daisyklix22
2015-03-27, 02:24
I can't download the Farbar Recover scan tool my norton wont allow it.
But I get a corupt date and such when I look at window update. I know I'm not suppose to post till the others are done but I cant unti I fix this problem
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.11.2
Run by Owner at 8:29:07 on 2013-01-25
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.360 [GMT -10:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\PLFSetL.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\VideoWebCamera\VideoWebCamera.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\McAfee Security Scan\3.0.313\SSScheduler.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Works\WkCalRem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uWindow Title = Windows Internet Explorer provided by Yahoo!
uInternet Connection Wizard,ShellNext = iexplore
dURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.313\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20130123154053.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [PLFSetL] c:\windows\PLFSetL.exe
mRun: [snp2uvc] rundll32.exe c:\windows\system32\csnp2uvc.dll,ResetCIDS
mRun: [VideoWebCamera] "c:\program files\videowebcamera\VideoWebCamera.exe" -a
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [BYRUA_AGENT] c:\lgmobileupgrade\lgmobileax\byr_client\VZWUAAgent.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\jessic~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\jessic~1\startm~1\programs\startup\wkcalrem.lnk - c:\program files\microsoft works\WkCalRem.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.313\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265130899765
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356395917109
TCP: NameServer = 192.168.200.1
TCP: Interfaces\{6BC95130-B8AD-40E9-8B90-5855549F2802} : DHCPNameServer = 192.168.200.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
Hosts: 216.240.133.193 www.google.com (http://www.google.com)
Hosts: 178.17.165.3 www.google.com (http://www.google.com)
Hosts: 216.240.133.193 www.google.com.au (http://www.google.com.au)
Hosts: 178.17.165.3 www.google.com.au (http://www.google.com.au)
Hosts: 216.240.133.193 www.google.be (http://www.google.be)
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\Owner\application data\mozilla\firefox\profiles\2k4xgdyl.default-1359082705104\
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee security scan\3.0.313\npMcAfeeMSS.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\0\NP_wtapp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: 2013-01-24 09:32; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-01-24 09:36; {D19CA586-DD6C-4a0a-96F8-14644F340D60}; c:\program files\common files\mcafee\SystemCore
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-7-17 565416]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-11-29 20624]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2012-7-17 91200]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-12-31 203400]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-12-31 168880]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-12-31 171976]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-1-24 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-1-24 1369624]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-12-13 3290896]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-12-31 60480]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-7-27 38912]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-12-31 234824]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-12-31 362640]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2012-12-31 84464]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-1-24 168384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;"c:\program files\sierra wireless inc\common\swicarddetect.exe" --> c:\program files\sierra wireless inc\common\SwiCardDetect.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-7-27 1684736]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys --> c:\windows\system32\drivers\ew_hwusbdev.sys [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys --> c:\windows\system32\drivers\ewusbnet.sys [?]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-7-27 30192]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-12-31 146872]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.313\McCHSvc.exe [2012-10-26 234776]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-12-31 65488]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2012-12-31 84464]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-12-31 92192]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-7-27 162816]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 vzandnetdiag;LGE AndroidNet for VZW USB Serial Port;c:\windows\system32\drivers\lgvzandnetdiag.sys --> c:\windows\system32\drivers\lgvzandnetdiag.sys [?]
S3 vzandnetmodem;LGE AndroidNet for VZW USB Modem;c:\windows\system32\drivers\lgvzandnetmdm.sys --> c:\windows\system32\drivers\lgvzandnetmdm.sys [?]
S3 vzandnetndis;LGE AndroidNet for VZW NDIS Ethernet Adapter;c:\windows\system32\drivers\lgvzandnetndis.sys --> c:\windows\system32\drivers\lgvzandnetndis.sys [?]
.
=============== Created Last 30 ================
.
