Page 1 of 2 12 LastLast
Results 1 to 10 of 16
  1. #1
    Member
    Join Date
    Sep 2011
    Posts
    10
    Points
    0

    Default Cannot install hijack this

    I'm working on my husband's computer and I suspect it has some virus like Conficker...I was going through your steps to do before posting for help, but I've hit a road block! I searched to see if anyone has had a similar problem installing HiJack This, but I couldn't find a related post. When I go to the link to install HiJack This Version 2.0.4, the installer, during the setup I get the destiniation folder info; it says, "c:Program Files (x86)\" When I click "next", I get the message, "Installation directory must be on a local hard drive". I have no idea what this means; I mean, c: IS the local hard drive...and I can't continue installation past this point. Any ideas how to fix this? Thanks in advance!

  2. #2
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello and welcome to Help2Go

    We apologize for the delay in responding to your request for help. Here at Help2Go we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

    Please take note:

    1. If you have since resolved the original problem you were having, we would appreciate you letting us know.
    2. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
      • If you are unsure about any of these characteristics just post what you can and we will guide you.
    3. Please tell us if you have your original Windows CD/DVD available.
    4. If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
    5. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
    6. Upon completing the steps below Me or another Staff Member will review your topic an do their best to resolve your issues.
    7. If you have already posted a DDS log, please do so again, as your situation may have changed.
    8. Use the 'Submit Reply' and add the new log to this thread.


    We need to see some information about what is happening in your machine. Please perform the following scan again:

    • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

    Information on A/V control HERE




    Please download aswMBR ( 511KB ) to your desktop.
    • Double click the aswMBR.exe icon to run it
    • Click the Scan button to start the scan
    • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.




    Thanks and again sorry for the delay.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  3. #3
    Member
    Join Date
    Sep 2011
    Posts
    10
    Points
    0

    Default

    Hi,
    Thanks for getting back to me. I kind of started back at square one this morning before getting your post...My husband brought home his work computer wanting me to perform some maintenance on it because it was acting "weird". The first thing I did was download and install any Windows updates that hadn't been done. Then, as I didn't believe he had any virus protection installed, I downloaded and installed McAfee (I have an account, and purchased a third license for his computer). Apparently, he had the trial version of AVG installed, and McAfee couldn't install without uninstalling AVG first. So I attempted to uninstall AVG, but when I re-booted, McAfee uninstalled, seemingly on its own. Then I was no longer able to log in to the McAfee website, and unable to download/install/open various other webpages, or fixes I found. I started working through your recommended steps and got as far as downloading HiJack This (including downloading, installing and running Avast). I was unable to install HiJack This, and that's when I made my original post. Today, I was unable to get even Avast to work again, so I restored the computer to the point before I tried to install McAfee yesterday. Then I tried to uninstall AVG using its uninstall feature, and also tried to use the uninstall program feature, neither of which worked. Instead, I deleted all the AVG files I could find, and it seems to be gone. I then did a file cleanup, and then downloaded and installed McAfee (I was finally able to log in again!) I am now running a full scan with McAfee. When that's done, I'm going to go through your recommended steps again, and see if I can install HiJack This and produce a log. Hopefully, the issue is resolved; I'll let you know.

    Question: If I am able to run HiJack This and produce a log, should I post a new thread, or just reply again to this one?

    Thank you so much for all your time!!
    Rhonda

  4. #4
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Question: If I am able to run HiJack This and produce a log, should I post a new thread, or just reply again to this one?
    I did not ask for a HiJackThis log. Look at my previous post. I requested a DDS and AswMbr log.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  5. #5
    Member
    Join Date
    Sep 2011
    Posts
    10
    Points
    0

    Default Finally got HiJack This log...

    OK...McAfee scan completed, nothing found.
    SuperAntiSpyWare found some cookies; deleted without a problem.
    MalwareBytes scan found nothing.
    Finally got HiJack This downloaded and ran, but had some problems with it...I kept getting this warning:

    "For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.
    If that happens, you need to edit the file yourself. To do this, click Start, Run and type:

    notepad C:\Windows\System32\drivers\etc\hosts

    and press Enter. Find the line(s) Hijack This reports and delete them. Save the file as 'hosts.' (with quotes), and reboot.
    For Vista: simply, exit Hijack This, right click on the Hijack This icon, choose 'Run as administrator'."

    Then, I had trouble getting it to save the log file; I would get the message:

    "The system cannot find the path specified."

    I uninstalled and reinstalled HiJackThis several times...somehow, I finally got the log file to save (I'm not even sure what I finally did right) So here it is:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:21:39 PM, on 9/24/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\internet explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
    C:\Program Files (x86)\internet explorer\iexplore.exe
    C:\Users\Stephen Stratton\Desktop\HijackThis.exe
    C:\Users\Stephen Stratton\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mail.google.com/mail/?shva=1#settings
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110924131443.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [BSDAppUpdater] C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements Organizer 8.0\ElementsOrganizerSyncAgent.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-3276851608-1018060970-1465883542-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'QBDataServiceUser20')
    O4 - HKUS\S-1-5-21-3276851608-1018060970-1465883542-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'QBDataServiceUser20')
    O4 - S-1-5-21-3276851608-1018060970-1465883542-1001 User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'QBDataServiceUser20')
    O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
    O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
    O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    O18 - Protocol: intu-help-qb3 - {C5E479EA-0A65-4B05-8C6C-2FC8CC682EB4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll
    O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
    O23 - Service: QuickBooksDB20 - Intuit, Inc. - C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 20283 bytes


    I don't know if I'll experience any more problems in the future, but could you look over my log file and let me know what to fix anyway? Better safe than sorry, right?

    Thank you again VERY much!!
    Rhonda

  6. #6
    Member
    Join Date
    Sep 2011
    Posts
    10
    Points
    0

    Default

    Quote Originally Posted by fireman4it View Post
    I did not ask for a HiJackThis log. Look at my previous post. I requested a DDS and AswMbr log.
    Sorry, I must have been typing my last response when you posted...I DID read your post, I just thought since I was finally able to get the Hijack This log, that it was what you would prefer to have, considering its prominance in the instructions to follow before posting...however, I'll be glad to do the other things you requested, as well, if you're still interested in helping me.

  7. #7
    Member
    Join Date
    Sep 2011
    Posts
    10
    Points
    0

    Default

    For some reason, my typing is going from right to left, now...wtf is up with that? Anyway, here is the DDS log:
    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Stephen Stratton at 21:02:50 on 2011-09-24
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3893.2635 [GMT -5:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Windows\system32\mfevtps.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\internet explorer\iexplore.exe
    C:\Program Files (x86)\internet explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\internet explorer\iexplore.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = https://mail.google.com/mail/?shva=1#settings
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    mWinlogon: Userinit=userinit.exe
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110924131443.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements Organizer 8.0\ElementsOrganizerSyncAgent.exe
    mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
    mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [BSDAppUpdater] C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe
    mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [<NO NAME>]
    mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    StartupFolder: C:\Users\STEPHE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
    StartupFolder: C:\Users\STEPHE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{EA0E3266-4700-409A-A0EF-5E2FC9B47182} : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{EA0E3266-4700-409A-A0EF-5E2FC9B47182}\141627F6E6029427F6E60275F627B637 : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{EA0E3266-4700-409A-A0EF-5E2FC9B47182}\161627F6E6029627F6E60277F627B637 : DhcpNameServer = 68.94.156.1 151.164.8.201
    TCP: Interfaces\{EA0E3266-4700-409A-A0EF-5E2FC9B47182}\2375942554634343 : DhcpNameServer = 192.168.1.254
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
    Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
    Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    BHO-X64: 0x1 - No File
    BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO-X64: HP Print Enhancer - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110924131443.dll
    BHO-X64: scriptproxy - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
    BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO-X64: SmartSelect - No File
    BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    BHO-X64: HP Smart BHO Class - No File
    TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
    mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [BSDAppUpdater] C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe
    mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [(Default)]
    mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdflt.sys --> C:\Windows\system32\DRIVERS\stdflt.sys [?]
    R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
    R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2010-4-29 89600]
    R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
    R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2010-6-18 60928]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-24 249936]
    R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-24 249936]
    R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-24 249936]
    R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-24 249936]
    R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-9-24 199008]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-9-24 208272]
    R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
    R2 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimspe64.sys --> C:\Windows\system32\DRIVERS\rimspe64.sys [?]
    R2 risdpcie;risdpcie;C:\Windows\system32\DRIVERS\risdpe64.sys --> C:\Windows\system32\DRIVERS\risdpe64.sys [?]
    R2 rixdpcie;rixdpcie;C:\Windows\system32\DRIVERS\rixdpe64.sys --> C:\Windows\system32\DRIVERS\rixdpe64.sys [?]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-6-18 1692480]
    R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Acceler.sys --> C:\Windows\system32\DRIVERS\Acceler.sys [?]
    R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
    R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
    R3 QuickBooksDB20;QuickBooksDB20;C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB20 --> C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB20 [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-11 135664]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-11 135664]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2009-9-21 315664]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-09-25 00:09:22 388096 ----a-r- C:\Users\Stephen Stratton\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-09-25 00:09:21 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2011-09-24 20:47:57 388608 ----a-w- C:\Users\Stephen Stratton\HijackThis.exe
    2011-09-24 20:38:26 -------- d-----w- C:\Program Files\Dell Support Center
    2011-09-24 20:33:46 -------- d-----w- C:\Users\Stephen Stratton\AppData\Roaming\PCDr
    2011-09-24 20:30:07 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-09-24 20:16:35 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-09-24 20:16:31 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-09-24 20:16:29 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-09-24 19:19:30 -------- d-----w- C:\Program Files\SUPERAntiSpyware
    2011-09-24 19:19:29 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
    2011-09-24 18:15:01 -------- d-----w- C:\Program Files (x86)\McAfee.com
    2011-09-24 18:14:41 9984 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
    2011-09-24 18:14:41 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
    2011-09-24 18:13:50 75672 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
    2011-09-24 18:13:50 65128 ----a-w- C:\Windows\System32\drivers\cfwids.sys
    2011-09-24 18:13:50 481504 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
    2011-09-24 18:13:50 283744 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
    2011-09-24 18:13:50 228752 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
    2011-09-24 18:13:50 100904 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
    2011-09-24 18:13:33 -------- d-----w- C:\Program Files\McAfee.com
    2011-09-24 18:13:33 -------- d-----w- C:\Program Files\McAfee
    2011-09-24 18:13:30 -------- d-----w- C:\Program Files (x86)\McAfee
    2011-09-24 18:03:22 158832 ----a-w- C:\Windows\System32\mfevtps.exe
    2011-09-24 17:36:47 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2FB68A6E-CA73-47EC-B84F-DC8450B2446E}\mpengine.dll
    2011-09-24 17:36:47 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2011-09-24 02:24:40 -------- d-----w- C:\Windows\pss
    2011-09-23 20:28:13 -------- d-----w- C:\Users\Stephen Stratton\AppData\Roaming\Malwarebytes
    2011-09-23 17:25:17 -------- d-----w- C:\Users\Stephen Stratton\AppData\Roaming\SUPERAntiSpyware.com
    2011-09-22 22:12:17 -------- d-----w- C:\Users\Stephen Stratton\AppData\Local\ElevatedDiagnostics
    2011-09-22 21:09:41 -------- d-----w- C:\Program Files\Common Files\McAfee
    2011-09-21 17:01:14 -------- d-----w- C:\Windows\System32\SPReview
    2011-09-21 16:59:31 -------- d-----w- C:\Windows\System32\EventProviders
    2011-09-21 13:44:05 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
    2011-09-05 17:05:00 53656 ----a-w- C:\Windows\System32\AdobePDF.dll
    2011-09-05 17:04:58 24984 ----a-w- C:\Windows\System32\AdobePDFUI.dll
    .
    ==================== Find3M ====================
    .
    2011-09-21 17:22:24 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2011-09-21 17:22:22 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2011-08-15 15:00:06 642824 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
    2011-08-15 15:00:06 158584 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
    2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
    2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
    2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-09 05:26:20 2048 ----a-w- C:\Windows\System32\tzres.dll
    2011-07-09 04:29:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2011-07-09 02:46:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    .
    ============= FINISH: 21:03:42.34 ===============


    I downloaded and ran aswMBR , and got the blue screen of death both times I tried it...


    The other DDS log: Do I need to zip and attach it? I'm not familiar with zipping, but I imagine I can figure it out. But it says not to post it unless it's specifically asked for...

    Any idea why my typing is right justified since the blue screen of death episodes? Geez, as if I needed another problem...lol

    Thanks,
    Rhonda

  8. #8
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,

    Please try and run aswmbr in Safemode.

    Now reboot into Safe Mode.
    This can be done tapping the F8 key as soon as you start your computer
    You will be brought to a menu where you can choose to boot into safe mode.
    Make sure you choose the option without networking support.
    Please see here for additional details.

    Please download MBRCheck to your desktop.

    1. Double click MBRCheck.exe to run it (Right click and run as Administrator for Vista).
    2. It will open a black window, please do not fix anything (if it gives you an option).
    3. Exit that window and it will produce a log (MBRCheck_date_time).
    4. Please post that log when you reply.


    Besides the backwards typing. What other problems do you have?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  9. #9
    Member
    Join Date
    Sep 2011
    Posts
    10
    Points
    0

    Default

    The problems I was having seem to be connected to the trial version of AVG my husband had on the computer. Apparently it didn't uninstall correctly yesterday, and I was unable to log in on McAfee's page, or able to use various other security downloads that I tried, as well as being unable to install HiJackThis. When I restored this morning (to the point before I tried to install McAfee) and made sure AVG was deleted from the machine (I was still not able to uninstall it by normal means; I just deleted all the AVG files I could find instead) I was then able to log in to McAfee, download, install, and run the program. I was also finally able to install and run HiJackThis, though with glitches that I described in a previous post. So, it seems that I'm not having those particular problems anymore, but now I just want your help to make sure everything is ok. I don't know if the typing thing is related at all, but it's pretty freaking weird. The cursor is on the right side of the reply window, and my text moves to the left as I type, but I noticed that the message posts in normal, left-justified position...lol

    OK, I started in safe mode (F8 does not work for me, by the way; I used msconfig instead) and reinstalled aswMBR. I ran it without a problem; its log follows. I also installed and ran MBRCheck; its log is posted after the aswMBR log.

    I really do appreciate you taking the tiime to help me!
    Thanks,
    Rhonda

    aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
    Run date: 2011-09-25 00:40:32
    -----------------------------
    00:40:32.611 OS Version: Windows x64 6.1.7601 Service Pack 1
    00:40:32.611 Number of processors: 4 586 0x2502
    00:40:32.611 ComputerName: STEPHENSTRATTON UserName:
    00:40:33.984 Initialze error C0000061 - driver not loaded
    00:40:45.310 Service scanning
    00:40:47.494 Modules scanning
    00:40:47.494 Disk 0 trace - called modules:
    00:40:47.494
    00:40:47.494 Scan finished successfully
    00:41:16.010 The log file has been saved successfully to "C:\Users\Stephen Stratton\Documents\aswMBR.txt"




    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows 7 Home Premium Edition
    Windows Information: Service Pack 1 (build 7601), 64-bit
    Base Board Manufacturer: Dell Inc.
    BIOS Manufacturer: Dell Inc.
    System Manufacturer: Dell Inc.
    System Product Name: Studio 1558
    Logical Drives Mask: 0x0000000c

    Kernel Drivers (total 201):
    0x03258000 \SystemRoot\system32\ntoskrnl.exe
    0x0320F000 \SystemRoot\system32\hal.dll
    0x00BBA000 \SystemRoot\system32\kdcom.dll
    0x00CC8000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x00D17000 \SystemRoot\system32\PSHED.dll
    0x00D2B000 \SystemRoot\system32\CLFS.SYS
    0x00C00000 \SystemRoot\system32\CI.dll
    0x00EBA000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x00F5E000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x00F6D000 \SystemRoot\system32\drivers\ACPI.sys
    0x00FC4000 \SystemRoot\system32\drivers\WMILIB.SYS
    0x00FCD000 \SystemRoot\system32\drivers\msisadrv.sys
    0x00E00000 \SystemRoot\system32\drivers\pci.sys
    0x00E33000 \SystemRoot\system32\drivers\vdrvroot.sys
    0x00E40000 \SystemRoot\System32\drivers\partmgr.sys
    0x00E55000 \SystemRoot\system32\DRIVERS\compbatt.sys
    0x00E5E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
    0x00E6A000 \SystemRoot\system32\drivers\volmgr.sys
    0x00D89000 \SystemRoot\System32\drivers\volmgrx.sys
    0x00E7F000 \SystemRoot\System32\drivers\mountmgr.sys
    0x00E99000 \SystemRoot\system32\drivers\atapi.sys
    0x01031000 \SystemRoot\system32\drivers\ataport.SYS
    0x0105B000 \SystemRoot\system32\drivers\msahci.sys
    0x01066000 \SystemRoot\system32\drivers\PCIIDEX.SYS
    0x01076000 \SystemRoot\system32\drivers\amdxata.sys
    0x01081000 \SystemRoot\system32\drivers\fltmgr.sys
    0x010CD000 \SystemRoot\system32\drivers\fileinfo.sys
    0x010E1000 \SystemRoot\system32\drivers\mfehidk.sys
    0x0117C000 \SystemRoot\System32\Drivers\PxHlpa64.sys
    0x0124D000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x01188000 \SystemRoot\System32\Drivers\msrpc.sys
    0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x0148D000 \SystemRoot\System32\Drivers\cng.sys
    0x014FF000 \SystemRoot\System32\drivers\pcw.sys
    0x01510000 \SystemRoot\System32\Drivers\Fs_Rec.sys
    0x016CA000 \SystemRoot\system32\drivers\ndis.sys
    0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
    0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
    0x0185A000 \SystemRoot\System32\drivers\tcpip.sys
    0x01A5E000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x01AA8000 \SystemRoot\system32\drivers\mfewfpk.sys
    0x01AEC000 \SystemRoot\system32\drivers\volsnap.sys
    0x01B38000 \SystemRoot\system32\DRIVERS\stdflt.sys
    0x01B40000 \SystemRoot\System32\Drivers\spldr.sys
    0x01B48000 \SystemRoot\System32\drivers\rdyboost.sys
    0x01B82000 \SystemRoot\System32\Drivers\mup.sys
    0x01B94000 \SystemRoot\System32\drivers\hwpolicy.sys
    0x01B9D000 \SystemRoot\System32\DRIVERS\fvevol.sys
    0x01BD7000 \SystemRoot\system32\DRIVERS\disk.sys
    0x01800000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    0x0168B000 \SystemRoot\system32\drivers\cdrom.sys
    0x016B5000 \SystemRoot\System32\Drivers\Null.SYS
    0x016BE000 \SystemRoot\System32\Drivers\Beep.SYS
    0x017BD000 \SystemRoot\System32\drivers\vga.sys
    0x017CB000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x017F0000 \SystemRoot\System32\drivers\watchdog.sys
    0x0151A000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x01523000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x0152C000 \SystemRoot\system32\drivers\rdprefmp.sys
    0x01535000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x01540000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x01551000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x01573000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x01580000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x01400000 \SystemRoot\system32\drivers\afd.sys
    0x015C5000 \SystemRoot\system32\DRIVERS\wfplwf.sys
    0x015CE000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x0121B000 \SystemRoot\system32\DRIVERS\vwififlt.sys
    0x01231000 \SystemRoot\system32\DRIVERS\mfenlfk.sys
    0x013F0000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x01000000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x0101B000 \SystemRoot\system32\drivers\termdd.sys
    0x015F4000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    0x01242000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    0x0424E000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x0429F000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x042AB000 \SystemRoot\system32\drivers\mssmbios.sys
    0x042B6000 \SystemRoot\System32\drivers\discache.sys
    0x042C5000 \SystemRoot\System32\Drivers\dfsc.sys
    0x042E3000 \SystemRoot\system32\DRIVERS\blbdrive.sys
    0x042F4000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x04AC7000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
    0x054EA000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x04A00000 \SystemRoot\System32\drivers\dxgmms1.sys
    0x04A46000 \SystemRoot\system32\DRIVERS\HECIx64.sys
    0x04A57000 \SystemRoot\system32\drivers\usbehci.sys
    0x04A68000 \SystemRoot\system32\drivers\USBPORT.SYS
    0x0431A000 \SystemRoot\system32\drivers\HDAudBus.sys
    0x0584F000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
    0x05EFC000 \SystemRoot\system32\DRIVERS\vwifibus.sys
    0x05F09000 \SystemRoot\system32\DRIVERS\risdpe64.sys
    0x05F22000 \SystemRoot\system32\DRIVERS\rimspe64.sys
    0x05F3B000 \SystemRoot\system32\DRIVERS\rixdpe64.sys
    0x05F91000 \SystemRoot\system32\drivers\1394ohci.sys
    0x0433E000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
    0x05FCF000 \SystemRoot\system32\drivers\i8042prt.sys
    0x05FED000 \SystemRoot\system32\drivers\kbdclass.sys
    0x05800000 \SystemRoot\system32\DRIVERS\SynTP.sys
    0x0584B000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x055DE000 \SystemRoot\system32\drivers\mouclass.sys
    0x055ED000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x043C3000 \SystemRoot\system32\DRIVERS\Impcd.sys
    0x043EA000 \SystemRoot\system32\DRIVERS\Acceler.sys
    0x04200000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0x04ABE000 \SystemRoot\system32\drivers\wmiacpi.sys
    0x055FA000 \SystemRoot\system32\DRIVERS\CmBatt.sys
    0x04216000 \SystemRoot\system32\drivers\CompositeBus.sys
    0x04226000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
    0x00FD7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x0423C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x03C30000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x03C5F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x03C7A000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x03C9B000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x03CB5000 \SystemRoot\system32\drivers\swenum.sys
    0x03CB7000 \SystemRoot\system32\drivers\ks.sys
    0x03CFA000 \SystemRoot\system32\drivers\umbus.sys
    0x03D0C000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x03D66000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x03D7B000 \SystemRoot\system32\DRIVERS\stwrt64.sys
    0x07A3B000 \SystemRoot\system32\DRIVERS\portcls.sys
    0x07A78000 \SystemRoot\system32\DRIVERS\drmk.sys
    0x07A9A000 \SystemRoot\system32\drivers\ksthunk.sys
    0x07AA0000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
    0x07AE7000 \SystemRoot\system32\drivers\mfeavfk.sys
    0x07B1D000 \SystemRoot\system32\drivers\mfefirek.sys
    0x07B91000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x07B9F000 \SystemRoot\System32\Drivers\dump_dumpata.sys
    0x07BAB000 \SystemRoot\System32\Drivers\dump_msahci.sys
    0x07BB6000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
    0x000E0000 \SystemRoot\System32\win32k.sys
    0x07BC9000 \SystemRoot\System32\drivers\Dxapi.sys
    0x07BD5000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x07A00000 \SystemRoot\System32\Drivers\usbvideo.sys
    0x03C00000 \SystemRoot\system32\DRIVERS\CtClsFlt.sys
    0x07BF2000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x00410000 \SystemRoot\System32\TSDDD.dll
    0x00610000 \SystemRoot\System32\cdd.dll
    0x00990000 \SystemRoot\System32\ATMFD.DLL
    0x01830000 \SystemRoot\system32\drivers\luafv.sys
    0x026BF000 \SystemRoot\system32\drivers\WudfPf.sys
    0x026E0000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0x026F5000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0x02748000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0x0275B000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0x03A4E000 \SystemRoot\system32\drivers\HTTP.sys
    0x03B17000 \SystemRoot\system32\DRIVERS\bowser.sys
    0x03B35000 \SystemRoot\System32\drivers\mpsdrv.sys
    0x03B4D000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0x03B7A000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0x03BC8000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0x02600000 \SystemRoot\system32\drivers\peauth.sys
    0x03BEC000 \SystemRoot\system32\DRIVERS\vwifimp.sys
    0x03A00000 \SystemRoot\System32\Drivers\secdrv.SYS
    0x03A0B000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0x03A3C000 \SystemRoot\System32\drivers\tcpipreg.sys
    0x02773000 \SystemRoot\System32\DRIVERS\srv2.sys
    0x08048000 \SystemRoot\System32\DRIVERS\srv.sys
    0x080E0000 \SystemRoot\system32\drivers\cfwids.sys
    0x080EF000 \SystemRoot\System32\Drivers\fastfat.SYS
    0x0815B000 \SystemRoot\system32\drivers\spsys.sys
    0x081CC000 \SystemRoot\system32\drivers\mfeapfk.sys
    0x77940000 \Windows\System32\ntdll.dll
    0x484C0000 \Windows\System32\smss.exe
    0xFFC60000 \Windows\System32\apisetschema.dll
    0xFFB90000 \Windows\System32\autochk.exe
    0xFFC00000 \Windows\System32\ws2_32.dll
    0xFFB20000 \Windows\System32\advapi32.dll
    0xFFB10000 \Windows\System32\lpk.dll
    0xFFA40000 \Windows\System32\usp10.dll
    0xFFA30000 \Windows\System32\nsi.dll
    0x77730000 \Windows\System32\iertutil.dll
    0xFF9B0000 \Windows\System32\shlwapi.dll
    0x775E0000 \Windows\System32\urlmon.dll
    0xFF880000 \Windows\System32\rpcrt4.dll
    0x77B10000 \Windows\System32\normaliz.dll
    0xFF7A0000 \Windows\System32\oleaut32.dll
    0xFF690000 \Windows\System32\msctf.dll
    0x77480000 \Windows\System32\wininet.dll
    0xFF5F0000 \Windows\System32\comdlg32.dll
    0xFF410000 \Windows\System32\setupapi.dll
    0xFF3F0000 \Windows\System32\imagehlp.dll
    0xFF1E0000 \Windows\System32\ole32.dll
    0x77B00000 \Windows\System32\psapi.dll
    0xFF140000 \Windows\System32\clbcatq.dll
    0xFF0A0000 \Windows\System32\msvcrt.dll
    0xFF070000 \Windows\System32\imm32.dll
    0x77360000 \Windows\System32\kernel32.dll
    0xFEFF0000 \Windows\System32\difxapi.dll
    0xFEFD0000 \Windows\System32\sechost.dll
    0xFE240000 \Windows\System32\shell32.dll
    0x77260000 \Windows\System32\user32.dll
    0xFE1E0000 \Windows\System32\Wldap32.dll
    0xFE170000 \Windows\System32\gdi32.dll
    0xFE0D0000 \Windows\System32\comctl32.dll
    0xFE090000 \Windows\System32\wintrust.dll
    0xFE020000 \Windows\System32\KernelBase.dll
    0xFDFE0000 \Windows\System32\cfgmgr32.dll
    0xFDE70000 \Windows\System32\crypt32.dll
    0xFDE50000 \Windows\System32\devobj.dll
    0xFDE40000 \Windows\System32\msasn1.dll

    Processes (total 101):
    0 System Idle Process
    4 System
    304 C:\Windows\System32\smss.exe
    516 csrss.exe
    580 C:\Windows\System32\wininit.exe
    608 csrss.exe
    640 C:\Windows\System32\services.exe
    668 C:\Windows\System32\lsass.exe
    676 C:\Windows\System32\lsm.exe
    776 C:\Windows\System32\svchost.exe
    844 C:\Windows\System32\winlogon.exe
    900 C:\Windows\System32\svchost.exe
    996 C:\Windows\System32\svchost.exe
    116 C:\Windows\System32\svchost.exe
    364 C:\Windows\System32\svchost.exe
    544 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe
    1028 C:\Windows\System32\audiodg.exe
    1112 C:\Windows\System32\svchost.exe
    1172 C:\Program Files\Dell\DellDock\DockLogin.exe
    1312 C:\Windows\System32\svchost.exe
    1400 C:\Windows\System32\wlanext.exe
    1408 C:\Windows\System32\conhost.exe
    1496 C:\Windows\System32\spoolsv.exe
    1524 C:\Windows\System32\svchost.exe
    1640 C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    1664 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    1740 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
    1768 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    1828 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    1876 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    1916 C:\Windows\SysWOW64\svchost.exe
    1944 C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
    1976 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    2012 C:\Windows\System32\mfevtps.exe
    2032 C:\Windows\System32\svchost.exe
    1184 C:\Windows\System32\svchost.exe
    1276 C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    1680 C:\Windows\System32\taskhost.exe
    2068 C:\Windows\System32\dwm.exe
    2116 C:\Windows\System32\taskeng.exe
    2320 C:\Windows\explorer.exe
    2376 C:\Windows\System32\rundll32.exe
    2400 C:\Windows\SysWOW64\rundll32.exe
    2660 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    2680 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    2752 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
    2776 C:\Windows\System32\svchost.exe
    2812 C:\Program Files\Common Files\Microsoft Shared\WINDOWS LIVE\WLIDSVC.EXE
    2860 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    2468 C:\Program Files\Common Files\Microsoft Shared\WINDOWS LIVE\WLIDSVCM.EXE
    3128 C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    3144 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
    3216 unsecapp.exe
    3276 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
    3448 WmiPrvSE.exe
    3776 C:\Windows\System32\svchost.exe
    3812 C:\Windows\System32\svchost.exe
    4000 C:\Windows\System32\svchost.exe
    3140 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    3300 C:\Program Files\IDT\WDM\sttray64.exe
    3888 C:\Program Files\Dell\QuickSet\quickset.exe
    3588 C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
    3424 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    3404 C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    720 C:\Windows\System32\igfxtray.exe
    3160 C:\Windows\System32\hkcmd.exe
    3716 C:\Windows\System32\igfxpers.exe
    4116 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    4264 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    4296 C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    4348 C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    4384 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    4424 C:\Program Files\Dell\DellDock\DellDock.exe
    4536 C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    4644 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    4676 C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    4688 C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe
    4712 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    4760 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    4780 C:\Program Files\McAfee.com\Agent\mcagent.exe
    4796 C:\Program Files (x86)\iTunes\iTunesHelper.exe
    4832 C:\Windows\System32\wbem\unsecapp.exe
    976 C:\Windows\System32\SearchIndexer.exe
    4628 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    4372 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    1248 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    4596 C:\Windows\System32\SearchProtocolHost.exe
    4240 C:\Windows\System32\SearchFilterHost.exe
    4744 C:\Program Files\iPod\bin\iPodService.exe
    5236 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    5344 C:\Program Files\Windows Media Player\wmpnetwk.exe
    5360 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    5656 C:\Windows\System32\svchost.exe
    5472 dllhost.exe
    5460 C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe
    5420 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    772 WmiPrvSE.exe
    988 C:\Windows\System32\sppsvc.exe
    6968 C:\Users\Stephen Stratton\Desktop\MBRCheck.exe
    6976 C:\Windows\System32\conhost.exe
    6996 C:\Windows\System32\dllhost.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`abf38a00 (NTFS)

    PhysicalDrive0 Model Number: TOSHIBAMK5056GSY, Rev: LH003D

    Size Device Name MBR Status
    --------------------------------------------
    465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
    SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


    Done!

  10. #10
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,

    The only thing I've ever heard of changing your typing is when you change your language. Read these links and see if any of them help you.
    Try this first

    Try this:
    1. Click on Start | Control Panel | Regional and Language
    Options | Languages tab.
    2. Click on Details | Settings tab. Set the "Default input
    language" to English (US) or whatever you use. In the "Installed
    services" section, remove any languages that you don't use.
    Click on OK.
    3. Uncheck the "Install files for complex script and
    right-to-left languages (including Thai)" and "Install files for
    East Asian languages" boxes | Apply | OK, and then restart the
    computer.


    If that doesn't work try looking at these links::

    How to stop type going from right to left from cursor - Microsoft Office Word Forum - WordBanter
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




Page 1 of 2 12 LastLast