Skip to main content

Cannot get Adaware to open



  • Customer

    Download DDS and save it to your desktop from [url=""][b][color="seagreen"]here[/color][/b][/url] or [url=""][b][color="seagreen"]here[/color][/b][/url] or [url=""][b][color="seagreen"]here[/color][/b][/url].

    Disable any script blocker, and then double click [b]dds file [/b]to run the tool. [list]

    [*]When done, DDS will open two (2) logs: [list=1]

    [*] DDS.txt

    [*] Attach.txt


    [*]Save both reports to your desktop. Post them back to your topic.

  • Customer
    [quote name='Blade81' post='126473' date='May 1 2011, 08:28 AM']Hi,

    Download DDS and save it to your desktop from [url=""][b][color="seagreen"]here[/color][/b][/url] or [url=""][b][color="seagreen"]here[/color][/b][/url] or [url=""][b][color="seagreen"]here[/color][/b][/url].

    Disable any script blocker, and then double click [b]dds file [/b]to run the tool. [list]

    [*]When done, DDS will open two (2) logs: [list=1]

    [*] DDS.txt

    [*] Attach.txt


    [*]Save both reports to your desktop. Post them back to your topic.


    Here is the paste of the DDS:


    DDS (Ver_11-03-05.01) - NTFSx86

    Run by Owner at 9:59:16.29 on Sun 05/01/2011

    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3198.2479 [GMT -4:00]


    AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

    FW: McAfee Firewall *Enabled*


    ============== Running Processes ===============



    C:\WINDOWS\system32\svchost -k DcomLaunch


    C:\Program Files\Windows Defender\MsMpEng.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

    C:\Program Files\DigitalPersona\Bin\DPWinLct.exe



    C:\Program Files\AVAST Software\Avast\AvastSvc.exe





    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Program Files\Bonjour\mDNSResponder.exe

    C:\Program Files\DigitalPersona\Bin\DpHost.exe

    C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

    C:\Program Files\Java\jre6\bin\jqs.exe

    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

    C:\Program Files\Common Files\Motive\McciCMService.exe

    C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

    C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

    C:\WINDOWS\system32\svchost.exe -k imgsvc

    C:\Program Files\Viewpoint\Common\ViewpointService.exe

    C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe

    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe



    C:\Program Files\Microsoft IntelliType Pro\type32.exe

    C:\Program Files\Digital Media Reader\shwiconem.exe


    C:\Program Files\Microsoft IntelliPoint\point32.exe

    C:\Program Files\DigitalPersona\Bin\DPAgnt.exe


    C:\Program Files\Windows Defender\MSASCui.exe

    C:\Program Files\\Agent\mcagent.exe

    C:\Program Files\Verizon\McciTrayApp.exe

    C:\Program Files\AVAST Software\Avast\avastUI.exe


    C:\Program Files\Microsoft ActiveSync\wcescomm.exe


    C:\Program Files\Messenger\msmsgs.exe

    C:\Program Files\Outlook Express\msimn.exe

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\6I8ZVDC8\dds[1].com


    ============== Pseudo HJT Report ===============


    uStart Page = hxxp://

    uSearch Page = hxxp://

    uWindow Title = Microsoft Internet Explorer provided by Verizon Online

    uDefault_Search_URL = hxxp://

    uSearchMigratedDefaultURL = hxxp://{searchTerms}&sourceid=ie7&

    uInternet Settings,ProxyOverride = ;;;<local>;*.local

    uSearchAssistant = hxxp://

    uSearchURL,(Default) = hxxp://

    mSearchAssistant = hxxp://

    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - No File

    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110130162015.dll

    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

    BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll

    BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\\GenericAskToolbar.dll

    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    TB: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File

    TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll

    TB: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - No File

    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

    TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\\GenericAskToolbar.dll

    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

    TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

    TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -

    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

    TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

    TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    uRun: [AdwareProMFC] c:\program files\ad-ware pro\Ad-Ware Pro.exe

    uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"

