Cannot get Adaware to open

Customer

June 10, 2021 14:56

I had an infection but Adaware had said that it was removed. Now when I try to run a scan with Norton or Adaware, they will not open.

I downloaded Hijackthis and here is the log file. Any help would be appreciated;

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:30:05 PM, on 4/30/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\DigitalPersona\Bin\DPWinLct.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\DigitalPersona\Bin\DpHost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft IntelliType Pro\type32.exe

C:\Program Files\Digital Media Reader\shwiconem.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Microsoft IntelliPoint\point32.exe

C:\Program Files\DigitalPersona\Bin\DPAgnt.exe

C:\WINDOWS\zHotkey.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\Messenger\msmsgs.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Verizon\McciTrayApp.exe

C:\Program Files\Verizon\McciBrowser.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;;<local>;*.local

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - (no file)

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110130162015.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)

O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll

O3 - Toolbar: (no name) - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - (no file)

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"

O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe

O4 - HKLM\..\Run: [CHotkey] zHotkey.exe

O4 - HKLM\..\Run: [MemoryCardManager] C:\Program Files\Lexmark\Lexmark Photo Center\MemoryCardManager.exe -startup

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [AdwareProMFC] C:\Program Files\Ad-Ware Pro\Ad-Ware Pro.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe [url="http://www.symantec.com/techsupp/servlet/ProductMessages?module=2009&error=0&language=en&product=SymNRT&version=2009.0.0.41&build=Symantec&a=00000082.00000010.00000020&b=00000082.00000043.00000095&c=00000082.00000046.000000b6&d=00000082.00000097.000001cd&e=00000082.000000d4.00000262"]http://www.symantec.com/techsupp/servlet/P...0000d4.00000262[/url]

O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')

O4 - S-1-5-18 Startup: Fingerprint Registration Wizard.lnk = C:\Program Files\DigitalPersona\Bin\DPConsol.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: Fingerprint Registration Wizard.lnk = C:\Program Files\DigitalPersona\Bin\DPConsol.exe (User 'Default user')

O4 - Startup: Fingerprint Registration Wizard.lnk = C:\Program Files\DigitalPersona\Bin\DPConsol.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O8 - Extra context menu item: &Search - [url="http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZU"]http://edits.mywebsearch.com/toolbaredits/...arch.jhtml?p=ZU[/url]

O8 - Extra context menu item: Download by VersalSoft Internet Download - C:\Program Files\VersalSoft\InternetDownload\adddownload.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM

O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://cgi.verizon.net/bookmarks/bmredir.asp?region=west&bw=dsl&cd=4.0&bm=ho_home

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - [url="http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab"]http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab[/url]

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - [url="http://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx"]http://floridakeysmedia.tv/axiscam/Codebas...sCamControl.ocx[/url]

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - [url="http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab"]http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab[/url]

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab[/url]

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O20 - Winlogon Notify: DPWLN - C:\WINDOWS\system32\DPWLEvHd.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Windows XP FUS Manager (DPFUSMgr) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe

O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHost.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Update Service (gupdate1caf60c78f48854) (gupdate1caf60c78f48854) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: IHA_MessageCenter - Unknown owner - C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (file missing)

O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (file missing)

O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)

O23 - Service: McAfee Network Agent (McNASvc) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)

O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\Program Files\McAfee\VirusScan\mcods.exe (file missing)

O23 - Service: McAfee OOBE Service (McOobeSv) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)

O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)

O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (file missing)

O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

O24 - Desktop Component 0: (no name) - [url="http://i2.ebayimg.com/02/i/04/db/bb/45_2.JPG"]http://i2.ebayimg.com/02/i/04/db/bb/45_2.JPG[/url]

O24 - Desktop Component 1: (no name) - [url="http://pics.ebaystatic.com/aw/pics/venues/FedExField_endstageconcert.gif"]http://pics.ebaystatic.com/aw/pics/venues/...tageconcert.gif[/url]

--

End of file - 15103 bytes

Comments

51 comments

Customer

June 10, 2021 14:56
Hi,

Download DDS and save it to your desktop from [url="http://download.bleepingcomputer.com/sUBs/dds.com"][b][color="seagreen"]here[/color][/b][/url] or [url="http://download.bleepingcomputer.com/sUBs/dds.scr"][b][color="seagreen"]here[/color][/b][/url] or [url="http://www.forospyware.com/sUBs/dds"][b][color="seagreen"]here[/color][/b][/url].

