Jump to content

madeline

Members
  • Content Count

    107
  • Joined

  • Last visited

About madeline

  • Rank
    Member

Previous Fields

  • System Specifications:
    HP
  1. Success!!!!! After about 9 tries I was able to get around the hacker to download the Vista Re-Installation dvd. Thought I would post how I did it in case someone else has a problem. I followed the directions of powering up the system and then inserting the dvd a number of times, I could hear it cycling but the system wasn't recognizing anything in the drive. So then I did it the other way of having the dvd in the drive and then powering up, still not recognized. Activated the Microsoft Security you gave me again and went online to see if there was another way to do this. Went to the Microsoft website and their instructions were to power up and put the dvd in. So, while I was on the internet reading the article I released the dvd then pushed it back in, voila! The system recognized the dvd was there! I quickly closed out of the internet, disabled the Microsoft Security and clicked on to open up the file and everything went wonderfully. The new installation is now up and running fine. Now all I have to do is go through the novel we wrote on this case and find the anti virus software you gave me as the installation does not have one other than Windows Defender. Again, thank you both so very much
  2. Thank you so very much for everything Jacee. Truly appreciate it
  3. Jacee thank you for all your help, and Tom too. I'm curious, does it mean someone else has control of her system? By doing the new OS install would it then be safe to use? Those are my last questions, you have been very patient and it is appreciated greatly.
  4. Nothing, I go to command prompt and the window pops up C:\Windows\system32> and then I add the cmd.exe It then repeats the C:\Windows prompt
  5. Microsoft Security finished the scan and nothing was found! Very happy about that. I enabled the Firewall as well.
  6. Ok, got the MCPR to download finally. Of the items you asked me to check oof there were about 5 of them. The system re-booted and then when it came back on there is now an icon on desktop for McAfee Virtual Technician that wasn't there before. Am running the Microsoft Security Scan now and will turn on firewall and post back (using another computer to add this reply).
  7. disabled windows defender and tried again, no luck. Cannot download MCPR
  8. Still not working, I had to reboot for the changes to take place and completely remove McAfee. I do get a pop up window from Windows Defender though, could this be stopping the download from the MCPR link? Internet Explorer is blocking the download, that's the box that pops up now.
  9. Jacee, when I try to download the MCPR tool I get an all white page that says: protectedmodeoff The address bar reads: about:protectedmodeoff I'm sorta stuck.
  10. Combofix.txt New HJT log taken after the above scan has run: ComboFix 10-03-14.04 - doloresf 03/14/2010 22:20:53.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2046.997 [GMT -5:00] Running from: c:\users\doloresf\Desktop\ComboFix.exe AV: McAfee VirusScan *On-access scanning disabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} SP: McAfee VirusScan *disabled* (Outdated) {C78B3C70-4777-4742-BB91-9D615CC575E6} SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1400113804-1914402855-3429530994-500 c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500 c:\$recycle.bin\S-1-5-21-3219747236-794026414-2971734395-500 c:\windows\Downloaded Program Files\f3initialsetup1.0.1.0.inf . ((((((((((((((((((((((((( Files Created from 2010-02-15 to 2010-03-15 ))))))))))))))))))))))))))))))) . 2010-03-15 03:17 . 2010-03-15 03:17 -------- d-----w- C:\32788R22FWJFW 2010-03-14 03:39 . 2010-03-14 06:50 -------- d-----w- C:\0e4cc39332eef185d4cd6e58affcc0 2010-03-14 02:55 . 2010-03-14 02:55 -------- d-----w- c:\program files\Belarc 2010-03-10 21:52 . 2010-02-20 23:54 24064 ----a-w- c:\windows\system32\nshhttp.dll 2010-03-10 21:51 . 2010-02-20 23:51 31232 ----a-w- c:\windows\system32\httpapi.dll 2010-03-10 21:51 . 2010-02-20 21:30 396800 ----a-w- c:\windows\system32\drivers\http.sys 2010-03-10 01:55 . 2010-03-10 01:55 -------- d-----w- c:\windows\system32\EventProviders 2010-03-07 18:32 . 2010-03-07 19:16 -------- d-----w- C:\2f52c8622a3b410dd88578e3e2e72433 2010-03-06 02:54 . 2010-03-06 02:54 -------- d-----w- C:\PerfLogs 2010-03-05 23:49 . 