Live Chat & Podcast at 1:00PM Eastern on Sunday!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Virus & Other Malware Removal
Go to first new post Something is very wrong with pc it takes ...
Go to first new post How did you find PC CLEANER PRO on my c ...
Go to first new post Trojan: Win32/Alureon.FK - hijack this l ...
Go to first new post Black desktop, missing all shortcuts, fi ...
Go to first new post Missing Photos/Black Desktop/Phantom Use ...
Go to first new post Network, good; Internet, bad
Go to first new post Need Help
Go to first new post Odd Processes/SCODEF-CREDAT/possible vir ...
Go to first new post Google Hijacker/Google Search Result vir ...
Go to first new post server not found
Go to first new post slow computer, downloads over a few mb f ...
Go to first new post Ramnit virus, nearly cleared
Go to first new post Windows live Messenger Virus
Go to first new post We Got System Checked :-(
Go to first new post This setup thing keeps popping up everyd ...
Tag Cloud
access acer asus batch bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory modem monitor motherboard mouse network printer problem ram registry router slow software sound trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Virus & Other Malware Removal >
Mcafee installation not working (In Progress)

Page 1 of 2 1 2
Reply  
Thread Tools
trex1975's Avatar
Computer Specs
Junior Member with 18 posts.
  
Join Date: Nov 2009
Experience: Intermediate
08-Nov-2009, 12:07 PM #1
Exclamation Mcafee installation not working
I recently received several message stating that my computer is infected with 31 viruses. I had Mcafee installed but it is now missing. I recently repurchased it, however, when I tried to download it, I got an error message that read: Mcafee integrated security installer has stopped. What does this mean and can it be repaired? Until this is fixed, I have no anit virus protection on my computer. Please help.
Register for free to hide this ad!
Rich-M's Avatar
Computer Specs
Distinguished Member with 22,300 posts.
  
Join Date: May 2006
Location: Eastern Pa
Experience: Advanced
08-Nov-2009, 12:47 PM #2
You need to download and install hijackthis and then place the full log created in a post here so we can get a malware specialist to read it and help you out. MacAfee could be the poorest antivirus program out there so seek help on good ones when this is all over.
http://download.cnet.com/Trend-Micro...-10227353.html
__________________
The average dog is a nicer person than the average person. -Andy Rooney-
Home base:
www.kickenhardware.net/forum
trex1975's Avatar
Computer Specs
Junior Member with 18 posts.
  
Join Date: Nov 2009
Experience: Intermediate
08-Nov-2009, 03:01 PM #3
RE: Mcafee integrated security platform has stopped working
Thanks so much for your input. Below is the log you requested.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:58:09 PM, on 11/7/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\System32\svchost.exe
C:\Toshiba\IVP\ISM\pinger.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\RegCure\RegCure.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SGPSA\ie3sh.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/disp...tb_id%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx?tbid=80114
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_cus...spx?tbid=80114
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx?tbid=80114
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_cus...spx?tbid=80114
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AIM Toolbar Search Class - {03402F96-3DC7-4285-BC50-9E81FEFAFE43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44CF-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: SearchHelper Class - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program Files\SGPSA\mtwb3sh.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: FastestP2P Toolbar - {f516e6d7-6aa0-4978-93a5-df43fccf0431} - C:\Program Files\FastestP2P Toolbar3\toolbar.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1\Content.IE5\P3G56OWV.SH! c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1\Content.SH! c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1.SH! (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1\Content.IE5\P3G56OWV.SH! c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1\Content.SH! c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1.SH! (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...tup1.0.1.1.cab
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - http://support.microsoft.com/mats/DiagWebControl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 16876 bytes
Rich-M's Avatar
Computer Specs
Distinguished Member with 22,300 posts.
  
Join Date: May 2006
Location: Eastern Pa
Experience: Advanced
08-Nov-2009, 05:00 PM #4
I have asked for a malware pro to come in and look at this log because I don't see anything though I would remove almost all of your startup entries and uninstall everything that says "toolbar", yet there has to be a big problem here.
One thing I would do while we wait is uninstall reg cure which will never help anything on your pc and can easily cripple it.
I would also go "Run,Msconfig,OK, Startup" and uncheck everything except for Macafee references,Skytel if you use it,Spyware Doctor References, and go into Control Panel, Programs and Features and uninstall Google Earth and every reference to anything that is a "toolbar", Viewpoint Media player and Wild Tangent.
__________________
The average dog is a nicer person than the average person. -Andy Rooney-
Home base:
www.kickenhardware.net/forum
Last edited by Rich-M; 08-Nov-2009 at 05:57 PM..
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 79,289 posts.
  
Join Date: Aug 2003
Location: Quebec, Canada
08-Nov-2009, 05:12 PM #5
Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
__________________
Microsoft MVP - Consumer Security
trex1975's Avatar
Computer Specs
Junior Member with 18 posts.
  
Join Date: Nov 2009
Experience: Intermediate
08-Nov-2009, 07:55 PM #6
Malwarebytes' Anti-Malware 1.41
Database version: 3130
Windows 6.0.6002 Service Pack 2
11/7/2009 6:54:36 PM
mbam-log-2009-11-07 (18-54-36).txt
Scan type: Quick Scan
Objects scanned: 99968
Time elapsed: 7 minute(s), 30 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 34
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 9
Files Infected: 6
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6 faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6 faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b1 8ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b1 8ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b1 8eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4d b7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2556 0540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc2 01fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0 ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff0 5104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servises (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pofile (Rogue.FixTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Miracle (PUP.PerfectOptimizer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Windows\0535251103110107106.yux (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\Windows\010112010146120114.xe (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\Windows\prxid93ps.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\SafetyCenter\sound.wav (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\ProgramData\msca\Viruses.dat (Rogue.MaCatte) -> Quarantined and deleted successfully.
trex1975's Avatar
Computer Specs
Junior Member with 18 posts.
  
Join Date: Nov 2009
Experience: Intermediate
08-Nov-2009, 07:57 PM #7
Thank you everyone for your help so far. I've been very frustrated. I finally see light at the end of the tunnel.
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 79,289 posts.
  
Join Date: Aug 2003
Location: Quebec, Canada
08-Nov-2009, 11:07 PM #8
Please visit Combofix Guide & Instructions for instructions for installing the recovery console and downloading and running ComboFix.

The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to puppy.exe please.

Post the log from ComboFix when you've accomplished that along with a new HijackThis log.

