GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

McAfee ERROR-Starting on Demand Scanner

View previous topic View next topic Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Belahzur on Thu Oct 08, 2009 7:28 pm

Hello.
SP3 is just the latest update service pack. Smile

What problems remain?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Hemi1 on Thu Oct 08, 2009 7:50 pm

After the repair install I just had a few minor problems with my printer and a handful of programs - Installed service pack 3 then I uninstalled and re-installed the programs that were giving me trouble and everything so far seems OK -
I also ran the program F-Secure that Dragonmaster Jay had me run on my OTHER computer - it found 66 infections that the other programs did not find so I tried it on this one.

Here is the report for this computer:

Scanning Report
08 October 2009 12:46:06 - 12:48:58

Computer name: LOUIS
Scanning type: Quick malware scan
Target: System
Result
No malware found

Statistics
Scanned:

* Files: 4275
* Not scanned: 0

Result:

* Viruses: 0
* Spyware: 0
* Suspicious items: 0
* Riskware: 0

Actions:

* Disinfected: 0
* Renamed: 0
* Deleted: 0
* Quarantined: 0
* Failed: 0

Boot Sectors:

* Scanned: 0
* Infected: 0
* Suspicious items: 0
* Disinfected: 0

Options
Definitions version:

* Viruses: 2009-10-08_10
* Spyware: 2009-10-08_10

Scanning Engines:

* F-Secure Aquarius: 11.00.00, 2009-10-08
* F-Secure Hydra: 4.00.9271, 2009-10-08
* F-Secure Gemini: 3.00.09, 2009-09-14

Scanning options:

* Scan defined files: ANI ASP AX BAT BIN BOO CHM CMD COM CPL DLL DOC DOT DRV EML EXE HLP HTA HTM HTML HTT INF INI JOB JS JSE LNK LSP MDB MHT MPP MPT MSG OCX PDF PHP PIF POT PPT RTF SCR SHS SWF SYS TD0 VBE VBS VXD WBK WMA WMV WMF WSC WSF WSH WRI XLS XLT XML ZIP JAR ARJ LZH TAR TGZ GZ CAB RAR BZ2 HQX
* Scan inside archives

Actions:

* Viruses: Ask after scan
* Spyware: Ask after scan

Hemi1
Novice
Novice

Status :
Online
Offline

Posts : 38
Joined : 2009-10-03
Gender : Male
OS : XP Pro
Points : 26216
# Likes : 0

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Belahzur on Thu Oct 08, 2009 11:54 pm

Hello.
The above log looks fine, how is the machine running?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Hemi1 on Fri Oct 09, 2009 2:08 am

I believe there is some kind of conflict - I downloaded IE 8 to update before the fix and my XP disk had IE 6 installed. Explorer would not function so I installed IE 7 still no functioning - My system shows IE 7 is installed - I think it got a little messy

Other than that seems to be running fine so far - maybe a little slow but that may be due to system config startups - is there anything I can uncheck safely to make startup faster. Thanks for all your help!


Last edited by Hemi1 on Fri Oct 09, 2009 2:35 pm; edited 1 time in total (Reason for editing : added info)

Hemi1
Novice
Novice

Status :
Online
Offline

Posts : 38
Joined : 2009-10-03
Gender : Male
OS : XP Pro
Points : 26216
# Likes : 0

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Belahzur on Fri Oct 09, 2009 4:56 pm

Yeah, but we'll do it with my guidance to make sure we don't uncheck anything were not supposed to.