    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

    uRunOnce: [<NO NAME>] "c:\program files\internet explorer\iexplore.exe" [url=""][/url]

    mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe"

    mRun: [SunKistEM] "c:\program files\digital media reader\shwiconem.exe"

    mRun: [SoundMan] "SOUNDMAN.EXE"

    mRun: [Recguard] "c:\windows\sminst\RECGUARD.EXE"

    mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\point32.exe"

    mRun: [DPAgnt] "c:\program files\digitalpersona\bin\DPAgnt.exe"

    mRun: [CHotkey] "zHotkey.exe"

    mRun: [Amazing3DAquariumWallpaper]

    mRun: [MemoryCardManager] "c:\program files\lexmark\lexmark photo center\MemoryCardManager.exe" -startup

    mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

    mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"

    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

    mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto

    mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide

    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

    mRun: [mcui_exe] "c:\program files\\agent\mcagent.exe" /runkey

    mRun: [Verizon_McciTrayApp] "c:\program files\verizon\McciTrayApp.exe"

    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

    dRunOnce: [RunNarrator] Narrator.exe

    StartupFolder: c:\docume~1\owner\startm~1\programs\startup\finger~1.lnk - c:\program files\digitalpersona\bin\DPConsol.exe

    uPolicies-explorer: NoViewOnDrive = 0 (0x0)

    IE: &eBay Search - c:\program files\ebay\ebay toolbar2\eBayTb.dll/RCSearch.html

    IE: &Search - [url=""][/url]

    IE: Download by VersalSoft Internet Download - c:\program files\versalsoft\internetdownload\adddownload.htm

    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

    IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM

    IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM

    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

    IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\owner\start menu\programs\imvu\Run IMVU.lnk

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\

    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://

    DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://

    DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - hxxp://

    DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - hxxp://

    DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://

    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://

    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://


    DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - hxxp://

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://

    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

    Notify: AtiExtEvent - Ati2evxx.dll

    Notify: DPWLN - c:\windows\system32\DPWLEvHd.dll

    AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

    LSA: Notification Packages = scecli DPPWDFLT


    ================= FIREFOX ===================


    FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\crcd3v55.default\

    FF - prefs.js: - hxxp://

    FF - prefs.js: - Secure Search

    FF - prefs.js: browser.startup.homepage - hxxps://

    FF - prefs.js: keyword.URL - hxxp://

    FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\crcd3v55.default\extensions\\chrome\content\AudioService.dll

    FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll

    FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

    FF - component: c:\program files\mozilla firefox\components\Scriptff.dll

    FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

    FF - plugin: c:\documents and settings\owner\application data\facebook\npfbplugin_1_0_3.dll

    FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\crcd3v55.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll

    FF - plugin: c:\program files\google\update\\npGoogleOneClick8.dll

    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

    FF - plugin: c:\program files\ksolo\npAVX.dll

    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

    FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll

    FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll

    FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    FF - Ext: Java Console: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

    FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

    FF - Ext: AIM Toolbar: {c2f863cd-0429-48c7-bb54-db756a951760} - %profile%\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}

    FF - Ext: Adobe DLM (powered by getPlus®): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

    FF - Ext: Ask Toolbar: - %profile%\extensions\

    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

    FF - Ext: Java Quick Starter: - c:\program files\java\jre6\lib\deploy\jqs\ff

    FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor


    ============= SERVICES / DRIVERS ===============


    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-12-13 64512]

    R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-1-30 386840]

    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-1 441176]

    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-5-1 307288]

    R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-4-25 84072]

    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-5-1 19544]

    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-5-1 42184]

    R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2011-3-24 118784]

    R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-1-30 171168]

    R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-1-30 188136]

    R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2011-1-30 141792]

    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-16 24652]

    R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

    R3 dpK0Bx01;Fingerprint Reader Filter Driver;c:\windows\system32\drivers\dpK0Bx01.sys [2005-4-9 32640]

    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-4-25 152960]

    R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-4-25 52104]

    R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-4-25 313288]

