"m" before www & Mcafee not working

View previous topic View next topic Go down

"m" before www & Mcafee not working

Post by booklover26 on Tue Aug 18, 2009 11:20 am

Lately, I've noticed when I log on that the url will start with [You must be registered and logged in to see this link.] I was wondering if this is indicative of spyware? Occasionally my computer will just shut down with no warning. Also, Mcafee is unable to fix problems for some reason. You have helped me previously with much success. I'm really hoping you can help me this time! :hmm:

Thanks!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:36:40 AM, on 8/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Wave Systems Corp\Common\DataServer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\WINDOWS\system32\lxdxcoms.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\system32\java.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\StacSV.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\KADxMain.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\pdfforge Toolbar\SearchSettings.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbappHelper.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: IEToolbarBHO Class - {1a1dac8c-074d-440f-8707-7009a672d7d1} - C:\Program Files\LinkedIn\IE Toolbar\3.0.4.1100\LinkedinIEToolbar.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: MyPoints Toolbar - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MyPoints Toolbar - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: LinkedIn Toolbar - {BB670D0B-5C46-40C7-B38B-40DD26987723} - C:\Program Files\LinkedIn\IE Toolbar\3.0.4.1100\LinkedinIEToolbar.dll
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe"
O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Internet Connection Wizard Setup Tool] C:\Program Files\Internet Explorer\Connection Wizard\icwsetup.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SmileyApp] C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbapp.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
O4 - Global Startup: icwsetup.exe
O4 - Global Startup: VPN Client.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: linked&in search - [You must be registered and logged in to see this link.] Files\LinkedIn\IE Toolbar\3.0.4.1100\LinkedinIEToolbar.dll/ContextMenu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [You must be registered and logged in to see this link.]
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DataSvr2 - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Common\DataServer.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
O23 - Service: lxdx_device - - C:\WINDOWS\system32\lxdxcoms.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\StacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: NTRU Hybrid TSS v2.0.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\

--
End of file - 14137 bytes

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by Belahzur on Tue Aug 18, 2009 3:41 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Tue Aug 18, 2009 4:19 pm

Malwarebytes' Anti-Malware 1.38
Database version: 2310
Windows 5.1.2600 Service Pack 3

8/18/2009 12:08:56 PM
mbam-log-2009-08-18 (12-08-56).txt

Scan type: Quick Scan
Objects scanned: 118820
Time elapsed: 13 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\Administrator\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by Belahzur on Tue Aug 18, 2009 8:36 pm

Hello.
Please update MBAM, you have a very old version.

Open MBAM, go into the update tab, press "Check for updates"

Download the latest version and the latest database, then run a new scan.
Copy and paste the new log back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Tue Aug 18, 2009 9:59 pm

Gotcha....Thanks! I have it broken up as it is too long for 1 post.

Malwarebytes' Anti-Malware 1.40
Database version: 2651
Windows 5.1.2600 Service Pack 3

8/18/2009 5:46:21 PM
mbam-log-2009-08-18 (17-46-20).txt

Scan type: Quick Scan
Objects scanned: 124396
Time elapsed: 10 minute(s), 21 second(s)

Memory Processes Infected: 2
Memory Modules Infected: 5
Registry Keys Infected: 44
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 36
Files Infected: 330

Memory Processes Infected:
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbapp.exe (Adware.DoubleD) -> Unloaded process successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbappHelper.exe (Adware.DoubleD) -> Unloaded process successfully.

Memory Modules Infected:
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\HookAPINT.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\ProductInfo.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\SkinCrafterDll.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbapp.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbIE.dll (Adware.DoubleD) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{d335d84d-61d8-4b5f-9c4e-067dc8b27ed5} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{42c23154-00fa-4a93-9de9-3eb523cffff6} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2e8e2100-98cb-4aac-9480-63a281acaff5} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0514c9b0-e4c6-4d6b-a3a6-b38bc280b115} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{803e73fe-cb73-4d49-8aff-653fd6f44171} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{51b67a88-02d0-43cb-8d12-5ca3e2d4cf49} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d44cc2fb-77b8-48a5-a5dc-f961f2d258fb} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{57aba38e-6535-48f3-99fd-efdc62137c78} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{22c12739-c111-44c6-9bb7-f335c2a9be2a} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{edb1a56e-2224-4c79-a4bd-42a39c6e4608} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{27ff1ee8-8ccc-49e1-b801-f212e3744e80} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\AIMActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Addins\OEActiveXDLL.DesktopOEAddin1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DbgMgr (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1fb52ab3-5987-45a2-85e0-f3ec30dddc29}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smileyapp (Adware.DoubleD) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\DoubleD (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\Desktop Smiley Toolbar (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170 (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.2.0.750 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.2.0.750\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\bin (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Media Access Startup\1.3.0.790 (Adware.DoubleD) -> Quarantined and deleted successfully.