Important notes regarding ComboFix:

ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

ComboFix also prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read HERE for an article written by dvk01 on why we disable autoruns.
__________________
Microsoft MVP - Consumer Security
trex1975's Avatar
Computer Specs
Junior Member with 18 posts.
  
Join Date: Nov 2009
Experience: Intermediate
09-Nov-2009, 12:05 PM #9
RE: Mcafee integrated security platform has stopped working
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:58:09 PM, on 11/7/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\System32\svchost.exe
C:\Toshiba\IVP\ISM\pinger.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\RegCure\RegCure.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SGPSA\ie3sh.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/disp...tb_id%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx?tbid=80114
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_cus...spx?tbid=80114
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx?tbid=80114
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_cus...spx?tbid=80114
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AIM Toolbar Search Class - {03402F96-3DC7-4285-BC50-9E81FEFAFE43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44CF-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: SearchHelper Class - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program Files\SGPSA\mtwb3sh.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: FastestP2P Toolbar - {f516e6d7-6aa0-4978-93a5-df43fccf0431} - C:\Program Files\FastestP2P Toolbar3\toolbar.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1\Content.IE5\P3G56OWV.SH! c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1\Content.SH! c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1.SH! (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1\Content.IE5\P3G56OWV.SH! c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1\Content.SH! c:\users\TARAAN~1\appdata\local\temp\Low\TEMPOR~1.SH! (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...tup1.0.1.1.cab
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - http://support.microsoft.com/mats/DiagWebControl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 16876 bytes
trex1975's Avatar
Computer Specs
Junior Member with 18 posts.
  
