Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

McAfee Window Empty Of Everything


  • This topic is locked This topic is locked
2 replies to this topic

#1 Shadowe

Shadowe

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 28 December 2008 - 12:14 AM

I have an unknown infection, and I cannot figure it out because my McAffee is invisible.

Sorry for the initial improper post...am a bit frustrated at the moment. :thumbsup:

I am having a problem with McAfee. When I open the Security Center the window pops up, and there is nothing in it. I cannot use any of the commands in the program window not being able to see them.

I am running Win XP SP2, Firefox and IE 8 Beta 2. I ran Malwarebytes Anti-Malware, and it found 2 trojans, during that scan, McAffee found 3 other trojans and removed them.

Below is the DDS Log as requested:

DDS (Version 1.1.0) - NTFSx86
Run by Rhainy at 21:03:13.87 on Sat 12/27/2008
Internet Explorer: 8.0.6001.18241 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.1064 [GMT -8:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\a-squared Free\a2service.exe
svchost.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Nexon\Mabinogi\npkcmsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Rhainy\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.wrh.noaa.gov/forecast/MapClick.php?site=sew&smap=1&textField1=48.930115&textField2=-122.72529
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
BHO: EWPP - No File
TB: Veoh Browser Plug-in: {d0943516-5076-4020-a3b5-aefaf26ab263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [SiSUSBRG] c:\windows\SiSUSBrg.exe
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: Copy to Semagic - c:\program files\semagic\copy.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
IE: Semagic - c:\program files\semagic\link.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\rhainy\applic~1\mozilla\firefox\profiles\oqwq6y7j.default\
FF - prefs.js: browser.startup.homepage - hxxp://forecast.weather.gov/MapClick.php?site=sew&smap=1&textField1=48.930115&textField2=-122.72529
FF - plugin: c:\program files\gametap\bin\release\npgametaptool.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll

ATTENTION: FIREFOX POLICES IS IN FORCE
´╗┐FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: content.notify.backoffcount - 5
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.cache.memory.capacity - 65536
============= SERVICES / DRIVERS ===============

R0 SiSRaid1;SiSRaid1;c:\windows\system32\drivers\SiSRaid1.sys [2007-9-26 46464]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-12-27 201320]
R2 a2free;a-squared Free Service;"c:\program files\a-squared free\a2service.exe" [2008-1-8 419448]
R2 aawservice;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" [2008-7-7 611664]
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2008-12-27 359248]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2008-12-27 144704]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2008-12-27 695624]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2008-12-27 79304]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2008-12-27 35240]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2008-12-27 40488]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys []
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2008-12-27 33832]