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Tue Aug 18, 2009 10:02 pm

Files Infected:
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\AIMActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\OEActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.2.0.750\ssd.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\NPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\AxGifAnimator.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\gdiplus.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\HookAPINT.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\mfc80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Microsoft.VC80.CRT.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Microsoft.VC80.MFC.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\msvcr80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\MyDll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\ProductInfo.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Riched20Smiley.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\SkinCrafterDll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stb0.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbAol.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbapp.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbapp.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbappHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbasst.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbdl.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbIE.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbMsn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbOL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbOLEX.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbsvc.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbYahoo8.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\stbYahoo9.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\2154df11395ea0249c4c54961007ff8a.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\362f27667f6d7af7e9d2a6856d6560f6.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\4b6752554c03dd13115a0078de71aa4d.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\fb0a3aaf0df9fc6e0a7bc656b80c3973.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\loading_bg.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\loading_logo.jpg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Cursor.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Glitter.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Recipe.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Ringtone.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Screensaver.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Smiley.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Cursor.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Glitter.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Recipe.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Ringtone.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Screensaver.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Tue Aug 18, 2009 10:10 pm

C:\Program Files\Internet Saving Optimizer\3.3.0.4160\adwpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\NPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.3.0.4160\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\HPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\hppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\MAHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.3.0.790\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.2.0.750\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.2.0.750\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.2.0.750\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.2.0.750\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.2.0.750\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Tue Aug 18, 2009 10:13 pm

C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\bin\stbup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\2154df11395ea0249c4c54961007ff8a.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\362f27667f6d7af7e9d2a6856d6560f6.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\4b6752554c03dd13115a0078de71aa4d.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\fb0a3aaf0df9fc6e0a7bc656b80c3973.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\loading_bg.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Cache\loading_logo.jpg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Cursor.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Glitter.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Recipe.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Ringtone.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Screensaver.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Smiley.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\nsm.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Cursor.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Glitter.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Recipe.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Ringtone.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Screensaver.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.11.5.15170\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Tue Aug 18, 2009 10:13 pm

C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090610-190126.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090610-190332.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090611-074356.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090611-152719.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090611-204724.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090611-205231.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090612-071743.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090612-142338.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090612-183926.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090612-233521.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090613-105741.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090613-121214.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090613-122841.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090613-124117.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090613-152748.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090614-094745.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090614-095757.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090614-100147.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090614-124031.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090614-203455.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090614-215740.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090615-082621.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090615-145237.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090615-192344.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090615-195352.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090616-074417.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090616-184938.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090616-185703.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090616-200057.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090616-203451.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090616-212603.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090616-213209.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090616-213613.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090617-072214.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090617-131123.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090617-165724.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090617-205205.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090617-210024.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090617-213027.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090617-222257.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090618-072750.138.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090618-214143.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-083933.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-083958.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-095519.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-100921.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-122856.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-131950.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-182320.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-182526.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-185406.194.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-190024.696.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-190703.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-203801.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-204842.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090619-222442.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\NP_20090620-080423.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Saving Optimizer\3.3.0.4160\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by Belahzur on Wed Aug 19, 2009 12:15 am


  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt just yet.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Wed Aug 19, 2009 2:57 am

