McAfee reports buffer overlow

Inherited Presario F560EM running slow. Had the machine three days. Fubar wifi card (HP 441090-002) removed awaiting replacement so running wired. Installed BT NetProtect Plus (McAfee) and fully updated windows. First full McAfee scan reported two trojans (which were tagged as cleaned) and 77 buffer-overflows. Used add/remove to uninstall Bit-Torrent/DNA. Reluctant to re-install windows due useful installed software. Buffer-overflows continue to be reported. The chkdsk that runs after scheduling via Vista hangs at crcdisc.sys although I managed to run a successful chkdsk via a recovery CD; it found and fixed errors.



Requested files included. Note that I have attached the ark.txt file as it is rather large.



Thank you in advance.



Senra

=========================================================================== ====

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:35:46, on 10/11/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18975)

Boot mode: Normal



Running processes:

C:Windowssystem32taskeng.exe

C:WindowsExplorer.EXE

C:Windowssystem32Dwm.exe

C:Program FilesSynapticsSynTPSynTPEnh.exe

C:Program FilesHpHP Software Updatehpwuschd2.exe

C:Program FilesHpQuickPlayQPService.exe

C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe

C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe

C:Program FilesQuickTimeQTTask.exe

C:Program FilesiTunesiTunesHelper.exe

C:Program FilesMcAfee.comAgentmcagent.exe

C:WINDOWSSystem32rundll32.exe

C:Program FilesCommon FilesLogiShrdLComMgrCommunications_Helper.exe

C:Program FilesLogitechQuickCam10QuickCam10.exe

C:Program FilesWindows Sidebarsidebar.exe

C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe

C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE

C:Program FilesWindows Sidebarsidebar.exe

C:Program FilesCommon FilesLogiShrdLComMgrLVComSX.exe

C:Program FilesCommon FilesLogishrdLQCVFXCOCIManager.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Program FilesMozilla Firefoxplugin-container.exe

C:Windowssystem32DllHost.exe

c:PROGRA~1mcafeeVIRUSS~1mcvsshld.exe

C:UsersxxxxDownloadsHijackThis.exe



R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6binssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program FilesCommon FilesMcAfeeSystemCoreScriptSn.20101106231654.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:Program FilesWindows LiveCompanioncompanioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll

O3 - Toolbar: @C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide

O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe

O4 - HKLM..Run: [HP Software Update] C:Program FilesHpHP Software UpdateHPWuSchd2.exe

O4 - HKLM..Run: [QPService] "C:Program FilesHPQuickPlayQPService.exe"

O4 - HKLM..Run: [QlbCtrl] %ProgramFiles%Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start

O4 - HKLM..Run: [HP Health Check Scheduler] C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe

O4 - HKLM..Run: [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe

O4 - HKLM..Run: [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe

O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe

O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime

O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"

O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6binjusched.exe"

O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe"

O4 - HKLM..Run: [Adobe ARM] "C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe"

O4 - HKLM..Run: [mcui_exe] "C:Program FilesMcAfee.comAgentmcagent.exe" /runkey

O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup

O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit

O4 - HKLM..Run: [LogitechCommunicationsManager] "C:Program FilesCommon FilesLogiShrdLComMgrCommunications_Helper.exe"

O4 - HKLM..Run: [LogitechQuickCamRibbon] "C:Program FilesLogitechQuickCam10QuickCam10.exe" /hide

O4 - HKLM..RunOnce: [Launcher] %WINDIR%SMINSTlauncher.exe

O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000

O9 - Extra button: @C:Program FilesWindows LiveCompanioncompanionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:Program FilesWindows LiveCompanioncompanioncore.dll

O9 - Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3Office12REFIEBAR.DLL

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:Windowssystem32browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe

O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4Qlb.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardSharedhpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesRoxioRoxio MyDVD Basic v9InstallShieldDriver1050Intel 32IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WindowsSystem32LEXBCES.EXE

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:program filescommon fileslogishrdlvmvfmLVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:Program FilesCommon FilesLogiShrdSrvLnchSrvLnch.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe

O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:Program FilesMcAfeeVirusScanmcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

O23 - Service: McShield - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeSystemCore\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeSystemCore\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:Windowssystem32mfevtps.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:Windowssystem32nvvsvc.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:Program FilesTrusteerRapportbinRapportMgmtService.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe



--

End of file - 12453 bytes



DDS (Ver_09-09-29.01) - NTFSx86

Run by xxxx at 20:38:39.82 on 10/11/2010

Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_22

Microsoft® Windows Vistatm Home Premium 6.0.6002.2.1252.44.1033.18.958.80 [GMT 0:00]



SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}



============== Running Processes ===============



C:Windowssystem32wininit.exe

C:Windowssystem32lsm.exe

C:Windowssystem32svchost.exe -k DcomLaunch

C:Windowssystem32nvvsvc.exe

C:Windowssystem32svchost.exe -k rpcss

C:Program FilesTrusteerRapportbinRapportMgmtService.exe

C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted

C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted

c:program filescommon fileslogishrdlvmvfmLVPrcSrv.exe

C:Windowssystem32svchost.exe -k netsvcs

C:Windowssystem32svchost.exe -k GPSvcGroup

C:Windowssystem32SLsvc.exe

C:Windowssystem32svchost.exe -k LocalService

C:Windowssystem32rundll32.exe

C:Windowssystem32svchost.exe -k NetworkService

C:WindowsSystem32LEXBCES.EXE

C:WindowsSystem32LEXPPS.EXE

C:WindowsSystem32spoolsv.exe

C:Windowssystem32svchost.exe -k LocalServiceNoNetwork

C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe

C:Program FilesBonjourmDNSResponder.exe

C:Program FilesCommon FilesLightScribeLSSrvc.exe

C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

C:Windowssystem32mfevtps.exe

C:WindowsSystem32svchost.exe -k HPZ12

C:WindowsSystem32svchost.exe -k HPZ12

C:Windowssystem32rundll32.exe

C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted

C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe

C:Windowssystem32svchost.exe -k imgsvc

C:WindowsSystem32svchost.exe -k WerSvcGroup

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE

C:Windowssystem32SearchIndexer.exe

C:Program FilesHewlett-PackardSharedhpqwmiex.exe

C:Program FilesCommon FilesMcAfeeSystemCoremcshield.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe

C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe

C:Windowssystem32taskeng.exe

C:Windowssystem32taskeng.exe

C:WindowsExplorer.EXE

C:Windowssystem32Dwm.exe

C:Program FilesTrusteerRapportbinRapportService.exe

C:Program FilesSynapticsSynTPSynTPEnh.exe

C:Program FilesHpHP Software Updatehpwuschd2.exe

C:Program FilesHpQuickPlayQPService.exe

C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe

C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe

C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe

C:Program FilesQuickTimeQTTask.exe

C:Program FilesiTunesiTunesHelper.exe

C:Program FilesMcAfee.comAgentmcagent.exe

C:WINDOWSSystem32rundll32.exe

C:Program FilesCommon FilesLogiShrdLComMgrCommunications_Helper.exe

C:Program FilesLogitechQuickCam10QuickCam10.exe

C:Program FilesWindows Sidebarsidebar.exe

C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe

C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE

C:Windowssystem32wbemwmiprvse.exe

C:Program FilesWindows Sidebarsidebar.exe

C:Program FilesCommon FilesLogiShrdLComMgrLVComSX.exe

C:Program FilesSynapticsSynTPSynTPHelper.exe

C:Program FilesiPodbiniPodService.exe

C:Program FilesCommon FilesLogishrdLQCVFXCOCIManager.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Program FilesMozilla Firefoxplugin-container.exe

C:Windowssystem32vssvc.exe

C:WindowsSystem32svchost.exe -k swprv

C:Windowssystem32DllHost.exe

c:PROGRA~1mcafeeVIRUSS~1mcvsshld.exe

C:Program FilesCommon FilesMcAfeeCoremchost.exe

C:UsersxxxxDownloadsHijackThis.exe

C:Windowssystem32SearchProtocolHost.exe

C:Windowssystem32SearchFilterHost.exe

C:UsersxxxxDownloadsdds.com

C:Windowssystem32wbemwmiprvse.exe



============== Pseudo HJT Report ===============



uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=PRESARIO&pf=laptop

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=PRESARIO&pf=laptop

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=PRESARIO&pf=laptop

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=PRESARIO&pf=laptop

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:program filesmicrosoftsearch enhancement packsearch helperSEPsearchhelperie.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:program filesjavajre6binssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:program filescommon filesmcafeesystemcoreScriptSn.20101106231654.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:program fileswindows livecompanioncompanioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:program filesgooglegoogletoolbar2.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:progra~1mcafeesitead~1mcieplg.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:program filesmsn toolbarplatform6.3.2322.0npwinext.dll

BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll

TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:program filesgooglegoogletoolbar2.dll

TB: @c:program filesmsn toolbarplatform6.3.2322.0npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:program filesmsn toolbarplatform6.3.2322.0npwinext.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:progra~1mcafeesitead~1mcieplg.dll

{555d4d79-4bd2-4094-a395-cfc534424a05}

uRun: [Sidebar] c:program fileswindows sidebarsidebar.exe /autoRun

mRun: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide

mRun: [SynTPEnh] c:program filessynapticssyntpSynTPEnh.exe

mRun: [HP Software Update] c:program fileshphp software updateHPWuSchd2.exe

mRun: [QPService] "c:program fileshpquickplayQPService.exe"

mRun: [QlbCtrl] %ProgramFiles%Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start

mRun: [HP Health Check Scheduler] c:program fileshewlett-packardhp health checkHPHC_Scheduler.exe

mRun: [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe

mRun: [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe

mRun: [AppleSyncNotifier] c:program filescommon filesapplemobile device supportAppleSyncNotifier.exe

mRun: []

mRun: [QuickTime Task] "c:program filesquicktimeQTTask.exe" -atboottime

mRun: [iTunesHelper] "c:program filesitunesiTunesHelper.exe"

mRun: [SunJavaUpdateSched] "c:program filesjavajre6binjusched.exe"

mRun: [Adobe Reader Speed Launcher] "c:program filesadobereader 9.0readerReader_sl.exe"