============== File Associations ===============

regfile=regedit.exe "%1" %*
scrfile="%1" %*

=============== Created Last 30 ================

2008-12-27 17:29 7,533 a------- c:\windows\system32\Config.MPF
2008-12-27 17:29 143,360 a------- c:\windows\system32\dunzip32.dll
2008-12-27 17:24 33,832 a------- c:\windows\system32\drivers\mferkdk.sys
2008-12-27 17:24 201,320 a------- c:\windows\system32\drivers\mfehidk.sys
2008-12-27 17:24 79,304 a------- c:\windows\system32\drivers\mfeavfk.sys
2008-12-27 17:24 40,488 a------- c:\windows\system32\drivers\mfesmfk.sys
2008-12-27 17:24 35,240 a------- c:\windows\system32\drivers\mfebopk.sys
2008-12-27 17:24 113,952 a------- c:\windows\system32\drivers\Mpfp.sys
2008-12-27 17:24 <DIR> --d----- c:\program files\McAfee.com
2008-12-27 17:24 <DIR> --d----- c:\program files\common files\McAfee
2008-12-27 17:24 <DIR> --d----- c:\program files\McAfee
2008-12-27 12:12 48,640 a------- c:\windows\system32\hpzll4pi.dll
2008-12-27 12:05 282,680 a------- c:\windows\system32\HPZidr12.dll
2008-12-27 12:05 204,800 a------- c:\windows\system32\HPZipr12.dll
2008-12-27 12:05 94,208 a------- c:\windows\system32\HPZipt12.dll
2008-12-27 12:05 69,632 a------- c:\windows\system32\HPZipm12.exe
2008-12-27 12:05 65,536 a------- c:\windows\system32\HPZinw12.exe
2008-12-27 12:05 57,344 a------- c:\windows\system32\HPZisn12.dll
2008-12-27 12:03 123,135 a------- c:\windows\HPHins12.dat
2008-12-27 12:03 14,916 -------- c:\windows\hphmdl12.dat
2008-12-27 11:55 56 a------- C:\ut9x.bat
2008-12-27 11:55 54 a------- C:\ut.bat
2008-12-25 00:00 <DIR> --d----- c:\docume~1\alluse~1\applic~1\POP3Profiles
2008-12-24 00:54 69,632 a------- c:\windows\system32\xmltok.dll
2008-12-24 00:54 36,864 a------- c:\windows\system32\xmlparse.dll
2008-12-24 00:54 35,840 a------- c:\windows\system32\comdlg32.oca
2008-12-24 00:54 29,184 a------- c:\windows\system32\MSINET.oca
2008-12-24 00:54 26,096 a------- c:\windows\system32\xmlinst.exe
2008-12-24 00:54 89,360 a------- c:\windows\system32\VB5DB.DLL
2008-12-20 13:51 131,072 a----r-- c:\windows\system32\EAX.DLL
2008-12-19 19:05 <DIR> --dsh--- c:\documents and settings\rhainy\PrivacIE
2008-12-19 09:03 <DIR> --d----- c:\windows\ie8updates
2008-12-18 18:20 <DIR> -cd-h--- c:\windows\ie8
2008-12-18 00:18 69 a------- c:\windows\SONIC.INI
2008-12-18 00:17 <DIR> --d----- C:\SEGA
2008-12-17 14:07 <DIR> --d----- c:\program files\Pando Networks
2008-12-07 18:49 151,552 -------- c:\windows\system32\pxwma.dll
2008-12-07 16:43 <DIR> --d----- c:\program files\Freelancer Companion
2008-12-05 08:58 14,618,605 a------- c:\docume~1\alluse~1\applic~1\vlc-0.9.6-win32.exe
2008-12-04 17:55 <DIR> --d----- c:\program files\Skype
2008-12-03 23:05 4,958,588 -------- c:\windows\{00000000-00000000-0000000A-00001102-00000008-10211102}.BAK
2008-12-03 22:05 <DIR> --d----- c:\program files\Ping Plotter Freeware
2008-12-03 19:51 <DIR> --d----- c:\docume~1\rhainy\applic~1\123 Free Solitaire
2008-12-03 19:51 <DIR> --d----- c:\program files\123 Free Solitaire
2008-12-02 21:56 <DIR> --d----- c:\program files\Kyodai Mahjongg 2006
2008-11-30 22:18 <DIR> --d----- c:\docume~1\rhainy\applic~1\SolSuite
2008-11-30 22:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\TreeCardGames
2008-11-30 22:16 <DIR> --d----- c:\program files\SolSuite
2008-11-30 16:31 <DIR> --d----- c:\program files\ImageShack
2008-11-29 17:00 268 a---h--- C:\sqmdata06.sqm
2008-11-29 17:00 244 a---h--- C:\sqmnoopt06.sqm

==================== Find3M ====================

2008-12-03 19:52 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-03 19:52 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-11-10 17:26 79,419,678 a------- C:\FLBackup.zip
2008-11-04 17:29 809 a------- c:\program files\INSTALL.LOG
2008-11-01 21:31 14,566,424 a------- c:\docume~1\alluse~1\applic~1\vlc-0.9.4-win32.exe
2008-10-23 04:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-03 02:02 247,326 a------- c:\windows\system32\strmdll.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-06-22 10:28 29,368 a------- c:\docume~1\rhainy\applic~1\GDIPFONTCACHEV1.DAT
2008-09-02 16:10 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008081820080825\index.dat
2008-09-02 21:31 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090220080903\index.dat
2008-09-03 20:58 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090320080904\index.dat

============= FINISH: 21:04:20.17 ===============


Many Thanks,
Shadowe

Attached Files


Edited by Shadowe, 28 December 2008 - 12:56 AM.


BC AdBot (Login to Remove)

 


#2 Shadowe

Shadowe
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 28 December 2008 - 12:40 PM

Please disregard, issue resolved.

Thanks,
Shadowe

#3 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 05 January 2009 - 09:36 AM

Thank you for notify us.. I will now close this topic.. Please pm any Moderator or HijackThis Team should you need to re-open this topic..


Regards
fenzodahl512

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users