daisyklix22
2013-01-25, 21:45
cant search internet with out going to google romainia can only use yahoo search engine on good days.
Cant use erunt from your link but downloaded it from softtonic downloader but i dont know how to run it. put it in zip file dont know where to go from here.
i have mcafee so if this needs to change i will gladly do so.
posting i think again did not see original post sorry if this is twice
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.11.2
Run by Jessica Burt at 8:29:07 on 2013-01-25
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.360 [GMT -10:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\PLFSetL.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\VideoWebCamera\VideoWebCamera.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\McAfee Security Scan\3.0.313\SSScheduler.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Works\WkCalRem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uWindow Title = Windows Internet Explorer provided by Yahoo!
uInternet Connection Wizard,ShellNext = iexplore
dURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.313\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20130123154053.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [PLFSetL] c:\windows\PLFSetL.exe
mRun: [snp2uvc] rundll32.exe c:\windows\system32\csnp2uvc.dll,ResetCIDS
mRun: [VideoWebCamera] "c:\program files\videowebcamera\VideoWebCamera.exe" -a
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [BYRUA_AGENT] c:\lgmobileupgrade\lgmobileax\byr_client\VZWUAAgent.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\jessic~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\jessic~1\startm~1\programs\startup\wkcalrem.lnk - c:\program files\microsoft works\WkCalRem.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.313\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265130899765
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356395917109
TCP: NameServer = 192.168.200.1
TCP: Interfaces\{6BC95130-B8AD-40E9-8B90-5855549F2802} : DHCPNameServer = 192.168.200.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
Hosts: 216.240.133.193 www.google.com
Hosts: 178.17.165.3 www.google.com
Hosts: 216.240.133.193 www.google.com.au
Hosts: 178.17.165.3 www.google.com.au
Hosts: 216.240.133.193 www.google.be
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jessica burt\application data\mozilla\firefox\profiles\2k4xgdyl.default-1359082705104\
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee security scan\3.0.313\npMcAfeeMSS.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\0\NP_wtapp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: 2013-01-24 09:32; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-01-24 09:36; {D19CA586-DD6C-4a0a-96F8-14644F340D60}; c:\program files\common files\mcafee\SystemCore
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-7-17 565416]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-11-29 20624]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2012-7-17 91200]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-12-31 203400]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-12-31 168880]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-12-31 171976]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-1-24 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-1-24 1369624]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-12-13 3290896]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-12-31 60480]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-7-27 38912]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-12-31 234824]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-12-31 362640]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2012-12-31 84464]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-1-24 168384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;"c:\program files\sierra wireless inc\common\swicarddetect.exe" --> c:\program files\sierra wireless inc\common\SwiCardDetect.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-7-27 1684736]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys --> c:\windows\system32\drivers\ew_hwusbdev.sys [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys --> c:\windows\system32\drivers\ewusbnet.sys [?]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-7-27 30192]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-12-31 146872]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.313\McCHSvc.exe [2012-10-26 234776]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-12-31 65488]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2012-12-31 84464]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-12-31 92192]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-7-27 162816]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 vzandnetdiag;LGE AndroidNet for VZW USB Serial Port;c:\windows\system32\drivers\lgvzandnetdiag.sys --> c:\windows\system32\drivers\lgvzandnetdiag.sys [?]
S3 vzandnetmodem;LGE AndroidNet for VZW USB Modem;c:\windows\system32\drivers\lgvzandnetmdm.sys --> c:\windows\system32\drivers\lgvzandnetmdm.sys [?]
S3 vzandnetndis;LGE AndroidNet for VZW NDIS Ethernet Adapter;c:\windows\system32\drivers\lgvzandnetndis.sys --> c:\windows\system32\drivers\lgvzandnetndis.sys [?]
.
=============== Created Last 30 ================
.