2013-01-25 03:15:38 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2013-01-25 03:15:04 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-01-25 03:14:42 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-01-24 01:40:47 33944 ----a-w- c:\program files\mozilla firefox\ScriptFF.dll
2013-01-18 20:32:33 -------- d-----w- C:\LGMobileUpgrade
2013-01-18 20:31:56 -------- d-----w- c:\program files\LG Electronics
2013-01-18 20:27:01 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-14 05:37:03 -------- d-----r- c:\program files\Skype
2013-01-11 02:47:19 -------- d-----w- c:\program files\iPod
2013-01-11 02:46:54 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-11 02:35:09 -------- d-----w- c:\program files\Bonjour
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2013-01-08 03:09:55 -------- d-----w- c:\program files\WildTangent Games
2013-01-04 17:52:49 -------- d-sh--w- c:\documents and settings\Owner\IECompatCache
2012-12-31 20:15:00 146872 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2012-12-31 20:04:05 84464 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2012-12-31 20:04:02 9648 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2012-12-31 20:03:50 92192 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2012-12-31 20:03:50 65488 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2012-12-31 20:03:50 60480 ----a-w- c:\windows\system32\drivers\cfwids.sys
2012-12-31 20:03:50 362640 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2012-12-31 20:03:50 234824 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2012-12-31 20:03:42 -------- d-----w- c:\program files\common files\Mcafee
2012-12-31 20:03:36 -------- d-----w- c:\program files\McAfee.com
2012-12-31 20:03:21 -------- d-----w- c:\program files\McAfee
2012-12-31 19:41:59 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-12-31 19:41:59 -------- d-----w- c:\windows\system32\wbem\Repository
2012-12-31 19:21:11 171976 ----a-w- c:\windows\system32\mfevtps.exe
2012-12-31 18:30:47 -------- d-----w- c:\documents and settings\all users\application data\Citrix
2012-12-31 18:04:06 -------- d-----w- c:\program files\Citrix
2012-12-31 18:03:39 -------- d-----w- c:\documents and settings\Owner\local settings\application data\Citrix
2012-12-31 18:03:34 103832 ----a-w- c:\documents and settings\Owner\GoToAssistDownloadHelper.exe
2012-12-31 17:59:03 -------- d-----w- c:\documents and settings\Owner\application data\McAfee
2012-12-27 03:39:45 -------- d-----w- c:\program files\BuzzSocialPoints_DNS_IE
2012-12-27 03:39:07 -------- d-----w- c:\windows\BuzzSocialPointsChecker
2012-12-27 03:39:04 -------- d-----w- c:\program files\BuzzSocialPointsIE_DNS
2012-12-27 03:39:02 -------- d-----w- c:\program files\BuzzSocialPoints_DNS
2012-12-27 03:32:58 -------- d-----w- c:\documents and settings\Owner\application data\SwvUpdater
.
==================== Find3M ====================
.
2013-01-09 04:17:46 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 04:17:46 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-26 20:08:44 91200 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2012-12-26 20:06:54 565416 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2012-12-26 20:04:34 132976 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2012-12-25 01:17:07 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-25 01:17:07 779704 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:01:39 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17:54 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec
2012-10-30 22:51:56 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys
.
============= FINISH: 8:30:52.92 ===============
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-25 08:30:51
-----------------------------
08:30:51.406 OS Version: Windows 5.1.2600 Service Pack 3
08:30:51.406 Number of processors: 2 586 0x1C02
08:30:51.406 ComputerName: SBHBSIX UserName:
08:30:53.218 Initialize success
08:35:11.812 AVAST engine defs: 13012500
08:35:16.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
08:35:16.609 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
08:35:16.750 Disk 0 MBR read successfully
08:35:16.765 Disk 0 MBR scan
08:35:16.890 Disk 0 Windows VISTA default MBR code
08:35:16.890 Disk 0 Partition 1 00 12 Compaq diag NTFS 10244 MB offset 63
08:35:16.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 142381 MB offset 20981760
08:35:17.015 Disk 0 scanning sectors +312578048
08:35:17.203 Disk 0 scanning C:\WINDOWS\system32\drivers
08:35:49.156 Service scanning
08:36:19.484 Modules scanning
08:36:27.062 Disk 0 trace - called modules:
08:36:27.125 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
08:36:27.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873709c0]
08:36:27.187 3 CLASSPNP.SYS[f78fdfd7] -> nt!IofCallDriver -> \Device\00000098[0x87336498]
08:36:27.203 5 ACPI.sys[f77f4620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x87353030]
08:36:28.687 AVAST engine scan C:\WINDOWS
08:36:39.593 AVAST engine scan C:\WINDOWS\system32
08:42:41.750 AVAST engine scan C:\WINDOWS\system32\drivers
08:43:03.500 AVAST engine scan C:\Documents and Settings\Owner
08:44:42.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
08:44:42.328 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-25 08:30:51
-----------------------------
08:30:51.406 OS Version: Windows 5.1.2600 Service Pack 3
08:30:51.406 Number of processors: 2 586 0x1C02
08:30:51.406 ComputerName: SBHBSIX UserName:
08:30:53.218 Initialize success
08:35:11.812 AVAST engine defs: 13012500
08:35:16.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
08:35:16.609 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
08:35:16.750 Disk 0 MBR read successfully
08:35:16.765 Disk 0 MBR scan
08:35:16.890 Disk 0 Windows VISTA default MBR code
08:35:16.890 Disk 0 Partition 1 00 12 Compaq diag NTFS 10244 MB offset 63
08:35:16.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 142381 MB offset 20981760
08:35:17.015 Disk 0 scanning sectors +312578048
08:35:17.203 Disk 0 scanning C:\WINDOWS\system32\drivers
08:35:49.156 Service scanning
08:36:19.484 Modules scanning
08:36:27.062 Disk 0 trace - called modules:
08:36:27.125 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
08:36:27.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873709c0]
08:36:27.187 3 CLASSPNP.SYS[f78fdfd7] -> nt!IofCallDriver -> \Device\00000098[0x87336498]
08:36:27.203 5 ACPI.sys[f77f4620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x87353030]
08:36:28.687 AVAST engine scan C:\WINDOWS
08:36:39.593 AVAST engine scan C:\WINDOWS\system32
08:42:41.750 AVAST engine scan C:\WINDOWS\system32\drivers
08:43:03.500 AVAST engine scan C:\Documents and Settings\Owner
08:44:42.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
08:44:42.328 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
08:58:19.781 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
08:58:19.859 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
But I get a corupt date and such when I look at window update. I know I'm not suppose to post till the others are done but I cant unti I fix this problem
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.11.2
Run by Owner at 8:29:07 on 2013-01-25
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.360 [GMT -10:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\PLFSetL.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\VideoWebCamera\VideoWebCamera.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\McAfee Security Scan\3.0.313\SSScheduler.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Works\WkCalRem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uWindow Title = Windows Internet Explorer provided by Yahoo!
uInternet Connection Wizard,ShellNext = iexplore
dURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.313\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20130123154053.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [PLFSetL] c:\windows\PLFSetL.exe
mRun: [snp2uvc] rundll32.exe c:\windows\system32\csnp2uvc.dll,ResetCIDS
mRun: [VideoWebCamera] "c:\program files\videowebcamera\VideoWebCamera.exe" -a
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [BYRUA_AGENT] c:\lgmobileupgrade\lgmobileax\byr_client\VZWUAAgent.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\jessic~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\jessic~1\startm~1\programs\startup\wkcalrem.lnk - c:\program files\microsoft works\WkCalRem.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.313\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265130899765
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356395917109
TCP: NameServer = 192.168.200.1
TCP: Interfaces\{6BC95130-B8AD-40E9-8B90-5855549F2802} : DHCPNameServer = 192.168.200.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
Hosts: 216.240.133.193 www.google.com (http://www.google.com)
Hosts: 178.17.165.3 www.google.com (http://www.google.com)
Hosts: 216.240.133.193 www.google.com.au (http://www.google.com.au)
Hosts: 178.17.165.3 www.google.com.au (http://www.google.com.au)
Hosts: 216.240.133.193 www.google.be (http://www.google.be)
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\Owner\application data\mozilla\firefox\profiles\2k4xgdyl.default-1359082705104\
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee security scan\3.0.313\npMcAfeeMSS.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\0\NP_wtapp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: 2013-01-24 09:32; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-01-24 09:36; {D19CA586-DD6C-4a0a-96F8-14644F340D60}; c:\program files\common files\mcafee\SystemCore
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-7-17 565416]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-11-29 20624]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2012-7-17 91200]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-12-31 167784]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-12-31 203400]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-12-31 168880]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-12-31 171976]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-1-24 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-1-24 1369624]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-12-13 3290896]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-12-31 60480]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-7-27 38912]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-12-31 234824]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-12-31 362640]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2012-12-31 84464]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-1-24 168384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;"c:\program files\sierra wireless inc\common\swicarddetect.exe" --> c:\program files\sierra wireless inc\common\SwiCardDetect.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-7-27 1684736]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys --> c:\windows\system32\drivers\ew_hwusbdev.sys [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys --> c:\windows\system32\drivers\ewusbnet.sys [?]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-7-27 30192]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-12-31 146872]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.313\McCHSvc.exe [2012-10-26 234776]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-12-31 65488]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2012-12-31 84464]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-12-31 92192]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-7-27 162816]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 vzandnetdiag;LGE AndroidNet for VZW USB Serial Port;c:\windows\system32\drivers\lgvzandnetdiag.sys --> c:\windows\system32\drivers\lgvzandnetdiag.sys [?]
S3 vzandnetmodem;LGE AndroidNet for VZW USB Modem;c:\windows\system32\drivers\lgvzandnetmdm.sys --> c:\windows\system32\drivers\lgvzandnetmdm.sys [?]
S3 vzandnetndis;LGE AndroidNet for VZW NDIS Ethernet Adapter;c:\windows\system32\drivers\lgvzandnetndis.sys --> c:\windows\system32\drivers\lgvzandnetndis.sys [?]
.
=============== Created Last 30 ================
.
2013-01-25 03:15:38 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2013-01-25 03:15:04 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-01-25 03:14:42 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-01-24 01:40:47 33944 ----a-w- c:\program files\mozilla firefox\ScriptFF.dll
2013-01-18 20:32:33 -------- d-----w- C:\LGMobileUpgrade
2013-01-18 20:31:56 -------- d-----w- c:\program files\LG Electronics
2013-01-18 20:27:01 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-14 05:37:03 -------- d-----r- c:\program files\Skype
2013-01-11 02:47:19 -------- d-----w- c:\program files\iPod
2013-01-11 02:46:54 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-11 02:35:09 -------- d-----w- c:\program files\Bonjour
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2013-01-11 02:28:50 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2013-01-08 03:09:55 -------- d-----w- c:\program files\WildTangent Games
2013-01-04 17:52:49 -------- d-sh--w- c:\documents and settings\Owner\IECompatCache
2012-12-31 20:15:00 146872 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2012-12-31 20:04:05 84464 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2012-12-31 20:04:02 9648 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2012-12-31 20:03:50 92192 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2012-12-31 20:03:50 65488 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2012-12-31 20:03:50 60480 ----a-w- c:\windows\system32\drivers\cfwids.sys
2012-12-31 20:03:50 362640 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2012-12-31 20:03:50 234824 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2012-12-31 20:03:42 -------- d-----w- c:\program files\common files\Mcafee
2012-12-31 20:03:36 -------- d-----w- c:\program files\McAfee.com
2012-12-31 20:03:21 -------- d-----w- c:\program files\McAfee
2012-12-31 19:41:59 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-12-31 19:41:59 -------- d-----w- c:\windows\system32\wbem\Repository
2012-12-31 19:21:11 171976 ----a-w- c:\windows\system32\mfevtps.exe
2012-12-31 18:30:47 -------- d-----w- c:\documents and settings\all users\application data\Citrix
2012-12-31 18:04:06 -------- d-----w- c:\program files\Citrix
2012-12-31 18:03:39 -------- d-----w- c:\documents and settings\Owner\local settings\application data\Citrix
2012-12-31 18:03:34 103832 ----a-w- c:\documents and settings\Owner\GoToAssistDownloadHelper.exe
2012-12-31 17:59:03 -------- d-----w- c:\documents and settings\Owner\application data\McAfee
2012-12-27 03:39:45 -------- d-----w- c:\program files\BuzzSocialPoints_DNS_IE
2012-12-27 03:39:07 -------- d-----w- c:\windows\BuzzSocialPointsChecker
2012-12-27 03:39:04 -------- d-----w- c:\program files\BuzzSocialPointsIE_DNS
2012-12-27 03:39:02 -------- d-----w- c:\program files\BuzzSocialPoints_DNS
2012-12-27 03:32:58 -------- d-----w- c:\documents and settings\Owner\application data\SwvUpdater
.
==================== Find3M ====================
.
2013-01-09 04:17:46 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 04:17:46 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-26 20:08:44 91200 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2012-12-26 20:06:54 565416 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2012-12-26 20:04:34 132976 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2012-12-25 01:17:07 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-25 01:17:07 779704 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:01:39 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17:54 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec
2012-10-30 22:51:56 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys
.
============= FINISH: 8:30:52.92 ===============
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-25 08:30:51
-----------------------------
08:30:51.406 OS Version: Windows 5.1.2600 Service Pack 3
08:30:51.406 Number of processors: 2 586 0x1C02
08:30:51.406 ComputerName: SBHBSIX UserName:
08:30:53.218 Initialize success
08:35:11.812 AVAST engine defs: 13012500
08:35:16.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
08:35:16.609 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
08:35:16.750 Disk 0 MBR read successfully
08:35:16.765 Disk 0 MBR scan
08:35:16.890 Disk 0 Windows VISTA default MBR code
08:35:16.890 Disk 0 Partition 1 00 12 Compaq diag NTFS 10244 MB offset 63
08:35:16.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 142381 MB offset 20981760
08:35:17.015 Disk 0 scanning sectors +312578048
08:35:17.203 Disk 0 scanning C:\WINDOWS\system32\drivers
08:35:49.156 Service scanning
08:36:19.484 Modules scanning
08:36:27.062 Disk 0 trace - called modules:
08:36:27.125 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
08:36:27.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873709c0]
08:36:27.187 3 CLASSPNP.SYS[f78fdfd7] -> nt!IofCallDriver -> \Device\00000098[0x87336498]
08:36:27.203 5 ACPI.sys[f77f4620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x87353030]
08:36:28.687 AVAST engine scan C:\WINDOWS
08:36:39.593 AVAST engine scan C:\WINDOWS\system32
08:42:41.750 AVAST engine scan C:\WINDOWS\system32\drivers
08:43:03.500 AVAST engine scan C:\Documents and Settings\Owner
08:44:42.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
08:44:42.328 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-25 08:30:51
-----------------------------
08:30:51.406 OS Version: Windows 5.1.2600 Service Pack 3
08:30:51.406 Number of processors: 2 586 0x1C02
08:30:51.406 ComputerName: SBHBSIX UserName:
08:30:53.218 Initialize success
08:35:11.812 AVAST engine defs: 13012500
08:35:16.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
08:35:16.609 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
08:35:16.750 Disk 0 MBR read successfully
08:35:16.765 Disk 0 MBR scan
08:35:16.890 Disk 0 Windows VISTA default MBR code
08:35:16.890 Disk 0 Partition 1 00 12 Compaq diag NTFS 10244 MB offset 63
08:35:16.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 142381 MB offset 20981760
08:35:17.015 Disk 0 scanning sectors +312578048
08:35:17.203 Disk 0 scanning C:\WINDOWS\system32\drivers
08:35:49.156 Service scanning
08:36:19.484 Modules scanning
08:36:27.062 Disk 0 trace - called modules:
08:36:27.125 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
08:36:27.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873709c0]
08:36:27.187 3 CLASSPNP.SYS[f78fdfd7] -> nt!IofCallDriver -> \Device\00000098[0x87336498]
08:36:27.203 5 ACPI.sys[f77f4620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x87353030]
08:36:28.687 AVAST engine scan C:\WINDOWS
08:36:39.593 AVAST engine scan C:\WINDOWS\system32
08:42:41.750 AVAST engine scan C:\WINDOWS\system32\drivers
08:43:03.500 AVAST engine scan C:\Documents and Settings\Owner
08:44:42.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
08:44:42.328 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
08:58:19.781 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
08:58:19.859 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"