    R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-4-25 88544]

    R3 UsbdpFP;Fingerprint Reader Class Driver;c:\windows\system32\drivers\UsbdpFP.sys [2005-4-9 34560]

    S2 gupdate1caf60c78f48854;Google Update Service (gupdate1caf60c78f48854);c:\program files\google\update\GoogleUpdate.exe [2010-5-17 133104]

    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-4-29 1181328]

    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]

    S2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]

    S2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]

    S2 McOobeSv;McAfee OOBE Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]

    S2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]

    S3 brfilt;Brother MFC Filter Driver;c:\windows\system32\drivers\BrFilt.sys [2005-4-1 2944]

    S3 brparimg;Brother Multi Function Parallel Image driver;c:\windows\system32\drivers\BrParImg.sys [2005-4-1 3168]

    S3 BrParWdm;Brother WDM Parallel Driver;c:\windows\system32\drivers\BrParwdm.sys [2005-4-1 39552]

    S3 BrSerWDM;Brother WDM Serial driver;c:\windows\system32\drivers\BrSerWdm.sys [2005-4-1 60416]

    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-4-25 55840]

    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-17 133104]

    S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-4-25 88544]

    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-4-25 84264]

    S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-1-15 34248]

    S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-1-15 40552]

    S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2007-11-23 17536]

    S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2007-11-23 7680]

    S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2007-11-23 21376]


    =============== Created Last 30 ================


    2011-05-01 04:02:13 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

    2011-05-01 04:01:55 40112 ----a-w- c:\windows\avastSS.scr

    2011-05-01 04:01:42 -------- d-----w- c:\program files\AVAST Software

    2011-05-01 04:01:42 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVAST Software

    2011-05-01 03:18:25 -------- d-----w- c:\program files\Webroot

    2011-05-01 01:22:24 388096 ----a-r- c:\docume~1\owner\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

    2011-05-01 01:22:23 -------- d-----w- c:\program files\Trend Micro

    2011-05-01 01:03:01 -------- d-----w- c:\program files\common files\Motive

    2011-05-01 01:02:48 45 ----a-w- c:\windows\system32\stopSvc.bat

    2011-05-01 01:02:48 260 ----a-w- c:\windows\system32\cmdVBS.vbs

    2011-04-30 22:11:53 -------- d-----w- c:\docume~1\alluse~1\applic~1\FileCure

    2011-04-29 05:57:25 7071056 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\{a83d4488-62a1-4686-b655-7b1e732a37ed}\mpengine.dll

    2011-04-28 21:58:25 -------- d-----w- c:\windows\system32\wbem\repository\FS

    2011-04-28 21:58:25 -------- d-----w- c:\windows\system32\wbem\Repository

    2011-04-18 09:58:34 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

    2011-04-14 07:39:02 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

    2011-04-14 07:39:02 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

    2011-04-13 13:02:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\dGp06504oPlOg06504

    2011-04-11 12:55:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\eLh06511kIcAf06511


    ==================== Find3M ====================


    2011-04-18 09:58:29 15880 ----a-w- c:\windows\system32\lsdelete.exe

    2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll

    2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll

    2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys

    2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll

    2011-02-22 23:06:29 43520 ------w- c:\windows\system32\licmgr10.dll

    2011-02-22 23:06:29 1469440 ------w- c:\windows\system32\inetcpl.cpl

    2011-02-22 11:41:59 385024 ------w- c:\windows\system32\html.iec

    2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll

    2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll

    2011-02-09 13:53:52 270848 ------w- c:\windows\system32\sbe.dll

    2011-02-09 13:53:52 186880 ------w- c:\windows\system32\encdec.dll

    2011-02-08 13:33:55 978944 ------w- c:\windows\system32\mfc42.dll

    2011-02-08 13:33:55 974848 ------w- c:\windows\system32\mfc42u.dll

    2011-02-02 22:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe


    ============= FINISH: 10:02:07.14 ===============

    And attached is the Attach file.