2010-03-07 19:15 -------- d-----w- C:\2a7f0d1e8eda6bb5dd0585 2010-02-28 20:24 . 2010-03-15 03:19 17408 ----a-w- c:\windows\system32\rpcnetp.exe 2010-02-28 19:42 . 2010-02-28 19:42 -------- d-----w- C:\_OTL 2010-02-28 19:40 . 2010-02-28 19:40 -------- d-----w- c:\program files\Common Files\Java 2010-02-28 16:19 . 2010-02-28 16:18 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-02-28 16:18 . 2010-02-28 16:18 -------- d-----w- c:\program files\Java 2010-02-28 16:17 . 2010-02-28 16:17 680 ----a-w- c:\users\doloresf\AppData\Local\d3d9caps.dat 2010-02-27 14:32 . 2010-02-27 14:32 -------- d-----w- c:\users\doloresf\AppData\Roaming\Malwarebytes 2010-02-27 14:31 . 2010-01-07 22:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-27 14:31 . 2010-02-27 18:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-02-27 14:31 . 2010-02-27 14:31 -------- d-----w- c:\programdata\Malwarebytes 2010-02-27 14:31 . 2010-01-07 22:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-24 15:28 . 2010-01-23 08:05 2048 ----a-w- c:\windows\system32\tzres.dll 2010-02-24 15:27 . 2010-01-25 12:58 473088 ----a-w- c:\windows\system32\secproc_isv.dll 2010-02-24 15:27 . 2010-01-25 12:58 472576 ----a-w- c:\windows\system32\secproc.dll 2010-02-24 15:27 . 2010-01-25 12:58 154112 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-02-24 15:27 . 2010-01-25 08:36 435712 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-02-24 15:27 . 2010-01-25 08:36 515584 ----a-w- c:\windows\system32\RMActivate.exe 2010-02-24 15:27 . 2010-01-25 08:36 431104 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-02-24 15:27 . 2010-01-25 08:35 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-02-24 15:27 . 2010-01-25 12:58 154624 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-02-24 15:27 . 2010-01-25 12:56 312320 ----a-w- c:\windows\system32\msdrm.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-15 03:19 . 2008-02-22 12:44 56680 ----a-w- c:\windows\system32\rpcnet.dll 2010-03-15 00:47 . 2008-02-27 13:10 27620 ----a-w- c:\users\doloresf\AppData\Roaming\nvModes.dat 2010-03-14 05:04 . 2008-02-21 16:59 17408 ----a-w- c:\windows\system32\rpcnetp.dll 2010-03-10 22:45 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-03-10 21:57 . 2007-08-17 21:34 -------- d-----w- c:\programdata\Microsoft Help 2010-02-28 16:15 . 2007-08-17 21:36 -------- d-----w- c:\program files\McAfee 2010-02-26 23:22 . 2008-02-21 17:05 74912 ----a-w- c:\users\doloresf\AppData\Local\GDIPFONTCACHEV1.DAT 2010-02-10 17:18 . 2009-11-13 00:33 -------- d-----w- c:\users\doloresf\AppData\Roaming\Image Zone Express 2010-02-08 21:27 . 2010-02-08 21:27 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-02-08 21:26 . 2010-02-08 21:26 -------- d-----w- c:\program files\LSoft Technologies 2010-02-08 21:26 . 2007-08-17 21:25 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-28 12:36 . 2010-02-10 15:05 11776 ----a-w- c:\windows\system32\tsbyuv.dll 2009-12-28 12:35 . 2010-02-10 15:05 1327616 ----a-w- c:\windows\system32\quartz.dll 2009-12-28 12:34 . 2010-02-10 15:05 22528 ----a-w- c:\windows\system32\msyuv.dll 2009-12-28 12:34 . 2010-02-10 15:05 31232 ----a-w- c:\windows\system32\msvidc32.dll 2009-12-28 12:34 . 2010-02-10 15:05 123904 ----a-w- c:\windows\system32\msvfw32.dll 2009-12-28 12:34 . 2010-02-10 15:05 13312 ----a-w- c:\windows\system32\msrle32.dll 2009-12-28 12:33 . 2010-02-10 15:05 82944 ----a-w- c:\windows\system32\mciavi32.dll 2009-12-28 12:32 . 2010-02-10 15:05 50176 ----a-w- c:\windows\system32\iyuv_32.dll 2009-12-28 12:30 . 2010-02-10 15:05 88576 ----a-w- c:\windows\system32\avifil32.dll 2009-12-28 12:30 . 2010-02-10 15:05 65024 ----a-w- c:\windows\system32\avicap32.dll 2009-12-18 12:52 . 2010-01-22 14:39 832512 ----a-w- c:\windows\system32\wininet.dll 2009-12-18 12:48 . 2010-01-22 14:39 56320 ----a-w- c:\windows\system32\iesetup.dll 2009-12-18 12:48 . 2010-01-22 14:39 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-12-18 12:48 . 2010-01-22 14:39 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll 2009-12-18 12:46 . 2010-01-22 14:39 72704 ----a-w- c:\windows\system32\admparse.dll 2009-12-18 10:18 . 2010-01-22 14:39 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-12-18 08:45 . 2010-01-22 14:39 48128 ----a-w- c:\windows\system32\mshtmler.dll 2007-08-18 05:09 . 2007-08-18 05:05 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-08-18 1006264] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-28 857648] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-06-25 405504] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-06-25 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-25 8433664] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-25 81920] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2007-06-25 67584] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-04-16 184320] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-03-16 17920] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-03 30192] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-10-29 1218008] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152] "EverioService"="c:\program files\CyberLink\PCM4Everio\EverioService.exe" [2008-04-03 151552] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] c:\users\doloresf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-8-17 50688] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] QuickSet.lnk - c:\windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-8-17 45056] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-08 717296] R3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-03 30192] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2009-12-08 93320] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder 2007-08-17 c:\windows\Tasks\McDefragTask.job - c:\program files\mcafee\mqc\QcConsol.exe [2009-10-21 17:22] 2007-08-17 c:\windows\Tasks\McQcTask.job - c:\program files\mcafee\mqc\QcConsol.exe [2009-10-21 17:22] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: internet Trusted Zone: mcafee.com . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-14 22:30 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.spx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice] @Denied: (2) (LocalSystem) "Progid"="YMP.Media" [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2010-03-14 22:33:02 ComboFix-quarantined-files.txt 2010-03-15 03:32 Pre-Run: 117,626,064,896 bytes free Post-Run: 117,576,400,896 bytes free - - End Of File - - 1A1EB99DF34A3DFB6A16AC49090D8262 Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 10:49:49 PM, on 3/14/2010 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16982) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Windows\explorer.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [EverioService] "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: QuickSet.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O15 - Trusted Zone: http://*.mcafee.com O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: Google Desktop Manager 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7627 bytes
  11. Yes they are correct.
  12. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-12-01.01) Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume3 Install Date: 8/17/2007 4:17:01 PM System Uptime: 3/14/2010 7:45:59 PM (2 hours ago) Motherboard: Dell Inc. | | 0UW306 Processor: Intel® Core2 Duo CPU T5250 @ 1.50GHz | Microprocessor | 1500/166mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 136 GiB total, 109.76 GiB free. D: is FIXED (NTFS) - 10 GiB total, 5.716 GiB free. E: is CDROM (CDFS) ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP287: 3/13/2010 10:40:31 PM - Windows Vista Service Pack 1 RP288: 3/14/2010 3:36:52 PM - Scheduled Checkpoint ==== Installed Programs ====================== 32 Bit HP CIO Components Installer 6300 6300_Help 6300Trb Active@ ISO Burner Adobe Flash Player 10 ActiveX Adobe Reader 7.0.8 AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan Belarc Advisor 8.1 Broadcom Management Programs BufferChm Conexant HDA D330 MDC V.92 Modem Consumer Complete Care Services Agreement Copy CustomerResearchQFolder Dell DataSafe Online Dell Support Center Dell System Customization Wizard Dell Touchpad DellSupport Destinations DeviceManagementQFolder Digital Line Detect Digital Photo Navigator 1.5 Disney Toontown Online DocProc DocProcQFolder eSupportQFolder Fax Games, Music, & Photos Launcher Google Desktop Google Toolbar for Internet Explorer Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Participation Program 8.0 HP Imaging Device Functions 8.0 HP OCR Software 8.0 HP Photosmart Essential HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B HP Solution Center 8.0 HP Update HPProductAssistant HPSSupply Java Auto Updater Java 6 Update 18 Malwarebytes' Anti-Malware MarketResearch McAfee SecurityCenter MediaDirect Microsoft .NET Framework 3.5 SP1 Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Modem Diagnostic Tool MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NetWaiting NVIDIA Drivers OGA Notifier 2.0.0048.0 OutlookAddinSetup PowerCinema NE for Everio Product Documentation Launcher QualxServ Service Agreement QuickSet Roxio Creator Audio Roxio Creator BDAV Plugin Roxio Creator Copy Roxio Creator Data Roxio Creator DE Roxio Creator Tools Roxio Express Labeler Roxio MyDVD DE Roxio Update Manager Scan Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB978380) Security Update for Microsoft Office Excel 2007 (KB978382) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) SolutionCenter Sonic Activation Module Status Toolbox TrayApp UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for 2007 Microsoft Office System (KB977724) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office InfoPath 2007 (KB976416) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 (KB974561) Update for Microsoft Office Word 2007 Help (KB963665) URL Assistant User's Guides WebReg Yahoo! Music Jukebox ==== Event Viewer Messages From Past Week ======== 3/7/2010 2:18:00 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0816: Windows Vista Service Pack 1 (KB936330). 3/7/2010 1:58:48 PM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The file cannot be opened transactionally, because its identity depends on the outcome of an unresolved transaction. ==== End Of File =========================== DDS (Ver_09-12-01.01) - NTFSx86 Run by doloresf at 21:05:01.43 on Sun 03/14/2010 Internet Explorer: 7.0.6000.16982 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2046.1200 [GMT -5:00] AV: McAfee VirusScan *On-access scanning enabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6} SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\McAfee\SiteAdvisor\McSACore.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Windows\system32\rundll32.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\rpcnet.exe C:\Windows\system32\STacSV.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\taskeng.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Windows\System32\rundll32.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\CyberLink\PCM4Everio\EverioService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\taskeng.exe C:\Users\doloresf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S5NVE9Q7\dds[1].scr C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.yahoo.com/ uWindow Title = Internet Explorer provided by Dell uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6070818 uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [sigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe" mRun: [ECenter] c:\dell\e-center\EULALauncher.exe mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [EverioService] "c:\program files\cyberlink\pcm4everio\EverioService.exe" mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\users\doloresf\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\windows\installer\{7f0c4457-8e64-491b-8d7b-991504365d1e}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe IE: &Search IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL Trusted Zone: internet Trusted Zone: mcafee.com DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL ============= SERVICES / DRIVERS =============== R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-8-17 214664] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-8-17 79816] R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-8-17 35272] R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-8-17 40552] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-8-17 34248] =============== Created Last 30 ================ 2010-03-14 14:28:27 65536 --sha-w- c:\users\doloresf\ntuser.dat{dae4d38c-2f26-11df-bfaa-0019b989009d}.TM.blf 2010-03-14 14:28:27 524288 --sha-w- c:\users\doloresf\ntuser.dat{dae4d38c-2f26-11df-bfaa-0019b989009d}.TMContainer00000000000000000002.regtrans-ms 2010-03-14 14:28:27 524288 --sha-w- c:\users\doloresf\ntuser.dat{dae4d38c-2f26-11df-bfaa-0019b989009d}.TMContainer00000000000000000001.regtrans-ms 2010-03-14 03:39:14 0 d-----w- C:\0e4cc39332eef185d4cd6e58affcc0 2010-03-14 02:55:25 0 d-----w- c:\program files\Belarc 2010-03-10 21:52:00 24064 ----a-w- c:\windows\system32\nshhttp.dll 2010-03-10 21:51:55 396800 ----a-w- c:\windows\system32\drivers\http.sys 2010-03-10 21:51:55 31232 ----a-w- c:\windows\system32\httpapi.dll 2010-03-10 21:38:00 65536 --sha-w- c:\users\doloresf\ntuser.dat{cdacb807-2c8c-11df-b2a7-0019b989009d}.TM.blf 2010-03-10 21:38:00 524288 --sha-w- c:\users\doloresf\ntuser.dat{cdacb807-2c8c-11df-b2a7-0019b989009d}.TMContainer00000000000000000002.regtrans-ms 2010-03-10 21:38:00 524288 --sha-w- c:\users\doloresf\ntuser.dat{cdacb807-2c8c-11df-b2a7-0019b989009d}.TMContainer00000000000000000001.regtrans-ms 2010-03-10 01:55:08 0 d-----w- c:\windows\system32\EventProviders 2010-03-07 20:15:11 65536 --sha-w- c:\users\doloresf\ntuser.dat{7953cf08-2a25-11df-8038-0019b989009d}.TM.blf 2010-03-07 20:15:11 524288 --sha-w- c:\users\doloresf\ntuser.dat{7953cf08-2a25-11df-8038-0019b989009d}.TMContainer00000000000000000002.regtrans-ms 2010-03-07 20:15:11 524288 --sha-w- c:\users\doloresf\ntuser.dat{7953cf08-2a25-11df-8038-0019b989009d}.TMContainer00000000000000000001.regtrans-ms 2010-03-07 18:32:38 0 d-----w- C:\2f52c8622a3b410dd88578e3e2e72433 2010-03-06 02:54:40 0 d-----w- C:\PerfLogs 2010-03-05 23:49:08 0 d-----w- C:\2a7f0d1e8eda6bb5dd0585 2010-02-28 20:37:31 1984 ---ha-w- c:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2010-02-28 20:37:31 1984 ---ha-w- c:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2010-02-28 20:24:58 17408 ----a-w- c:\windows\system32\rpcnetp.exe 2010-02-28 19:42:42 0 d-----w- C:\_OTL 2010-02-28 19:40:15 0 d-----w- c:\programdata\Sun 2010-02-28 16:19:11 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-02-27 14:32:03 0 d-----w- c:\users\doloresf\appdata\roaming\Malwarebytes 2010-02-27 14:31:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-27 14:31:57 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-27 14:31:57 0 d-----w- c:\programdata\Malwarebytes 2010-02-27 14:31:57 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-02-24 15:28:38 2048 ----a-w- c:\windows\system32\tzres.dll 2010-02-24 15:27:07 473088 ----a-w- c:\windows\system32\secproc_isv.dll 2010-02-24 15:27:07 472576 ----a-w- c:\windows\system32\secproc.dll 2010-02-24 15:27:06 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-02-24 15:27:06 515584 ----a-w- c:\windows\system32\RMActivate.exe 2010-02-24 15:27:06 435712 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-02-24 15:27:06 431104 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-02-24 15:27:06 154112 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-02-24 15:27:05 312320 ----a-w- c:\windows\system32\msdrm.dll 2010-02-24 15:27:05 154624 ----a-w- c:\windows\system32\secproc_ssp_isv.dll ==================== Find3M ==================== 2010-03-15 00:47:32 27620 ----a-w- c:\users\doloresf\appdata\roaming\nvModes.dat 2010-03-15 00:47:15 56680 ----a-w- c:\windows\system32\rpcnet.dll 2010-03-14 05:04:11 17408 ----a-w- c:\windows\system32\rpcnetp.dll 2010-02-08 21:27:37 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-28 12:36:21 11776 ----a-w- c:\windows\system32\tsbyuv.dll 2009-12-28 12:35:48 1327616 ----a-w- c:\windows\system32\quartz.dll 2009-12-28 12:34:31 22528 ----a-w- c:\windows\system32\msyuv.dll 2009-12-28 12:34:29 31232 ----a-w- c:\windows\system32\msvidc32.dll 2009-12-28 12:34:29 123904 ----a-w- c:\windows\system32\msvfw32.dll 2009-12-28 12:34:24 13312 ----a-w- c:\windows\system32\msrle32.dll 2009-12-28 12:33:24 82944 ----a-w- c:\windows\system32\mciavi32.dll 2009-12-28 12:32:52 50176 ----a-w- c:\windows\system32\iyuv_32.dll 2009-12-28 12:30:47 88576 ----a-w- c:\windows\system32\avifil32.dll 2009-12-28 12:30:47 65024 ----a-w- c:\windows\system32\avicap32.dll 2009-12-18 12:52:36 832512 ----a-w- c:\windows\system32\wininet.dll 2009-12-18 12:48:23 56320 ----a-w- c:\windows\system32\iesetup.dll 2009-12-18 12:48:19 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-12-18 12:46:10 72704 ----a-w- c:\windows\system32\admparse.dll 2009-12-18 10:18:14 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-12-18 08:45:07 48128 ----a-w- c:\windows\system32\mshtmler.dll 2008-12-12 12:41:01 174 --sha-w- c:\program files\desktop.ini 2008-08-13 23:49:02 86016 ----a-w- c:\windows\inf\infstrng.dat 2008-08-13 23:49:02 86016 ----a-w- c:\windows\inf\infstor.dat 2008-08-13 23:49:02 51200 ----a-w- c:\windows\inf\infpub.dat 2008-06-12 18:03:42 665600 ----a-w- c:\windows\inf\drvindex.dat 2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2007-08-18 05:09:42 8192 --sha-w- c:\windows\users\default\NTUSER.DAT ============= FINISH: 21:06:18.21 ===============
  13. I'm here and ready to go! Thanks Jacee and Tom.
  14. Yes, but only to come to pcpitstop.com Something from pcpitstop just popped up but I closed the box.
  15. Nope. Goes to the start page.
×
×
  • Create New...