1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Windows 7 won't Update, and Internet explorer keeps having an error!

Discussion in 'Virus & Other Malware Removal' started by TracyLWilliams, Apr 1, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. TracyLWilliams

    TracyLWilliams Thread Starter

    Joined:
    Apr 1, 2011
    Messages:
    7
    Hi. I am not sure if I am infected, but I posted in another forum, and someone told me it sounds like I am. They told me to post here. The basics... I bought a brand new Dell Inspiron M5010. I am the first owner, and have the dell 1 year standard mail in service warranty. Right now, I have Mc Afee installed, because it came for a free month with the computer. I was planning on switching to Norton once my trial ended, but since I am having issues with my other computers as well, I am looking for a very good antivirus (even if it costs money) for Windows 7. This computer came with Windows 7 home premium...
    and I have the product key sticker on the bottom of my laptop. Since I have gotten the laptop, a little flag with an x on it pops up... It will tell me several messages all at different times... Sometimes it will tell me my windows firewall isn't on, but when I access the control panel, it says it is on. I have tried clicking the turn on now button and nothing happens. The flag will also say that it can't update my computer and no updates have ever been added... Also it will tell me that internet explorer 8 stopped working properly. It will also tell me that internet explorer has stopped working. (I have one internet explorer that says 64 bit next to it, and one in another location that just says internet explorer, I think this one is the 8.) I have moderate computer skills... and really need this taken care of quickly. I am in college, so it is very important that my computer works! The whole point of me getting this one was because I paid $200 to get my desktop fixed, spent $70 on Norton, and it is still a piece of poop! PLEASE HELP ME!!! Below are the things requested ( I am a little concerned because it says file missing a lot)... I do not have an ark file because the last one didn't find anything... Thanks in advance!

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:13:30 PM, on 4/1/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files (x86)\ooVoo\ooVoo.exe
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2086743
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files (x86)\McAfee\MSK\MskAPBho.dll (file missing)
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    O2 - BHO: ooVoo Toolbar - {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110314211747.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AdobeReader - {ABBBDB99-FD20-4E38-A2DE-18D9BB2948CC} - C:\Users\Tracy\AppData\Roaming\AdobeReader\IE\AdobeReader.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Gears - {C526C1B5-6BD8-402E-B365-81DD4C97DB17} - C:\Users\Tracy\AppData\Roaming\Gears\IE\Gears.dll
    O2 - BHO: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: ooVoo Toolbar - {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O3 - Toolbar: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
    O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
    O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [Communicator] "C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe" /fromrunkey
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
    O4 - HKCU\..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O16 - DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14} (ooVooWebCtrl Class) - http://cdn03.oovoo.com/oovoomelink/oovoome/webvc/ooVooWeb.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    --
    End of file - 12259 bytes