    I tried last nitght to delete and reload Adaware and it would not unintstall it, I could not find the unintall folder. I also could not complete a new install.

    I downloaded Avast to run a scan and it came back with a trojan found. But would not delete it.

    Thanks for taking a look at this.
  • Customer

    Please use [img][/img]-button to reply without quoting previous post /smile.png' class='bbc_emoticon' alt=':wub:' />

    Please visit this webpage for download links, and instructions for running ComboFix tool:


    [color="Blue"]Please ensure you read this guide carefully first.[/color]

    Please continue as follows:


    [*][b]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix[/b], [url=""]link[/url]

    Remember to re-enable them afterwards.

    [*]Click [b]Yes[/b] to allow ComboFix to continue scanning for malware.


    When the tool is finished, it will produce a report for you.

    Please include the following reports for further review, and so we may continue cleansing the system:


    New dds log.[/b]

    [color="#ff0000"][b]A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.[/b][/color]
  • Customer
    Thanks. Taking the wife out for breakfast now so I will work on this later today. Also have plenty of yard work to do.

    Thanks again.
  • Customer
    No problem. Take your time /smile.png' class='bbc_emoticon' alt=':wub:' />
  • Customer
    I run Windows xp 64 bit. The instructions say that it will only work on 32 bit systems. Should I run it anyway?
  • Customer

    All signs in logs you posted say you're running Windows XP Home and it doesn't have 64-bit version. Click start, right click my computer and select properties. Let me know what does it say about your Windows edition there if it's different than Windows XP Home Edition.
  • Customer
    Microsoft Windows xp

    Home Edition

    Version 2002

    Service Pack 3

    E machines


    AMD Athlon (tm) 64 Processor


    1.99 ghz, 3.12 GB of Ram
  • Customer

    Please let ComboFix run.
  • Customer
    2 issues now.

    Combo keeps popping up that Mcafee is still turned on, though I did turn it off (It show on on the main screen)

    and Combo is giving an error message:

    Cannot rename Combofix to Combofix(1)
  • Customer
    Where do I find that file? I searched files and folders and nothing came up.
  • Customer

    Delete ComboFix.exe file you have there. Then disable all McAfee components before downloading fresh copy of ComboFix. See if you're able to run ComboFix (ignore message about active McAfee if it's still shown after these steps).
  • Customer

    If it's not on your desktop then just ignore old copy deleting part and do the rest.
  • Customer
    Still getting the same message, that I cannot rename it. I cannot find it in my programs to delete it.

    I appreciate your patience.
  • Customer

    Please make sure you have McAfee disabled. Download ComboFix.exe to your desktop, rename it to something.exe and try to run. If it fails try in safe mode (again making sure McAfee is not running).
  • Customer

    Decide whether you want to keep Avast or McAfee. It's not recommended to have more than one antivirus program installed.

    Then post fresh dds logs, please.
  • Customer
    Saving it to the desktop and changing the name worked. Attached is the log.

    Adaware still won't open, but I get a screen that says it is installing updates but it doesnt run and shuts down.

    Mcafee wont let me turn on the firewall nor run a manual scan. I did have to over ride the pop up that says that it was still on, when I ran Combofix.

    Thanks again for taking the time to help me.
  • Customer
    I would like to keep Mcafee since I paid for it. I only downloaded Avast because I could not get Mcafee nor Adaware to run. I have the cd for Mcafee so I could remove it an reload it.

    I do not see Mcafee in my "add or remove programs" folder in the control panel.

    What do you suggest that I do with Adaware? there are 2 of them in the "add or remove programs folder". the oldest does not have the tab to remove, and the newer one will not complete the removal.

    It is 7:30 here on the East Coast of the US and I am headed out to work. Thank you.
  • Customer

    Please try to uninstall with [url=""]Revo Uninstaller[/url]. At this point, uninstall all Ad-Aware instances. We can try to make it work later.
  • Customer
    I downloaded Revo Uninstaller and thought that I would uninstall both Adaware and Mcafee, since neither are working. I uninstalled Adaware (though there is still one in my "add and remove programs folder" in the control panel that does not have a tab to uninstall.

