McAfee reports buffer overlow

Inherited Presario F560EM running slow. Had the machine three days. Fubar wifi card (HP 441090-002) removed awaiting replacement so running wired. Installed BT NetProtect Plus (McAfee) and fully updated windows. First full McAfee scan reported two trojans (which were tagged as cleaned) and 77 buffer-overflows. Used add/remove to uninstall Bit-Torrent/DNA. Reluctant to re-install windows due useful installed software. Buffer-overflows continue to be reported. The chkdsk that runs after scheduling via Vista hangs at crcdisc.sys although I managed to run a successful chkdsk via a recovery CD; it found and fixed errors.



Requested files included. Note that I have attached the ark.txt file as it is rather large.



Thank you in advance.



Senra

=========================================================================== ====

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:35:46, on 10/11/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18975)

Boot mode: Normal



Running processes:

C:Windowssystem32taskeng.exe

C:WindowsExplorer.EXE

C:Windowssystem32Dwm.exe

C:Program FilesSynapticsSynTPSynTPEnh.exe

C:Program FilesHpHP Software Updatehpwuschd2.exe

C:Program FilesHpQuickPlayQPService.exe

C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe

C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe

C:Program FilesQuickTimeQTTask.exe

C:Program FilesiTunesiTunesHelper.exe

C:Program FilesMcAfee.comAgentmcagent.exe

C:WINDOWSSystem32rundll32.exe

C:Program FilesCommon FilesLogiShrdLComMgrCommunications_Helper.exe

C:Program FilesLogitechQuickCam10QuickCam10.exe

C:Program FilesWindows Sidebarsidebar.exe

C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe

C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE

C:Program FilesWindows Sidebarsidebar.exe

C:Program FilesCommon FilesLogiShrdLComMgrLVComSX.exe

C:Program FilesCommon FilesLogishrdLQCVFXCOCIManager.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Program FilesMozilla Firefoxplugin-container.exe

C:Windowssystem32DllHost.exe

c:PROGRA~1mcafeeVIRUSS~1mcvsshld.exe

C:UsersxxxxDownloadsHijackThis.exe



R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6binssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program FilesCommon FilesMcAfeeSystemCoreScriptSn.20101106231654.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:Program FilesWindows LiveCompanioncompanioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll

O3 - Toolbar: @C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide

O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe

O4 - HKLM..Run: [HP Software Update] C:Program FilesHpHP Software UpdateHPWuSchd2.exe

O4 - HKLM..Run: [QPService] "C:Program FilesHPQuickPlayQPService.exe"

O4 - HKLM..Run: [QlbCtrl] %ProgramFiles%Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start

O4 - HKLM..Run: [HP Health Check Scheduler] C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe

O4 - HKLM..Run: [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe

O4 - HKLM..Run: [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe

O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe

O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime

O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"

O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6binjusched.exe"

O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe"

O4 - HKLM..Run: [Adobe ARM] "C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe"

O4 - HKLM..Run: [mcui_exe] "C:Program FilesMcAfee.comAgentmcagent.exe" /runkey

O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup

O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit

O4 - HKLM..Run: [LogitechCommunicationsManager] "C:Program FilesCommon FilesLogiShrdLComMgrCommunications_Helper.exe"

O4 - HKLM..Run: [LogitechQuickCamRibbon] "C:Program FilesLogitechQuickCam10QuickCam10.exe" /hide

O4 - HKLM..RunOnce: [Launcher] %WINDIR%SMINSTlauncher.exe

O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000

O9 - Extra button: @C:Program FilesWindows LiveCompanioncompanionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:Program FilesWindows LiveCompanioncompanioncore.dll

O9 - Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3Office12REFIEBAR.DLL

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:Windowssystem32browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe

O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4Qlb.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardSharedhpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesRoxioRoxio MyDVD Basic v9InstallShieldDriver1050Intel 32IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WindowsSystem32LEXBCES.EXE

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:program filescommon fileslogishrdlvmvfmLVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:Program FilesCommon FilesLogiShrdSrvLnchSrvLnch.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe

O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:Program FilesMcAfeeVirusScanmcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McShield - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeSystemCore\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeSystemCore\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:Windowssystem32mfevtps.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:Windowssystem32nvvsvc.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:Program FilesTrusteerRapportbinRapportMgmtService.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe



--

End of file - 12453 bytes



DDS (Ver_09-09-29.01) - NTFSx86

Run by xxxx at 20:38:39.82 on 10/11/2010

Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_22

Microsoft® Windows Vistatm Home Premium 6.0.6002.2.1252.44.1033.18.958.80 [GMT 0:00]



SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}



============== Running Processes ===============



C:Windowssystem32wininit.exe

C:Windowssystem32lsm.exe

C:Windowssystem32svchost.exe -k DcomLaunch

C:Windowssystem32nvvsvc.exe

C:Windowssystem32svchost.exe -k rpcss

C:Program FilesTrusteerRapportbinRapportMgmtService.exe

C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted

C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted

c:program filescommon fileslogishrdlvmvfmLVPrcSrv.exe

C:Windowssystem32svchost.exe -k netsvcs

C:Windowssystem32svchost.exe -k GPSvcGroup

C:Windowssystem32SLsvc.exe

C:Windowssystem32svchost.exe -k LocalService

C:Windowssystem32rundll32.exe

C:Windowssystem32svchost.exe -k NetworkService

C:WindowsSystem32LEXBCES.EXE

C:WindowsSystem32LEXPPS.EXE

C:WindowsSystem32spoolsv.exe

C:Windowssystem32svchost.exe -k LocalServiceNoNetwork

C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe

C:Program FilesBonjourmDNSResponder.exe

C:Program FilesCommon FilesLightScribeLSSrvc.exe

C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

C:Windowssystem32mfevtps.exe

C:WindowsSystem32svchost.exe -k HPZ12

C:WindowsSystem32svchost.exe -k HPZ12

C:Windowssystem32rundll32.exe

C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted

C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe

C:Windowssystem32svchost.exe -k imgsvc

C:WindowsSystem32svchost.exe -k WerSvcGroup

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE

C:Windowssystem32SearchIndexer.exe

C:Program FilesHewlett-PackardSharedhpqwmiex.exe

C:Program FilesCommon FilesMcAfeeSystemCoremcshield.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe

C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe

C:Windowssystem32taskeng.exe

C:Windowssystem32taskeng.exe

C:WindowsExplorer.EXE

C:Windowssystem32Dwm.exe

C:Program FilesTrusteerRapportbinRapportService.exe

C:Program FilesSynapticsSynTPSynTPEnh.exe

C:Program FilesHpHP Software Updatehpwuschd2.exe

C:Program FilesHpQuickPlayQPService.exe

C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe

C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe

C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe

C:Program FilesQuickTimeQTTask.exe

C:Program FilesiTunesiTunesHelper.exe

C:Program FilesMcAfee.comAgentmcagent.exe

C:WINDOWSSystem32rundll32.exe

C:Program FilesCommon FilesLogiShrdLComMgrCommunications_Helper.exe

C:Program FilesLogitechQuickCam10QuickCam10.exe

C:Program FilesWindows Sidebarsidebar.exe

C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe

C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE

C:Windowssystem32wbemwmiprvse.exe

C:Program FilesWindows Sidebarsidebar.exe

C:Program FilesCommon FilesLogiShrdLComMgrLVComSX.exe

C:Program FilesSynapticsSynTPSynTPHelper.exe

C:Program FilesiPodbiniPodService.exe

C:Program FilesCommon FilesLogishrdLQCVFXCOCIManager.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Program FilesMozilla Firefoxplugin-container.exe

C:Windowssystem32vssvc.exe

C:WindowsSystem32svchost.exe -k swprv

C:Windowssystem32DllHost.exe

c:PROGRA~1mcafeeVIRUSS~1mcvsshld.exe

C:Program FilesCommon FilesMcAfeeCoremchost.exe

C:UsersxxxxDownloadsHijackThis.exe

C:Windowssystem32SearchProtocolHost.exe

C:Windowssystem32SearchFilterHost.exe

C:UsersxxxxDownloadsdds.com

C:Windowssystem32wbemwmiprvse.exe



============== Pseudo HJT Report ===============



uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=PRESARIO&pf=laptop

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=PRESARIO&pf=laptop

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=PRESARIO&pf=laptop

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=PRESARIO&pf=laptop

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:program filesmicrosoftsearch enhancement packsearch helperSEPsearchhelperie.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:program filesjavajre6binssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:program filescommon filesmcafeesystemcoreScriptSn.20101106231654.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:program fileswindows livecompanioncompanioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:program filesgooglegoogletoolbar2.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:progra~1mcafeesitead~1mcieplg.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:program filesmsn toolbarplatform6.3.2322.0npwinext.dll

BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll

TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:program filesgooglegoogletoolbar2.dll

TB: @c:program filesmsn toolbarplatform6.3.2322.0npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:program filesmsn toolbarplatform6.3.2322.0npwinext.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:progra~1mcafeesitead~1mcieplg.dll

{555d4d79-4bd2-4094-a395-cfc534424a05}

uRun: [Sidebar] c:program fileswindows sidebarsidebar.exe /autoRun

mRun: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide

mRun: [SynTPEnh] c:program filessynapticssyntpSynTPEnh.exe

mRun: [HP Software Update] c:program fileshphp software updateHPWuSchd2.exe

mRun: [QPService] "c:program fileshpquickplayQPService.exe"

mRun: [QlbCtrl] %ProgramFiles%Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start

mRun: [HP Health Check Scheduler] c:program fileshewlett-packardhp health checkHPHC_Scheduler.exe

mRun: [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe

mRun: [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe

mRun: [AppleSyncNotifier] c:program filescommon filesapplemobile device supportAppleSyncNotifier.exe

mRun: []

mRun: [QuickTime Task] "c:program filesquicktimeQTTask.exe" -atboottime

mRun: [iTunesHelper] "c:program filesitunesiTunesHelper.exe"

mRun: [SunJavaUpdateSched] "c:program filesjavajre6binjusched.exe"

mRun: [Adobe Reader Speed Launcher] "c:program filesadobereader 9.0readerReader_sl.exe"

mRun: [Adobe ARM] "c:program filescommon filesadobearm1.0AdobeARM.exe"

mRun: [mcui_exe] "c:program filesmcafee.comagentmcagent.exe" /runkey

mRun: [NvCplDaemon] RUNDLL32.EXE c:windowssystem32NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:windowssystem32NvMcTray.dll,NvTaskbarInit

mRun: [LogitechCommunicationsManager] "c:program filescommon fileslogishrdlcommgrCommunications_Helper.exe"

mRun: [LogitechQuickCamRibbon] "c:program fileslogitechquickcam10QuickCam10.exe" /hide

mRunOnce: [Launcher] %WINDIR%SMINSTlauncher.exe

StartupFolder: c:usersxxxxappdataroamingmicros~1windowsstartm~1programsstartupon enot~1.lnk - c:program filesmicrosoft officeoffice12ONENOTEM.EXE

StartupFolder: c:progra~2micros~1windowsstartm~1programsstartupmcafee~1.lnk - c:program filesmcafee security scan2.0.181SSScheduler.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:progra~1micros~3office12EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:program fileswindows livecompanioncompanioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:program fileswindows livewriterWriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:progra~1micros~3office12ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1micros~3office12REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:progra~1mcafeesitead~1McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:progra~1mcafeesitead~1McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:progra~1common~1skypeSKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:program fileswindows livephoto galleryAlbumDownloadProtocolHandler.dll



================= FIREFOX ===================



FF - ProfilePath - c:usersxxxxappdataroamingmozillafirefoxprofilesg0d37wv3.default

FF - prefs.js: network.proxy.type - 0

FF - component: c:program filesmcafeesiteadvisorcomponentsMcFFPlg.dll

FF - component: c:program filesmozilla firefoxextensions{ab2ce124-6272-4b12-94a9-7303c7397bd1}componentsSkypeFfComponent.dll

FF - plugin: c:program filesjavajre6binnew_pluginnpdeployJava1.dll

FF - plugin: c:program fileswindows livephoto galleryNPWLPG.dll

FF - plugin: c:usersxxxxappdatalocalyahoo!browserplus2.9.8pluginsnpybrowserplus _2.9.8.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:windowsmicrosoft.netframeworkv3.5windows presentation foundationdotnetassistantextension

FF - HiddenExtension: Java Console: No Registry Reference - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}



---- FIREFOX POLICIES ----

c:program filesmozilla firefoxgreprefsall.js - pref("ui.use_native_colors", true);

c:program filesmozilla firefoxgreprefsall.js - pref("ui.use_native_popup_windows", false);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.enable_click_image_resizing", true);

c:program filesmozilla firefoxgreprefsall.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:program filesmozilla firefoxgreprefsall.js - pref("javascript.options.mem.high_water_mark", 32);

c:program filesmozilla firefoxgreprefsall.js - pref("javascript.options.mem.gc_frequency", 1600);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.lu", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.nu", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.nz", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--j6w193g", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.tel", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.auth.force-generic-ntlm", false);

c:program filesmozilla firefoxgreprefsall.js - pref("network.proxy.type", 5);

c:program filesmozilla firefoxgreprefsall.js - pref("network.buffer.cache.count", 24);

c:program filesmozilla firefoxgreprefsall.js - pref("network.buffer.cache.size", 4096);

c:program filesmozilla firefoxgreprefsall.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:program filesmozilla firefoxgreprefsall.js - pref("svg.smil.enabled", false);

c:program filesmozilla firefoxgreprefsall.js - pref("ui.trackpoint_hack.enabled", -1);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.debug", false);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.agedWeight", 2);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.bucketSize", 1);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.maxTimeGroupings", 25);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.timeGroupingSize", 604800);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.boundaryWeight", 25);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.prefixWeight", 5);

c:program filesmozilla firefoxgreprefsall.js - pref("accelerometer.enabled", true);

c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_availa ble_pref", true);

c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("lightweightThemes.update.enabled", true);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("browser.allTabs.previews", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("plugins.update.notifyUser", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("toolbar.customization.usesheet", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("browser.taskbar.previews.enable", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("browser.taskbar.previews.max", 20);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("browser.taskbar.previews.cachetime", 20);



============= SERVICES / DRIVERS ===============



R0 RapportKELL;RapportKELL;c:windowssystem32driversRapportKELL.sys [2010-11-4 58472]

R1 mfenlfk;McAfee NDIS Light Filter;c:windowssystem32driversmfenlfk.sys [2010-11-6 64304]

R1 mfewfpk;McAfee Inc. mfewfpk;c:windowssystem32driversmfewfpk.sys [2010-11-6 164808]

R1 RapportCerberus_19917;RapportCerberus_19917;c:programdatatrusteerrapport storeextsrapportcerberusbaselineRapportCerberus_19917.sys [2010-11-4 34792]

R1 RapportEI;RapportEI;c:program filestrusteerrapportbinRapportEI.sys [2010-11-4 62568]

R1 RapportPG;RapportPG;c:program filestrusteerrapportbinRapportPG.sys [2010-11-4 156776]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:program filescommon filesmcafeemcsvchostMcSvHost.exe" /McCoreSvc [2010-11-6 271480]

R2 McMPFSvc;McAfee Personal Firewall;"c:program filescommon filesmcafeemcsvchostMcSvHost.exe" /McCoreSvc [2010-11-6 271480]

R2 McNaiAnn;McAfee VirusScan Announcer;"c:program filescommon filesmcafeemcsvchostMcSvHost.exe" /McCoreSvc [2010-11-6 271480]

R2 mfefire;McAfee Firewall Core Service;c:program filescommon filesmcafeesystemcoremfefire.exe [2010-11-6 188136]

R2 mfevtp;McAfee Validation Trust Protection Service;c:windowssystem32mfevtps.exe [2010-11-6 141792]

R3 cfwids;McAfee Inc. cfwids;c:windowssystem32driverscfwids.sys [2010-11-6 55840]

R3 mfefirek;McAfee Inc. mfefirek;c:windowssystem32driversmfefirek.sys [2010-11-6 312904]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:program filescommon filessymantec sharedeengineEraserUtilRebootDrv.sys [2008-9-3 99376]

S3 FontCache;Windows Font Cache Service;c:windowssystem32svchost.exe -k LocalServiceAndNoImpersonation [2008-10-28 21504]

S3 fssfltr;FssFltr;c:windowssystem32driversfssfltr.sys [2010-11-6 39272]

S3 fsssvc;Windows Live Family Safety Service;c:program fileswindows livefamily safetyfsssvc.exe [2010-9-23 1493352]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:program filesmcafee security scan2.0.181McCHSvc.exe [2010-1-15 227232]

S3 mferkdet;McAfee Inc. mferkdet;c:windowssystem32driversmferkdet.sys [2010-11-6 84264]



=============== Created Last 30 ================



2010-11-08 23:12 --d----- c:usersxxxxappdataroamingTrusteer

2010-11-08 23:12 --d----- c:program filesTrusteer

2010-11-08 23:09 --d----- c:programdataTrusteer

2010-11-08 23:09 --d----- c:progra~2Trusteer

2010-11-08 21:56 --d----- c:usersxxxxappdataroamingHpUpdate

2010-11-07 21:51 56 a---h--- c:programdataezsidmv.dat

2010-11-07 21:51 56 a---h--- c:progra~2ezsidmv.dat

2010-11-07 21:48 --d--r-- c:program filesSkype

2010-11-07 21:48 --d----- c:programdataSkype

2010-11-07 21:30 47,536 a------- c:programdatanvModes.dat

2010-11-07 21:30 47,536 a------- c:progra~2nvModes.dat

2010-11-07 21:21 --d----- c:usersxxxx{f6fedcc4-f588-4ef4-b907-db262faf4f6b}

2010-11-07 21:08 938,272 a------- c:windowssystem32driversLV302V32.SYS

2010-11-07 21:08 348,160 a------- c:windowssystemmsvcr71.dll

2010-11-07 21:08 264,992 a------- c:windowssystem32lvcodec2.dll

2010-11-07 21:08 527,136 a------- c:windowssystem32LVUI2RC.dll

2010-11-07 21:08 215,840 a------- c:windowssystem32LVUI2.dll

2010-11-07 21:08 14,240 a------- c:windowssystem32driverslv302af.sys

2010-11-07 21:08 13,398 a------- c:windowssystem32Repository.reg

2010-11-07 21:08 50,127 a------- c:windowssystem32lvcoinst.ini

2010-11-07 21:08 41,504 a------- c:windowssystem32driversLVUSBSta.sys

2010-11-07 21:07 129,824 a------- c:windowssystem32lvci1051.dll

2010-11-07 21:05 --d----- c:programdataLogishrd

2010-11-07 21:05 --d----- c:programdataLogitech

2010-11-07 16:12 4,984 a------- c:windowssystem32driversnvphy.bin

2010-11-07 15:38 2,048 a------- c:windowssystem32winrsmgr.dll

2010-11-07 11:38 49,152 a------- c:windowssystem32E_DCINST.DLL

2010-11-07 11:38 86,528 a------- c:windowssystem32E_FLBCAE.DLL

2010-11-07 11:38 78,848 a------- c:windowssystem32E_FD4BCAE.DLL

2010-11-07 11:37 --d----- c:programdataEPSON

2010-11-07 11:37 --d----- c:progra~2EPSON

2010-11-07 00:14 --d----- c:program filesBroadcom

2010-11-06 23:31 356,352 a------- c:windowssystem32nvusmu.exe

2010-11-06 23:31 528 a------- c:windowssystem32nvsmu.nvu

2010-11-06 23:16 9,344 a------- c:windowssystem32driversmfeclnk.sys

2010-11-06 23:15 312,904 a------- c:windowssystem32driversmfefirek.sys

2010-11-06 23:15 164,808 a------- c:windowssystem32driversmfewfpk.sys

2010-11-06 23:15 152,992 a------- c:windowssystem32driversmfeavfk.sys

2010-11-06 23:15 84,264 a------- c:windowssystem32driversmferkdet.sys

2010-11-06 23:15 64,304 a------- c:windowssystem32driversmfenlfk.sys

2010-11-06 23:15 55,840 a------- c:windowssystem32driverscfwids.sys

2010-11-06 23:15 52,104 a------- c:windowssystem32driversmfebopk.sys

2010-11-06 23:15 --d----- c:program filescommon filesMcafee

2010-11-06 23:15 --d----- c:program filesMcAfee.com

2010-11-06 23:15 --d----- c:program filesMcAfee

2010-11-06 22:56 141,792 a------- c:windowssystem32mfevtps.exe

2010-11-06 22:31 --d----- c:program filesVideoLAN

2010-11-06 22:11 --d----- c:program filesWindows Portable Devices

2010-11-06 22:09 0 a---h--- c:windowssystem32driversMsft_User_WpdMtpDr_01_07_00.Wdf

2010-11-06 22:08 0 a---h--- c:windowssystem32driversMsft_User_WpdFs_01_07_00.Wdf

2010-11-06 22:00 41,520 a------- c:usersxxxxappdataroamingnvModes.dat

2010-11-06 21:02 --d----- c:windowsen

2010-11-06 21:01 39,272 a------- c:windowssystem32driversfssfltr.sys

2010-11-06 20:59 --d----- c:program filesMicrosoft SQL Server Compact Edition

2010-11-06 20:45 --d----- c:program filesMSN Toolbar

2010-11-06 20:43 --d----- c:program filesBing Bar Installer

2010-11-06 20:42 515,416 a------- c:windowssystem32XAudio2_5.dll

2010-11-06 20:42 69,464 a------- c:windowssystem32XAPOFX1_3.dll

2010-11-06 20:42 453,456 a------- c:windowssystem32d3dx10_42.dll

2010-11-06 20:42 3,426,072 a------- c:windowssystem32d3dx9_32.dll

2010-11-06 20:36 754,688 a------- c:windowssystem32webservices.dll

2010-11-06 20:34 1,164,800 a------- c:windowssystem32UIRibbonRes.dll

2010-11-06 20:34 92,672 a------- c:windowssystem32UIAnimation.dll

2010-11-06 20:34 3,023,360 a------- c:windowssystem32UIRibbon.dll

2010-11-06 20:30 81,920 a------- c:windowssystem32wpdbusenum.dll

2010-11-06 20:27 555,520 a------- c:windowssystem32UIAutomationCore.dll

2010-11-06 20:27 234,496 a------- c:windowssystem32oleacc.dll

2010-11-06 20:27 4,096 a------- c:windowssystem32oleaccrc.dll

2010-11-06 20:19 --d----- c:usersxxxxappdataroamingAVG10

2010-11-06 20:17 --d----- c:usersxxxx

2010-11-06 17:32 420,352 a------- c:windowssystem32vbscript.dll

2010-11-06 12:39 49,152 a------- c:windowsocsetup_cbs_install_MicrosoftWindowsPowerShell.perf

2010-11-06 12:39 16,384 a------- c:windowsocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx

2010-11-06 12:39 4,030,464 a------- c:windowsocsetup_install_MicrosoftWindowsPowerShell.etl

2010-11-06 12:39 --d----- c:program filesMicrosoft ATS

2010-11-06 12:03 --d----- c:windowssystem32eu-ES

2010-11-06 12:03 --d----- c:windowssystem32ca-ES

2010-11-06 12:03 --d----- c:windowssystem32vi-VN

2010-11-06 12:00 0 a---h--- c:windowssystem32driversMsft_User_WpdFs_01_00_00.Wdf

2010-11-06 11:58 0 a---h--- c:windowssystem32driversMsft_User_WpdMtpDr_01_00_00.Wdf

2010-11-06 11:29 --d----- c:windowssystem32EventProviders

2010-11-06 10:18 1,638,912 a------- c:windowssystem32mshtml.tlb

2010-11-06 10:18 43,520 a------- c:windowssystem32licmgr10.dll

2010-11-06 10:18 71,680 a------- c:windowssystem32iesetup.dll

2010-11-06 10:14 72,704 a------- c:windowssystem32admparse.dll

2010-11-06 05:22 12,240,896 a------- c:windowssystem32NlsLexicons0007.dll

2010-11-06 05:22 3,408,896 a------- c:windowssystem32SLsvc.exe

2010-11-06 05:22 1,081,344 a------- c:windowssystem32SLCExt.dll

2010-11-06 05:22 2,134,528 a------- c:windowssystem32FunctionDiscoveryFolder.dll

2010-11-06 05:22 65,536 a------- c:windowssystem32DevicePairingWizard.exe

2010-11-06 05:22 2,644,480 a------- c:windowssystem32NlsLexicons0009.dll

2010-11-06 05:20 1,362,944 a------- c:windowssystem32wbemcimwin32.dll

2010-11-06 05:19 1,135,104 a------- c:windowssystem32mfc42.dll

2010-11-06 05:18 323,584 a------- c:windowssystem32certcli.dll

2010-11-06 05:17 155,648 a------- c:windowssystem32wscript.exe

2010-11-06 05:16 1,544,704 a------- c:windowssystem32MSVidCtl.dll

2010-11-06 05:15 17,408 a------- c:windowssystem32midimap.dll

2010-11-06 05:14 247,808 a------- c:windowssystem32drvstore.dll

2010-11-06 04:26 18,904 a------- c:windowssystem32StructuredQuerySchemaTrivial.bin

2010-11-06 04:26 11,967,524 a------- c:windowssystem32korwbrkr.lex

2010-11-06 03:33 8,147,456 a------- c:windowssystem32wmploc.DLL

2010-11-06 03:29 1,696,256 a------- c:windowssystem32gameux.dll

2010-11-06 03:29 28,672 a------- c:windowssystem32Apphlpdm.dll

2010-11-06 03:29 4,240,384 a------- c:windowssystem32GameUXLegacyGDFs.dll

2010-11-06 03:26 3,600,768 a------- c:windowssystem32ntkrnlpa.exe

2010-11-06 03:26 3,548,040 a------- c:windowssystem32ntoskrnl.exe

2010-11-06 03:18 1,130,824 a------- c:windowssystem32dfshim.dll

2010-11-06 03:18 297,808 a------- c:windowssystem32mscoree.dll

2010-11-06 03:18 295,264 a------- c:windowssystem32PresentationHost.exe

2010-11-06 03:18 99,176 a------- c:windowssystem32PresentationHostProxy.dll

2010-11-06 03:18 49,472 a------- c:windowssystem32netfxperf.dll

2010-11-06 03:12 304,128 a------- c:windowssystem32driverssrv.sys

2010-11-06 03:12 145,408 a------- c:windowssystem32driverssrv2.sys

2010-11-06 03:12 125,952 a------- c:windowssystem32srvsvc.dll

2010-11-06 03:12 102,400 a------- c:windowssystem32driverssrvnet.sys

2010-11-06 03:12 17,920 a------- c:windowssystem32netevent.dll

2010-11-06 03:10 502,272 a------- c:windowssystem32usp10.dll

2010-11-06 03:10 2,048 a------- c:windowssystem32tzres.dll

2010-11-06 03:06 274,944 a------- c:windowssystem32schannel.dll

2010-11-06 03:05 81,920 a------- c:windowssystem32iccvid.dll

2010-11-06 03:04 67,072 a------- c:windowssystem32asycfilt.dll

2010-11-06 03:03 905,088 a------- c:windowssystem32driverstcpip.sys

2010-11-06 03:02 1,316,864 a------- c:windowssystem32ole32.dll

2010-11-06 02:58 128,000 a------- c:windowssystem32spoolsv.exe

2010-11-06 02:58 157,184 a------- c:windowssystem32t2embed.dll

2010-11-06 02:56 317,952 a------- c:windowssystem32MP4SDECD.DLL

2010-11-06 02:56 289,792 a------- c:windowssystem32atmfd.dll

2010-11-06 02:56 34,304 a------- c:windowssystem32atmlib.dll

2010-11-06 02:56 954,752 a------- c:windowssystem32mfc40.dll

2010-11-06 02:56 954,288 a------- c:windowssystem32mfc40u.dll

2010-11-06 02:55 36,864 a------- c:windowssystem32rtutils.dll

2010-11-06 02:55 2,038,272 a------- c:windowssystem32win32k.sys

2010-11-06 02:55 231,424 a------- c:windowssystem32msshsq.dll

2010-11-06 02:54 867,328 a------- c:windowssystem32wmpmde.dll

2010-11-06 02:54 1,248,768 a------- c:windowssystem32msxml3.dll

2010-11-06 02:50 --d----- c:programdataWindowsSearch

2010-11-06 02:26 739,328 a------- c:windowssystem32inetcomm.dll

2010-11-06 02:18 531,968 a------- c:windowssystem32comctl32.dll

2010-11-06 02:06 --d-h--- c:programdataCommon Files

2010-11-06 02:06 --d-h--- c:progra~2Common Files

2010-11-06 01:58 --d----- c:programdataAVG10

2010-11-06 01:58 --d----- c:progra~2AVG10

2010-11-06 01:54 --d----- c:program filesAVG

2010-11-06 01:45 --d----- c:programdataMcAfee Security Scan

2010-11-06 01:45 --d----- c:progra~2McAfee Security Scan

2010-11-06 01:45 --d----- c:program filesMcAfee Security Scan

2010-11-06 01:36 --d----- c:programdataMFAData

2010-11-06 01:36 --d----- c:progra~2MFAData

2010-11-06 01:11 629 a------- c:windowssystem32mapisvc.inf

2010-11-06 00:54 --d----- c:program filesiPod

2010-11-06 00:53 --d----- c:programdata{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-11-06 00:53 --d----- c:progra~2{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-11-06 00:42 --d----- c:program filesBonjour

2010-11-06 00:01 --d----- c:program filesMicrosoft

2010-11-05 23:57 --d----- c:program filescommon filesWindows Live

2010-11-05 23:47 --d----- c:programdataOffice Genuine Advantage

2010-11-05 23:11 --d----- C:PerfLogs

2010-11-05 21:24 --d----- c:programdataSun

2010-11-05 21:22 472,808 a------- c:windowssystem32deployJava1.dll

2010-11-04 03:26 58,472 a------- c:windowssystem32driversRapportKELL.sys

2010-10-15 17:23 --d----- c:programdataMcAfee

2010-10-13 22:28 386,840 a------- c:windowssystem32driversmfehidk.sys

2010-10-13 22:28 95,600 a------- c:windowssystem32driversmfeapfk.sys



==================== Find3M ====================



2010-11-08 12:36 143,360 a------- c:windowsinfinfstrng.dat

2010-11-08 12:36 143,360 a------- c:windowsinfinfstor.dat

2010-11-08 12:36 86,016 a------- c:windowsinfinfpub.dat

2010-11-06 22:10 665,600 a------- c:windowsinfdrvindex.dat

2010-11-05 23:41 174 a--sh--- c:program filesdesktop.ini

2010-11-05 22:43 101,888 a------- c:windowssystem32ifxcardm.dll

2010-11-05 22:43 82,432 a------- c:windowssystem32axaltocm.dll

2010-10-19 11:41 222,080 -------- c:windowssystem32MpSigStub.exe

2010-09-28 19:42 137,704 a------- c:windowsHPHins15.dat

2010-09-23 00:47 49,016 a------- c:windowssystem32sirenacm.dll

2010-09-23 00:32 301,936 a------- c:windowsWLXPGSS.SCR

2010-09-08 06:01 916,480 a------- c:windowssystem32wininet.dll

2010-09-08 05:56 109,056 a------- c:windowssystem32iesysprep.dll

2010-09-08 04:26 133,632 a------- c:windowssystem32ieUnatt.exe

2010-08-26 16:33 173,056 a------- c:windowsapppatchAcXtrnal.dll

2010-08-26 16:33 2,159,616 a------- c:windowsapppatchAcGenral.dll

2010-08-26 16:33 542,720 a------- c:windowsapppatchAcLayers.dll

2010-08-26 16:33 458,752 a------- c:windowsapppatchAcSpecfc.dll

2006-11-02 12:42 287,440 a------- c:windowsinfperflib409perfi.dat

2006-11-02 12:42 287,440 a------- c:windowsinfperflib409perfh.dat

2006-11-02 12:42 30,674 a------- c:windowsinfperflib409perfd.dat

2006-11-02 12:42 30,674 a------- c:windowsinfperflib409perfc.dat

2006-11-02 09:20 287,440 a------- c:windowsinfperflib000perfi.dat

2006-11-02 09:20 287,440 a------- c:windowsinfperflib000perfh.dat

2006-11-02 09:20 30,674 a------- c:windowsinfperflib000perfd.dat

2006-11-02 09:20 30,674 a------- c:windowsinfperflib000perfc.dat

2008-01-19 07:33 397,312 a--sh--- c:windowswinsxsx86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fbWinMail.exe

2008-01-19 07:33 397,312 a--sh--- c:windowswinsxsx86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47WinMail.exe



============= FINISH: 20:48:35.44 ===============














Attached Files



Attach.txt (10.6 KB)


ark.txt.log (95.1 KB)
View complete forum thread


Related threads

Virus and Malware software cannot update.

Virus and Malware software cannot update.

Virus and Malware software cannot update.

malware removal needed?

Removed viruses and Malware, but something was missed

malware removal and new virus protection

Vista O/S MDM window popping up, virus needs removing

Pc virus and malware removed but pc very slow now

Solved: Removing McAfee question

Virus and Malware Help-Part 1

Virus problem and can't post in malware removal thread

Unremovable virus or malware problem?

Minowal Virus Removal

Suspect Virus & Strange Behaviour

Problem with Internet Browsing After Malware Removal

Virus/malware removal - Browser hijacked

Need Help with virus/malware removal

Anti-Virus/Anti-Malware for Small Business

Blue Screen Errors/ Poor Performance... HELP...no response since April 25th

Constant redirecting - access denied to malware removal programs - pop ups!!!!

Don't know if it virus or malware

Nasty Virus or Malware

Tried every virus and spyware removal programs but still have infection

Virus or Malware I think