DDS (Ver_09-07-30.01) - NTFSx86
Run by Administrator at 20:16:50.28 on Tue 08/18/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.339 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Wave Systems Corp\Common\DataServer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\WINDOWS\system32\lxdxcoms.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\WINDOWS\system32\java.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\StacSV.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\KADxMain.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\mobsync.exe
C:\Program Files\pdfforge Toolbar\SearchSettings.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5WHWSQ83\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uURLSearchHooks: H - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: IEToolbarBHO Class: {1a1dac8c-074d-440f-8707-7009a672d7d1} - c:\program files\linkedin\ie toolbar\3.0.4.1100\LinkedinIEToolbar.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\progra~1\mcafee\viruss~1\scriptsn.dll
BHO: MyPoints Toolbar: {a057a204-bacc-4d26-cec4-75a487fd6484} - c:\progra~1\mypoints\mypoints.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\WidgiToolbarIE.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MyPoints Toolbar: {a057a204-bacc-4d26-cec4-75a487fd6484} - c:\progra~1\mypoints\mypoints.dll
TB: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\WidgiToolbarIE.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: LinkedIn Toolbar: {bb670d0b-5c46-40c7-b38b-40dd26987723} - c:\program files\linkedin\ie toolbar\3.0.4.1100\LinkedinIEToolbar.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: LinkedIn JobsInsider: {85e0b171-04fa-11d1-b7da-00a0c90348d6} - c:\program files\linkedin\ie toolbar\3.0.4.1100\LinkedinIEToolbar.dll
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [Document Manager] c:\program files\wave systems corp\services manager\docmgr\bin\docmgr.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [KADxMain] c:\windows\system32\KADxMain.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [RoxioDragToDisc] "c:\program files\roxio\drag-to-disc\DrgToDsc.exe"
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [JobHisInit] c:\program files\rmclient\JobHisInit.exe
mRun: [MplSetUp] c:\program files\rmclient\MplSetUp.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [SearchSettings] c:\program files\pdfforge toolbar\SearchSettings.exe
mRun: [lxdxmon.exe] "c:\program files\lexmark 3600-4600 series\lxdxmon.exe"
mRun: [lxdxamon] "c:\program files\lexmark 3600-4600 series\lxdxamon.exe"
mRun: [FaxCenterServer] "c:\program files\lexmark fax solutions\fm3032.exe" /s
mRun: [SunJavaUpdateSched] c:\program files\java\jre6\bin\jusched.exe
mRun: [Internet Connection Wizard Setup Tool] c:\program files\internet explorer\connection wizard\icwsetup.exe
StartupFolder: c:\docume~1\alluse~1\applic~1\micros~1\shortc~1\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\docume~1\alluse~1\applic~1\micros~1\shortc~1\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\applic~1\micros~1\shortc~1\embass~1.lnk - c:\program files\wave systems corp\services manager\secure update\AutoUpdate.exe
StartupFolder: c:\docume~1\alluse~1\applic~1\micros~1\shortc~1\vpncli~1.lnk - c:\windows\installer\{ccbaa1f7-e5e1-48b2-9ed9-a79c6a37ce78}\Icon3E5562ED7.ico
StartupFolder: c:\docume~1\alluse~1\applic~1\micros~1\shortc~1\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: linked&in search - c:\program files\linkedin\ie toolbar\3.0.4.1100\LinkedinIEToolbar.dll/ContextMenu.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - [You must be registered and logged in to see this link.]
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - [You must be registered and logged in to see this link.]
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 wvauth nwprovau

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-6-29 214024]
R1 NEOFLTR_540_11529;Juniper Networks TDI Filter Driver (NEOFLTR_540_11529);c:\windows\system32\drivers\NEOFLTR_540_11529.sys [2007-1-29 57591]
R2 LinksysUpdater;Linksys Updater;c:\program files\linksys\linksys updater\bin\LinksysUpdater.exe [2008-1-15 204800]
R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-6-29 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-6-29 144704]
R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [2006-11-2 97536]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-6-29 79880]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-6-29 35272]
S2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdxserv.exe [2009-6-3 98984]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-6-29 29744]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-6-29 34216]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-6-29 40552]
S4 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-6-29 606736]

=============== Created Last 30 ================

2009-08-18 17:21 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-18 17:21 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-18 17:21 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-10 08:05 --d----- c:\program files\support.com
2009-08-10 08:04 --d----- c:\program files\common files\SupportSoft
2009-08-09 17:38 --d----- c:\docume~1\admini~1\applic~1\LinkedIn
2009-08-09 17:37 --d----- c:\program files\LinkedIn
2009-08-07 07:21 --dsh--- C:\found.001
2009-07-29 14:33 86,656 a------- c:\windows\system32\drivers\195de3c1.sys
2009-07-24 23:29 --dsh--- C:\found.000