    I do not see Mcafee anywhere in my programs.

    Attached are the newest logs:
  • Customer

    1. Download [url=""]TDSSKiller[/url] and extract its contents into a folder in desired location (i.e. c:\tdsskiller).

    2. Execute the file TDSSKiller.exe.

    3. Click Start Scan. If threats are found, select cure and click Continue (tool may prompt for a reboot).

    4. Post back contents of log file in c: drive root (name should be in UtilityName.Version_Date_Time_log.txt format)
  • Customer
    Ran it, and no threats found.
  • Customer

    [quote]I do not see Mcafee anywhere in my programs.[/quote]

    See if you're able to uninstall McAfee with [url=""]AppRemover[/url].

    Open notepad and copy/paste the text in the quotebox below into it:


    c&#58;\documents and settings\All Users\Application Data\dGp06504oPlOg06504

    c&#58;\documents and settings\All Users\Application Data\eLh06511kIcAf06511


    &#91;-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck&#93;


    BHO&#58; {4322A444-92F8-4C3E-BD4C-013BA51E2871} - No File

    TB&#58; {4322A444-92F8-4C3E-BD4C-013BA51E2871} - No File

    TB&#58; {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

    TB&#58; {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

    TB&#58; {A057A204-BACC-4D26-9990-79A187E2698E} - No File[/code]

    Save this as


    [color="#ff0000"][b]A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.[/b][/color]


    Close all browser windows and refering to the picture above, drag CFScript into ComboFix.exe

    Then post the resultant log.

    * Go [url=""][color="red"][b][u]here[/u][/b][/color][/url] to run an online scanner from ESET.[list]

    [*][color="red"][b]Note:[/b][/color] You will need to use [color="blue"][b]Internet explorer[/b][/color] for this scan

    [*]Tick the box next to [b]YES, I accept the Terms of Use.[/b]

    [*]Click [b]Start[/b]

    [*]When asked, allow the activex control to install

    [*]Click [b]Start[/b]

    [*]Make sure that the option [b]Remove found threats[/b] is UNchecked.

    [*]Click [b]Scan[/b]

    [*]Wait for the scan to finish.


    Post back its report, a fresh dds.txt log and above mentioned ComboFix resultant log.
  • Customer
    Good Morning,

    I ran Appremover and it found nothing, Do you still want me to follow the rest of your instructions in your last post?

  • Customer
    Yes, please follow those other steps.
  • Customer
    Hi, I ran it and attached are the logs. I still got the pop up that Mcafee was running and it is in my taskmanager but nowhere to be found as a program.

    Thanks, Jim
  • Customer

    Please try [url=""]this[/url] McAfee removal tool. Does Revo Uninstaller spot any Java installations?
  • Customer
    Leaving to take our daughter to visit a college. I will work on this later this evening.

    Thanks Blade81
  • Customer

    Im back home. Stopped by my son's apartment at College to watch the Caps game (Similiar to floor hockey but colder) with him. Disappointing loss.

    I think that the Mcafee uninstall tool worked, I dont see it in my task manager any longer.

    Yes, there is a few Java programs:

    J2se Runtime Environment 5.0 update 12

    Java 2 Runtime Environment, SE v 1.4.2

    Jave (tm) 6 Update 12

    Jave (tm) 6 Update 5

    Jave (tm) 6 Update 7

    I also have windows defender installed. Do you recommend uninstalling that program?
  • Customer

    [quote]Stopped by my son's apartment at College to watch the Caps game (Similiar to floor hockey but colder) with him. Disappointing loss.[/quote]

    Kinda surprise to see Lightning beat Caps 4-0 in the series.

    Yes, please uninstall those old Javas. Then download and install fresh [b][url=""]Java Runtime Environment (JRE) 6 Update 25[/url][/b].

    Windows Defender can be installed (remember to keep it updated).

    Post back fresh dds logs.

Please sign in to leave a comment.