Please Help

[beckyiam]

I am sure there is a virus somewhere, but I can not install MWB, and nothing comes up with McAfee. My HP all in one scanner and fax would not open, so I uninstalled, and now can not re-install. Get a message that I am not admin. Here is my HJT log. Thank you for any help.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 8:10:35 AM, on 8/1/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

I:\WINDOWS\System32\smss.exe

I:\WINDOWS\system32\winlogon.exe

I:\WINDOWS\system32\services.exe

I:\WINDOWS\system32\lsass.exe

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\svchost.exe

I:\Program Files\Windows Defender\MsMpEng.exe

I:\WINDOWS\System32\svchost.exe

I:\WINDOWS\system32\svchost.exe

I:\WINDOWS\system32\spoolsv.exe

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\Explorer.EXE

I:\Program Files\Windows Defender\MSASCui.exe

I:\Program Files\Common Files\Real\Update_OB\realsched.exe

I:\Program Files\Common Files\Java\Java Update\jusched.exe

I:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe

I:\Program Files\McAfee.com\Agent\mcagent.exe

I:\Program Files\HP\HP Software Update\HPWuSchd2.exe

I:\WINDOWS\ALCXMNTR.EXE

I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

I:\WINDOWS\system32\ctfmon.exe

I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

I:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

I:\WINDOWS\System32\svchost.exe

I:\Program Files\Bonjour\mDNSResponder.exe

I:\Program Files\Java\jre6\bin\jqs.exe

I:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe

I:\Program Files\McAfee\SiteAdvisor\McSACore.exe

I:\Program Files\Skype\Phone\Skype.exe

I:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

I:\WINDOWS\system32\java.exe

I:\WINDOWS\system32\mfevtps.exe

I:\WINDOWS\system32\HPZipm12.exe

I:\WINDOWS\system32\svchost.exe

I:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

I:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

I:\WINDOWS\system32\svchost.exe

I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

I:\WINDOWS\system32\fxssvc.exe

I:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

I:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

I:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

I:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

I:\Program Files\Skype\Plugin Manager\skypePM.exe

I:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe

I:\Program Files\Internet Explorer\iexplore.exe

I:\Program Files\Internet Explorer\iexplore.exe

I:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe

I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

I:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

I:\Program Files\Internet Explorer\iexplore.exe

I:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww2.cox.com/myconnection/hamptonroads/home.cox

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - i:\progra~1\mcafee\msk\mskapbho.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - I:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110519141955.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - i:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - (no file)

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - i:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] "I:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [PHIME2002ASync] I:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] I:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [nmctxth] "I:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

O4 - HKLM\..\Run: [mcui_exe] "I:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [iMJPMIG8.1] "I:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [HP Software Update] I:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [conime] conime.exe

O4 - HKLM\..\Run: [ArcSoft Connection Service] I:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Advanced System Protector] "I:\Program Files\Systweak\Advanced System Protector\ASP.exe" /autorun

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] I:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] I:\Program Files\myguy\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [skype] "I:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "I:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://I:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html

O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - I:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - I:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - I:\Program Files\Bonjour\ExplorerPlugin.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.cox.com//sdccommon/download/tgctlcm.cab

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6886.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1169021027453

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - http://www.photodex.com/pxplay.cab

O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} (RealPlayer G2 Control) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - i:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - I:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Apple Mobile Device - Unknown owner - I:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (file missing)

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour Service - Apple Inc. - I:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - I:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - I:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - I:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - I:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - I:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - I:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - I:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - I:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - I:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - I:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McShield - McAfee, Inc. - I:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - I:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - I:\WINDOWS\system32\mfevtps.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - I:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - I:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe

O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - I:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--

End of file - 13829 bytes

[screen317]

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

[screen317]

Are you still with us? This topic will be closed in a few days if you do not respond.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!