Post a new Hijack This log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Hemi1 on Fri Oct 09, 2009 5:06 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:05:56 AM, on 10/9/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\StacSV.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\KADxMain.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Dell\Dell Mobile Broadband\systray.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Common Files\AOL\1255060224\ee\AOLSoftware.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\DOCUME~1\louish\LOCALS~1\Temp\McInstallTemp (3)\Install.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbso.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbso.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbso.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [systray] C:\Program Files\Dell\Dell Mobile Broadband\systray.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1255060224\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Append to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} (MetaStreamCtl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - [You must be registered and logged in to see this link.]
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = prizio.com
O17 - HKLM\Software\..\Telephony: DomainName = prizio.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = prizio.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = prizio.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = prizio.com
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = prizio.com
O20 - AppInit_DLLs: C:\WINDOWS\system32\wxvault.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: McAfee Application Installer Cleanup (0294801255106859) (0294801255106859mcinstcleanup) - McAfee, Inc. - C:\DOCUME~1\louish\LOCALS~1\Temp\029480~1.EXE
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Intel Alert Handler - Intel® Corporation - C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
O23 - Service: Intel File Transfer - Intel® Corporation - C:\WINDOWS\system32\cba\xfr.exe
O23 - Service: Intel PDS - Intel® Corporation - C:\WINDOWS\system32\cba\pds.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\StacSV.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: NTRU TSS v1.2.1.12 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 14010 bytes

Hemi1
Novice
Novice

Status :
Online
Offline

Posts : 38
Joined : 2009-10-03
Gender : Male
OS : XP Pro
Points : 26216
# Likes : 0

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Belahzur on Fri Oct 09, 2009 8:05 pm

Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1255060224\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
    O20 - AppInit_DLLs: C:\WINDOWS\system32\wxvault.dll


  • Press "Fix Checked"
  • Close Hijack This.

Reboot normally.
How is it now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Hemi1 on Sat Oct 10, 2009 7:05 pm

When I click on the IE (7) icon it gives me a rundll32.exe Ordinal Not Found - The Ordinal 237 could not be located in the dynamic link library IEFRAME.dll

Well I found out I couldn't be running service pack 3 to uninstall IE 7 - I tried following MicroSoft instructions to uninstall service pack 3 but the only way it worked was to restore point back to when i installed it. This brought me back to IE6 version which seems to work fine but there are a few other issues.

I run AOL for my kid and welcome screen comes up blank (white) and so do the other screens - I can read e-mail however

Also when I click Start / Windows Update I get this message: The request lookup key was not found in any active activation contex

Maybe you need to see a new Hijack log

Hemi1
Novice
Novice

Status :
Online
Offline

Posts : 38
Joined : 2009-10-03
Gender : Male
OS : XP Pro
Points : 26216
# Likes : 0

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Hemi1 on Sat Oct 10, 2009 7:07 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:29 PM, on 10/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\StacSV.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Dell\Dell Mobile Broadband\systray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: IAOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll
R3 - URLSearchHook: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbso.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbso.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbso.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [systray] C:\Program Files\Dell\Dell Mobile Broadband\systray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\louish\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Append to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} (MetaStreamCtl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - [You must be registered and logged in to see this link.]
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = prizio.com
O17 - HKLM\Software\..\Telephony: DomainName = prizio.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = prizio.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = prizio.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = prizio.com
O20 - AppInit_DLLs: C:\WINDOWS\system32\wxvault.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Intel Alert Handler - Intel® Corporation - C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
O23 - Service: Intel File Transfer - Intel® Corporation - C:\WINDOWS\system32\cba\xfr.exe
O23 - Service: Intel PDS - Intel® Corporation - C:\WINDOWS\system32\cba\pds.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\StacSV.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: NTRU TSS v1.2.1.12 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10599 bytes

Hemi1
Novice
Novice

Status :
Online
Offline

Posts : 38
Joined : 2009-10-03
Gender : Male
OS : XP Pro
Points : 26216
# Likes : 0

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Hemi1 on Tue Oct 13, 2009 3:50 pm

bump

Hemi1
Novice
Novice

Status :
Online
Offline

Posts : 38
Joined : 2009-10-03
Gender : Male
OS : XP Pro
Points : 26216
# Likes : 0

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Hemi1 on Tue Oct 13, 2009 5:47 pm

One thing you failed to tell me before we ran the repair install

Before you perform a repair installation of Microsoft Windows XP, you must uninstall Windows Internet Explorer 7 or Windows Internet Explorer 8 from the Windows XP-based computer. If you perform a repair installation of Windows XP when a later version of Internet Explorer is still installed, Internet Explorer will not work after the repair is completed.