Join Date: Nov 2009
Experience: Intermediate
09-Nov-2009, 12:05 PM #10
RE: Mcafee integrated security platform has stopped working
ComboFix 09-11-08.03 - Tara and Shane 11/08/2009 6:13.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3069.1784 [GMT -8:00]
Running from: c:\users\Public\puppy.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-2289998049-2954938465-3815309393-500
c:\$recycle.bin\S-1-5-21-3666825385-515136465-2855027535-500
c:\program files\Fast Browser Search
c:\program files\Fast Browser Search\IE\1.bat
c:\program files\Fast Browser Search\IE\about.html
c:\program files\Fast Browser Search\IE\affid.dat
c:\program files\Fast Browser Search\IE\basis.xml
c:\program files\Fast Browser Search\IE\basis_br.xml
c:\program files\Fast Browser Search\IE\basis_de.xml
c:\program files\Fast Browser Search\IE\basis_en.xml
c:\program files\Fast Browser Search\IE\basis_es.xml
c:\program files\Fast Browser Search\IE\basis_fr.xml
c:\program files\Fast Browser Search\IE\basis_it.xml
c:\program files\Fast Browser Search\IE\basis_nr.xml
c:\program files\Fast Browser Search\IE\basis_pt.xml
c:\program files\Fast Browser Search\IE\basis_ru.xml
c:\program files\Fast Browser Search\IE\basis_tr.xml
c:\program files\Fast Browser Search\IE\BHO.dll
c:\program files\Fast Browser Search\IE\ClearRecycleBin.exe
c:\program files\Fast Browser Search\IE\error.html
c:\program files\Fast Browser Search\IE\fbsProtection.xml
c:\program files\Fast Browser Search\IE\FbsSearchProvider.xml
c:\program files\Fast Browser Search\IE\FbsSearchProviderIE8.exe
c:\program files\Fast Browser Search\IE\FBStoolbar.dll
c:\program files\Fast Browser Search\IE\fbstoolbar.jar
c:\program files\Fast Browser Search\IE\fbstoolbar.manifest
c:\program files\Fast Browser Search\IE\icons.bmp
c:\program files\Fast Browser Search\IE\ie3sh.exe
c:\program files\Fast Browser Search\IE\info.txt
c:\program files\Fast Browser Search\IE\local.xml
c:\program files\Fast Browser Search\IE\logobg.bmp
c:\program files\Fast Browser Search\IE\MTWB3SH.dll
c:\program files\Fast Browser Search\IE\MTWBtoolbar.html
c:\program files\Fast Browser Search\IE\search.bmp
c:\program files\Fast Browser Search\IE\search_br.bmp
c:\program files\Fast Browser Search\IE\search_de.bmp
c:\program files\Fast Browser Search\IE\search_es.bmp
c:\program files\Fast Browser Search\IE\search_fr.bmp
c:\program files\Fast Browser Search\IE\search_it.bmp
c:\program files\Fast Browser Search\IE\search_pt.bmp
c:\program files\Fast Browser Search\IE\search_ru.bmp
c:\program files\Fast Browser Search\IE\SearchGuardPlus.exe
c:\program files\Fast Browser Search\IE\SearchGuardPlus.ico
c:\program files\Fast Browser Search\IE\SGPU.ico
c:\program files\Fast Browser Search\IE\sgpUpdater.exe
c:\program files\Fast Browser Search\IE\sgpUpdater.xml
c:\program files\Fast Browser Search\IE\SGPUpdaterS.exe
c:\program files\Fast Browser Search\IE\tbhelper.dll
c:\program files\Fast Browser Search\IE\tbs_include_script_003175.js
c:\program files\Fast Browser Search\IE\tbs_include_script_005064.js
c:\program files\Fast Browser Search\IE\tbs_include_script_012817.js
c:\program files\Fast Browser Search\IE\Toolbar Help.htm
c:\program files\Fast Browser Search\IE\uninstall.exe
c:\program files\Fast Browser Search\IE\uninstalSGP.exe
c:\program files\Fast Browser Search\IE\uninstalSGPU.exe
c:\program files\Fast Browser Search\IE\update.exe
c:\program files\Fast Browser Search\IE\version.txt
c:\program files\SGPSA
c:\program files\SGPSA\BHO.dll
c:\program files\SGPSA\ie3sh.exe
c:\program files\SGPSA\mtWB3sh.dll
c:\users\Tara and Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\AMD_Chipset_V849300_XPVista.zip
c:\users\Tara and Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\TestBrowser.html
c:\windows\4ff345dfbh521
.
((((((((((((((((((((((((( Files Created from 2009-10-08 to 2009-11-08 )))))))))))))))))))))))))))))))
.
2009-11-08 14:38 . 2009-11-08 14:40 -------- d-----w- c:\users\Tara and Shane\AppData\Local\temp
2009-11-08 14:38 . 2009-11-08 14:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-08 14:07 . 2009-11-08 14:07 3563165 ----a-r- c:\users\Public\puppy.exe
2009-11-08 05:01 . 2009-11-08 05:01 -------- d-----w- c:\programdata\SiteAdvisor
2009-11-08 02:45 . 2009-11-08 02:45 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\Malwarebytes
2009-11-08 02:45 . 2009-09-10 22:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-08 02:45 . 2009-11-08 02:45 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-08 02:45 . 2009-11-08 02:45 -------- d-----w- c:\programdata\Malwarebytes
2009-11-08 02:45 . 2009-09-10 22:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-08 00:45 . 2009-11-08 02:54 -------- d-----w- C:\SafetyCenter
2009-11-07 21:57 . 2009-11-07 21:57 -------- d-----w- c:\program files\Trend Micro
2009-11-07 17:02 . 2009-11-07 17:02 -------- d-----w- c:\program files\iPod
2009-11-07 17:02 . 2009-11-07 17:03 4096 d-----w- c:\program files\iTunes
2009-11-07 16:56 . 2009-11-07 16:56 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-07 16:51 . 2009-11-07 16:51 -------- d-----w- c:\program files\Alwil Software
2009-11-07 02:42 . 2009-11-07 19:12 -------- d-----w- c:\users\Tara and Shane\AppData\Local\McAfee Anti-Theft
2009-11-07 02:37 . 2009-11-07 02:42 -------- d-----w- c:\programdata\McAfee Anti-Theft
2009-11-07 02:28 . 2009-11-07 02:28 -------- d-----w- c:\program files\McAfee(94)
2009-11-06 18:21 . 2009-11-06 18:22 -------- d-----w- c:\programdata\McAfee(127)
2009-11-06 07:38 . 2009-11-06 07:38 -------- d-----w- c:\programdata\WindowsSearch
2009-11-06 05:47 . 2009-11-06 05:52 -------- d-----w- c:\programdata\SITEguard
2009-11-06 05:43 . 2009-11-06 18:13 4096 d-----w- c:\program files\STOPzilla!
2009-11-06 05:43 . 2009-11-06 05:43 -------- d-----w- c:\program files\Common Files\iS3
2009-11-06 05:43 . 2009-11-06 18:13 4096 d-----w- c:\programdata\STOPzilla!
2009-11-05 22:11 . 2009-11-05 22:11 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\AVG8
2009-11-03 22:55 . 2009-11-03 22:56 4096 d-----w- C:\BigFishGamesCache
2009-11-03 22:24 . 2009-11-03 22:24 -------- d-----w- c:\programdata\Sandlot Games
2009-11-03 02:08 . 2009-09-24 22:54 258048 ----a-w- c:\windows\system32\winspool(517).drv
2009-11-03 02:08 . 2009-09-24 22:54 258048 ----a-w- c:\windows\system32\winspool(479).drv
2009-11-03 02:08 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs(515).dll
2009-11-03 02:08 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs(477).dll
2009-11-03 02:05 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc(482).dll
2009-11-03 02:05 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc(447).dll
2009-11-03 02:05 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc(481).dll
2009-11-03 02:05 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc(446).dll
2009-11-03 01:49 . 2009-11-07 00:02 4096 d-----w- c:\users\Tara and Shane\AppData\Local\CyberDefender Internet Security
2009-11-02 03:02 . 2009-11-08 02:54 4096 d-----w- c:\programdata\msca
2009-11-01 18:02 . 2009-11-01 18:03 -------- d-----w- c:\program files\AlphaAV(0)
2009-10-31 17:39 . 2009-10-31 17:39 -------- d-----w- c:\programdata\Fugazo
2009-10-30 23:01 . 2009-11-06 05:17 -------- d-----w- c:\program files\iPod(10)
2009-10-30 23:01 . 2009-10-30 23:01 -------- d-----w- c:\program files\iPod(9)
2009-10-30 23:00 . 2009-10-30 23:03 4096 d-----w- c:\program files\iTunes(10)
2009-10-30 22:44 . 2009-11-06 05:17 8192 d-----w- c:\program files\Safari