Disable any script blocker, and then double click [b]dds file [/b]to run the tool. [list]

[*]When done, DDS will open two (2) logs: [list=1]

[*] DDS.txt

[*] Attach.txt

[/list]

[*]Save both reports to your desktop. Post them back to your topic.

[/list]
0
Customer

June 10, 2021 14:56
[quote name='Blade81' post='126473' date='May 1 2011, 08:28 AM']Hi,

Download DDS and save it to your desktop from [url="http://download.bleepingcomputer.com/sUBs/dds.com"][b][color="seagreen"]here[/color][/b][/url] or [url="http://download.bleepingcomputer.com/sUBs/dds.scr"][b][color="seagreen"]here[/color][/b][/url] or [url="http://www.forospyware.com/sUBs/dds"][b][color="seagreen"]here[/color][/b][/url].

Disable any script blocker, and then double click [b]dds file [/b]to run the tool. [list]

[*]When done, DDS will open two (2) logs: [list=1]

[*] DDS.txt

[*] Attach.txt

[/list]

[*]Save both reports to your desktop. Post them back to your topic.

[/list][/quote]

Here is the paste of the DDS:

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by Owner at 9:59:16.29 on Sun 05/01/2011

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3198.2479 [GMT -4:00]

.

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Firewall *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\Program Files\DigitalPersona\Bin\DPWinLct.exe

svchost.exe

svchost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\DigitalPersona\Bin\DpHost.exe

C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft IntelliType Pro\type32.exe

C:\Program Files\Digital Media Reader\shwiconem.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Microsoft IntelliPoint\point32.exe

C:\Program Files\DigitalPersona\Bin\DPAgnt.exe

C:\WINDOWS\zHotkey.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Verizon\McciTrayApp.exe

C:\Program Files\AVAST Software\Avast\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\6I8ZVDC8\dds[1].com

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Page = hxxp://www.google.com

uWindow Title = Microsoft Internet Explorer provided by Verizon Online

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = ;127.0.0.1;;<local>;*.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

mSearchAssistant = hxxp://www.google.com/ie

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - No File

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110130162015.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll

BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File

TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll

TB: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - No File

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [AdwareProMFC] c:\program files\ad-ware pro\Ad-Ware Pro.exe

uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRunOnce: [<NO NAME>] "c:\program files\internet explorer\iexplore.exe" [url="http://www.symantec.com/techsupp/servlet/ProductMessages?module=2009&error=0&language=en&product=SymNRT&version=2009.0.0.41&build=Symantec&a=00000082.00000010.00000020&b=00000082.00000043.00000095&c=00000082.00000046.000000b6&d=00000082.00000097.000001cd&e=00000082.000000d4.00000262"]http://www.symantec.com/techsupp/servlet/P...0000d4.00000262[/url]

mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe"

mRun: [SunKistEM] "c:\program files\digital media reader\shwiconem.exe"

mRun: [SoundMan] "SOUNDMAN.EXE"

mRun: [Recguard] "c:\windows\sminst\RECGUARD.EXE"

mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\point32.exe"

mRun: [DPAgnt] "c:\program files\digitalpersona\bin\DPAgnt.exe"

mRun: [CHotkey] "zHotkey.exe"

mRun: [Amazing3DAquariumWallpaper]

mRun: [MemoryCardManager] "c:\program files\lexmark\lexmark photo center\MemoryCardManager.exe" -startup