The problems that have arisen from this is causing havoc on many programs that rely on explorer to function properly - and I have alot of problems

Hemi1
Novice
Novice

Status :
Online
Offline

Posts : 38
Joined : 2009-10-03
Gender : Male
OS : XP Pro
Points : 26216
# Likes : 0

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Belahzur on Tue Oct 13, 2009 5:52 pm

Hello.
Can you re-run Combofix? one thing wont go away.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Hemi1 on Tue Oct 13, 2009 8:50 pm

FYI - Before I run ComboFix it gives me this warning:

ComboFix has detected the following real time scanner(s) to be active:
antivirus: CyberDefender Internet Security

I can't locate this program anywhere to disable (or get rid of) it.

ComboFix 09-10-13.01 - louish 10/13/2009 13:30.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1461 [GMT -7:00]
Running from: c:\documents and settings\louish\Desktop\Combo-Fix.exe
AV: CyberDefender Internet Security *On-access scanning enabled* (Updated) {D7B67E25-9B99-48A7-89AB-E3D8D7716279}
AV: F-Secure Anti-Virus 2010 10.00 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\louish\LOCALS~1\Temp\catchme.dll
c:\documents and settings\louish\Local Settings\temp\catchme.dll
c:\windows\system32\Cache

.
((((((((((((((((((((((((( Files Created from 2009-09-13 to 2009-10-13 )))))))))))))))))))))))))))))))
.

