Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hard drive critical error!


  • This topic is locked This topic is locked
2 replies to this topic

#1 Balderrama4

Balderrama4

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 18 June 2011 - 03:46 PM

Windows Vista Repair virous!


DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_26
Run by User at 15:05:45 on 2011-06-18
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1458 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dlbxcoms.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\NMSAccess32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\hp\support\hpsysdrv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Adparatus\Adparatus.exe
C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2009 DVD\EDICT.EXE
C:\Program Files\PictureMover\Bin\PictureMover.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Live\Companion\companionuser.exe
C:\Program Files\Cobian Backup 10\Cobian.exe
C:\Program Files\Cobian Backup 10\cbInterface.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
uSearch Page = hxxp://www.google.com
uWindow Title = Windows Internet Explorer provided by Yahoo!
uSearch Bar = hxxp://www.tangosearch.com/?useie5=1&q=
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cndt
mSearch Bar = hxxp://www.tangosearch.com/?useie5=1&q=
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Softonic Espana FF Toolbar: {0558df35-d276-4dfb-88d9-c6398aeedf91} - c:\program files\softonic_espana_ff\tbSoft.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
mURLSearchHooks: H - No File
mURLSearchHooks: Softonic Espana FF Toolbar: {0558df35-d276-4dfb-88d9-c6398aeedf91} - c:\program files\softonic_espana_ff\tbSoft.dll
mWinlogon: Userinit=Userinit.exe
BHO: Softonic Espana FF Toolbar: {0558df35-d276-4dfb-88d9-c6398aeedf91} - c:\program files\softonic_espana_ff\tbSoft.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110618103928.dll
BHO: Adparatus: {8b2c7c9d-716d-4e9e-9358-b9c80a81b7ed} - c:\program files\adparatus\Adparatus.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5627.1104\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0541.0\msneshellx.dll
BHO: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0541.0\msneshellx.dll
TB: {e28e0583-70fc-42a9-9767-93aa8ad06cf5} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {BBA97284-4685-4088-822D-82E115B315C6} - No File
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: Softonic Espana FF Toolbar: {0558df35-d276-4dfb-88d9-c6398aeedf91} - c:\program files\softonic_espana_ff\tbSoft.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [CollaborationHost] c:\windows\system32\p2phost.exe -s
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Adparatus] "c:\program files\adparatus\Adparatus.exe"
uRun: [Java Update Manager] c:\users\public\hex-5823-6893-6818\jutched.exe
uRun: [ares] "c:\program files\ares\Ares.exe" -h
uRun: [L09EXLRD_5457211] "c:\program files\microsoft student\microsoft student con encarta premium 2009 dvd\EDICT.EXE" -m
uRun: [waeibmuvyEdUW] c:\programdata\waeibmuvyEdUW.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [UpdatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\cyberlink dvd suite deluxe\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\cyberlink dvd suite deluxe" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [UUSeeMediaCenter] "c:\program files\common files\uusee\UUSeeMediaCenter.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [DVDAgent] "c:\program files\hewlett-packard\media\dvd\DVDAgent.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\pictur~1.lnk - c:\program files\picturemover\bin\PictureMover.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_2D06158FAC79A790.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
IE: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - {7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} - c:\program files\clickpotatolite\bin\10.0.625.0\ClickPotatoLiteSABHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{4D268137-E37D-415F-BCE5-95EFF1F7D50E} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2206083&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Softonic Espana FF Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2206083&SearchSource=13
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\{0558df35-d276-4dfb-88d9-c6398aeedf91}\components\FFExternalAlert.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\{0558df35-d276-4dfb-88d9-c6398aeedf91}\components\FFExternalAlertGecko19.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\{0558df35-d276-4dfb-88d9-c6398aeedf91}\components\RadioWMPCore.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\{0558df35-d276-4dfb-88d9-c6398aeedf91}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\{066a5d70-c465-400b-a1c8-f48d5b0d2cfc}\components\FFExternalAlert.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\{066a5d70-c465-400b-a1c8-f48d5b0d2cfc}\components\RadioWMPCore.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\{71d2cf9e-34e4-4401-8841-f4fc3f3edc32}\components\FFExternalAlert.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\{71d2cf9e-34e4-4401-8841-f4fc3f3edc32}\components\RadioWMPCore.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\{c9b68337-e93a-44ea-94dc-cb300ec06444}\components\Engine.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\engine@conduit.com\components\FFExternalAlert.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\engine@conduit.com\components\FFExternalAlertGecko19.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\9z4tg88y.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\program files\clickpotatolite\bin\10.0.625.0\firefox\extensions\plugins\npclntax_ClickPotatoLiteSA.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ClickPotatoLiteSA.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\user\appdata\local\yahoo!\browserplus\2.7.1\plugins\npybrowserplus_2.7.1.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-3-25 459728]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-6-18 64584]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-6-18 165032]
R2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [2009-7-27 110304]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-18 271480]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-18 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-18 271480]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-18 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-6-18 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-6-18 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-6-18 148520]
R2 NMSAccess32;NMSAccess32;c:\windows\system32\NMSAccess32.exe [2009-1-12 71096]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-6-18 56064]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-6-18 153280]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-6-18 52320]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-6-18 314088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-8 136176]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\magix\common\database\bin\fbserver.exe [2009-7-27 1527900]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-15 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-6-18 84488]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-8-21 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-8-21 8320]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2007-6-18 23680]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC.pkms [2008-9-9 20640]
S3 UPnPService;UPnPService;c:\program files\common files\magix shared\upnpservice\UPnPService.exe [2009-7-27 544768]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2011-06-18 19:52:07 -------- d-----w- c:\program files\Cobian Backup 10
2011-06-18 18:54:55 -------- d--h--w- c:\users\user\appdata\roaming\Malwarebytes
2011-06-18 18:54:39 -------- d--h--w- c:\programdata\Malwarebytes
2011-06-18 18:54:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-18 16:37:32 374784 ---ha-w- c:\programdata\35118840.exe
2011-06-18 16:28:26 462848 ---ha-w- c:\programdata\waeibmuvyEdUW.exe
2011-06-18 15:51:41 -------- d--h--w- c:\users\user\FrostWire
2011-06-18 15:51:13 -------- d-----w- c:\program files\Ask.com
2011-06-18 15:39:28 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-06-18 15:39:28 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
2011-06-18 15:39:23 84488 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-06-18 15:39:23 64584 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-06-18 15:39:23 56064 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-06-18 15:39:23 52320 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-06-18 15:39:23 314088 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-06-18 15:39:23 165032 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-06-18 15:39:23 153280 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-06-18 15:39:18 -------- d-----w- c:\program files\common files\Mcafee
2011-06-18 15:39:17 -------- d-----w- c:\program files\McAfee.com
2011-06-18 15:39:16 -------- d-----w- c:\program files\McAfee
2011-06-18 15:14:32 -------- d--h--w- c:\users\user\appdata\local\{5318CDB0-2A30-4696-B84E-873022A7161A}
2011-06-18 15:06:59 148520 ----a-w- c:\windows\system32\mfevtps.exe
2011-06-18 14:32:53 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-06-18 14:27:13 -------- d--h--w- c:\users\user\appdata\local\{13A6AEAD-1ABD-401C-834D-D096C838C3F0}
2011-06-17 22:27:13 -------- d--h--w- c:\users\user\appdata\local\{3407F2F0-336F-4D0E-9B2C-6FD37CFCC6A9}
2011-06-17 16:13:08 -------- d--h--w- c:\users\user\appdata\local\{A9A5A36B-5757-4B50-8E32-36A5F25E89D3}
2011-06-17 15:31:55 -------- d-----w- c:\program files\iPod
2011-06-17 15:31:51 -------- d-----w- c:\program files\iTunes
2011-06-17 15:25:53 -------- d-----w- c:\program files\Bonjour
2011-06-17 15:17:02 -------- d--h--w- C:\Macromedia
2011-06-17 15:09:02 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-06-17 15:09:01 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-06-17 15:09:01 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe
2011-06-17 15:09:00 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-06-17 15:09:00 719832 ----a-w- c:\program files\mozilla firefox\mozcpp19.dll
2011-06-17 15:09:00 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-06-17 15:09:00 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
2011-06-17 15:09:00 19416 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
2011-06-17 15:09:00 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-06-17 15:09:00 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-06-17 15:09:00 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-06-17 15:09:00 125912 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
2011-06-17 14:10:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-17 13:47:58 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-06-17 13:45:57 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-06-17 13:39:49 6962000 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f637b615-2800-4a8d-965a-82ac5ad79389}\mpengine.dll
.
==================== Find3M ====================
.
2011-05-28 06:08:58 916480 ----a-w- c:\windows\system32\wininet.dll
2011-05-28 06:04:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-28 06:04:17 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-28 06:04:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-05-28 06:04:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-28 05:10:26 385024 ----a-w- c:\windows\system32\html.iec
2011-05-28 04:33:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-28 04:31:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-25 00:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-10 13:06:08 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-05-10 13:06:08 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-05-04 09:52:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-02 17:16:14 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 13:25:10 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 13:25:09 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-29 13:24:50 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-29 13:24:42 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-29 13:24:40 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-21 13:58:27 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-14 14:59:03 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-04-06 21:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 21:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
.
============= FINISH: 15:06:55.92 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:14 PM

Posted 26 June 2011 - 07:41 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:14 PM

Posted 01 July 2011 - 08:05 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users