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto

mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [Verizon_McciTrayApp] "c:\program files\verizon\McciTrayApp.exe"

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

dRunOnce: [RunNarrator] Narrator.exe

StartupFolder: c:\docume~1\owner\startm~1\programs\startup\finger~1.lnk - c:\program files\digitalpersona\bin\DPConsol.exe

uPolicies-explorer: NoViewOnDrive = 0 (0x0)

IE: &eBay Search - c:\program files\ebay\ebay toolbar2\eBayTb.dll/RCSearch.html

IE: &Search - [url="http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZU"]http://edits.mywebsearch.com/toolbaredits/...arch.jhtml?p=ZU[/url]

IE: Download by VersalSoft Internet Download - c:\program files\versalsoft\internetdownload\adddownload.htm

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM

IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\owner\start menu\programs\imvu\Run IMVU.lnk

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - hxxp://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx

DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - hxxp://www.symantec.com/techsupp/asa/ctrl/SymAData.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: AtiExtEvent - Ati2evxx.dll

Notify: DPWLN - c:\windows\system32\DPWLEvHd.dll

AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

LSA: Notification Packages = scecli DPPWDFLT

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\crcd3v55.default\

FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=

FF - prefs.js: browser.search.selectedEngine - Secure Search

FF - prefs.js: browser.startup.homepage - hxxps://signin.ebay.com/ws/eBayISAPI.dll?SignIn&UsingSSL=1&pUserId=&co_partnerId=2&siteid=0&ru=http%3A%2F%2Fmy.ebay.com%2Fws%2FeBayISAPI.dll%3FMyEbayBeta%26_trksid%3Dm38%26gbh%3D1%26MyEbay%3D%26guest%3D1&pageType=3984

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16046&locale=en_US&q=

FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\crcd3v55.default\extensions\toolbar@ask.com\chrome\content\AudioService.dll

FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll

FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

FF - component: c:\program files\mozilla firefox\components\Scriptff.dll

FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

FF - plugin: c:\documents and settings\owner\application data\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\crcd3v55.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\ksolo\npAVX.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll

FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: AIM Toolbar: {c2f863cd-0429-48c7-bb54-db756a951760} - %profile%\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}

FF - Ext: Adobe DLM (powered by getPlus®): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor

.

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-12-13 64512]

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-1-30 386840]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-1 441176]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-5-1 307288]

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-4-25 84072]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-5-1 19544]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-5-1 42184]

R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2011-3-24 118784]

R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-1-30 171168]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-1-30 188136]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2011-1-30 141792]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-16 24652]

R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

R3 dpK0Bx01;Fingerprint Reader Filter Driver;c:\windows\system32\drivers\dpK0Bx01.sys [2005-4-9 32640]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-4-25 152960]

R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-4-25 52104]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-4-25 313288]

R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-4-25 88544]

R3 UsbdpFP;Fingerprint Reader Class Driver;c:\windows\system32\drivers\UsbdpFP.sys [2005-4-9 34560]

S2 gupdate1caf60c78f48854;Google Update Service (gupdate1caf60c78f48854);c:\program files\google\update\GoogleUpdate.exe [2010-5-17 133104]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-4-29 1181328]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]

S2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]

S2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]

S2 McOobeSv;McAfee OOBE Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]

S2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]

S3 brfilt;Brother MFC Filter Driver;c:\windows\system32\drivers\BrFilt.sys [2005-4-1 2944]

S3 brparimg;Brother Multi Function Parallel Image driver;c:\windows\system32\drivers\BrParImg.sys [2005-4-1 3168]

S3 BrParWdm;Brother WDM Parallel Driver;c:\windows\system32\drivers\BrParwdm.sys [2005-4-1 39552]

S3 BrSerWDM;Brother WDM Serial driver;c:\windows\system32\drivers\BrSerWdm.sys [2005-4-1 60416]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-4-25 55840]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-17 133104]

S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-4-25 88544]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-4-25 84264]

S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-1-15 34248]

S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-1-15 40552]

S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2007-11-23 17536]

S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2007-11-23 7680]

S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2007-11-23 21376]

.

=============== Created Last 30 ================

.

2011-05-01 04:02:13 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-05-01 04:01:55 40112 ----a-w- c:\windows\avastSS.scr

2011-05-01 04:01:42 -------- d-----w- c:\program files\AVAST Software

2011-05-01 04:01:42 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVAST Software

2011-05-01 03:18:25 -------- d-----w- c:\program files\Webroot

2011-05-01 01:22:24 388096 ----a-r- c:\docume~1\owner\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-05-01 01:22:23 -------- d-----w- c:\program files\Trend Micro

2011-05-01 01:03:01 -------- d-----w- c:\program files\common files\Motive

2011-05-01 01:02:48 45 ----a-w- c:\windows\system32\stopSvc.bat

2011-05-01 01:02:48 260 ----a-w- c:\windows\system32\cmdVBS.vbs

2011-04-30 22:11:53 -------- d-----w- c:\docume~1\alluse~1\applic~1\FileCure

2011-04-29 05:57:25 7071056 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\{a83d4488-62a1-4686-b655-7b1e732a37ed}\mpengine.dll

2011-04-28 21:58:25 -------- d-----w- c:\windows\system32\wbem\repository\FS

2011-04-28 21:58:25 -------- d-----w- c:\windows\system32\wbem\Repository

2011-04-18 09:58:34 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-04-14 07:39:02 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

2011-04-14 07:39:02 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

2011-04-13 13:02:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\dGp06504oPlOg06504

2011-04-11 12:55:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\eLh06511kIcAf06511

.

==================== Find3M ====================

.

2011-04-18 09:58:29 15880 ----a-w- c:\windows\system32\lsdelete.exe

2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll

2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys

2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll

2011-02-22 23:06:29 43520 ------w- c:\windows\system32\licmgr10.dll

2011-02-22 23:06:29 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-02-22 11:41:59 385024 ------w- c:\windows\system32\html.iec

2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll

2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll

2011-02-09 13:53:52 270848 ------w- c:\windows\system32\sbe.dll

2011-02-09 13:53:52 186880 ------w- c:\windows\system32\encdec.dll

2011-02-08 13:33:55 978944 ------w- c:\windows\system32\mfc42.dll

2011-02-08 13:33:55 974848 ------w- c:\windows\system32\mfc42u.dll

2011-02-02 22:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe

.

============= FINISH: 10:02:07.14 ===============

And attached is the Attach file.

I tried last nitght to delete and reload Adaware and it would not unintstall it, I could not find the unintall folder. I also could not complete a new install.

I downloaded Avast to run a scan and it came back with a trojan found. But would not delete it.

Thanks for taking a look at this.
0
Customer

June 10, 2021 14:56
Hi,

Please use [img]http://www.lavasoftsupport.com/style_images/1/t_reply.gif[/img]-button to reply without quoting previous post /smile.png' class='bbc_emoticon' alt=':wub:' />

Please visit this webpage for download links, and instructions for running ComboFix tool:

[url="http://www.bleepingcomputer.com/combofix/how-to-use-combofix"]http://www.bleepingcomputer.com/combofix/how-to-use-combofix[/url]

[color="Blue"]Please ensure you read this guide carefully first.[/color]

Please continue as follows:

[list=1]

[*][b]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix[/b], [url="http://www.bleepingcomputer.com/forums/topic114351.html"]link[/url]

Remember to re-enable them afterwards.

[*]Click [b]Yes[/b] to allow ComboFix to continue scanning for malware.

[/list]

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

[b]C:\ComboFix.txt

New dds log.[/b]

[color="#ff0000"][b]A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.[/b][/color]
0
Customer

June 10, 2021 14:56
Thanks. Taking the wife out for breakfast now so I will work on this later today. Also have plenty of yard work to do.

Thanks again.
0
Customer

June 10, 2021 14:56
No problem. Take your time /smile.png' class='bbc_emoticon' alt=':wub:' />
0
Customer

June 10, 2021 14:56
I run Windows xp 64 bit. The instructions say that it will only work on 32 bit systems. Should I run it anyway?
0
Customer

June 10, 2021 14:56
Hi,

All signs in logs you posted say you're running Windows XP Home and it doesn't have 64-bit version. Click start, right click my computer and select properties. Let me know what does it say about your Windows edition there if it's different than Windows XP Home Edition.
0
Customer

June 10, 2021 14:56
Microsoft Windows xp

Home Edition

Version 2002

Service Pack 3

E machines

T6212

AMD Athlon (tm) 64 Processor

3200+

1.99 ghz, 3.12 GB of Ram
0
Customer

June 10, 2021 14:56
Hi,

Please let ComboFix run.
0
Customer

June 10, 2021 14:56
2 issues now.

Combo keeps popping up that Mcafee is still turned on, though I did turn it off (It show on on the main screen)

and Combo is giving an error message:

Cannot rename Combofix to Combofix(1)
0
Customer

June 10, 2021 14:56
Where do I find that file? I searched files and folders and nothing came up.
0
Customer

June 10, 2021 14:56
Hi,

Delete ComboFix.exe file you have there. Then disable all McAfee components before downloading fresh copy of ComboFix. See if you're able to run ComboFix (ignore message about active McAfee if it's still shown after these steps).
0
Customer

June 10, 2021 14:57
Hi,

If it's not on your desktop then just ignore old copy deleting part and do the rest.
0
Customer

June 10, 2021 14:57
Still getting the same message, that I cannot rename it. I cannot find it in my programs to delete it.

I appreciate your patience.
0
Customer

June 10, 2021 14:57
Hi,

Please make sure you have McAfee disabled. Download ComboFix.exe to your desktop, rename it to something.exe and try to run. If it fails try in safe mode (again making sure McAfee is not running).
0
Customer

June 10, 2021 14:57
Hi,

Decide whether you want to keep Avast or McAfee. It's not recommended to have more than one antivirus program installed.

Then post fresh dds logs, please.
0
Customer

June 10, 2021 14:57
Saving it to the desktop and changing the name worked. Attached is the log.

Adaware still won't open, but I get a screen that says it is installing updates but it doesnt run and shuts down.

Mcafee wont let me turn on the firewall nor run a manual scan. I did have to over ride the pop up that says that it was still on, when I ran Combofix.

Thanks again for taking the time to help me.
0
Customer

June 10, 2021 14:57
I would like to keep Mcafee since I paid for it. I only downloaded Avast because I could not get Mcafee nor Adaware to run. I have the cd for Mcafee so I could remove it an reload it.

I do not see Mcafee in my "add or remove programs" folder in the control panel.

What do you suggest that I do with Adaware? there are 2 of them in the "add or remove programs folder". the oldest does not have the tab to remove, and the newer one will not complete the removal.

It is 7:30 here on the East Coast of the US and I am headed out to work. Thank you.
0
Customer

June 10, 2021 14:57
Hi,

Please try to uninstall with [url="http://www.revouninstaller.com/"]Revo Uninstaller[/url]. At this point, uninstall all Ad-Aware instances. We can try to make it work later.
0
Customer

June 10, 2021 14:57
I downloaded Revo Uninstaller and thought that I would uninstall both Adaware and Mcafee, since neither are working. I uninstalled Adaware (though there is still one in my "add and remove programs folder" in the control panel that does not have a tab to uninstall.

I do not see Mcafee anywhere in my programs.

Attached are the newest logs:
0
Customer

June 10, 2021 14:57
Hi,

1. Download [url="http://support.kaspersky.com/downloads/utils/tdsskiller.zip"]TDSSKiller[/url] and extract its contents into a folder in desired location (i.e. c:\tdsskiller).

2. Execute the file TDSSKiller.exe.

3. Click Start Scan. If threats are found, select cure and click Continue (tool may prompt for a reboot).

4. Post back contents of log file in c: drive root (name should be in UtilityName.Version_Date_Time_log.txt format)
0
Customer

June 10, 2021 14:57
Ran it, and no threats found.
0
Customer

June 10, 2021 14:57
Hi,

[quote]I do not see Mcafee anywhere in my programs.[/quote]

See if you're able to uninstall McAfee with [url="http://www.appremover.com/"]AppRemover[/url].

Open notepad and copy/paste the text in the quotebox below into it:

[code]Folder::

c:\documents and settings\All Users\Application Data\dGp06504oPlOg06504

c:\documents and settings\All Users\Application Data\eLh06511kIcAf06511

Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]

DDS::

BHO: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - No File

TB: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - No File

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File[/code]

Save this as

CFScript

[color="#ff0000"][b]A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.[/b][/color]

[img]http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif[/img]

Close all browser windows and refering to the picture above, drag CFScript into ComboFix.exe

Then post the resultant log.

* Go [url="http://www.eset.eu/online-scanner"][color="red"][b][u]here[/u][/b][/color][/url] to run an online scanner from ESET.[list]

[*][color="red"][b]Note:[/b][/color] You will need to use [color="blue"][b]Internet explorer[/b][/color] for this scan

[*]Tick the box next to [b]YES, I accept the Terms of Use.[/b]

[*]Click [b]Start[/b]

[*]When asked, allow the activex control to install

[*]Click [b]Start[/b]

[*]Make sure that the option [b]Remove found threats[/b] is UNchecked.

[*]Click [b]Scan[/b]

[*]Wait for the scan to finish.

[/list]

Post back its report, a fresh dds.txt log and above mentioned ComboFix resultant log.
0
Customer

June 10, 2021 14:57
Good Morning,

I ran Appremover and it found nothing, Do you still want me to follow the rest of your instructions in your last post?

Jim
0
Customer

June 10, 2021 14:57
Yes, please follow those other steps.
0
Customer

June 10, 2021 14:57
Hi, I ran it and attached are the logs. I still got the pop up that Mcafee was running and it is in my taskmanager but nowhere to be found as a program.

Thanks, Jim
0
Customer

June 10, 2021 14:57
Hi,

Please try [url="http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe"]this[/url] McAfee removal tool. Does Revo Uninstaller spot any Java installations?
0
Customer

June 10, 2021 14:57
Leaving to take our daughter to visit a college. I will work on this later this evening.

Thanks Blade81
0
Customer

June 10, 2021 14:57
Hi,

Im back home. Stopped by my son's apartment at College to watch the Caps game (Similiar to floor hockey but colder) with him. Disappointing loss.

I think that the Mcafee uninstall tool worked, I dont see it in my task manager any longer.

Yes, there is a few Java programs:

J2se Runtime Environment 5.0 update 12

Java 2 Runtime Environment, SE v 1.4.2

Jave (tm) 6 Update 12

Jave (tm) 6 Update 5

Jave (tm) 6 Update 7

I also have windows defender installed. Do you recommend uninstalling that program?
0
Customer

June 10, 2021 14:57
Hi,

[quote]Stopped by my son's apartment at College to watch the Caps game (Similiar to floor hockey but colder) with him. Disappointing loss.[/quote]

Kinda surprise to see Lightning beat Caps 4-0 in the series.

Yes, please uninstall those old Javas. Then download and install fresh [b][url="http://java.sun.com/javase/downloads/index.jsp"]Java Runtime Environment (JRE) 6 Update 25[/url][/b].

Windows Defender can be installed (remember to keep it updated).

Post back fresh dds logs.
0

Please sign in to leave a comment.

Comments

Didn't find what you were looking for?