2009-10-27 19:55 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-27 19:55 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-27 02:06 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-27 02:06 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-27 02:06 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-27 02:06 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-27 02:06 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-27 02:06 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups(530).dll
2009-10-27 02:06 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-27 02:06 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-27 02:06 . 2009-08-07 02:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-27 02:06 . 2009-08-07 01:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-25 07:26 . 2009-11-08 08:46 5360816 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\updates\a4d7111605bfa7aac1226573 939eaa24\DriverRobot_Setup.exe
2009-10-23 17:24 . 2009-10-23 17:24 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-23 17:21 . 2009-10-23 17:21 4096 d-----w- c:\program files\Times Reader
2009-10-23 17:20 . 2009-10-23 17:19 38208 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe
2009-10-23 17:20 . 2009-10-23 17:19 38208 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe
2009-10-23 17:20 . 2009-10-23 17:20 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-10-23 17:18 . 2009-10-23 17:18 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe
2009-10-23 17:17 . 2009-10-23 21:35 4096 d-----w- c:\programdata\NOS
2009-10-22 22:02 . 2009-10-22 22:02 -------- d-----w- c:\programdata\MumboJumbo
2009-10-16 04:31 . 2009-10-16 04:31 8192 d-----w- c:\windows\SQL9_KB970892_ENU
2009-10-16 00:14 . 2009-10-16 00:14 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\Playrix Entertainment
2009-10-14 15:43 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 15:41 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-14 15:37 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-13 14:31 . 2009-10-13 14:31 -------- d-----w- c:\programdata\Office Genuine Advantage
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-08 10:42 . 2009-09-18 12:37 40960 d-----w- c:\program files\Spyware Doctor
2009-11-08 08:46 . 2009-09-30 05:51 4096 d-----w- c:\program files\Driver Robot
2009-11-08 04:32 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender
2009-11-08 04:32 . 2009-03-01 20:45 4096 d-----w- c:\programdata\HP Product Assistant
2009-11-08 04:32 . 2008-12-16 00:42 4096 d-----w- c:\program files\McAfee
2009-11-08 04:32 . 2009-03-11 16:22 -------- d-----w- c:\program files\McAfee.com
2009-11-08 04:32 . 2009-03-11 16:23 4096 d-----w- c:\program files\Common Files\McAfee
2009-11-08 04:32 . 2009-06-28 19:07 4096 d-----w- c:\program files\BlueVoda Website Builder
2009-11-08 04:01 . 2008-10-14 16:53 1356 ----a-w- c:\users\Tara and Shane\AppData\Local\d3d9caps.dat
2009-11-08 03:00 . 2009-07-27 13:59 -------- d-----w- c:\program files\FastestP2P Toolbar3
2009-11-08 01:48 . 2009-07-08 17:17 4096 d-----w- c:\program files\OpenOffice.org 3
2009-11-08 01:42 . 2009-01-28 20:01 -------- d-----w- c:\programdata\Viewpoint
2009-11-08 01:41 . 2009-01-28 20:01 -------- d-----w- c:\program files\Viewpoint
2009-11-08 01:38 . 2007-11-21 07:08 12288 d-----w- c:\program files\TOSHIBA Games
2009-11-08 01:38 . 2007-11-21 07:08 4096 d-----w- c:\programdata\WildTangent
2009-11-07 23:55 . 2007-11-21 05:15 12288 d-----w- c:\programdata\Microsoft Help
2009-11-07 20:44 . 2009-09-10 22:48 4096 d-----w- c:\program files\Search Guard PlusU
2009-11-07 19:25 . 2008-12-07 20:25 8192 d-----w- c:\users\Tara and Shane\AppData\Roaming\LimeWire
2009-11-07 17:02 . 2008-11-17 03:26 4096 d-----w- c:\program files\Common Files\Apple
2009-11-07 08:02 . 2008-12-16 00:03 4096 d-----w- c:\programdata\McAfee
2009-11-03 04:42 . 2009-10-03 18:02 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 03:22 . 2007-11-21 05:10 4096 d-----w- c:\program files\Java
2009-10-22 21:49 . 2008-11-09 09:35 1614328 ----a-w- c:\programdata\WildTangent\TOSHIBA Game Console\Downloads\en-us\Installers\SetupGamesClient.exe
2009-10-16 11:33 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-10-16 04:31 . 2009-08-14 16:51 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-13 14:31 . 2008-09-02 05:58 116584 ----a-w- c:\users\Tara and Shane\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-13 04:26 . 2007-11-21 05:18 8192 d-----w- c:\program files\Microsoft Works
2009-10-01 02:22 . 2009-09-29 04:02 -------- d-----w- c:\program files\ATI Technologies
2009-09-30 08:22 . 2009-09-30 08:22 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2009-09-30 08:21 . 2009-09-30 08:21 -------- d-----w- c:\program files\Synaptics
2009-09-30 08:19 . 2009-09-30 08:19 4096 d-----w- c:\program files\Microsoft Office Outlook Connector
2009-09-30 08:19 . 2009-09-30 08:18 -------- d-----w- c:\program files\Windows Live
2009-09-30 08:18 . 2009-09-30 08:11 -------- d-----w- c:\program files\Microsoft
2009-09-30 08:18 . 2009-09-30 08:18 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-30 08:15 . 2009-09-30 08:15 -------- d-----w- c:\program files\Common Files\Windows Live
2009-09-30 07:52 . 2009-09-30 07:52 -------- d-----w- c:\program files\StarWind Software
2009-09-30 07:02 . 2009-09-30 06:43 399972848 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\eb1e7ba15bd536741d92c2 8930c62d64\hp_LJP2014_Full_Solution_ROW.exe
2009-09-30 06:55 . 2009-09-30 06:44 120102256 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\d67c20c52e5ab9a7efee24 91b6538cc7\driver_video_ati_os2008051b.exe
2009-09-30 06:53 . 2009-09-30 06:43 100490728 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\0743a32f763e9ea4918eac 656bcdd666\SF_CDA_Full_Non-Network_enu.exe
2009-09-30 06:48 . 2009-09-30 06:44 27618728 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\d629a76dea4ee1a0a4fec7 7a9cccdc08\driver_touchpad_synaptics_27998B.exe
2009-09-30 06:46 . 2009-09-30 06:44 15117544 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\81a3e1afdb8ab1fff5680b d4bb799ed2\HP_LJ_P4010_PCL6_32Bit.exe
2009-09-30 06:44 . 2009-09-30 06:44 3430103 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\1a82470ac2dd9c3cd5bc92 d1a994d95e\motherboard_driver_lan_realtek_8111_vista.exe
2009-09-30 06:44 . 2009-09-30 06:43 6142952 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\4a4260cd80e46e2755130c 743dc3f215\sp35034.exe
2009-09-29 03:46 . 2009-09-29 03:46 19919456 ----a-w- c:\programdata\PC Drivers HeadQuarters\Driver Detective\Downloads\9-6_vista32-64_sb.exe
2009-09-26 23:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-09-26 23:07 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar
2009-09-26 23:07 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal
2009-09-26 23:07 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration
2009-09-26 23:07 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery
2009-09-26 23:03 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-09-26 22:43 . 2009-02-03 18:45 4096 d-----w- c:\users\Tara and Shane\AppData\Roaming\Skype
2009-09-20 16:57 . 2009-09-20 16:56 -------- d-----w- c:\program files\Microsoft ATS
2009-09-18 22:24 . 2009-09-18 22:24 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\Blitware
2009-09-18 22:16 . 2008-09-02 06:35 -------- d-----w- c:\program files\ATI
2009-09-18 12:39 . 2009-09-18 12:37 -------- d-----w- c:\program files\Common Files\PC Tools
2009-09-18 12:37 . 2009-09-18 12:37 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\PC Tools
2009-09-18 12:37 . 2009-09-18 12:37 -------- d-----w- c:\programdata\PC Tools
2009-09-17 13:48 . 2009-09-17 13:48 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2009-09-17 13:46 . 2007-11-21 03:43 12288 d--h--w- c:\program files\InstallShield Installation Information
2009-09-16 17:22 . 2009-03-11 16:23 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-09-16 17:22 . 2009-03-11 16:23 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2009-09-16 17:22 . 2009-03-11 16:23 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-09-16 17:22 . 2009-01-09 19:03 214664 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2009-09-16 17:22 . 2009-03-11 16:19 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2009-09-15 23:34 . 2008-12-06 02:18 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\Apple Computer
2009-09-10 22:48 . 2009-09-10 22:48 4096 d-----w- c:\program files\Search Guard Plus
2009-09-10 18:40 . 2009-09-10 18:39 8192 d-----w- c:\program files\iPhone Configuration Utility
2009-09-10 18:38 . 2009-09-10 18:37 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-10 18:35 . 2009-09-10 18:34 4096 d-----w- c:\program files\QuickTime
2009-09-04 11:41 . 2009-10-14 15:42 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 02:42 . 2009-08-29 02:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-29 02:42 . 2009-08-29 02:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-29 00:27 . 2009-09-03 00:47 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-03 00:47 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 21:10 . 2009-08-27 21:10 1024896 ----a-w- c:\users\Public\MyWebTattoo.exe
2009-08-27 05:22 . 2009-10-14 15:42 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:17 . 2009-10-14 15:42 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 05:17 . 2009-10-14 15:42 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 03:42 . 2009-10-14 15:42 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-24 21:05 . 2009-09-18 12:37 206256 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-08-19 18:01 . 2009-09-18 12:37 86888 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-08-18 19:27 . 2009-08-18 19:27 120833 ----a-w- c:\users\Public\SetupGamevance.exe
2009-08-18 06:33 . 2009-08-18 06:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-15 00:08 . 2009-08-04 17:50 118 ----a-w- c:\users\Tara and Shane\AppData\Roaming\MTC-savedfolder.dat
2009-08-14 22:47 . 2009-08-14 22:47 746760 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\Spotlight Resources.dll
2009-08-14 16:27 . 2009-09-08 19:13 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-08 19:13 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-08 19:13 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-08 19:13 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-08 19:13 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-08 19:13 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-08 19:13 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-08 19:13 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-08 19:13 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-08 19:13 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-08 19:13 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-13 16:18 . 2009-07-08 17:53 1 ----a-w- c:\users\Tara and Shane\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2008-09-02 06:24 . 2008-09-02 06:24 4 --sh--r- c:\windows\System32\drivers\taishop.sys
.
------- Sigcheck -------
[-] 2009-04-11 06:32 . 316491FFAA9136EB7CEB772230BBBD32 . 19944 . . [------] . . c:\windows\System32\drivers\atapi.sys
[7] 2009-04-11 . 1F05B78AB91C9075565A9D8A4B880BC4 . 19944 . . [6.0.6002.18005] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[7] 2008-09-05 . B35CFCEF838382AB6490B321C87EDF17 . 21560 . . [6.0.6000.16632] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[7] 2008-01-19 . 2D9C903DC76A66813D350A562DE40ED9 . 21560 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[7] 2006-11-02 . 4F4FCB8B6EA06784FB6D475B7EC7300F . 19048 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2009-04-01 17:16 193472 ------w- c:\program files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-27 247144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-09-17 645328]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-07-23 1181064]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-23 438272]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-08 148888]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-16 448080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2007-01-09 191552]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-07 34352]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-08 55416]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-06-14 30192]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-04-10 413696]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-09-11 180224]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-23 538744]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-05-29 1826816]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-06-13 4489216]
"NDSTray.exe"="NDSTray.exe" [BU]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscs vc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxs ervice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcore service]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDef end]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=""
"FirewallOverride"=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):a2,28,c6,18,00,3f,ca,01
R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [9/18/2009 4:37 AM 206256]
R1 StarEther;StarEther NDIS Protocol Driver;c:\windows\System32\drivers\StarEther.sys [9/29/2009 11:52 PM 34136]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [3/11/2009 8:25 AM 206096]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [9/18/2009 4:37 AM 348752]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [8/27/2009 7:05 AM 92008]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [3/30/2009 3:28 PM 1533808]
S1 StarPort;StarPort Storage Controller;c:\windows\System32\drivers\StarPort.sys [9/29/2009 11:52 PM 569816]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [9/30/2009 12:19 AM 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [8/5/2009 9:48 PM 704864]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [6/13/2009 4:56 PM 30192]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - MBR
*NewlyCreated* - PROCEXP113
*Deregistered* - mbr
*Deregistered* - mchInjDrv
*Deregistered* - PROCEXP113
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
2009-11-08 c:\windows\Tasks\Driver Robot.job
- c:\program files\Driver Robot\1.1.0.4\DriverRobot.exe [2009-09-30 17:22]
2009-10-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-21 19:22]
2009-10-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-21 19:22]
2009-11-08 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2008-09-14 14:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.igoogle.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &AIM Toolbar Search - c:\programdata\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: internet
Trusted Zone: mcafee.com
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
HKLM-Run-FBSSA - c:\program files\SGPSA\ie3sh.exe

**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-08 06:40
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8595450C]<<
kernel: MBR read successfully
user & kernel MBR OK
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(4508)
c:\program files\Spyware Doctor\pctgmhk.dll
.
Completion time: 2009-11-08 6:48
ComboFix-quarantined-files.txt 2009-11-08 14:48
Pre-Run: 167,595,380,736 bytes free
Post-Run: 166,850,514,944 bytes free
Current=1 Default=1 Failed=0 LastKnownGood=15 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
- - End Of File - - 12AB2E1215DF598DB84D57DCCECD06DC
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 79,289 posts.
  
Join Date: Aug 2003
Location: Quebec, Canada
11-Nov-2009, 08:24 PM #11
There was a bug in that version of ComboFix so please uninstall it as per the following instructions:


Follow these steps to uninstall Combofix and all of its files and components.
  • Click START then RUN
  • Now type ComboFix /uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.


Then grab the latest version please and do a new scan and post the new log.
__________________
Microsoft MVP - Consumer Security
trex1975's Avatar
Computer Specs
Junior Member with 18 posts.
  
Join Date: Nov 2009
Experience: Intermediate
11-Nov-2009, 11:25 PM #12
Combofix log
ComboFix 09-11-11.02 - Tara and Shane 11/10/2009 21:50.2.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3069.1594 [GMT -8:00]
Running from: c:\users\Tara and Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BV0FF56\ComboFix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Created from 2009-10-11 to 2009-11-11 )))))))))))))))))))))))))))))))
.
2009-11-11 19:59 . 2009-11-11 19:59 2015744 ----a-w- c:\users\Tara and Shane\AppData\Roaming\CC\cc.exe
2009-11-11 16:03 . 2009-11-11 16:03 550912 ----a-w- c:\users\Tara and Shane\AppData\Roaming\CC\agent.exe
2009-11-11 06:12 . 2009-11-11 06:12 -------- d-----w- c:\users\Tara and Shane\AppData\Local\temp
2009-11-11 06:12 . 2009-11-11 06:12 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-11-11 06:12 . 2009-11-11 06:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-11 05:37 . 2009-11-11 05:39 76263 ----a-w- c:\users\Tara and Shane\AppData\Roaming\CC\uninstall.exe
2009-11-11 05:37 . 2009-11-11 05:37 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\CC
2009-11-08 14:07 . 2009-11-08 14:07 3563165 ----a-r- c:\users\Public\puppy.exe
2009-11-08 05:01 . 2009-11-08 05:01 -------- d-----w- c:\programdata\SiteAdvisor
2009-11-08 02:45 . 2009-11-08 02:45 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\Malwarebytes
2009-11-08 02:45 . 2009-09-10 22:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-08 02:45 . 2009-11-08 02:45 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-08 02:45 . 2009-11-08 02:45 -------- d-----w- c:\programdata\Malwarebytes
2009-11-08 02:45 . 2009-09-10 22:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-08 00:45 . 2009-11-08 02:54 -------- d-----w- C:\SafetyCenter
2009-11-07 21:57 . 2009-11-07 21:57 -------- d-----w- c:\program files\Trend Micro
2009-11-07 17:02 . 2009-11-07 17:02 -------- d-----w- c:\program files\iPod
2009-11-07 17:02 . 2009-11-07 17:03 4096 d-----w- c:\program files\iTunes
2009-11-07 16:56 . 2009-11-07 16:56 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-07 16:51 . 2009-11-07 16:51 -------- d-----w- c:\program files\Alwil Software
2009-11-07 02:42 . 2009-11-07 19:12 -------- d-----w- c:\users\Tara and Shane\AppData\Local\McAfee Anti-Theft
2009-11-07 02:37 . 2009-11-07 02:42 -------- d-----w- c:\programdata\McAfee Anti-Theft
2009-11-07 02:28 . 2009-11-07 02:28 -------- d-----w- c:\program files\McAfee(94)
2009-11-06 18:21 . 2009-11-06 18:22 -------- d-----w- c:\programdata\McAfee(127)
2009-11-06 07:38 . 2009-11-06 07:38 -------- d-----w- c:\programdata\WindowsSearch
2009-11-06 05:47 . 2009-11-06 05:52 -------- d-----w- c:\programdata\SITEguard
2009-11-06 05:43 . 2009-11-06 18:13 4096 d-----w- c:\program files\STOPzilla!
2009-11-06 05:43 . 2009-11-06 05:43 -------- d-----w- c:\program files\Common Files\iS3
2009-11-06 05:43 . 2009-11-06 18:13 -------- d-----w- c:\programdata\STOPzilla!
2009-11-05 22:11 . 2009-11-05 22:11 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\AVG8
2009-11-03 22:55 . 2009-11-03 22:56 4096 d-----w- C:\BigFishGamesCache
2009-11-03 22:24 . 2009-11-03 22:24 -------- d-----w- c:\programdata\Sandlot Games
2009-11-03 02:08 . 2009-09-24 22:54 258048 ----a-w- c:\windows\system32\winspool(517).drv
2009-11-03 02:08 . 2009-09-24 22:54 258048 ----a-w- c:\windows\system32\winspool(479).drv
2009-11-03 02:08 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs(515).dll
2009-11-03 02:08 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs(477).dll
2009-11-03 02:05 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc(482).dll
2009-11-03 02:05 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc(447).dll
2009-11-03 02:05 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc(481).dll
2009-11-03 02:05 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc(446).dll
2009-11-03 01:49 . 2009-11-07 00:02 4096 d-----w- c:\users\Tara and Shane\AppData\Local\CyberDefender Internet Security
2009-11-02 03:02 . 2009-11-08 02:54 -------- d-----w- c:\programdata\msca
2009-11-01 18:02 . 2009-11-01 18:03 -------- d-----w- c:\program files\AlphaAV(0)
2009-10-31 17:39 . 2009-10-31 17:39 -------- d-----w- c:\programdata\Fugazo
2009-10-30 23:01 . 2009-11-06 05:17 -------- d-----w- c:\program files\iPod(10)
2009-10-30 23:01 . 2009-10-30 23:01 -------- d-----w- c:\program files\iPod(9)
2009-10-30 23:00 . 2009-10-30 23:03 4096 d-----w- c:\program files\iTunes(10)
2009-10-30 22:44 . 2009-11-06 05:17 8192 d-----w- c:\program files\Safari
2009-10-27 19:55 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-27 19:55 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-27 02:06 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-27 02:06 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-27 02:06 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-27 02:06 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-27 02:06 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-27 02:06 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups(530).dll
2009-10-27 02:06 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-27 02:06 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-27 02:06 . 2009-08-07 02:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-27 02:06 . 2009-08-07 01:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-25 07:26 . 2009-11-08 08:46 5360816 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\updates\a4d7111605bfa7aac1226573 939eaa24\DriverRobot_Setup.exe
2009-10-23 17:24 . 2009-10-23 17:24 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-23 17:21 . 2009-10-23 17:21 4096 d-----w- c:\program files\Times Reader
2009-10-23 17:20 . 2009-10-23 17:19 38208 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe
2009-10-23 17:20 . 2009-10-23 17:19 38208 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe
2009-10-23 17:20 . 2009-10-23 17:20 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-10-23 17:18 . 2009-10-23 17:18 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe
2009-10-23 17:17 . 2009-10-23 21:35 4096 d-----w- c:\programdata\NOS
2009-10-22 22:02 . 2009-10-22 22:02 -------- d-----w- c:\programdata\MumboJumbo
2009-10-16 04:31 . 2009-10-16 04:31 8192 d-----w- c:\windows\SQL9_KB970892_ENU
2009-10-16 00:14 . 2009-10-16 00:14 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\Playrix Entertainment
2009-10-14 15:43 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 15:41 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-14 15:37 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-13 14:31 . 2009-10-13 14:31 -------- d-----w- c:\programdata\Office Genuine Advantage
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-10 22:42 . 2009-09-18 12:37 40960 d-----w- c:\program files\Spyware Doctor
2009-11-08 08:46 . 2009-09-30 05:51 4096 d-----w- c:\program files\Driver Robot
2009-11-08 04:32 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender
2009-11-08 04:32 . 2009-03-01 20:45 4096 d-----w- c:\programdata\HP Product Assistant
2009-11-08 04:32 . 2008-12-16 00:42 4096 d-----w- c:\program files\McAfee
2009-11-08 04:32 . 2009-03-11 16:22 -------- d-----w- c:\program files\McAfee.com
2009-11-08 04:32 . 2009-03-11 16:23 4096 d-----w- c:\program files\Common Files\McAfee
2009-11-08 04:32 . 2009-06-28 19:07 4096 d-----w- c:\program files\BlueVoda Website Builder
2009-11-08 04:01 . 2008-10-14 16:53 1356 ----a-w- c:\users\Tara and Shane\AppData\Local\d3d9caps.dat
2009-11-08 03:00 . 2009-07-27 13:59 -------- d-----w- c:\program files\FastestP2P Toolbar3
2009-11-08 01:48 . 2009-07-08 17:17 4096 d-----w- c:\program files\OpenOffice.org 3
2009-11-08 01:42 . 2009-01-28 20:01 -------- d-----w- c:\programdata\Viewpoint
2009-11-08 01:41 . 2009-01-28 20:01 -------- d-----w- c:\program files\Viewpoint
2009-11-08 01:38 . 2007-11-21 07:08 12288 d-----w- c:\program files\TOSHIBA Games
2009-11-08 01:38 . 2007-11-21 07:08 4096 d-----w- c:\programdata\WildTangent
2009-11-07 23:55 . 2007-11-21 05:15 12288 d-----w- c:\programdata\Microsoft Help
2009-11-07 20:44 . 2009-09-10 22:48 4096 d-----w- c:\program files\Search Guard PlusU
2009-11-07 19:25 . 2008-12-07 20:25 8192 d-----w- c:\users\Tara and Shane\AppData\Roaming\LimeWire
2009-11-07 17:02 . 2008-11-17 03:26 4096 d-----w- c:\program files\Common Files\Apple
2009-11-07 08:02 . 2008-12-16 00:03 4096 d-----w- c:\programdata\McAfee
2009-11-03 04:42 . 2009-10-03 18:02 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 03:22 . 2007-11-21 05:10 4096 d-----w- c:\program files\Java
2009-10-22 21:49 . 2008-11-09 09:35 1614328 ----a-w- c:\programdata\WildTangent\TOSHIBA Game Console\Downloads\en-us\Installers\SetupGamesClient.exe
2009-10-16 11:33 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-10-16 04:31 . 2009-08-14 16:51 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-13 14:31 . 2008-09-02 05:58 116584 ----a-w- c:\users\Tara and Shane\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-13 04:26 . 2007-11-21 05:18 8192 d-----w- c:\program files\Microsoft Works
2009-10-01 02:22 . 2009-09-29 04:02 -------- d-----w- c:\program files\ATI Technologies
2009-09-30 08:22 . 2009-09-30 08:22 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2009-09-30 08:21 . 2009-09-30 08:21 -------- d-----w- c:\program files\Synaptics
2009-09-30 08:19 . 2009-09-30 08:19 4096 d-----w- c:\program files\Microsoft Office Outlook Connector
2009-09-30 08:19 . 2009-09-30 08:18 -------- d-----w- c:\program files\Windows Live
2009-09-30 08:18 . 2009-09-30 08:11 -------- d-----w- c:\program files\Microsoft
2009-09-30 08:18 . 2009-09-30 08:18 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-30 08:15 . 2009-09-30 08:15 -------- d-----w- c:\program files\Common Files\Windows Live
2009-09-30 07:52 . 2009-09-30 07:52 -------- d-----w- c:\program files\StarWind Software
2009-09-30 07:02 . 2009-09-30 06:43 399972848 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\eb1e7ba15bd536741d92c2 8930c62d64\hp_LJP2014_Full_Solution_ROW.exe
2009-09-30 06:55 . 2009-09-30 06:44 120102256 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\d67c20c52e5ab9a7efee24 91b6538cc7\driver_video_ati_os2008051b.exe
2009-09-30 06:53 . 2009-09-30 06:43 100490728 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\0743a32f763e9ea4918eac 656bcdd666\SF_CDA_Full_Non-Network_enu.exe
2009-09-30 06:48 . 2009-09-30 06:44 27618728 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\d629a76dea4ee1a0a4fec7 7a9cccdc08\driver_touchpad_synaptics_27998B.exe
2009-09-30 06:46 . 2009-09-30 06:44 15117544 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\81a3e1afdb8ab1fff5680b d4bb799ed2\HP_LJ_P4010_PCL6_32Bit.exe
2009-09-30 06:44 . 2009-09-30 06:44 3430103 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\1a82470ac2dd9c3cd5bc92 d1a994d95e\motherboard_driver_lan_realtek_8111_vista.exe
2009-09-30 06:44 . 2009-09-30 06:43 6142952 ----a-w- c:\users\Tara and Shane\AppData\Roaming\Blitware\DriverRobot\downloads\4a4260cd80e46e2755130c 743dc3f215\sp35034.exe
2009-09-29 03:46 . 2009-09-29 03:46 19919456 ----a-w- c:\programdata\PC Drivers HeadQuarters\Driver Detective\Downloads\9-6_vista32-64_sb.exe
2009-09-26 23:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-09-26 23:07 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar
2009-09-26 23:07 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal
2009-09-26 23:07 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration
2009-09-26 23:07 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery
2009-09-26 23:03 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-09-26 22:43 . 2009-02-03 18:45 4096 d-----w- c:\users\Tara and Shane\AppData\Roaming\Skype
2009-09-20 16:57 . 2009-09-20 16:56 -------- d-----w- c:\program files\Microsoft ATS
2009-09-18 22:24 . 2009-09-18 22:24 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\Blitware
2009-09-18 22:16 . 2008-09-02 06:35 -------- d-----w- c:\program files\ATI
2009-09-18 12:39 . 2009-09-18 12:37 -------- d-----w- c:\program files\Common Files\PC Tools
2009-09-18 12:37 . 2009-09-18 12:37 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\PC Tools
2009-09-18 12:37 . 2009-09-18 12:37 -------- d-----w- c:\programdata\PC Tools
2009-09-17 13:48 . 2009-09-17 13:48 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2009-09-17 13:46 . 2007-11-21 03:43 12288 d--h--w- c:\program files\InstallShield Installation Information
2009-09-16 17:22 . 2009-03-11 16:23 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-09-16 17:22 . 2009-03-11 16:23 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2009-09-16 17:22 . 2009-03-11 16:23 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-09-16 17:22 . 2009-01-09 19:03 214664 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2009-09-16 17:22 . 2009-03-11 16:19 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2009-09-15 23:34 . 2008-12-06 02:18 -------- d-----w- c:\users\Tara and Shane\AppData\Roaming\Apple Computer
2009-09-04 11:41 . 2009-10-14 15:42 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 02:42 . 2009-08-29 02:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-29 02:42 . 2009-08-29 02:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-29 00:27 . 2009-09-03 00:47 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-03 00:47 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 21:10 . 2009-08-27 21:10 1024896 ----a-w- c:\users\Public\MyWebTattoo.exe
2009-08-27 05:22 . 2009-10-14 15:42 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:17 . 2009-10-14 15:42 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 05:17 . 2009-10-14 15:42 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 03:42 . 2009-10-14 15:42 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-24 21:05 . 2009-09-18 12:37 206256 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-08-19 18:01 . 2009-09-18 12:37 86888 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-08-18 19:27 . 2009-08-18 19:27 120833 ----a-w- c:\users\Public\SetupGamevance.exe
2009-08-18 06:33 . 2009-08-18 06:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-15 00:08 . 2009-08-04 17:50 118 ----a-w- c:\users\Tara and Shane\AppData\Roaming\MTC-savedfolder.dat
2009-08-14 22:47 . 2009-08-14 22:47 746760 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\Spotlight Resources.dll
2009-08-14 16:27 . 2009-09-08 19:13 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-08 19:13 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-08 19:13 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-08 19:13 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-08 19:13 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-08 19:13 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-08 19:13 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-08 19:13 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-08 19:13 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-08 19:13 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-08 19:13 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-13 16:18 . 2009-07-08 17:53 1 ----a-w- c:\users\Tara and Shane\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2008-09-02 06:24 . 2008-09-02 06:24 4 --sh--r- c:\windows\System32\drivers\taishop.sys
.
------- Sigcheck -------
[-] 2009-04-11 06:32 . 316491FFAA9136EB7CEB772230BBBD32 . 19944 . . [------] . . c:\windows\System32\drivers\atapi.sys
[7] 2009-04-11 . 1F05B78AB91C9075565A9D8A4B880BC4 . 19944 . . [6.0.6002.18005] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[7] 2008-09-05 . B35CFCEF838382AB6490B321C87EDF17 . 21560 . . [6.0.6000.16632] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[7] 2008-01-19 . 2D9C903DC76A66813D350A562DE40ED9 . 21560 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[7] 2006-11-02 . 4F4FCB8B6EA06784FB6D475B7EC7300F . 19048 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2009-04-01 17:16 193472 ------w- c:\program files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-27 247144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"agent.exe"="c:\users\Tara and Shane\AppData\Roaming\CC\agent.exe" [2009-11-11 550912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-09-17 645328]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-07-23 1181064]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-23 438272]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-08 148888]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-16 448080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2007-01-09 191552]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-07 34352]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-08 55416]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-06-14 30192]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-04-10 413696]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-09-11 180224]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-23 538744]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-05-29 1826816]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-06-13 4489216]
"NDSTray.exe"="NDSTray.exe" [BU]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscs vc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxs ervice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcore service]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDef end]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=""
"FirewallOverride"=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):a2,28,c6,18,00,3f,ca,01
R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [9/18/2009 4:37 AM 206256]
R1 StarEther;StarEther NDIS Protocol Driver;c:\windows\System32\drivers\StarEther.sys [9/29/2009 11:52 PM 34136]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [3/11/2009 8:25 AM 206096]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [9/18/2009 4:37 AM 348752]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [8/27/2009 7:05 AM 92008]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [3/30/2009 3:28 PM 1533808]
S1 StarPort;StarPort Storage Controller;c:\windows\System32\drivers\StarPort.sys [9/29/2009 11:52 PM 569816]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [9/30/2009 12:19 AM 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [8/5/2009 9:48 PM 704864]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [6/13/2009 4:56 PM 30192]
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
*Deregistered* - mchInjDrv
*Deregistered* - PROCEXP113
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
2009-11-09 c:\windows\Tasks\Driver Robot.job
- c:\program files\Driver Robot\1.1.0.4\DriverRobot.exe [2009-09-30 17:22]
2009-10-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-21 19:22]
2009-10-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-21 19:22]
2009-11-09 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2008-09-14 14:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.igoogle.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &AIM Toolbar Search - c:\programdata\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: internet
Trusted Zone: mcafee.com
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-10 22:12
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8595250C]<<
kernel: MBR read successfully
user & kernel MBR OK
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(7428)
c:\program files\Spyware Doctor\pctgmhk.dll
c:\program files\McAfee\SiteAdvisor\saHook.dll
.
Completion time: 2009-11-11 22:20
ComboFix-quarantined-files.txt 2009-11-11 06:20
ComboFix2.txt 2009-11-08 14:48
Pre-Run: 166,309,511,168 bytes free
Post-Run: 166,275,928,064 bytes free
Current=1 Default=1 Failed=0 LastKnownGood=1 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
- - End Of File - - 8826EF7C66EF834F518CE822078D7D22
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 79,289 posts.
  
Join Date: Aug 2003
Location: Quebec, Canada
12-Nov-2009, 08:27 PM #13
Download GMER from: http://gmer.net/index.php

Save it on your desktop and unzip it.

Double click the gmer.exe to run it and select the rootkit tab and press scan. When the scan is done, click Copy. This will copy the report to the clipboard. Paste it into Notepad and save it and also paste the log report back here please.
__________________
Microsoft MVP - Consumer Security
trex1975's Avatar
Computer Specs
Junior Member with 18 posts.
  
Join Date: Nov 2009
Experience: Intermediate
12-Nov-2009, 11:54 PM #14
RE: Mcafee integrated security platform has stopped working
GMER 1.0.15.15220 - http://www.gmer.net
Rootkit quick scan 2009-11-11 22:45:51
Windows 6.0.6002 Service Pack 2
Running: tm3mo760.exe; Driver: C:\Users\TARAAN~1\AppData\Local\Temp\axxyakog.sys

---- System - GMER 1.0.15 ----
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenProcess [0x927AB710]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenThread [0x927AB724]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetContextThread [0x927AB78C]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetInformationProcess [0x927AB778]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenProcess
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenThread
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtSetInformationProcess
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Ip Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
Device \Driver\00001484 -> \Driver\atapi \Device\Harddisk0\DR0 85D7350C
---- EOF - GMER 1.0.15 ----


This is the only the only scan I got. This was something that happened automatically. You said to click the scan button, so thinking there may be more, I clicked scan, i tried it twice and both times it immediately restarted my computer. If you need me to do something different, let me know. Thank you for all your time and help. The computer is acting much better but is still claiming to not have protection - hence the Mcafee issue. Thanks again!
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 79,289 posts.
  
Join Date: Aug 2003
Location: Quebec, Canada
14-Nov-2009, 03:34 PM #15
Please navigate to this folder:

c:\program files\McAfee

Do you have several folders by this same name with a number in brackets beside it, i.e. McAfee(94)?
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply
Page 1 of 2 1 2

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 02:17 AM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.