2013-01-25 03:15:38 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2013-01-25 03:15:04 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-01-25 03:14:42 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-01-24 01:40:47 33944 ----a-w- c:\program files\mozilla firefox\ScriptFF.dll
2013-01-18 20:32:33 -------- d-----w- C:\LGMobileUpgrade
2013-01-18 20:31:56 -------- d-----w- c:\program files\LG Electronics
2013-01-18 20:27:01 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-14 05:37:03 -------- d-----r- c:\program files\Skype
2013-01-11 02:47:19 -------- d-----w- c:\program files\iPod
2013-01-11 02:46:54 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-11 02:35:09 -------- d-----w- c:\program files\Bonjour
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2013-01-08 03:09:55 -------- d-----w- c:\program files\WildTangent Games
2013-01-04 17:52:49 -------- d-sh--w- c:\documents and settings\jessica burt\IECompatCache
2012-12-31 20:15:00 146872 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2012-12-31 20:04:05 84464 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2012-12-31 20:04:02 9648 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2012-12-31 20:03:50 92192 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2012-12-31 20:03:50 65488 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2012-12-31 20:03:50 60480 ----a-w- c:\windows\system32\drivers\cfwids.sys
2012-12-31 20:03:50 362640 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2012-12-31 20:03:50 234824 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2012-12-31 20:03:42 -------- d-----w- c:\program files\common files\Mcafee
2012-12-31 20:03:36 -------- d-----w- c:\program files\McAfee.com
2012-12-31 20:03:21 -------- d-----w- c:\program files\McAfee
2012-12-31 19:41:59 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-12-31 19:41:59 -------- d-----w- c:\windows\system32\wbem\Repository
2012-12-31 19:21:11 171976 ----a-w- c:\windows\system32\mfevtps.exe
2012-12-31 18:30:47 -------- d-----w- c:\documents and settings\all users\application data\Citrix
2012-12-31 18:04:06 -------- d-----w- c:\program files\Citrix
2012-12-31 18:03:39 -------- d-----w- c:\documents and settings\jessica burt\local settings\application data\Citrix
2012-12-31 18:03:34 103832 ----a-w- c:\documents and settings\jessica burt\GoToAssistDownloadHelper.exe
2012-12-31 17:59:03 -------- d-----w- c:\documents and settings\jessica burt\application data\McAfee
2012-12-27 03:39:45 -------- d-----w- c:\program files\BuzzSocialPoints_DNS_IE
2012-12-27 03:39:07 -------- d-----w- c:\windows\BuzzSocialPointsChecker
2012-12-27 03:39:04 -------- d-----w- c:\program files\BuzzSocialPointsIE_DNS
2012-12-27 03:39:02 -------- d-----w- c:\program files\BuzzSocialPoints_DNS
2012-12-27 03:32:58 -------- d-----w- c:\documents and settings\jessica burt\application data\SwvUpdater
.
==================== Find3M ====================
.
2013-01-09 04:17:46 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 04:17:46 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-26 20:08:44 91200 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2012-12-26 20:06:54 565416 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2012-12-26 20:04:34 132976 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2012-12-25 01:17:07 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-25 01:17:07 779704 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:01:39 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17:54 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec
2012-10-30 22:51:56 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys
.
============= FINISH: 8:30:52.92 ===============
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-25 08:30:51
-----------------------------
08:30:51.406 OS Version: Windows 5.1.2600 Service Pack 3
08:30:51.406 Number of processors: 2 586 0x1C02
08:30:51.406 ComputerName: SBHBSIX UserName:
08:30:53.218 Initialize success
08:35:11.812 AVAST engine defs: 13012500
08:35:16.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
08:35:16.609 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
08:35:16.750 Disk 0 MBR read successfully
08:35:16.765 Disk 0 MBR scan
08:35:16.890 Disk 0 Windows VISTA default MBR code
08:35:16.890 Disk 0 Partition 1 00 12 Compaq diag NTFS 10244 MB offset 63
08:35:16.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 142381 MB offset 20981760
08:35:17.015 Disk 0 scanning sectors +312578048
08:35:17.203 Disk 0 scanning C:\WINDOWS\system32\drivers
08:35:49.156 Service scanning
08:36:19.484 Modules scanning
08:36:27.062 Disk 0 trace - called modules:
08:36:27.125 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
08:36:27.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873709c0]
08:36:27.187 3 CLASSPNP.SYS[f78fdfd7] -> nt!IofCallDriver -> \Device\00000098[0x87336498]
08:36:27.203 5 ACPI.sys[f77f4620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x87353030]
08:36:28.687 AVAST engine scan C:\WINDOWS
08:36:39.593 AVAST engine scan C:\WINDOWS\system32
08:42:41.750 AVAST engine scan C:\WINDOWS\system32\drivers
08:43:03.500 AVAST engine scan C:\Documents and Settings\Jessica Burt
08:44:42.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\MBR.dat"
08:44:42.328 The log file has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-25 08:30:51
-----------------------------
08:30:51.406 OS Version: Windows 5.1.2600 Service Pack 3
08:30:51.406 Number of processors: 2 586 0x1C02
08:30:51.406 ComputerName: SBHBSIX UserName:
08:30:53.218 Initialize success
08:35:11.812 AVAST engine defs: 13012500
08:35:16.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
08:35:16.609 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
08:35:16.750 Disk 0 MBR read successfully
08:35:16.765 Disk 0 MBR scan
08:35:16.890 Disk 0 Windows VISTA default MBR code
08:35:16.890 Disk 0 Partition 1 00 12 Compaq diag NTFS 10244 MB offset 63
08:35:16.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 142381 MB offset 20981760
08:35:17.015 Disk 0 scanning sectors +312578048
08:35:17.203 Disk 0 scanning C:\WINDOWS\system32\drivers
08:35:49.156 Service scanning
08:36:19.484 Modules scanning
08:36:27.062 Disk 0 trace - called modules:
08:36:27.125 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
08:36:27.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873709c0]
08:36:27.187 3 CLASSPNP.SYS[f78fdfd7] -> nt!IofCallDriver -> \Device\00000098[0x87336498]
08:36:27.203 5 ACPI.sys[f77f4620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x87353030]
08:36:28.687 AVAST engine scan C:\WINDOWS
08:36:39.593 AVAST engine scan C:\WINDOWS\system32
08:42:41.750 AVAST engine scan C:\WINDOWS\system32\drivers
08:43:03.500 AVAST engine scan C:\Documents and Settings\Jessica Burt
08:44:42.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\MBR.dat"
08:44:42.328 The log file has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\aswMBR.txt"
08:58:19.781 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\MBR.dat"
08:58:19.859 The log file has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\aswMBR.txt"
Cant use erunt from your link but downloaded it from softtonic downloader but i dont know how to run it. put it in zip file dont know where to go from here.
i have mcafee so if this needs to change i will gladly do so.
posting i think again did not see original post sorry if this is twice
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.11.2
Run by Jessica Burt at 8:29:07 on 2013-01-25
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.360 [GMT -10:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\PLFSetL.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\VideoWebCamera\VideoWebCamera.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\McAfee Security Scan\3.0.313\SSScheduler.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Works\WkCalRem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uWindow Title = Windows Internet Explorer provided by Yahoo!
uInternet Connection Wizard,ShellNext = iexplore
dURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.313\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20130123154053.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [PLFSetL] c:\windows\PLFSetL.exe
mRun: [snp2uvc] rundll32.exe c:\windows\system32\csnp2uvc.dll,ResetCIDS
mRun: [VideoWebCamera] "c:\program files\videowebcamera\VideoWebCamera.exe" -a
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [BYRUA_AGENT] c:\lgmobileupgrade\lgmobileax\byr_client\VZWUAAgent.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\jessic~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\jessic~1\startm~1\programs\startup\wkcalrem.lnk - c:\program files\microsoft works\WkCalRem.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.313\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265130899765
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356395917109
TCP: NameServer = 192.168.200.1
TCP: Interfaces\{6BC95130-B8AD-40E9-8B90-5855549F2802} : DHCPNameServer = 192.168.200.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
Hosts: 216.240.133.193 www.google.com
Hosts: 178.17.165.3 www.google.com
Hosts: 216.240.133.193 www.google.com.au
Hosts: 178.17.165.3 www.google.com.au
Hosts: 216.240.133.193 www.google.be
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jessica burt\application data\mozilla\firefox\profiles\2k4xgdyl.default-1359082705104\
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee security scan\3.0.313\npMcAfeeMSS.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\0\NP_wtapp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: 2013-01-24 09:32; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-01-24 09:36; {D19CA586-DD6C-4a0a-96F8-14644F340D60}; c:\program files\common files\mcafee\SystemCore
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-7-17 565416]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-11-29 20624]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2012-7-17 91200]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-12-31 203400]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-12-31 168880]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-12-31 171976]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-1-24 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-1-24 1369624]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-12-13 3290896]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-12-31 60480]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-7-27 38912]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-12-31 234824]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-12-31 362640]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2012-12-31 84464]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-1-24 168384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;"c:\program files\sierra wireless inc\common\swicarddetect.exe" --> c:\program files\sierra wireless inc\common\SwiCardDetect.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-7-27 1684736]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys --> c:\windows\system32\drivers\ew_hwusbdev.sys [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys --> c:\windows\system32\drivers\ewusbnet.sys [?]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-7-27 30192]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-12-31 146872]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.313\McCHSvc.exe [2012-10-26 234776]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-12-31 65488]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2012-12-31 84464]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-12-31 92192]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-7-27 162816]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 vzandnetdiag;LGE AndroidNet for VZW USB Serial Port;c:\windows\system32\drivers\lgvzandnetdiag.sys --> c:\windows\system32\drivers\lgvzandnetdiag.sys [?]
S3 vzandnetmodem;LGE AndroidNet for VZW USB Modem;c:\windows\system32\drivers\lgvzandnetmdm.sys --> c:\windows\system32\drivers\lgvzandnetmdm.sys [?]
S3 vzandnetndis;LGE AndroidNet for VZW NDIS Ethernet Adapter;c:\windows\system32\drivers\lgvzandnetndis.sys --> c:\windows\system32\drivers\lgvzandnetndis.sys [?]
.
=============== Created Last 30 ================
.
2013-01-25 03:15:38 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2013-01-25 03:15:04 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-01-25 03:14:42 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-01-24 01:40:47 33944 ----a-w- c:\program files\mozilla firefox\ScriptFF.dll
2013-01-18 20:32:33 -------- d-----w- C:\LGMobileUpgrade
2013-01-18 20:31:56 -------- d-----w- c:\program files\LG Electronics
2013-01-18 20:27:01 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-14 05:37:03 -------- d-----r- c:\program files\Skype
2013-01-11 02:47:19 -------- d-----w- c:\program files\iPod
2013-01-11 02:46:54 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-11 02:35:09 -------- d-----w- c:\program files\Bonjour
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2013-01-08 03:09:55 -------- d-----w- c:\program files\WildTangent Games
2013-01-04 17:52:49 -------- d-sh--w- c:\documents and settings\jessica burt\IECompatCache
2012-12-31 20:15:00 146872 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2012-12-31 20:04:05 84464 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2012-12-31 20:04:02 9648 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2012-12-31 20:03:50 92192 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2012-12-31 20:03:50 65488 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2012-12-31 20:03:50 60480 ----a-w- c:\windows\system32\drivers\cfwids.sys
2012-12-31 20:03:50 362640 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2012-12-31 20:03:50 234824 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2012-12-31 20:03:42 -------- d-----w- c:\program files\common files\Mcafee
2012-12-31 20:03:36 -------- d-----w- c:\program files\McAfee.com
2012-12-31 20:03:21 -------- d-----w- c:\program files\McAfee
2012-12-31 19:41:59 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-12-31 19:41:59 -------- d-----w- c:\windows\system32\wbem\Repository
2012-12-31 19:21:11 171976 ----a-w- c:\windows\system32\mfevtps.exe
2012-12-31 18:30:47 -------- d-----w- c:\documents and settings\all users\application data\Citrix
2012-12-31 18:04:06 -------- d-----w- c:\program files\Citrix
2012-12-31 18:03:39 -------- d-----w- c:\documents and settings\jessica burt\local settings\application data\Citrix
2012-12-31 18:03:34 103832 ----a-w- c:\documents and settings\jessica burt\GoToAssistDownloadHelper.exe
2012-12-31 17:59:03 -------- d-----w- c:\documents and settings\jessica burt\application data\McAfee
2012-12-27 03:39:45 -------- d-----w- c:\program files\BuzzSocialPoints_DNS_IE
2012-12-27 03:39:07 -------- d-----w- c:\windows\BuzzSocialPointsChecker
2012-12-27 03:39:04 -------- d-----w- c:\program files\BuzzSocialPointsIE_DNS
2012-12-27 03:39:02 -------- d-----w- c:\program files\BuzzSocialPoints_DNS
2012-12-27 03:32:58 -------- d-----w- c:\documents and settings\jessica burt\application data\SwvUpdater
.
==================== Find3M ====================
.
2013-01-09 04:17:46 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 04:17:46 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-26 20:08:44 91200 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2012-12-26 20:06:54 565416 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2012-12-26 20:04:34 132976 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2012-12-25 01:17:07 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-25 01:17:07 779704 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:01:39 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17:54 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec
2012-10-30 22:51:56 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys
.
============= FINISH: 8:30:52.92 ===============
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-25 08:30:51
-----------------------------
08:30:51.406 OS Version: Windows 5.1.2600 Service Pack 3
08:30:51.406 Number of processors: 2 586 0x1C02
08:30:51.406 ComputerName: SBHBSIX UserName:
08:30:53.218 Initialize success
08:35:11.812 AVAST engine defs: 13012500
08:35:16.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
08:35:16.609 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
08:35:16.750 Disk 0 MBR read successfully
08:35:16.765 Disk 0 MBR scan
08:35:16.890 Disk 0 Windows VISTA default MBR code
08:35:16.890 Disk 0 Partition 1 00 12 Compaq diag NTFS 10244 MB offset 63
08:35:16.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 142381 MB offset 20981760
08:35:17.015 Disk 0 scanning sectors +312578048
08:35:17.203 Disk 0 scanning C:\WINDOWS\system32\drivers
08:35:49.156 Service scanning
08:36:19.484 Modules scanning
08:36:27.062 Disk 0 trace - called modules:
08:36:27.125 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
08:36:27.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873709c0]
08:36:27.187 3 CLASSPNP.SYS[f78fdfd7] -> nt!IofCallDriver -> \Device\00000098[0x87336498]
08:36:27.203 5 ACPI.sys[f77f4620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x87353030]
08:36:28.687 AVAST engine scan C:\WINDOWS
08:36:39.593 AVAST engine scan C:\WINDOWS\system32
08:42:41.750 AVAST engine scan C:\WINDOWS\system32\drivers
08:43:03.500 AVAST engine scan C:\Documents and Settings\Jessica Burt
08:44:42.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\MBR.dat"
08:44:42.328 The log file has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-25 08:30:51
-----------------------------
08:30:51.406 OS Version: Windows 5.1.2600 Service Pack 3
08:30:51.406 Number of processors: 2 586 0x1C02
08:30:51.406 ComputerName: SBHBSIX UserName:
08:30:53.218 Initialize success
08:35:11.812 AVAST engine defs: 13012500
08:35:16.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
08:35:16.609 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
08:35:16.750 Disk 0 MBR read successfully
08:35:16.765 Disk 0 MBR scan
08:35:16.890 Disk 0 Windows VISTA default MBR code
08:35:16.890 Disk 0 Partition 1 00 12 Compaq diag NTFS 10244 MB offset 63
08:35:16.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 142381 MB offset 20981760
08:35:17.015 Disk 0 scanning sectors +312578048
08:35:17.203 Disk 0 scanning C:\WINDOWS\system32\drivers
08:35:49.156 Service scanning
08:36:19.484 Modules scanning
08:36:27.062 Disk 0 trace - called modules:
08:36:27.125 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
08:36:27.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873709c0]
08:36:27.187 3 CLASSPNP.SYS[f78fdfd7] -> nt!IofCallDriver -> \Device\00000098[0x87336498]
08:36:27.203 5 ACPI.sys[f77f4620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x87353030]
08:36:28.687 AVAST engine scan C:\WINDOWS
08:36:39.593 AVAST engine scan C:\WINDOWS\system32
08:42:41.750 AVAST engine scan C:\WINDOWS\system32\drivers
08:43:03.500 AVAST engine scan C:\Documents and Settings\Jessica Burt
08:44:42.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\MBR.dat"
08:44:42.328 The log file has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\aswMBR.txt"
08:58:19.781 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\MBR.dat"
08:58:19.859 The log file has been saved successfully to "C:\Documents and Settings\Jessica Burt\Desktop\aswMBR.txt"