mRun: [Adobe ARM] "c:program filescommon filesadobearm1.0AdobeARM.exe"

mRun: [mcui_exe] "c:program filesmcafee.comagentmcagent.exe" /runkey

mRun: [NvCplDaemon] RUNDLL32.EXE c:windowssystem32NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:windowssystem32NvMcTray.dll,NvTaskbarInit

mRun: [LogitechCommunicationsManager] "c:program filescommon fileslogishrdlcommgrCommunications_Helper.exe"

mRun: [LogitechQuickCamRibbon] "c:program fileslogitechquickcam10QuickCam10.exe" /hide

mRunOnce: [Launcher] %WINDIR%SMINSTlauncher.exe

StartupFolder: c:usersxxxxappdataroamingmicros~1windowsstartm~1programsstartupon enot~1.lnk - c:program filesmicrosoft officeoffice12ONENOTEM.EXE

StartupFolder: c:progra~2micros~1windowsstartm~1programsstartupmcafee~1.lnk - c:program filesmcafee security scan2.0.181SSScheduler.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:progra~1micros~3office12EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:program fileswindows livecompanioncompanioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:program fileswindows livewriterWriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:progra~1micros~3office12ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1micros~3office12REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:progra~1mcafeesitead~1McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:progra~1mcafeesitead~1McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:progra~1common~1skypeSKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:program fileswindows livephoto galleryAlbumDownloadProtocolHandler.dll



================= FIREFOX ===================



FF - ProfilePath - c:usersxxxxappdataroamingmozillafirefoxprofilesg0d37wv3.default

FF - prefs.js: network.proxy.type - 0

FF - component: c:program filesmcafeesiteadvisorcomponentsMcFFPlg.dll

FF - component: c:program filesmozilla firefoxextensions{ab2ce124-6272-4b12-94a9-7303c7397bd1}componentsSkypeFfComponent.dll

FF - plugin: c:program filesjavajre6binnew_pluginnpdeployJava1.dll

FF - plugin: c:program fileswindows livephoto galleryNPWLPG.dll

FF - plugin: c:usersxxxxappdatalocalyahoo!browserplus2.9.8pluginsnpybrowserplus _2.9.8.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:windowsmicrosoft.netframeworkv3.5windows presentation foundationdotnetassistantextension

FF - HiddenExtension: Java Console: No Registry Reference - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}



---- FIREFOX POLICIES ----

c:program filesmozilla firefoxgreprefsall.js - pref("ui.use_native_colors", true);

c:program filesmozilla firefoxgreprefsall.js - pref("ui.use_native_popup_windows", false);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.enable_click_image_resizing", true);

c:program filesmozilla firefoxgreprefsall.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:program filesmozilla firefoxgreprefsall.js - pref("javascript.options.mem.high_water_mark", 32);

c:program filesmozilla firefoxgreprefsall.js - pref("javascript.options.mem.gc_frequency", 1600);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.lu", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.nu", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.nz", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--j6w193g", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

c:program filesmozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.tel", true);

c:program filesmozilla firefoxgreprefsall.js - pref("network.auth.force-generic-ntlm", false);

c:program filesmozilla firefoxgreprefsall.js - pref("network.proxy.type", 5);

c:program filesmozilla firefoxgreprefsall.js - pref("network.buffer.cache.count", 24);

c:program filesmozilla firefoxgreprefsall.js - pref("network.buffer.cache.size", 4096);

c:program filesmozilla firefoxgreprefsall.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:program filesmozilla firefoxgreprefsall.js - pref("svg.smil.enabled", false);

c:program filesmozilla firefoxgreprefsall.js - pref("ui.trackpoint_hack.enabled", -1);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.debug", false);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.agedWeight", 2);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.bucketSize", 1);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.maxTimeGroupings", 25);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.timeGroupingSize", 604800);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.boundaryWeight", 25);

c:program filesmozilla firefoxgreprefsall.js - pref("browser.formfill.prefixWeight", 5);

c:program filesmozilla firefoxgreprefsall.js - pref("accelerometer.enabled", true);

c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_availa ble_pref", true);

c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("lightweightThemes.update.enabled", true);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("browser.allTabs.previews", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("plugins.update.notifyUser", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("toolbar.customization.usesheet", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("browser.taskbar.previews.enable", false);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("browser.taskbar.previews.max", 20);

c:program filesmozilla firefoxdefaultspreffirefox.js - pref("browser.taskbar.previews.cachetime", 20);



============= SERVICES / DRIVERS ===============



R0 RapportKELL;RapportKELL;c:windowssystem32driversRapportKELL.sys [2010-11-4 58472]

R1 mfenlfk;McAfee NDIS Light Filter;c:windowssystem32driversmfenlfk.sys [2010-11-6 64304]

R1 mfewfpk;McAfee Inc. mfewfpk;c:windowssystem32driversmfewfpk.sys [2010-11-6 164808]

R1 RapportCerberus_19917;RapportCerberus_19917;c:programdatatrusteerrapport storeextsrapportcerberusbaselineRapportCerberus_19917.sys [2010-11-4 34792]

R1 RapportEI;RapportEI;c:program filestrusteerrapportbinRapportEI.sys [2010-11-4 62568]

