Jump to content

yos77

Honorary Members
  • Posts

    43
  • Joined

  • Last visited

Reputation

0 Neutral
  1. So far seems to work fine. is there anything else i need to do?
  2. Results of screen317's Security Check version 0.99.18 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Disabled! avast! Free Antivirus ESET Online Scanner v3 McAfee Security Scan Plus ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 Java 6 Update 26 Java 6 Update 24 Java SE Development Kit 6 Update 20 Out of date Java installed! Adobe Flash Player Adobe Reader X (10.1.0) ```````````````````````````````` Process Check: objlist.exe by Laurent ESET ESET Online Scanner OnlineCmdLineScanner.exe ``````````End of Log````````````
  3. ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6528 # api_version=3.0.2 # EOSSerial=7cff32dfea197d4b8da628288d928b42 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2011-07-31 08:52:29 # local_time=2011-07-31 04:52:29 (-0500, Eastern Daylight Time) # country="United States" # lang=9 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 37260167 37260167 0 0 # compatibility_mode=768 16777215 100 0 766393 766393 0 0 # compatibility_mode=1029 16777214 0 1 37655602 37655602 0 0 # compatibility_mode=1280 16777215 100 0 101017234 101017234 0 0 # compatibility_mode=8192 67108863 100 0 36914266 36914266 0 0 # scanned=287579 # found=10 # cleaned=10 # scan_time=23562 C:\Documents and Settings\Eric Rave\Desktop\InternationalPrimoPDF.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\Eric Rave\My Documents\Downloads\InternationalPrimoPDF.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\Eric Rave\My Documents\Downloads\WhiteSmokeInstaller_9128.exe a variant of Win32/InstallCore.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\Eric Rave\My Documents\My Pictures\Palm Photos Yossi\CR\Internal\FreewarePrimoPDF.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\NCQftnHgDltsBD.exe.vir a variant of Win32/Kryptik.PBM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP308\A0085338.exe a variant of Win32/Kryptik.PBM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP308\A0090105.exe a variant of Win32/Kryptik.PBM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP308\A0095264.exe a variant of Win32/Kryptik.PBM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP308\A0096114.exe a variant of Win32/Kryptik.PBM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP314\A0101919.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C
  4. OK did the unhide program as you said, it appears that all the icons are back to the desktop and all the programs in the start menu etc.. the desktop background picture did not revert back to my picture but remains a blue background, i will presume that i can just add my desired pic as regular and that will take care of the back ground picture. having not used the computer yet, only of the directions you have given i don't know if there are any other issues, but I will follow up if any. is there anything else i need to do in the meantime? thank you for your patience and persistence follow up!
  5. Here atatched are the requested logs, thanks again for your perseverance and help! CF log.txt dds 7-22-11.txt
  6. the desktop is missing the background that i set as well as all the icons. in the "windows start"for example the accesories folder is missingthat is where i would normaly find the paint program. some of the programs folders are missing. even the fold that are there are empty when i click on them.
  7. Does this help? since most programs are not working on my desktop im not sure which one to print screen and copy to. java.io.FileNotFoundException: C:\Documents and Settings\Eric Rave\Application Data\Sun\Java\Deployment\security\trusted.certs (Access is denied) at java.io.FileOutputStream.open(Native Method) at java.io.FileOutputStream.<init>(Unknown Source) at java.io.FileOutputStream.<init>(Unknown Source) at com.sun.deploy.security.DeploySigningCertStore$2.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at com.sun.deploy.security.DeploySigningCertStore.save(Unknown Source) at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.getTrustedCodeSources(Unknown Source) at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source) at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$800(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source) at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source) at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source) at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source) at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source) at java.lang.Thread.run(Unknown Source) java.io.FileNotFoundException: C:\Documents and Settings\Eric Rave\Application Data\Sun\Java\Deployment\security\trusted.certs (Access is denied) at java.io.FileOutputStream.open(Native Method) at java.io.FileOutputStream.<init>(Unknown Source) at java.io.FileOutputStream.<init>(Unknown Source) at com.sun.deploy.security.DeploySigningCertStore$2.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at com.sun.deploy.security.DeploySigningCertStore.save(Unknown Source) at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source) at java.security.SecureClassLoader.getProtectionDomain(Unknown Source) at java.security.SecureClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.defineClass(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source) at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source) at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source) at java.lang.Thread.run(Unknown Source)
  8. via mobile: hi, thank u for ur reply. running f secure errors out & does not even begin. "if u want 2 run f secure online scanner please restart ur web browser & return 2 this page" i tried updating java, tried through firefox we google chrome also. what can i do? thanx
  9. Hi, when I try to run Eset it gets to set 2 out of 4 "can not get update. Is proxy configured?" "note eset has already been run on this computer in the past. only files necessary to update to the current version will be downloaded" I tried running it both in regular and also in safe mode both time it only got to initialization of step 2 of 4 thank you
  10. Hi, Here is as requested: (Obtained in Safe Mode, i could not get uninstalled the mcaffe trial version, but i ran combifix anyways) ComboFix & DDS.txt post too long so a att. file ComboFix.txt dds.txt
  11. Thanx, here is the DDS.txt: . DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20 Run by Eric Rave at 19:56:05 on 2011-06-30 Microsoft Windows XP Home Edition 5.1.2600.3.1252.263.1033.18.3061.2291 [GMT -4:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *Enabled* FW: AVG Firewall *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\WINDOWS\system32\mfevtps.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\rundll32.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Logitech\Logitech Vid\Vid.exe c:\program files\real\realplayer\RealPlay.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Documents and Settings\All Users\Application Data\NCQftnHgDltsBD.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\WINDOWS\system32\attrib.exe C:\WINDOWS\system32\attrib.exe C:\Program Files\iPod\bin\iPodService.exe c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\WINDOWS\system32\attrib.exe C:\WINDOWS\system32\attrib.exe C:\Documents and Settings\Eric Rave\Application Data\Real\Update\UpgradeHelper\RealPlayer\8.01\rnupgagent.exe C:\WINDOWS\system32\attrib.exe C:\WINDOWS\system32\attrib.exe . ============== Pseudo HJT Report =============== . uStart Page = www.google.com uInternet Settings,ProxyOverride = *.local BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101103061629.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [Google Update] "c:\documents and settings\eric rave\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [Logitech Vid] "c:\program files\logitech\logitech vid\Vid.exe" -bootmode uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [EPSON WorkForce 610 Series (Copy 2)] c:\windows\system32\spool\drivers\w32x86\3\e_fatifja.exe /fu "c:\windows\temp\E_S180.tmp" /EF "HKCU" uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe" uRun: [NCQftnHgDltsBD] c:\documents and settings\all users\application data\NCQftnHgDltsBD.exe uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE StartupFolder: c:\docume~1\ericra~1\startm~1\programs\startup\jawbone updater.lnk - c:\program files\jawbone\JawboneUpdater.exe StartupFolder: c:\docume~1\ericra~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE uPolicies-explorer: NoDesktop = 1 (0x1) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 167.206.254.2 167.206.254.1 TCP: Interfaces\{70911794-8036-40C4-8CD7-94FB9714C640} : NameServer = 8.8.8.8,8.8.4.4 TCP: Interfaces\{70911794-8036-40C4-8CD7-94FB9714C640} : DhcpNameServer = 167.206.254.2 167.206.254.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL Notify: igfxcui - igfxdev.dll Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\eric rave\application data\mozilla\firefox\profiles\n49n6fgu.default\ FF - prefs.js: browser.search.selectedEngine - eBay FF - prefs.js: browser.startup.homepage - www.google.com FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\documents and settings\eric rave\application data\facebook\npfbplugin_1_0_3.dll FF - plugin: c:\documents and settings\eric rave\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\progra~1\palm\packag~1\NPInstal.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\nos\bin\np_gp.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension for Firefox: {B13721C7-F507-4982-B2E5-502A71474FED} - c:\program files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: SwitchProxy Tool: {27A2FD41-CB23-4518-AB5C-C25BAFFDE531} - %profile%\extensions\{27A2FD41-CB23-4518-AB5C-C25BAFFDE531} . ============= SERVICES / DRIVERS =============== . R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-9-24 20616] R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-1-5 386840] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-10-14 84072] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-1-24 54752] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-10-14 55840] R3 Ma730Pt;MA730 Bluetooth VCOM Driver;c:\windows\system32\drivers\ma730Pt.sys [2010-2-5 103680] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-5-11 152960] R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-5-11 52104] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-10-14 313288] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-10-14 88544] S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2009-9-24 22528] S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2009-6-17 26248] S3 libusb0;LibUsb-Win32 - Kernel Driver 06/04/2010,1.12.1.0;c:\windows\system32\drivers\libusb0.sys [2011-5-14 21120] S3 Ma730c;MA730 Bluetooth Core Driver;c:\windows\system32\drivers\ma730c.sys [2010-2-5 157024] S3 Ma730Vad;MA730 Bluetooth Audio;c:\windows\system32\drivers\Ma730Vad.sys [2010-2-5 50522] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-10-14 88544] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-10-14 84264] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-5-11 34248] S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-5-11 40552] . =============== Created Last 30 ================ . . ==================== Find3M ==================== . 2011-06-13 02:47:00 404640 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-29 13:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-26 13:10:38 499712 ---ha-w- c:\windows\system32\msvcp71.dll 2011-05-26 13:10:38 348160 ---ha-w- c:\windows\system32\msvcr71.dll 2011-04-06 20:20:16 91424 ---ha-w- c:\windows\system32\dnssd.dll 2011-04-06 20:20:16 197920 ---ha-w- c:\windows\system32\dnssdX.dll 2011-04-06 20:20:16 107808 ---ha-w- c:\windows\system32\dns-sd.exe 2010-04-26 22:49:15 145 -c-ha-w- c:\program files\ypp_2420718.bat 2010-04-26 22:47:48 145 -c-ha-w- c:\program files\ypp_2333468.bat 2010-04-26 00:26:03 137 -c-ha-w- c:\program files\ypp_2270203.bat 2010-04-26 00:18:19 137 -c-ha-w- c:\program files\ypp_1807859.bat 2010-04-26 00:16:52 137 -c-ha-w- c:\program files\ypp_1720859.bat 2010-04-26 00:16:51 137 -c-ha-w- c:\program files\ypp_1719906.bat 2010-04-26 00:16:50 137 -c-ha-w- c:\program files\ypp_1719250.bat . ============= FINISH: 20:12:22.06 ===============
  12. by the way i did try it both in regular and safe mode as well.
  13. Hi Chris, thank you for your reply. I tried running mbam from USB drive, I had on USB both mbam program and also mbam set up, Set up starts but then says before finishing "access denied" then rolls back changes. Program dosnt open it just says after clicking on icon in USB folder "the system cannot find the path specified". How else may I try to get mbam to run?
  14. is there any way to edit previous post?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.