2009-10-12 17:17 . 2009-10-12 17:32 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys
2009-10-12 17:17 . 2009-07-09 09:33 80000 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2009-10-12 17:16 . 2009-10-12 18:08 -------- d-----w- c:\program files\F-Secure
2009-10-12 17:14 . 2009-10-12 17:17 -------- d-----w- c:\documents and settings\All Users\Application Data\f-secure
2009-10-12 14:22 . 2009-10-12 14:22 -------- d-----w- c:\program files\Java
2009-10-11 23:48 . 2009-07-19 13:32 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-10-11 23:48 . 2009-06-29 16:12 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-10-11 23:48 . 2009-06-29 16:12 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-10-11 23:48 . 2009-06-29 16:12 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-10-11 23:48 . 2009-06-29 16:12 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2009-10-11 23:48 . 2009-06-29 16:12 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2009-10-11 23:48 . 2009-06-29 11:07 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2009-10-11 21:37 . 2005-07-08 21:19 666 ----a-w- c:\windows\speed.reg
2009-10-11 19:17 . 2009-10-11 19:17 -------- d-----w- c:\program files\Common Files\Zeepe Framework 7
2009-10-11 17:07 . 2009-10-11 17:07 -------- d-----w- c:\windows\system32\vmm32
2009-10-11 16:13 . 2001-08-18 05:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-10-11 16:13 . 2001-08-18 05:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2009-10-11 16:13 . 2001-08-18 05:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2009-10-11 16:13 . 2001-08-18 05:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2009-10-11 16:13 . 2001-08-17 19:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2009-10-11 16:11 . 2004-08-04 05:29 11775 -c--a-w- c:\windows\system32\dllcache\wadv05nt.sys
2009-10-11 16:10 . 2001-08-17 20:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2009-10-11 16:09 . 2001-08-17 21:56 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2009-10-11 16:08 . 2001-08-17 21:56 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2009-10-11 16:07 . 2001-08-17 19:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2009-10-11 16:06 . 2001-08-18 05:36 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2009-10-11 16:05 . 2001-08-17 20:51 16640 -c--a-w- c:\windows\system32\dllcache\scmstcs.sys
2009-10-11 16:04 . 2001-08-18 05:36 9216 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2009-10-11 16:03 . 2001-08-17 20:53 17792 -c--a-w- c:\windows\system32\dllcache\ppa.sys
2009-10-11 16:02 . 2001-08-18 05:36 41984 -c--a-w- c:\windows\system32\dllcache\ovui2rc.dll
2009-10-11 16:01 . 2001-08-17 20:53 7552 -c--a-w- c:\windows\system32\dllcache\nsmmc.sys
2009-10-11 16:00 . 2001-08-17 19:50 103296 -c--a-w- c:\windows\system32\dllcache\mtxvideo.sys
2009-10-11 16:00 . 2001-08-17 20:48 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2009-10-11 16:00 . 2001-08-17 21:00 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2009-10-11 16:00 . 2001-08-17 21:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2009-10-11 16:00 . 2001-08-17 20:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2009-10-11 16:00 . 2001-08-17 20:57 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys
2009-10-11 15:58 . 2001-08-17 19:11 25065 -c--a-w- c:\windows\system32\dllcache\lmndis3.sys
2009-10-11 15:58 . 2001-08-17 20:51 15744 -c--a-w- c:\windows\system32\dllcache\lit220p.sys
2009-10-11 15:58 . 2001-08-17 19:12 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2009-10-11 15:58 . 2001-08-17 19:12 19016 -c--a-w- c:\windows\system32\dllcache\ktc111.sys
2009-10-11 15:58 . 2001-08-18 05:36 37376 -c--a-w- c:\windows\system32\dllcache\kousd.dll
2009-10-11 15:58 . 2001-08-18 05:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-10-11 15:58 . 2001-08-18 05:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-10-11 15:58 . 2001-08-17 21:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-10-11 15:58 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-10-11 15:58 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-10-11 15:58 . 2001-08-17 20:49 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys
2009-10-11 15:56 . 2001-08-17 21:05 141056 -c--a-w- c:\windows\system32\dllcache\icam3.sys
2009-10-11 15:55 . 2001-08-17 20:28 67167 -c--a-w- c:\windows\system32\dllcache\hsf_bsc2.sys
2009-10-11 15:54 . 2001-08-17 21:56 470144 -c--a-w- c:\windows\system32\dllcache\g200d.dll
2009-10-11 15:53 . 2001-08-17 20:28 347550 -c--a-w- c:\windows\system32\dllcache\es56tpi.sys
2009-10-11 15:52 . 2001-08-17 19:11 29696 -c--a-w- c:\windows\system32\dllcache\dm9pci5.sys
2009-10-11 15:51 . 2001-08-17 19:19 3584 -c--a-w- c:\windows\system32\dllcache\cwcosnt5.sys
2009-10-11 15:50 . 2001-08-17 20:51 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2009-10-11 15:49 . 2004-08-04 05:31 36224 -c--a-w- c:\windows\system32\dllcache\an983.sys
2009-10-10 19:40 . 2009-10-10 19:40 -------- d-----w- c:\program files\AOL Toolbar
2009-10-10 19:18 . 2009-10-10 19:18 -------- d-----w- c:\program files\Common Files\Software Update Utility
2009-10-10 19:18 . 2003-01-10 21:13 33588 ----a-r- c:\windows\system32\drivers\wanatw4.sys
2009-10-10 19:17 . 2009-10-11 15:21 -------- d-----w- c:\program files\AOL 9.1
2009-10-09 21:03 . 2009-10-09 21:03 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\AOL
2009-10-09 05:01 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2009-10-08 20:43 . 2009-10-08 20:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-10-08 20:43 . 2009-10-08 20:43 -------- d-----w- c:\program files\Viewpoint
2009-10-08 18:51 . 2009-10-09 19:00 65 ----a-w- c:\windows\system32\BD7020.dat
2009-10-08 18:50 . 2003-11-29 01:57 0 ----a-w- c:\windows\brdfxspd.dat
2009-10-08 17:42 . 2009-10-09 18:45 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters(2)
2009-10-08 16:25 . 2009-10-08 16:25 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\F-Secure
2009-10-08 16:23 . 2009-10-12 17:16 -------- d-----w- c:\documents and settings\All Users\Application Data\fssg
2009-10-08 03:16 . 2008-09-10 01:14 1307648 -c----w- c:\windows\system32\dllcache\msxml6.dll
2009-10-08 03:16 . 2008-04-13 17:27 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2009-10-08 02:48 . 2009-10-11 18:33 -------- d-----w- c:\documents and settings\louish\Local Settings\Application Data\Deployment
2009-10-08 02:36 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-10-08 02:36 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-10-08 02:36 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-10-08 02:36 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-10-08 02:36 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-10-08 02:36 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-10-08 02:36 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-10-08 02:36 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-10-08 02:36 . 2009-02-06 11:06 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-10-08 02:36 . 2009-02-06 11:08 2189056 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-10-08 02:36 . 2009-02-06 10:32 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-10-08 02:34 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-10-08 02:29 . 2009-05-21 18:46 268288 -c----w- c:\windows\system32\dllcache\httpext.dll
2009-10-08 02:22 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-10-08 02:22 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-10-08 02:22 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-10-08 02:22 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-10-08 02:21 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-10-08 02:20 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-10-07 22:56 . 2007-05-18 17:45 172032 ----a-w- c:\windows\system32\igfxres.dll
2009-10-07 21:59 . 2004-08-04 10:00 14848 -c--a-w- c:\windows\system32\dllcache\register.exe
2009-10-07 21:58 . 2008-04-14 00:09 81976 -c--a-w- c:\windows\system32\dllcache\imjpdct.dll
2009-10-07 21:53 . 2004-08-04 10:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2009-10-07 21:50 . 2004-08-04 10:00 7680 -c--a-w- c:\windows\system32\dllcache\inetmgr.exe
2009-10-07 21:35 . 2004-08-04 10:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2009-10-07 21:35 . 2004-08-04 10:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2009-10-07 21:35 . 2004-08-04 10:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2009-10-07 21:35 . 2004-08-04 10:00 13312 ----a-w- c:\windows\system32\irclass.dll
2009-10-07 17:45 . 2009-10-13 02:36 -------- d-----w- c:\program files\Roxio
2009-10-07 14:23 . 2009-10-07 14:23 -------- d-----w- c:\windows\dell
2009-10-06 21:26 . 2007-07-24 22:58 95616 ----a-w- c:\windows\junction.exe
2009-10-06 15:04 . 2009-10-12 14:22 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-06 00:18 . 2009-10-06 00:19 -------- d-----w- C:\Combo-Fix8085C
2009-10-05 21:36 . 2009-10-05 21:36 -------- d-----w- C:\My Shared Folder
2009-10-05 21:36 . 2009-10-05 21:36 -------- d-----w- c:\documents and settings\louish\Application Data\Kazaa Lite
2009-10-05 21:36 . 2009-10-05 21:50 -------- d-----w- c:\program files\LimeWire
2009-10-05 20:21 . 2009-10-05 21:36 -------- d-----w- C:\Combo-Fix
2009-10-05 16:53 . 2009-10-05 16:53 11952 ----a-w- c:\windows\system32\avgrsstx(2).dll
2009-10-05 16:53 . 2009-10-05 16:57 -------- d-----w- c:\windows\system32\drivers\Avg(2)
2009-10-05 16:52 . 2009-10-05 21:36 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-10-05 16:52 . 2009-10-05 16:52 -------- d-----w- c:\program files\AVG
2009-10-05 16:52 . 2009-10-05 21:35 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-10-05 14:42 . 2009-10-05 14:42 -------- d-----w- c:\program files\Trend Micro
2009-10-04 19:31 . 2009-10-04 19:31 -------- d-----w- C:\GHOSTS_OF_GIRLFRIENDS_PAST
2009-10-04 18:08 . 2009-09-10 21:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-04 18:08 . 2009-09-10 21:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-04 18:08 . 2009-10-04 18:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-04 01:05 . 2009-10-04 01:12 -------- d-----w- c:\windows\BDOSCAN8
2009-10-04 00:16 . 2009-10-04 18:38 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-02 17:46 . 2009-10-01 17:29 195440 ----a-w- c:\windows\system32\MpSigStub.exe
2009-10-01 20:43 . 2009-10-01 20:43 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-10-01 20:43 . 2009-10-01 20:43 -------- d-----w- c:\documents and settings\louish\Application Data\SUPERAntiSpyware.com
2009-10-01 20:07 . 2009-10-01 20:07 129 ----a-w- c:\documents and settings\louish\Local Settings\Application Data\fusioncache.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-13 20:05 . 2008-10-30 21:13 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-13 16:46 . 2007-12-14 02:09 -------- d-----w- c:\program files\Paint Shop Pro 5
2009-10-13 15:36 . 2009-10-13 15:36 -------- d-----w- c:\documents and settings\louish\Application Data\Regensoft
2009-10-13 15:35 . 2009-10-13 15:35 -------- d-----w- c:\documents and settings\louish\Application Data\Red Kawa
2009-10-13 15:29 . 2009-10-13 15:29 -------- d-----w- c:\program files\Regensoft
2009-10-13 15:29 . 2008-05-12 20:24 -------- d-----w- c:\program files\Red Kawa
2009-10-13 15:20 . 2007-12-08 14:30 68648 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-13 04:02 . 2007-12-08 14:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-13 04:00 . 2007-12-08 14:21 -------- d-----w- c:\program files\Microsoft Works
2009-10-13 03:15 . 2007-12-19 21:28 -------- d-----w- c:\documents and settings\louish\Application Data\Roxio
2009-10-13 02:38 . 2007-12-08 14:17 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-10-12 16:34 . 2007-12-08 14:24 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-12 15:36 . 2007-12-12 23:42 -------- d-----w- c:\documents and settings\louish\Application Data\Wave Systems Corp
2009-10-11 21:41 . 2009-10-11 21:41 5 ----a-w- c:\windows\system32\drivers\DELL_LAT_D830.MRK
2009-10-11 21:41 . 2007-12-08 13:40 5 -c--a-w- c:\windows\system32\drivers\1028_Dell_LAT_D830.mrk
2009-10-11 21:37 . 2007-12-08 14:02 -------- d-----w- c:\program files\Dell
2009-10-11 19:17 . 2007-12-08 14:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Novatel Wireless
2009-10-10 19:44 . 2007-12-14 01:46 -------- d-----w- c:\program files\Common Files\aol
2009-10-10 19:19 . 2007-12-14 01:48 -------- d-----w- c:\documents and settings\louish\Application Data\AOL
2009-10-10 19:19 . 2007-12-14 01:46 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2009-10-10 19:17 . 2009-10-09 18:42 -------- d-----w- c:\program files\Common Files\aolshare
2009-10-09 20:45 . 2007-12-14 01:30 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Downloads
2009-10-07 21:51 . 2004-08-11 23:12 27904 -c--a-w- c:\windows\system32\emptyregdb.dat
2009-10-07 15:40 . 2008-10-22 04:02 -------- d-----w- c:\program files\CCleaner
2009-10-06 17:58 . 2007-12-12 23:21 -------- d-----w- c:\documents and settings\Default User\Application Data\Wave Systems Corp
2009-10-06 05:17 . 2008-05-09 18:35 -------- d-----w- c:\program files\MP3 Rocket
2009-10-05 21:36 . 2007-12-17 18:26 -------- d-----w- c:\documents and settings\louish\Application Data\LimeWire
2009-10-04 19:25 . 2009-09-02 14:26 -------- d-----w- c:\program files\DVD Decrypter
2009-10-02 16:01 . 2007-12-12 23:21 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Wave Systems Corp
2009-10-01 18:40 . 2008-10-22 02:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-09-17 14:58 . 2008-09-03 02:36 -------- d-----w- c:\documents and settings\louish\Application Data\Move Networks
2009-09-16 17:26 . 2008-08-18 15:44 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-12 05:12 . 2009-09-06 21:53 -------- d-----w- c:\program files\Verizon
2009-09-12 05:11 . 2008-10-22 21:47 -------- d-----w- c:\program files\Speeditup Free
2009-09-12 05:11 . 2009-09-09 03:25 -------- d-----w- c:\program files\Advanced PC Tweaker
2009-09-12 05:10 . 2009-09-12 05:10 -------- d-----w- c:\documents and settings\All Users\Application Data\CopyTransControlCenter
2009-09-09 18:38 . 2009-09-09 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\WindSolutions
2009-09-09 18:38 . 2009-09-09 18:38 -------- d-----w- c:\documents and settings\louish\Application Data\WindSolutions
2009-09-06 22:02 . 2009-09-06 21:55 -------- d-----w- c:\documents and settings\louish\Application Data\Verizon
2009-09-03 01:34 . 2009-09-03 01:34 -------- d-----w- c:\documents and settings\All Users\Application Data\SlySoft
2009-08-21 17:07 . 2009-08-21 17:07 -------- d-----w- c:\program files\MSBuild
2009-08-21 17:06 . 2009-08-21 17:06 -------- d-----w- c:\program files\Reference Assemblies
2009-08-05 09:01 . 2004-08-04 10:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:37 . 2004-08-04 10:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:37 . 2004-08-04 10:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-17 19:01 . 2004-08-04 10:00 58880 ----a-w- c:\windows\system32\atl(2).dll
2009-07-17 18:55 . 2004-08-04 10:00 58880 ----a-w- c:\windows\system32\atl.dll
2001-12-04 00:09 . 2009-03-16 22:03 90112 ----a-w- c:\program files\internet explorer\plugins\DjVuControl.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{631ac2d4-57b3-42b0-a148-da33b462c1a3}"= "c:\program files\Absolutist_Games\tbAbso.dll" [2007-08-01 1391640]

[HKEY_CLASSES_ROOT\clsid\{631ac2d4-57b3-42b0-a148-da33b462c1a3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{631ac2d4-57b3-42b0-a148-da33b462c1a3}]
2007-08-01 00:33 1391640 ----a-w- c:\program files\Absolutist_Games\tbAbso.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{631ac2d4-57b3-42b0-a148-da33b462c1a3}"= "c:\program files\Absolutist_Games\tbAbso.dll" [2007-08-01 1391640]

[HKEY_CLASSES_ROOT\clsid\{631ac2d4-57b3-42b0-a148-da33b462c1a3}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{631AC2D4-57B3-42B0-A148-DA33B462C1A3}"= "c:\program files\Absolutist_Games\tbAbso.dll" [2007-08-01 1391640]

[HKEY_CLASSES_ROOT\clsid\{631ac2d4-57b3-42b0-a148-da33b462c1a3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-17 1392640]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-07-23 1181064]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"HostManager"="c:\program files\Common Files\AOL\1255202241\ee\AOLSoftware.exe" [2008-06-24 41824]
"systray"="c:\program files\Dell\Dell Mobile Broadband\systray.exe" [2007-04-13 331851]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-12 149280]
"F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2009-07-09 199264]
"F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2009-07-09 2349664]
"RoxioEngineUtility"="c:\program files\Common Files\Roxio Shared\System\EngUtil.exe" [2003-05-02 65536]
"RoxioDragToDisc"="c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-07-17 868352]
"RoxioAudioCentral"="c:\program files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" [2003-07-15 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-05-06 20:59 10792 ----a-w- c:\program files\Citrix\GoToAssist\480\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wxvault.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"W3SVC"=2 (0x2)
"UPS"=3 (0x3)
"mnmsrvc"=3 (0x3)
"gusvc"=3 (0x3)
"FLEXnet Licensing Service"=3 (0x3)
"Lavasoft Ad-Aware Service"=2 (0x2)
"iPod Service"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\AOL 9.1\\waol.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Common Files\\aol\\1255202241\\ee\\aolsoftware.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [10/12/2009 10:17 AM 33920]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [10/12/2009 10:17 AM 80000]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [10/1/2009 8:31 AM 206256]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\HIPS\drivers\fshs.sys [10/12/2009 10:16 AM 68064]
R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\Broadcom\ASFIPMon\AsfIpMon.exe [12/19/2006 1:21 PM 79432]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [10/1/2009 8:31 AM 348824]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [8/4/2004 3:00 AM 5120]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [10/12/2009 10:16 AM 100984]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\ORSP Client\fsorsp.exe [10/12/2009 10:16 AM 55904]
R3 NWDellModem;Dell Wireless Mobile Broadband Modem Driver;c:\windows\system32\drivers\nwdelmdm.sys [12/8/2007 6:41 AM 92288]
R3 NWDellPort;Dell Wireless Mobile Broadband Status Port Driver;c:\windows\system32\drivers\nwdelser.sys [12/8/2007 6:41 AM 92288]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [11/2/2006 11:32 AM 97536]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure\Anti-Virus\win2k\fsfilter.sys [10/12/2009 10:16 AM 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure\Anti-Virus\win2k\fsrec.sys [10/12/2009 10:16 AM 25184]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv
.
Contents of the 'Scheduled Tasks' folder

2009-10-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 20:34]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: &AOL Toolbar Search - c:\documents and settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\F-Secure\FSPS\program\FSLSP.DLL
Trusted Zone: isqft.com\www
FF - ProfilePath - c:\documents and settings\louish\Application Data\Mozilla\Firefox\Profiles\ltpzphx1.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - AOL Search
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - plugin: c:\documents and settings\louish\Application Data\Move Networks\plugins\npqmp071500000347.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - hȋdden: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Google Update - c:\documents and settings\louish\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
HKLM-Run-ISUSPM Startup - c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-AOL Toolbar 5.0 - c:\program files\AOL\AOL Toolbar 5.0\uninstall.exe
AddRemove-AOL Toolbar for Firefox - c:\documents and settings\louish\Application Data\Mozilla\Firefox\Profiles\ltpzphx1.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\uninstall.exe



**************************************************************************

disk not found C:\

please note that you need administrator rights to perform deep scan
scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files:

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(988)
c:\windows\system32\wxvault.dll
c:\windows\system32\detoured.dll
c:\program files\Citrix\GoToAssist\480\G2AWinLogon.dll
c:\program files\F-Secure\FSPS\program\FSLSP.DLL

- - - - - - - > 'lsass.exe'(1044)
c:\windows\system32\wxvault.dll
c:\windows\system32\detoured.dll
c:\windows\system32\wvauth.dll
c:\windows\system32\biolsp.dll
c:\program files\F-Secure\FSPS\program\FSLSP.DLL
c:\program files\Bonjour\mdnsNSP.dll
.
Completion time: 2009-10-13 13:39
ComboFix-quarantined-files.txt 2009-10-13 20:38
ComboFix2.txt 2009-10-04 16:43

Pre-Run: 9,465,389,056 bytes free
Post-Run: 9,674,579,968 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
356 --- E O F --- 2009-10-13 14:58

Hemi1
Novice
Novice

Status :
Online
Offline

Posts : 38
Joined : 2009-10-03
Gender : Male
OS : XP Pro
Points : 26216
# Likes : 0

View user profile

Back to top Go down

Re: McAfee ERROR-Starting on Demand Scanner

Post by Belahzur on Tue Oct 13, 2009 11:22 pm

Hello.
Thanks, looks okay.

Please navigate to [You must be registered and logged in to see this link.] and see the section "Fix it for me"

Click the Microsoft Fix-It button. Download the file to your Desktop. Then, double-click it to run. Follow the prompts.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum