local\{7633D9D5-08D3-4CE0-B059-3C75D50A03E9}
2011-05-03 10:25:47 -------- d-----w- C:\Users\Jess\AppData\Local\{10652B72-26B6-416A-8E8F-8A033C94AA88}
2011-05-02 13:56:34 -------- d-----w- C:\Program Files\iTunes
2011-05-02 13:56:34 -------- d-----w- C:\Program Files\iPod
2011-05-02 13:56:34 -------- d-----w- C:\Program Files (x86)\iTunes
2011-05-02 13:53:55 -------- d-----w- C:\Program Files\Bonjour
2011-05-02 13:53:55 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-05-01 21:11:22 -------- d-----w- C:\Users\Jess\AppData\Local\{D855EFA3-09EE-4659-8C3A-05450F147B1C}
2011-05-01 09:10:00 -------- d-----w- C:\Users\Jess\AppData\Local\{CCEFC56A-1229-429D-8C19-5C4C9D212755}
2011-04-30 06:46:14 -------- d-----w- C:\Users\Jess\AppData\Local\{3B42BD81-FE7D-46ED-A1F3-D3B88CBD8D66}
2011-04-27 08:58:37 2870272 ----a-w- C:\Windows\explorer.exe
2011-04-27 08:58:37 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-04-27 08:58:34 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-04-27 08:58:33 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-04-27 08:57:23 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-04-27 08:57:22 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-04-27 08:57:22 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-04-27 08:57:22 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-04-27 08:57:22 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-04-27 08:57:22 2566144 ----a-w- C:\Windows\System32\esent.dll
2011-04-27 08:57:22 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-04-27 08:57:22 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2011-04-27 08:57:22 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-04-27 08:57:22 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-04-27 08:57:22 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-04-27 08:55:45 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-04-27 08:55:45 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-04-27 06:45:47 -------- d-----w- C:\Users\Jess\AppData\Local\{190D954F-BFCF-4E12-9370-0509C48AC822}
2011-04-26 18:35:38 -------- d-----w- C:\Program Files (x86)\Graboid
2011-04-26 09:38:57 -------- d-----w- C:\Users\Jess\AppData\Local\{07BFAE48-6602-4D8B-8F00-40A0887ADE87}
2011-04-24 05:47:27 -------- d-----w- C:\Users\Jess\AppData\Local\{EFE23019-5B13-412E-A071-197BF30D3937}
2011-04-23 15:17:28 -------- d-----w- C:\Program Files\BT Broadband Desktop Help
2011-04-23 15:16:55 -------- d-----w- C:\Program Files (x86)\Common Files\Motive
2011-04-23 15:16:54 -------- d-----w- C:\Program Files\Common Files\Motive
2011-04-23 15:14:36 -------- d-----w- C:\Program Files (x86)\BT Broadband Desktop Help
2011-04-23 15:11:20 -------- d-----w- C:\PROGRA~3\Citrix
2011-04-23 15:10:47 -------- d-----w- C:\Users\Jess\AppData\Local\Citrix
2011-04-23 15:03:34 -------- d-----w- C:\Users\Jess\AppData\Local\{1727160C-45A2-46E4-A38D-6EDE292C976F}
2011-04-23 13:46:04 -------- d-----w- C:\Program Files (x86)\Citrix
2011-04-23 13:30:09 -------- d-----w- C:\Users\Jess\AppData\Local\{8788BE40-0539-4107-B21D-039A49AD2AAE}
2011-04-23 08:15:46 -------- d-----w- C:\Users\Jess\AppData\Local\{48507644-859E-4522-B3D9-398629FE0556}
2011-04-22 19:12:29 -------- d-----w- C:\Users\Jess\AppData\Local\{1F691AF9-779C-475B-8CDB-ADBF979D9A3D}
2011-04-20 16:41:31 -------- d-----w- C:\Users\Jess\AppData\Local\{E7D637E1-9595-468F-9A11-38D1A439A9F1}
2011-04-18 10:35:54 -------- d-----w- C:\Users\Jess\AppData\Local\{2D0A1ECA-9846-4130-9410-D06B4EAC93F6}
2011-04-18 10:14:10 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-04-13 16:43:04 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2011-04-13 16:42:58 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2011-04-13 16:42:35 -------- d-----w- C:\Program Files (x86)\HP
2011-04-13 16:30:08 -------- d-----w- C:\Users\Jess\AppData\Local\ElevatedDiagnostics
2011-04-12 16:19:12 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
.
==================== Find3M ====================
.
2011-04-08 19:41:53 135168 --sha-r- C:\Windows\SysWow64\LIVESSP1.dll
2011-04-06 15:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 15:26:58 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-04-06 15:26:58 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2011-04-06 15:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 15:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 15:20:16 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-04-06 15:20:16 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-04-06 15:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys
2011-02-24 06:30:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-02-24 06:29:15 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-02-24 06:24:57 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-02-24 05:32:52 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-02-24 05:32:44 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-02-24 05:30:16 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-02-24 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec
2011-02-24 04:24:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-02-24 04:23:48 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-02-24 03:50:26 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-02-23 05:16:28 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-02-23 05:16:01 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-02-23 05:15:50 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-02-23 05:15:27 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-02-23 05:15:14 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-02-23 05:15:13 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 06:36:13 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-18 15:36:58 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2011-02-18 15:36:58 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
2011-02-18 06:37:05 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-02-18 05:36:26 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-02-12 06:14:41 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
.
============= FINISH: 11:42:42.62 ===============

__________________
jess7aylor is offline  
Old 05-15-2011, 06:57 AM   #3
Security Team
Analyst
 
Join Date: Apr 2007
Location: Montreal, QC. Canada
Posts: 2,655
OS: Windows 2000 Pro. - Vista SP 2, W7



Hello, Welcome to TSF.
I'm nasdaq and will be helping you.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.

Please do not install or uninstall any programs, or run any other scanners or software, unless I specifically ask you to do so. Also please copy and paste logs into the thread, rather than add them as attachments.

Note that your first topic will be deleted.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: A guide and tutorial on using ComboFix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs


For AVG antivirus and anti-spyware security software users only.
Quote:
Due to recent changes in AVG and how it interacts with CF, AVG must be uninstalled to run ComboFix. You will get a message from CF stating such.

If AVG will not uninstall, it is first recommended to uninstall it with this AppRemover by Opswat. The AVG uninstaller can be downloaded from here > AppRemover.exe Go to their homepage and you will see they have support for removal of other AV's as well AVG appremover tool.
Please let me know if the problem persists.
__________________
nasdaq is offline  
Old 05-25-2011, 08:33 AM   #4
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
amateur's Avatar
 
Join Date: Jun 2006
Location: here & there and everywhere
Posts: 14,780
OS: XP Win7 Ubuntu 10.10



Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum
__________________

amateur is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Google redirects + scareware and more?
I'm in desperate need of some help. A coworker recommended the site to me, so hopefully someone can help me resolve my issues! Thanks in advance! Here's DDS . DDS (Ver_11-03-05.01) - NTFSx86 Run by CCFDONE at 9:21:38.67 on Fri 05/13/2011 Internet Explorer: 8.0.6001.18702...
Brkncomputer123 Resolved HJT Threads 8 06-06-2011 07:06 AM
Few computer problems, mainly redirects from google
I've been having trouble with redirects from google (It's the only search engine I use, so I don't know if others would do it too) and I've noticed my computer running extremely slow as well (However this doesn't happen all the time so it may just be an old computer thing). I did used to use...
BecBennett Resolved HJT Threads 6 04-30-2011 11:02 PM
Trojan.flystudi.gen, google redirects, partially removed but computer still slow
Hello all, this is my first post though I've read through some threads before. I noticed my browser was redirecting my searches to other advertising sites randomly, so I ran malwarebytes (after ccleaner) to see what was going on. It found a couple things, including Trojan.FlyStudi.Gen in the...
moosirin Resolved HJT Threads 12 04-10-2011 06:04 AM
Google redirects and computer running slow
Ok, I hate having to ask for help by bothering people but I'm in a bind. Google redirects me to spam links when I click them the first time but the second time, it's fine. When I click 'back' when I'm on this spam website it sends me two pages back. Also, my computer has been running slower and...
Joeramos Resolved HJT Threads 4 03-03-2011 12:08 PM
computer freezes redirects to different sites on google
Please help. My computer has been running slow and many times when I upload a page it says it is not responding. The other issue is that when I do a search on google and click on the correct search,it directs me to another soliciting site. I have tried to run GMER both ways and it just will not...
lubo1 Inactive Malware Help Topics 8 02-21-2011 09:28 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2


All times are GMT -7. The time now is 11:50 AM.


Copyright 2001 - 2014, Tech Support Forum

Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts