Hi Blade,
The computer is functioning perfectly (to my eyes) and I am posting my reply from that computer. Have no had any issued of McAfee or the McAfee Firewall shutting down for the last couple hours.
Here are the logs requested:
ESET
---------------------------
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
This one seems kind of short compared to some of the other ESET logs I reviewed from other posts but it is what it is.
---------------------------
DDS
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.2.0
Run by Mike at 14:06:02 on 2011-12-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4056.2786 [GMT -8:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\lxducoms.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dell Support Center\gs_agent\dsc.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.capolicepistol.org/
uInternet Settings,ProxyOverride = *.local
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111222180200.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Lexmark 5600-6600 Series] "C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe" /s
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe"
mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\Mike\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\Mike\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Mike\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{610A862D-B56E-4F3B-B0E0-74578CE5B325} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{610A862D-B56E-4F3B-B0E0-74578CE5B325}\4516E67616370284F6D65602E4564777F627B6 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{610A862D-B56E-4F3B-B0E0-74578CE5B325}\4516E676163702E4564777F627B6 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{610A862D-B56E-4F3B-B0E0-74578CE5B325}\74C6F62616C6355796475675962756C6563737 : DhcpNameServer = 4.2.2.1
TCP: Interfaces\{610A862D-B56E-4F3B-B0E0-74578CE5B325}\C45656026416D696C69702E4564777F627B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{610A862D-B56E-4F3B-B0E0-74578CE5B325}\D4970286F6D65602E6564777F627B6 : DhcpNameServer = 192.168.2.1 209.18.47.61 209.18.47.62
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111222180200.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [Lexmark 5600-6600 Series] "C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe" /s
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe"
mRun-x64: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ob5m0ped.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.capolicepistol.org/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AbsoluteNotifier;Absolute Notifier;C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-8 10408]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2010-6-22 89600]
R2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2010-12-18 181760]
R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2010-12-18 55296]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 lxdu_device;lxdu_device;C:\Windows\system32\lxducoms.exe -service --> C:\Windows\system32\lxducoms.exe -service [?]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-12-12 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-12-12 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-12-12 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-12-12 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-8-12 87040]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-12-21 1153368]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-12-19 1692480]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 sxuptp;SXUPTP Driver;C:\Windows\system32\DRIVERS\sxuptp.sys --> C:\Windows\system32\DRIVERS\sxuptp.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-4 136176]
S2 lxduCATSCustConnectService;lxduCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxduserv.exe [2008-5-23 29184]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-12-12 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-12-12 249936]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-4 136176]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]
S3 HtcUsbMdmV64;HTC Proprietary USB Driver;C:\Windows\system32\DRIVERS\HtcUsbMdmV64.sys --> C:\Windows\system32\DRIVERS\HtcUsbMdmV64.sys [?]
S3 HtcVCom32;HTC Diagnostic Port;C:\Windows\system32\DRIVERS\HtcVComV64.sys --> C:\Windows\system32\DRIVERS\HtcVComV64.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-12-23 20:43:41 -------- d-----w- C:\Program Files (x86)\ESET
2011-12-23 20:41:17 637848 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2011-12-23 19:45:19 -------- d-sh--w- C:\$RECYCLE.BIN
2011-12-23 07:19:27 98816 ----a-w- C:\Windows\sed.exe
2011-12-23 07:19:27 518144 ----a-w- C:\Windows\SWREG.exe
2011-12-23 07:19:27 256000 ----a-w- C:\Windows\PEV.exe
2011-12-23 07:19:27 208896 ----a-w- C:\Windows\MBR.exe
2011-12-23 02:13:27 2315776 ----a-w- C:\Windows\System32\tquery.dll
2011-12-23 02:11:40 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-12-23 02:11:40 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-12-23 02:11:39 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-12-23 02:11:39 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-12-23 02:11:39 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-12-23 02:11:39 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-12-23 02:11:38 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-12-23 02:11:36 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-12-23 02:10:39 2565632 ----a-w- C:\Windows\System32\esent.dll
2011-12-23 02:10:38 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-12-23 02:10:38 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-12-23 02:10:38 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-12-23 02:10:38 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2011-12-23 02:10:38 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-12-23 02:10:37 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-12-23 02:10:37 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-12-23 02:10:37 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-12-23 02:10:36 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-12-23 02:10:36 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-12-23 01:22:47 -------- d-----w- C:\Windows\System32\SPReview
2011-12-23 01:21:26 -------- d-----w- C:\Windows\System32\EventProviders
2011-12-21 21:18:00 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-12-14 20:01:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-14 04:22:07 28760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll
2011-12-14 03:30:09 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-14 03:29:41 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-14 03:29:40 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-14 03:29:39 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-14 03:29:25 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-14 03:29:25 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-13 06:41:35 -------- d-----w- C:\Program Files (x86)\McAfee.com
2011-12-13 06:41:22 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2011-12-13 06:41:22 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2011-12-13 06:41:18 75808 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2011-12-13 06:41:18 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2011-12-13 06:41:18 481768 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2011-12-13 06:41:18 284648 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2011-12-13 06:41:18 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2011-12-13 06:41:18 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2011-12-13 06:41:11 -------- d-----w- C:\Program Files\Common Files\McAfee
2011-12-13 06:41:10 -------- d-----w- C:\Program Files\McAfee.com
2011-12-13 06:41:10 -------- d-----w- C:\Program Files\McAfee
2011-12-13 06:40:55 161168 ----a-w- C:\Windows\System32\mfevtps.exe
2011-12-11 20:37:04 -------- d-----w- C:\Users\Mike\AppData\Local\Mozilla
2011-12-11 19:22:13 -------- d-----w- C:\Program Files (x86)\McAfee
2011-12-11 18:53:58 -------- d-----we C:\Windows\system64
2011-12-11 18:24:38 -------- d-s---w- C:\Windows\SysWow64\Microsoft
2011-12-10 23:58:20 388096 ----a-r- C:\Users\Mike\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-10 23:58:18 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-12-10 04:11:33 16432 ----a-w- C:\Windows\System32\lsdelete.exe
2011-12-10 00:04:07 -------- d-----w- C:\Users\Mike\AppData\Roaming\Malwarebytes
2011-12-10 00:03:56 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-10 00:03:53 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-09 19:46:34 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2011-12-09 19:44:09 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
2011-12-09 19:43:47 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2011-12-09 19:39:05 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{86CE9A4D-4D39-496C-9221-2F07838094E1}\mpengine.dll
2011-12-08 20:08:12 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
.
==================== Find3M ====================
.
2011-12-23 20:40:58 567184 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-12-23 01:35:27 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-12-23 01:35:26 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-12-14 08:36:57 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-15 22:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-10-24 21:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-10-24 21:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-10-15 21:16:16 647080 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2011-10-15 21:16:16 160280 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 14:07:56.70 ===============
ComboFix log to follow in next post.
Mike