R1 RapportPG;RapportPG;c:program filestrusteerrapportbinRapportPG.sys [2010-11-4 156776]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:program filescommon filesmcafeemcsvchostMcSvHost.exe" /McCoreSvc [2010-11-6 271480]

R2 McMPFSvc;McAfee Personal Firewall;"c:program filescommon filesmcafeemcsvchostMcSvHost.exe" /McCoreSvc [2010-11-6 271480]

R2 McNaiAnn;McAfee VirusScan Announcer;"c:program filescommon filesmcafeemcsvchostMcSvHost.exe" /McCoreSvc [2010-11-6 271480]

R2 mfefire;McAfee Firewall Core Service;c:program filescommon filesmcafeesystemcoremfefire.exe [2010-11-6 188136]

R2 mfevtp;McAfee Validation Trust Protection Service;c:windowssystem32mfevtps.exe [2010-11-6 141792]

R3 cfwids;McAfee Inc. cfwids;c:windowssystem32driverscfwids.sys [2010-11-6 55840]

R3 mfefirek;McAfee Inc. mfefirek;c:windowssystem32driversmfefirek.sys [2010-11-6 312904]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:program filescommon filessymantec sharedeengineEraserUtilRebootDrv.sys [2008-9-3 99376]

S3 FontCache;Windows Font Cache Service;c:windowssystem32svchost.exe -k LocalServiceAndNoImpersonation [2008-10-28 21504]

S3 fssfltr;FssFltr;c:windowssystem32driversfssfltr.sys [2010-11-6 39272]

S3 fsssvc;Windows Live Family Safety Service;c:program fileswindows livefamily safetyfsssvc.exe [2010-9-23 1493352]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:program filesmcafee security scan2.0.181McCHSvc.exe [2010-1-15 227232]

S3 mferkdet;McAfee Inc. mferkdet;c:windowssystem32driversmferkdet.sys [2010-11-6 84264]



=============== Created Last 30 ================



2010-11-08 23:12 --d----- c:usersxxxxappdataroamingTrusteer

2010-11-08 23:12 --d----- c:program filesTrusteer

2010-11-08 23:09 --d----- c:programdataTrusteer

2010-11-08 23:09 --d----- c:progra~2Trusteer

2010-11-08 21:56 --d----- c:usersxxxxappdataroamingHpUpdate

2010-11-07 21:51 56 a---h--- c:programdataezsidmv.dat

2010-11-07 21:51 56 a---h--- c:progra~2ezsidmv.dat

2010-11-07 21:48 --d--r-- c:program filesSkype

2010-11-07 21:48 --d----- c:programdataSkype

2010-11-07 21:30 47,536 a------- c:programdatanvModes.dat

2010-11-07 21:30 47,536 a------- c:progra~2nvModes.dat

2010-11-07 21:21 --d----- c:usersxxxx{f6fedcc4-f588-4ef4-b907-db262faf4f6b}

2010-11-07 21:08 938,272 a------- c:windowssystem32driversLV302V32.SYS

2010-11-07 21:08 348,160 a------- c:windowssystemmsvcr71.dll

2010-11-07 21:08 264,992 a------- c:windowssystem32lvcodec2.dll

2010-11-07 21:08 527,136 a------- c:windowssystem32LVUI2RC.dll

2010-11-07 21:08 215,840 a------- c:windowssystem32LVUI2.dll

2010-11-07 21:08 14,240 a------- c:windowssystem32driverslv302af.sys

2010-11-07 21:08 13,398 a------- c:windowssystem32Repository.reg

2010-11-07 21:08 50,127 a------- c:windowssystem32lvcoinst.ini

2010-11-07 21:08 41,504 a------- c:windowssystem32driversLVUSBSta.sys

2010-11-07 21:07 129,824 a------- c:windowssystem32lvci1051.dll

2010-11-07 21:05 --d----- c:programdataLogishrd

2010-11-07 21:05 --d----- c:programdataLogitech

2010-11-07 16:12 4,984 a------- c:windowssystem32driversnvphy.bin

2010-11-07 15:38 2,048 a------- c:windowssystem32winrsmgr.dll

2010-11-07 11:38 49,152 a------- c:windowssystem32E_DCINST.DLL

2010-11-07 11:38 86,528 a------- c:windowssystem32E_FLBCAE.DLL

2010-11-07 11:38 78,848 a------- c:windowssystem32E_FD4BCAE.DLL

2010-11-07 11:37 --d----- c:programdataEPSON

2010-11-07 11:37 --d----- c:progra~2EPSON

2010-11-07 00:14 --d----- c:program filesBroadcom

2010-11-06 23:31 356,352 a------- c:windowssystem32nvusmu.exe

2010-11-06 23:31 528 a------- c:windowssystem32nvsmu.nvu

2010-11-06 23:16 9,344 a------- c:windowssystem32driversmfeclnk.sys

2010-11-06 23:15 312,904 a------- c:windowssystem32driversmfefirek.sys

2010-11-06 23:15 164,808 a------- c:windowssystem32driversmfewfpk.sys

2010-11-06 23:15 152,992 a------- c:windowssystem32driversmfeavfk.sys

2010-11-06 23:15 84,264 a------- c:windowssystem32driversmferkdet.sys

2010-11-06 23:15 64,304 a------- c:windowssystem32driversmfenlfk.sys

2010-11-06 23:15 55,840 a------- c:windowssystem32driverscfwids.sys

2010-11-06 23:15 52,104 a------- c:windowssystem32driversmfebopk.sys

2010-11-06 23:15 --d----- c:program filescommon filesMcafee

2010-11-06 23:15 --d----- c:program filesMcAfee.com

2010-11-06 23:15 --d----- c:program filesMcAfee

2010-11-06 22:56 141,792 a------- c:windowssystem32mfevtps.exe

2010-11-06 22:31 --d----- c:program filesVideoLAN

2010-11-06 22:11 --d----- c:program filesWindows Portable Devices

2010-11-06 22:09 0 a---h--- c:windowssystem32driversMsft_User_WpdMtpDr_01_07_00.Wdf

2010-11-06 22:08 0 a---h--- c:windowssystem32driversMsft_User_WpdFs_01_07_00.Wdf

2010-11-06 22:00 41,520 a------- c:usersxxxxappdataroamingnvModes.dat

2010-11-06 21:02 --d----- c:windowsen

2010-11-06 21:01 39,272 a------- c:windowssystem32driversfssfltr.sys

2010-11-06 20:59 --d----- c:program filesMicrosoft SQL Server Compact Edition

2010-11-06 20:45 --d----- c:program filesMSN Toolbar

2010-11-06 20:43 --d----- c:program filesBing Bar Installer

2010-11-06 20:42 515,416 a------- c:windowssystem32XAudio2_5.dll

2010-11-06 20:42 69,464 a------- c:windowssystem32XAPOFX1_3.dll

2010-11-06 20:42 453,456 a------- c:windowssystem32d3dx10_42.dll

2010-11-06 20:42 3,426,072 a------- c:windowssystem32d3dx9_32.dll

2010-11-06 20:36 754,688 a------- c:windowssystem32webservices.dll

2010-11-06 20:34 1,164,800 a------- c:windowssystem32UIRibbonRes.dll

2010-11-06 20:34 92,672 a------- c:windowssystem32UIAnimation.dll

2010-11-06 20:34 3,023,360 a------- c:windowssystem32UIRibbon.dll

2010-11-06 20:30 81,920 a------- c:windowssystem32wpdbusenum.dll

2010-11-06 20:27 555,520 a------- c:windowssystem32UIAutomationCore.dll

2010-11-06 20:27 234,496 a------- c:windowssystem32oleacc.dll

2010-11-06 20:27 4,096 a------- c:windowssystem32oleaccrc.dll

2010-11-06 20:19 --d----- c:usersxxxxappdataroamingAVG10

2010-11-06 20:17 --d----- c:usersxxxx

2010-11-06 17:32 420,352 a------- c:windowssystem32vbscript.dll

2010-11-06 12:39 49,152 a------- c:windowsocsetup_cbs_install_MicrosoftWindowsPowerShell.perf

2010-11-06 12:39 16,384 a------- c:windowsocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx

2010-11-06 12:39 4,030,464 a------- c:windowsocsetup_install_MicrosoftWindowsPowerShell.etl

2010-11-06 12:39 --d----- c:program filesMicrosoft ATS

2010-11-06 12:03 --d----- c:windowssystem32eu-ES

2010-11-06 12:03 --d----- c:windowssystem32ca-ES

2010-11-06 12:03 --d----- c:windowssystem32vi-VN

2010-11-06 12:00 0 a---h--- c:windowssystem32driversMsft_User_WpdFs_01_00_00.Wdf

2010-11-06 11:58 0 a---h--- c:windowssystem32driversMsft_User_WpdMtpDr_01_00_00.Wdf

2010-11-06 11:29 --d----- c:windowssystem32EventProviders

2010-11-06 10:18 1,638,912 a------- c:windowssystem32mshtml.tlb

2010-11-06 10:18 43,520 a------- c:windowssystem32licmgr10.dll

2010-11-06 10:18 71,680 a------- c:windowssystem32iesetup.dll

2010-11-06 10:14 72,704 a------- c:windowssystem32admparse.dll

2010-11-06 05:22 12,240,896 a------- c:windowssystem32NlsLexicons0007.dll

2010-11-06 05:22 3,408,896 a------- c:windowssystem32SLsvc.exe

2010-11-06 05:22 1,081,344 a------- c:windowssystem32SLCExt.dll

2010-11-06 05:22 2,134,528 a------- c:windowssystem32FunctionDiscoveryFolder.dll

2010-11-06 05:22 65,536 a------- c:windowssystem32DevicePairingWizard.exe

2010-11-06 05:22 2,644,480 a------- c:windowssystem32NlsLexicons0009.dll

2010-11-06 05:20 1,362,944 a------- c:windowssystem32wbemcimwin32.dll

2010-11-06 05:19 1,135,104 a------- c:windowssystem32mfc42.dll

2010-11-06 05:18 323,584 a------- c:windowssystem32certcli.dll

2010-11-06 05:17 155,648 a------- c:windowssystem32wscript.exe

2010-11-06 05:16 1,544,704 a------- c:windowssystem32MSVidCtl.dll

2010-11-06 05:15 17,408 a------- c:windowssystem32midimap.dll

2010-11-06 05:14 247,808 a------- c:windowssystem32drvstore.dll

2010-11-06 04:26 18,904 a------- c:windowssystem32StructuredQuerySchemaTrivial.bin

2010-11-06 04:26 11,967,524 a------- c:windowssystem32korwbrkr.lex

2010-11-06 03:33 8,147,456 a------- c:windowssystem32wmploc.DLL

2010-11-06 03:29 1,696,256 a------- c:windowssystem32gameux.dll

2010-11-06 03:29 28,672 a------- c:windowssystem32Apphlpdm.dll

2010-11-06 03:29 4,240,384 a------- c:windowssystem32GameUXLegacyGDFs.dll

2010-11-06 03:26 3,600,768 a------- c:windowssystem32ntkrnlpa.exe

2010-11-06 03:26 3,548,040 a------- c:windowssystem32ntoskrnl.exe

2010-11-06 03:18 1,130,824 a------- c:windowssystem32dfshim.dll

2010-11-06 03:18 297,808 a------- c:windowssystem32mscoree.dll

2010-11-06 03:18 295,264 a------- c:windowssystem32PresentationHost.exe

2010-11-06 03:18 99,176 a------- c:windowssystem32PresentationHostProxy.dll

2010-11-06 03:18 49,472 a------- c:windowssystem32netfxperf.dll

2010-11-06 03:12 304,128 a------- c:windowssystem32driverssrv.sys

2010-11-06 03:12 145,408 a------- c:windowssystem32driverssrv2.sys

2010-11-06 03:12 125,952 a------- c:windowssystem32srvsvc.dll

2010-11-06 03:12 102,400 a------- c:windowssystem32driverssrvnet.sys

2010-11-06 03:12 17,920 a------- c:windowssystem32netevent.dll

2010-11-06 03:10 502,272 a------- c:windowssystem32usp10.dll

2010-11-06 03:10 2,048 a------- c:windowssystem32tzres.dll

2010-11-06 03:06 274,944 a------- c:windowssystem32schannel.dll

2010-11-06 03:05 81,920 a------- c:windowssystem32iccvid.dll

2010-11-06 03:04 67,072 a------- c:windowssystem32asycfilt.dll

2010-11-06 03:03 905,088 a------- c:windowssystem32driverstcpip.sys

2010-11-06 03:02 1,316,864 a------- c:windowssystem32ole32.dll

2010-11-06 02:58 128,000 a------- c:windowssystem32spoolsv.exe

2010-11-06 02:58 157,184 a------- c:windowssystem32t2embed.dll

2010-11-06 02:56 317,952 a------- c:windowssystem32MP4SDECD.DLL

2010-11-06 02:56 289,792 a------- c:windowssystem32atmfd.dll

2010-11-06 02:56 34,304 a------- c:windowssystem32atmlib.dll

2010-11-06 02:56 954,752 a------- c:windowssystem32mfc40.dll

2010-11-06 02:56 954,288 a------- c:windowssystem32mfc40u.dll

2010-11-06 02:55 36,864 a------- c:windowssystem32rtutils.dll

2010-11-06 02:55 2,038,272 a------- c:windowssystem32win32k.sys

2010-11-06 02:55 231,424 a------- c:windowssystem32msshsq.dll

2010-11-06 02:54 867,328 a------- c:windowssystem32wmpmde.dll

2010-11-06 02:54 1,248,768 a------- c:windowssystem32msxml3.dll

2010-11-06 02:50 --d----- c:programdataWindowsSearch

2010-11-06 02:26 739,328 a------- c:windowssystem32inetcomm.dll

2010-11-06 02:18 531,968 a------- c:windowssystem32comctl32.dll

2010-11-06 02:06 --d-h--- c:programdataCommon Files

2010-11-06 02:06 --d-h--- c:progra~2Common Files

2010-11-06 01:58 --d----- c:programdataAVG10

2010-11-06 01:58 --d----- c:progra~2AVG10

2010-11-06 01:54 --d----- c:program filesAVG

2010-11-06 01:45 --d----- c:programdataMcAfee Security Scan

2010-11-06 01:45 --d----- c:progra~2McAfee Security Scan

2010-11-06 01:45 --d----- c:program filesMcAfee Security Scan

2010-11-06 01:36 --d----- c:programdataMFAData

2010-11-06 01:36 --d----- c:progra~2MFAData

2010-11-06 01:11 629 a------- c:windowssystem32mapisvc.inf

2010-11-06 00:54 --d----- c:program filesiPod

2010-11-06 00:53 --d----- c:programdata{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-11-06 00:53 --d----- c:progra~2{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-11-06 00:42 --d----- c:program filesBonjour

2010-11-06 00:01 --d----- c:program filesMicrosoft

2010-11-05 23:57 --d----- c:program filescommon filesWindows Live

2010-11-05 23:47 --d----- c:programdataOffice Genuine Advantage

2010-11-05 23:11 --d----- C:PerfLogs

2010-11-05 21:24 --d----- c:programdataSun

2010-11-05 21:22 472,808 a------- c:windowssystem32deployJava1.dll

2010-11-04 03:26 58,472 a------- c:windowssystem32driversRapportKELL.sys

2010-10-15 17:23 --d----- c:programdataMcAfee

2010-10-13 22:28 386,840 a------- c:windowssystem32driversmfehidk.sys

2010-10-13 22:28 95,600 a------- c:windowssystem32driversmfeapfk.sys



==================== Find3M ====================



2010-11-08 12:36 143,360 a------- c:windowsinfinfstrng.dat

2010-11-08 12:36 143,360 a------- c:windowsinfinfstor.dat

2010-11-08 12:36 86,016 a------- c:windowsinfinfpub.dat

2010-11-06 22:10 665,600 a------- c:windowsinfdrvindex.dat

2010-11-05 23:41 174 a--sh--- c:program filesdesktop.ini

2010-11-05 22:43 101,888 a------- c:windowssystem32ifxcardm.dll

2010-11-05 22:43 82,432 a------- c:windowssystem32axaltocm.dll

2010-10-19 11:41 222,080 -------- c:windowssystem32MpSigStub.exe

2010-09-28 19:42 137,704 a------- c:windowsHPHins15.dat

2010-09-23 00:47 49,016 a------- c:windowssystem32sirenacm.dll

2010-09-23 00:32 301,936 a------- c:windowsWLXPGSS.SCR

2010-09-08 06:01 916,480 a------- c:windowssystem32wininet.dll

2010-09-08 05:56 109,056 a------- c:windowssystem32iesysprep.dll

2010-09-08 04:26 133,632 a------- c:windowssystem32ieUnatt.exe

2010-08-26 16:33 173,056 a------- c:windowsapppatchAcXtrnal.dll

2010-08-26 16:33 2,159,616 a------- c:windowsapppatchAcGenral.dll

2010-08-26 16:33 542,720 a------- c:windowsapppatchAcLayers.dll

2010-08-26 16:33 458,752 a------- c:windowsapppatchAcSpecfc.dll

2006-11-02 12:42 287,440 a------- c:windowsinfperflib409perfi.dat

2006-11-02 12:42 287,440 a------- c:windowsinfperflib409perfh.dat

2006-11-02 12:42 30,674 a------- c:windowsinfperflib409perfd.dat

2006-11-02 12:42 30,674 a------- c:windowsinfperflib409perfc.dat

2006-11-02 09:20 287,440 a------- c:windowsinfperflib000perfi.dat

2006-11-02 09:20 287,440 a------- c:windowsinfperflib000perfh.dat

2006-11-02 09:20 30,674 a------- c:windowsinfperflib000perfd.dat

2006-11-02 09:20 30,674 a------- c:windowsinfperflib000perfc.dat

2008-01-19 07:33 397,312 a--sh--- c:windowswinsxsx86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fbWinMail.exe

2008-01-19 07:33 397,312 a--sh--- c:windowswinsxsx86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47WinMail.exe



============= FINISH: 20:48:35.44 ===============














Attached Files



Attach.txt (10.6 KB)


ark.txt.log (95.1 KB)
View complete forum thread


Related threads

Virus and Malware software cannot update.

As you can tell, my Anti-Virus protection, Malware removal, and other applications can not update like they are supposed to. This all started after my laptop was infected about a month ago. At first I was not able to execute any application, but thanks to some help from some forums I was finall

Virus and Malware software cannot update.

As you can tell, my Anti-Virus protection, Malware removal, and other applications can not update like they are supposed to. This all started after my laptop was infected about a month ago. At first I was not able to execute any application, but thanks to some help from some forums I was finall

Virus and Malware software cannot update.

As you can tell, my Anti-Virus protection, Malware removal, and other applications can not update like they are supposed to. This all started after my laptop was infected about a month ago. At first I was not able to execute any application, but thanks to some help from some forums I was finall

malware removal needed?

... the results which i dnt understand it, thought someone on the other thread said that my computer was infected to come to this thread and post my results from the scan. I may need a virus and malware removal. I downloaded avg already which messed my computer up. So I ...

Removed viruses and Malware, but something was missed

... souncards cuts out. this after removing 43 Bloodhound type viruses and Malware that invaded ... Component Host Service (McComponentHostService) - McAfee, Inc. - C:Program FilesMcAfee Security ... DocumentsDownloadsdds.scr ============== Pseudo HJT Report =============== uStart Page = about:blank ...

malware removal and new virus protection

... reboots seemingly at random. I tried to run a scan using the new virus program but the computer shuts down and reboots after ... number of files, then I tried running Windows Malware Removal Tool that also makes it ... reboot. I'm including the files in the error report, the error signature, and a logscan ...

Vista O/S MDM window popping up, virus needs removing

... .exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp ... .techguy.org/virus-other-malware-removal/943214-everyone-must-read ... service depends on the Redirected Buffering Sub Sysytem service which failed ... service depends on the Redirected Buffering Sub Sysytem service which failed ...

Pc virus and malware removed but pc very slow now

... he installed bitdefender and spybot. He ran both of these and found a few viruses and some spyware which he thinks he has removed, he also tried registry cleaning software from ... AHCG, TR/VIRTL.PORTSCA.2, HEUR/HTML.MALWARE AND FRONTRA. I dont know what else to tell you other than when I close the pc ...

Solved: Removing McAfee question

... Laptop, XP. She's had a ton of spyware, malware and a couple of viruses removed by SuperAnti Spyware. ... McAfee keeps spotting a suppose virus in HJT. In trying to remove McAfee, there is no uninstall ... explore and simply delete all things McAfee? any suggestions? Much appreciated friends! Mark

Virus and Malware Help-Part 1

... , my broter's computer hit by virus and malware. I ran HJ This and Kaspersky. Please help The Kaspersky report is too long, I attached with this thread. The follwing ... Program FilesCommon FilesLightScribeLSSrvc.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network ...

Virus problem and can't post in malware removal thread

... have been popping up, telling me I need to install this or that to get rid of the virus. I did restart my computer once, but its still here. It's also opening up explicit ... 12647 Thread Win32/nuqel.E. Let me know what else you need to know. When I go to Malware removal that same Window security ...

Unremovable virus or malware problem?

... suspicious, I`m afraid my primary PC has acquired a virus or malware related program. ... Symantec Antivirus and Malwarebytes Anti-Malware "stopped" working. When pressing ... , except when I want to scan: it says it cannot find my hard drives! Same problem with the McAfee antivirus scan via "The Ultimate ...

Minowal Virus Removal

... seeking help because I've been infected with the Sinowal trojan virus for about a week. I'm pretty sure it happened after I've opened ... forums.techguy.org/virus-other-malware-removal/990114-windows- ... SettingsÉricBureaudds.com . ============== Pseudo HJT Report =============== . uStart Page = hxxp:// ...

Suspect Virus & Strange Behaviour

... forget SFC ScannowAnti-Virus ToolsTechGuys Malware Removal Tools ... .exe O23 - Service: McAfee Personal Firewall Service ... exe -k imgsvc . ============== Pseudo HJT Report =============== . mSearchAssistant = hxxp://www. ... exe -c mRunOnce: [Malwarebytes' Anti-Malware] c:program filesmalwarebytes' anti ...

Problem with Internet Browsing After Malware Removal

... the instructions found on this guide (http://www.selectrealsecurity.com/malware-removal-guide) to ... malware had blocked access to McAfee's website and wouldn't allow McAfee Total Protection to ... (FYI - Firefox had problems with freezing up even before the virus attack; it seemed related to a recent Adobe ...

Virus/malware removal - Browser hijacked

... my dad's computer has been hijacked by some kind of trojan/virus. When clicking on a link on google, the ... .160.232. I then get the Firefox warning for an reported attack page and it blocks the ... GMER below. Also Avira AntiVir found the following Virus/Trojan, yet removing it didn't solve the issue: ...

Need Help with virus/malware removal

... of google searching, I think I have found that I have a virus or malware or something that has messed up a lot of things and I cannot get it removed. ... GorillaPrice, it says that I should download and use "Revo Uninstaller" to remove it, and other people responded saying they used this with success. ...

Anti-Virus/Anti-Malware for Small Business

... PCs/Notebooks that I need to have Anti-Virus/Anti-Malware protection for. We are currently using Norton ... , real-time anti-virus (and anti-malware?) protection, schedulable ... are to what I should look for/look at? I am considering Trend Micro, Kaspersky, McAfee, Norton, and MS Security Essentials or ...

Blue Screen Errors/ Poor Performance... HELP...no response since April 25th

... .techguy.org/virus-other-malware-removal/918955-threats- ... from Kespersky back to McAfee, and run multiple ad/malware removal programs. ... is a more recent copy of my HiJack this report. Thanks in advance! Logfile of Trend ... )Javajre6binjp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48- ...

Constant redirecting - access denied to malware removal programs - pop ups!!!!

... random pop ups all over. More troublesome than anything, whenever I try to access an anti malware/removal program as soon as i run it, the ... the scan was canceled but i never canceled it... When i tried to open it again it showed that my virus protection was turned off and when i tried to turn it back ...

Don't know if it virus or malware

... with an HP laptop, that I think is infected with either a virus or malware or something. Here are the is the System Information: OS Name Microsoft Windows XP Professional Version ... site that is related to Antivirus company, like: www.mcafee.com www.symantec.com I get a Google box saying: Oops ...

Nasty Virus or Malware

... desktop. The file name is 6j5aq93iu7yu4.cn I am unable to run any virus or malware scanners including her Mcafee. Also, when searching for tech sites ... - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947- ...

Tried every virus and spyware removal programs but still have infection

... and spyware removal program that ive looked up but it only finds viruses first time around. norton ... me. also, spybot finds Win32.Delf.uc but cannot remove and when i retry in safe mode ... security if down. can someone please help me sort this. heres a HiJackThis report Logfile of Trend Micro ...

Virus or Malware I think

... to fix a friends computer and it has either a virus or malware, this is what is happening. it loads windows but when you try to run internet ... run microsoft malacious tool remover it gives same error, same with xp sp2 update ... disk cleanup or let me go into windows add remove programs windows componets. ...