==================== Find3M ====================

2009-07-19 09:33 3,597,824 a------- c:\windows\system32\dllcache\mshtml.dll
2009-07-19 09:32 6,067,200 -------- c:\windows\system32\dllcache\ieframe.dll
2009-06-29 07:07 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-06-29 07:07 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-06-29 04:35 634,632 -------- c:\windows\system32\dllcache\iexplore.exe
2009-06-29 04:33 2,452,872 -------- c:\windows\system32\dllcache\ieapfltr.dat
2009-06-29 04:33 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2009-06-20 16:19 389,120 a------- c:\windows\system32\CF13424.exe
2009-06-16 10:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 10:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-16 10:36 119,808 -------- c:\windows\system32\dllcache\t2embed.dll
2009-06-16 10:36 81,920 -------- c:\windows\system32\dllcache\fontsub.dll
2009-06-08 08:10 155,136 a------- c:\windows\PEV.exe
2009-06-03 15:09 1,291,264 a------- c:\windows\system32\quartz.dll
2009-06-03 15:09 1,291,264 -------- c:\windows\system32\dllcache\quartz.dll
2009-05-25 00:24 350,208 -------- c:\windows\system32\mssph.dll
2008-08-11 16:45 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008081120080812\index.dat

============= FINISH: 20:17:42.29 ===============

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by Belahzur on Wed Aug 19, 2009 7:38 pm

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTM.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :services
    195de3c1

    :files
    C:\found.***
    c:\windows\system32\drivers\195de3c1.sys
    C:\found.***


  • Return to OTMoveIt, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Wed Aug 19, 2009 8:45 pm

========== SERVICES/DRIVERS ==========
Service\Driver 195de3c1 not found.
Service\Driver 195de3c1 not found.
========== FILES ==========
C:\found.000\dir0002.chk moved successfully.
C:\found.000\dir0001.chk moved successfully.
C:\found.000\dir0000.chk moved successfully.
C:\found.000 moved successfully.
C:\found.001 moved successfully.
File move failed. c:\windows\system32\drivers\195de3c1.sys scheduled to be moved on reboot.
File/Folder C:\found.*** not found.

OTM by OldTimer - Version 3.0.0.6 log created on 08192009_164029

Files moved on Reboot...
File move failed. c:\windows\system32\drivers\195de3c1.sys scheduled to be moved on reboot.

Registry entries deleted on Reboot...

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by Belahzur on Thu Aug 20, 2009 12:20 am

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Thu Aug 20, 2009 1:13 am

It's not letting me run the Combo-Fix for some reason. When I try to run it I get this message "You cannot rename ComboFix as Combo-Fix Please use another name, preferably made up of alphanumeric characters"

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by Belahzur on Thu Aug 20, 2009 7:37 pm

Hello.
ok. Download it without renaming and run it.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Thu Aug 20, 2009 9:23 pm

ComboFix 09-08-19.0C - Administrator 08/20/2009 16:57.3.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.502 [GMT -4:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\pdfforge Toolbar\SearchSettings.dll
c:\windows\Installer\1518aa6.msp
c:\windows\system32\drivers\195de3c1.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NWCWORKSTATION
-------\Service_195de3c1
-------\Service_NWCWorkstation


((((((((((((((((((((((((( Files Created from 2009-07-20 to 2009-08-20 )))))))))))))))))))))))))))))))
.

2009-08-19 20:40 . 2009-08-19 20:40 -------- d-----w- C:\_OTM
2009-08-18 21:21 . 2009-08-03 17:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-18 21:21 . 2009-08-03 17:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-18 21:21 . 2009-08-18 21:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-10 12:05 . 2009-08-10 12:05 -------- d-----w- c:\program files\support.com
2009-08-10 12:05 . 2009-08-10 12:05 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\SupportSoft
2009-08-10 12:04 . 2009-08-10 12:04 -------- d-----w- c:\program files\Common Files\SupportSoft
2009-08-09 21:38 . 2009-08-09 21:38 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\LinkedIn
2009-08-09 21:38 . 2009-08-09 21:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\LinkedIn
2009-08-09 21:37 . 2009-08-09 21:37 -------- d-----w- c:\program files\LinkedIn

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Thu Aug 20, 2009 9:24 pm

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-20 21:03 . 2009-05-24 14:52 -------- d-----w- c:\program files\pdfforge Toolbar
2009-08-18 21:16 . 2009-06-20 13:03 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-07 11:23 . 2007-06-29 05:40 -------- d-----w- c:\program files\McAfee
2009-07-25 03:31 . 2008-08-11 21:22 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-15 14:06 . 2008-08-11 19:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-07-12 22:17 . 2009-07-12 22:17 98276 ----a-w- c:\documents and settings\All Users\SPL324.tmp
2009-07-10 01:35 . 2007-06-29 05:40 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-07-05 17:59 . 2009-07-05 17:58 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3
2009-06-29 16:12 . 2004-08-11 22:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-06-29 16:12 . 2004-08-11 22:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 16:12 . 2004-08-11 22:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-06-16 14:36 . 2004-08-11 22:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2004-08-11 22:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-10 23:00 . 2009-06-10 23:00 593053 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\mFileBagIDE.dll\bag\HJSetup.exe
2009-06-10 23:00 . 2009-06-10 23:00 594764 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\mFileBagIDE.dll\bag\AdwareSetup.exe
2009-06-08 05:59 . 2009-06-10 22:59 2989234 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\Setup.exe
2009-06-08 05:57 . 2009-06-10 22:58 180504 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\mFileBagIDE.dll\bag\ProductInfo.dll
2009-06-08 05:57 . 2009-06-10 22:58 180504 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\CE8732D\3E688669\ProductInfo.dll
2009-06-08 05:57 . 2009-06-10 22:58 209176 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\CC8FDF08\3E688669\OEActiveXDLL.dll
2009-06-08 05:57 . 2009-06-10 22:58 127256 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\36F1A852\3E688669\MyDll.dll
2009-06-08 05:57 . 2009-06-10 22:58 102680 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\3FA86A06\3E688669\HookAPINT.dll
2009-06-08 05:57 . 2009-06-10 22:58 151832 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\C90EEF64\3E688669\AxGifAnimator.dll
2009-06-08 05:57 . 2009-06-10 22:58 250136 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\A53562F1\3E688669\AIMActiveXDLL.dll
2009-06-08 05:57 . 2009-06-10 22:58 296264 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\mFileBagIDE.dll\bag\stbterm.exe
2009-06-08 05:57 . 2009-06-10 22:58 295656 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\mFileBagIDE.dll\bag\stbrunwlm.exe
2009-06-08 05:57 . 2009-06-10 22:58 295328 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\mFileBagIDE.dll\bag\stbrewlm.exe
2009-06-08 05:57 . 2009-06-10 22:58 295896 -c--a-w- c:\documents and settings\All Users\Application Data\{C1B2B02A-9D52-423D-861A-498B050BB4A2}\OFFLINE\mFileBagIDE.dll\bag\stbreaim.exe
2009-06-03 19:09 . 2004-08-11 22:00 1291264 ----a-w- c:\windows\system32\quartz.dll
2009-05-25 04:24 . 2008-05-27 02:18 350208 ------w- c:\windows\system32\mssph.dll
.

------- Sigcheck -------

[-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2004-08-04 10:00 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\$NtUninstallKB941644$\tcpip.sys
[7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2008-04-13 19:20 361344 ACCF5A9A1FFAA490F33DBA1C632B95E1 c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2008-06-20 11:51 361600 9425B72F40257B45D45D24773273DAD0 c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 11:51 361600 9425B72F40257B45D45D24773273DAD0 c:\windows\system32\drivers\tcpip.sys

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Thu Aug 20, 2009 9:24 pm

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-CEC4-75A487FD6484}]
2008-08-07 20:24 1909248 ----a-w- c:\progra~1\mypoints\mypoints.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2009-05-04 20:32 650752 ----a-w- c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-CEC4-75A487FD6484}"= "c:\progra~1\mypoints\mypoints.dll" [2008-08-07 1909248]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll" [2009-05-04 650752]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-cec4-75a487fd6484}]
[HKEY_CLASSES_ROOT\mypoints.MYPOINTS]

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A057A204-BACC-4D26-CEC4-75A487FD6484}"= "c:\progra~1\mypoints\mypoints.dll" [2008-08-07 1909248]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-cec4-75a487fd6484}]
[HKEY_CLASSES_ROOT\mypoints.MYPOINTS]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-29 395776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-18 138008]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2007-02-20 1191936]
"Document Manager"="c:\program files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe" [2006-09-08 102400]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-16 1392640]
"KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 1116920]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-03 29744]
"JobHisInit"="c:\program files\RMClient\JobHisInit.exe" [2001-11-17 135168]
"MplSetUp"="c:\program files\RMClient\MplSetUp.exe" [2000-11-05 40960]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-09 645328]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-03-30 970240]
"lxdxmon.exe"="c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe" [2008-06-13 668328]
"lxdxamon"="c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe" [2008-06-13 16040]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2008-06-13 320168]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-07 136600]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2007-02-19 303104]

c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-1-11 2150400]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-6-29 50688]
EMBASSY Trust Suite Secure Update.lnk - c:\program files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe [2006-8-25 192512]
VPN Client.lnk - c:\windows\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico [2008-8-11 6144]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\Juniper Networks\\Secure Application Manager\\dsSamProxy.exe"=
"c:\\WINDOWS\\system32\\lxdxcoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdxpswx.exe"=
"c:\\Program Files\\Lexmark 3600-4600 Series\\lxdxmon.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdxtime.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdxjswx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 NEOFLTR_540_11529;Juniper Networks TDI Filter Driver (NEOFLTR_540_11529);c:\windows\system32\drivers\NEOFLTR_540_11529.sys [1/29/2007 9:33 PM 57591]
R2 LinksysUpdater;Linksys Updater;c:\program files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [1/15/2008 11:28 AM 204800]
R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [11/2/2006 1:32 PM 97536]
S2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdxserv.exe [6/3/2009 7:00 PM 98984]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [6/29/2007 1:42 AM 29744]
.
Contents of the 'Scheduled Tasks' folder

2009-02-16 c:\windows\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-06-29 14:53]

2008-12-01 c:\windows\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-06-29 14:53]

2009-08-19 c:\windows\Tasks\User_Feed_Synchronization-{63B6D0A4-C1C2-4B79-8235-A9574ED75709}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 15:58]
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-Internet Connection Wizard Setup Tool - c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe


.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: linked&in search - c:\program files\LinkedIn\IE Toolbar\3.0.4.1100\LinkedinIEToolbar.dll/ContextMenu.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-08-20 17:14
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Thu Aug 20, 2009 9:25 pm

.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1464)
c:\windows\system32\BCMLogon.dll

- - - - - - - > 'lsass.exe'(1520)
c:\windows\system32\wvauth.dll
c:\windows\system32\biolsp.dll

- - - - - - - > 'explorer.exe'(5512)
c:\windows\system32\WININET.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\windows\system32\CDRTC.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WLTRYSVC.EXE
c:\windows\system32\BCMWLTRY.EXE
c:\windows\system32\scardsvr.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Wave Systems Corp\Common\DataServer.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxdxcoms.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\windows\system32\java.exe
c:\program files\Common Files\McAfee\MNA\McNASvc.exe
c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\McAfee\MPF\MpfSrv.exe
c:\program files\McAfee\MSK\msksrver.exe
c:\program files\Dell\QuickSet\NicConfigSvc.exe
c:\windows\system32\stacsv.exe
c:\program files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
c:\windows\system32\searchindexer.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Lexmark 3600-4600 Series\lxdxmsdmon.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
.
**************************************************************************
.
Completion time: 2009-08-20 17:19 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-20 21:19
ComboFix2.txt 2009-06-20 15:23

Pre-Run: 30,414,450,688 bytes free
Post-Run: 30,599,774,208 bytes free

253 --- E O F --- 2009-07-29 15:37

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by Belahzur on Fri Aug 21, 2009 2:19 pm

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by Belahzur on Fri Aug 21, 2009 2:19 pm

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by Belahzur on Fri Aug 21, 2009 2:19 pm

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Fri Aug 21, 2009 2:50 pm

I get a msg saying "Windows cannot find ComboFix" when I try to run it.

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by Origin on Fri Aug 21, 2009 3:34 pm

Delete ComboFix manually, how is the computer running?


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31473
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by booklover26 on Sun Aug 23, 2009 12:17 am

Seems to be running wonderfully...many Thanks! I will continue to tell my family & friends about your wonderful services.

booklover26
Novice
Novice

Posts Posts : 40
Joined Joined : 2009-06-19
Gender Gender : Female
OS OS : XP
Points Points : 27462
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "m" before www & Mcafee not working

Post by Origin on Tue Aug 25, 2009 3:44 pm

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to [You must be registered and logged in to see this link.] and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

[You must be registered and logged in to see this link.]
A tutorial on using Ad-Aware to remove spyware from your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using Spybot to remove spyware from your computer may be found [You must be registered and logged in to see this link.]. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

[You must be registered and logged in to see this link.]
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found [You must be registered and logged in to see this link.].

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
[You must be registered and logged in to see this link.]
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
[You must be registered and logged in to see this link.]

5) Finally, consider maintaining a firewall. Some good free firewalls are [You must be registered and logged in to see this link.], or
[You must be registered and logged in to see this link.]
A tutorial on understanding and using firewalls may be found [You must be registered and logged in to see this link.].

Please also read Tony Klein's excellent article: [You must be registered and logged in to see this link.]

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found [You must be registered and logged in to see this link.].

Hopefully this should take care of your problems! Good luck. Big Grin


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31473
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum