My computer has been having the same problem I see a lot of the other people on here posting about. I can't run MBAM or any other kind of anti-virus program. Internet Explorer won't run, Firefox will but my Google searches have been hijacked. I tried the methods in the stickied thread and none worked for me including renaming MBAM. As suggested in another thread I ran DSS. Here are the results of that: DDS (Ver_09-07-30.01) - NTFSx86 Run by Smiths at 17:42:56.81 on Sat 08/08/2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.60 [GMT -4:00] AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Norton Ghost\Agent\GhostTray.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe C:\Program Files\Common Files\AOL\1148070065\ee\AOLSoftware.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\dlcccoms.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Smiths\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll BHO: McAfee AntiPhishing Filter: {41d68ed8-4cff-4115-88a6-6ebb8af19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\progra~1\mcafee\viruss~1\scriptsn.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll uRun: [Aim6] uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [Creative Detector] "c:\program files\creative\mediasource\detector\CTDetect.exe" /R uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [Norton Ghost 10.0] "c:\program files\norton ghost\agent\GhostTray.exe" mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [MSKDetectorExe] c:\progra~1\mcafee\spamki~1\MSKDetct.exe /startup mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE mRun: [MSKAGENTEXE] c:\progra~1\mcafee\spamki~1\MskAgent.exe mRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,_RunDLLEntry@16 mRun: [dlccmon.exe] "c:\program files\dell photo aio printer 924\dlccmon.exe" mRun: [HostManager] c:\program files\common files\aol\1148070065\ee\AOLSoftware.exe mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe" mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe IE: &Search IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} IE: {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - {7DD73374-7187-4103-8F29-622AA25E7C40} - c:\program files\mcafee\spamkiller\mcapfbho.dll IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll Trusted Zone: musicmatch.com\online DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {A8683C98-5341-421B-B23C-8514C05354F1} - hxxp://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\smiths\applic~1\mozilla\firefox\profiles\bgh5fusc.default\ FF - prefs.js: browser.search.selectedEngine - Wikipedia (en) FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll FF - plugin: c:\documents and settings\smiths\application data\mozilla\firefox\profiles\bgh5fusc.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp071101000055.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava11.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava12.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava13.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava14.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava32.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJPI142_03.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPOJI610.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll ============= SERVICES / DRIVERS =============== R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-7-31 214024] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-9-3 8944] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-9-3 55024] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2004-12-13 165488] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-10-1 210216] R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2008-6-11 359952] R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-7-31 144704] R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-7-31 606736] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-7-31 79880] R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-7-31 35272] R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-7-31 40552] R3 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-5-12 822424] S2 0048591249751005mcinstcleanup;McAfee Application Installer Cleanup (0048591249751005);c:\windows\temp\004859~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\004859~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?] S3 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2004-12-13 198256] S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2004-12-13 79472] S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\1aa.tmp --> c:\windows\system32\1AA.tmp [?] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-7-31 34216] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-9-3 7408] =============== Created Last 30 ================ 2009-08-08 17:01 0 a------- c:\documents and settings\smiths\settings.dat 2009-08-07 22:34 15,504 a------- c:\windows\system32\drivers\mbam.sys 2009-08-07 22:34 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-07 22:34 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware2 2009-08-07 22:21 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com 2009-08-07 22:21 <DIR> --d----- c:\program files\SUPERAntiSpyware 2009-08-07 22:21 <DIR> --d----- c:\docume~1\smiths\applic~1\SUPERAntiSpyware.com 2009-08-07 22:20 <DIR> --d----- c:\program files\common files\Wise Installation Wizard 2009-08-07 21:38 <DIR> --d----- c:\program files\Windows Resource Kits 2009-08-07 21:29 <DIR> --dsh--- c:\documents and settings\smiths\PrivacIE 2009-08-07 21:23 <DIR> --dsh--- c:\documents and settings\smiths\IETldCache 2009-08-07 20:55 <DIR> --d----- c:\program files\Sophos 2009-08-07 20:48 12,800 -------- c:\windows\system32\dllcache\xpshims.dll 2009-08-07 20:48 246,272 -------- c:\windows\system32\dllcache\ieproxy.dll 2009-08-07 20:47 <DIR> --d----- c:\windows\ie8updates 2009-08-07 20:46 101,376 -------- c:\windows\system32\dllcache\iecompat.dll 2009-08-07 20:42 <DIR> -cd-h--- c:\windows\ie8 2009-08-07 16:15 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-08-07 15:02 <DIR> --d----- c:\program files\ESET 2009-08-07 14:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SecTaskMan 2009-08-07 14:30 <DIR> --d----- c:\program files\thing 2009-08-07 12:47 1,234,795 a------- c:\windows\system32\xa.tmp ==================== Find3M ==================== 2009-08-04 09:48 4,184 a--sh--- c:\windows\system32\KGyGaAvL.sys 2009-07-19 18:48 11,067,392 -------- c:\windows\system32\dllcache\ieframe.dll 2009-07-19 09:18 5,937,152 -------- c:\windows\system32\dllcache\mshtml.dll 2009-07-03 13:09 915,456 a------- c:\windows\system32\wininet.dll 2009-07-03 13:09 915,456 -------- c:\windows\system32\dllcache\wininet.dll 2009-07-03 13:09 1,208,832 -------- c:\windows\system32\dllcache\urlmon.dll 2009-07-03 13:09 206,848 -------- c:\windows\system32\dllcache\occache.dll 2009-07-03 13:09 594,432 -------- c:\windows\system32\dllcache\msfeeds.dll 2009-07-03 13:09 55,296 -------- c:\windows\system32\dllcache\msfeedsbs.dll 2009-07-03 13:09 1,985,536 -------- c:\windows\system32\dllcache\iertutil.dll 2009-07-03 13:09 25,600 -------- c:\windows\system32\dllcache\jsproxy.dll 2009-07-03 13:09 184,320 -------- c:\windows\system32\dllcache\iepeers.dll 2009-07-03 13:09 386,048 -------- c:\windows\system32\dllcache\iedkcs32.dll 2009-07-03 07:01 173,056 -------- c:\windows\system32\dllcache\ie4uinit.exe 2009-06-29 12:12 133,120 a------- c:\windows\system32\dllcache\extmgr.dll 2009-06-29 07:07 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe 2009-06-16 10:55 119,808 a------- c:\windows\system32\t2embed.dll 2009-06-16 10:55 82,432 a------- c:\windows\system32\fontsub.dll 2009-06-16 10:55 119,808 -------- c:\windows\system32\dllcache\t2embed.dll 2009-06-16 10:55 82,432 -------- c:\windows\system32\dllcache\fontsub.dll 2009-06-07 16:24 180,224 a------- c:\windows\system32\xvidvfw.dll 2009-06-07 16:16 819,200 a------- c:\windows\system32\xvidcore.dll 2009-06-03 15:27 1,290,752 a------- c:\windows\system32\quartz.dll 2009-06-03 15:27 1,290,752 -------- c:\windows\system32\dllcache\quartz.dll 2007-02-02 20:32 88 ---shr-- c:\windows\system32\97E2747BB5.sys ============= FINISH: 17:43:50.59 =============== Attach.txt Attach.txt
