Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mcaffee Scan On Demand Is Disabled (greyed Out)


  • Please log in to reply
1 reply to this topic

#1 sandlegion

sandlegion

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 03 January 2008 - 09:38 PM

StartupList report, 1/3/2008, 9:29:46 PM
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Erez\Local Settings\Temporary Internet Files\Content.IE5\7GEWZEXZ\HiJackThis[1].EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.6000.16574)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\McAfee\VirusScan Enterprise\ScnCfg32.Exe
C:\Program Files\McAfee\VirusScan Enterprise\mcconsol.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Erez\Local Settings\Temporary Internet Files\Content.IE5\7GEWZEXZ\HiJackThis[1].exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

SoundMAXPnP = C:\Program Files\Analog Devices\Core\smax4pnp.exe
SoundMAX = "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
ShStatEXE = "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
McAfeeUpdaterUI = "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe
swg = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
drvsyskit = C:\WINDOWS\system32\drivers\hldrrr.exe

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll - {7DB2D5A0-7241-4E79-B68D-6309F01C5231}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}

--------------------------------------------------

Enumerating Task Scheduler jobs:

McAfee Cleanup.job

--------------------------------------------------

Enumerating Download Program Files:

[CKAVWebScan Object]
InProcServer32 = C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
CODEBASE = http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

[System Requirements Lab Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\sysreqlab2.dll
CODEBASE = http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab
OSD = C:\WINDOWS\Downloaded Program Files\SysReqLab2.osd

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx
CODEBASE = http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

--------------------------------------------------

Enumerating Winsock LSP files:

Protocol #1: C:\WINDOWS\system32\nvappfilter.dll
Protocol #2: C:\WINDOWS\system32\nvappfilter.dll
Protocol #3: C:\WINDOWS\system32\nvappfilter.dll
Protocol #15: C:\WINDOWS\system32\nvappfilter.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll

--------------------------------------------------
End of report, 6,592 bytes
Report generated in 0.015 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

BC AdBot (Login to Remove)

 


#2 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 05 January 2008 - 08:40 AM

Welcome to the BleepingComputer HijackThis Logs and Analysis forum sandlegion
My name is Richie and i'll be helping you to fix your problems.

Please read and follow the imformation in the link below.
Preparation Guide for use before posting a HijackThis Log:
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Once you've completed all the steps in the above link,post a Hijackthis log into this topic if you still require help.
Posted Image
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users