    .
    DDS (Ver_11-03-05.01) - NTFS_AMD64
    Run by Tracy at 23:15:09.44 on Fri 04/01/2011
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1592 [GMT -4:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe
    C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\mfevtps.exe
    C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    C:\Windows\System32\StikyNot.exe
    C:\Program Files (x86)\ooVoo\ooVoo.exe
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\msiexec.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\Tracy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NCEUSYMH\dds[1].com
    C:\Windows\system32\conhost.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2086743
    uDefault_Page_URL = about:blank
    uURLSearchHooks: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll
    mURLSearchHooks: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll
    mWinlogon: Userinit=userinit.exe
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - C:\Program Files (x86)\McAfee\MSK\MskAPBho.dll
    BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    BHO: ooVoo Toolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110314211747.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AdobeReader: {abbbdb99-fd20-4e38-a2de-18d9bb2948cc} - C:\Users\Tracy\AppData\Roaming\AdobeReader\IE\AdobeReader.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    BHO: Gears: {c526c1b5-6bd8-402e-b365-81dd4c97db17} - C:\Users\Tracy\AppData\Roaming\Gears\IE\Gears.dll
    BHO: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB: ooVoo Toolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
    TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    TB: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll
    TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
    uRun: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
    mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
    mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
    mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    mRun: [Communicator] "C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe" /fromrunkey
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14} - hxxp://cdn03.oovoo.com/oovoomelink/oovoome/webvc/ooVooWeb.dll
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL
    BHO-X64: McAfee Phishing Filter - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
    BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110314211747.dll
    BHO-X64: scriptproxy - No File
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB-X64: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
    TB-X64: {DD02A4EB-4AFD-4D60-99D8-E67F964CA813} - No File
    TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
    EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File
    mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
    mRun-x64: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    mRun-x64: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-14 529128]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-2-24 55280]
    R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2011-3-14 75032]
    R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-14 283360]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [2011-2-24 89600]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-24 202752]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
    R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-14 355440]
    R2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-14 355440]
    R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-3-14 200056]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-3-14 245352]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-3-14 149032]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
    R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-2-24 6790144]
    R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-2-24 220672]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-2-24 172704]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-14 190136]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-14 441328]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2009-12-2 721768]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2009-12-2 269672]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-12-2 25960]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2009-12-2 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-2-24 38456]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
    R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]
    R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-14 62800]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-14 94864]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-2-24 232480]
    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-2-24 325152]
    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-31 47128]
    S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936]
    .
    =============== Created Last 30 ================
    .
    2011-04-02 03:05:43 388096 ----a-r- C:\Users\Tracy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-04-02 03:05:43 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2011-04-01 01:38:47 683801 ----a-w- C:\Windows\unins000.exe
    2011-04-01 01:38:47 578192 ----a-w- C:\Windows\SysWow64\stub.ocx
    2011-03-30 04:36:23 -------- d-----w- C:\Program Files (x86)\Conduit
    2011-03-30 04:36:20 -------- d-----w- C:\Program Files (x86)\ConduitEngine
    2011-03-30 04:36:19 -------- d-----w- C:\Program Files (x86)\PHPNukeEN
    2011-03-30 04:31:04 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes
    2011-03-29 21:17:28 -------- d-----w- C:\Users\Tracy\AppData\Local\ElevatedDiagnostics
    2011-03-29 00:57:44 344064 ----a-w- C:\Windows\System32\CNMLMA5.DLL
    2011-03-29 00:57:17 307200 ----a-w- C:\Windows\SysWow64\CNC340L.dll
    2011-03-29 00:57:17 102400 ----a-w- C:\Windows\SysWow64\CNC340U.dll
    2011-03-29 00:57:16 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll
    2011-03-29 00:57:15 346624 ----a-w- C:\Windows\System32\CNC340L.dll
    2011-03-29 00:57:15 17920 ----a-w- C:\Windows\System32\CNHMCA6.dll
    2011-03-29 00:57:15 1324544 ----a-w- C:\Windows\System32\CNC340C.dll
    2011-03-29 00:57:15 109568 ----a-w- C:\Windows\System32\CNC340I.dll
    2011-03-28 20:56:35 -------- d-----w- C:\Program Files\Common Files\CANON
    2011-03-28 20:54:43 -------- d-----w- C:\Program Files\Canon
    2011-03-28 20:53:10 84480 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPA5.DLL
    2011-03-28 20:53:10 28672 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDA5.DLL
    2011-03-28 20:51:45 337920 ----a-w- C:\Windows\System32\CNMN6PPM.DLL
    2011-03-28 20:51:45 144384 ----a-w- C:\Windows\System32\CNMN6UI.DLL
    2011-03-28 20:51:45 -------- d-----w- C:\Windows\System32\STRING
    2011-03-28 20:51:43 -------- d-----w- C:\Windows\System32\CHM
    2011-03-28 20:50:18 -------- d-----w- C:\Program Files (x86)\Canon
    2011-03-27 21:24:58 -------- d-----w- C:\Users\Tracy\AppData\Roaming\Gears
    2011-03-27 21:24:58 -------- d-----w- C:\Users\Tracy\AppData\Roaming\AdobeReader
    2011-03-27 21:24:57 -------- d-----w- C:\Users\Tracy\AppData\Roaming\ooVoo Details
    2011-03-27 21:24:38 -------- d-----w- C:\Program Files (x86)\oovootoolbar
    2011-03-27 21:23:29 -------- d-----w- C:\Program Files (x86)\ooVoo
    2011-03-21 17:32:38 -------- d-----w- C:\Users\Tracy\Tracing
    2011-03-21 17:27:50 -------- d-----w- C:\Program Files (x86)\Microsoft Small Business
    2011-03-21 17:27:29 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
    2011-03-21 17:25:32 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$MSSMLBIZ-sqlagtctr10.1.2531.0.dll
    2011-03-21 17:25:18 79896 ----a-w- C:\Windows\SysWow64\perf-MSSQL$MSSMLBIZ-sqlctr10.1.2531.0.dll
    2011-03-21 17:23:14 -------- d-----w- C:\Windows\SysWow64\1033
    2011-03-21 17:23:14 -------- d-----w- C:\Windows\System32\1033
    2011-03-21 17:23:14 -------- d-----w- C:\Program Files\Microsoft SQL Server
    2011-03-21 17:21:02 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
    2011-03-21 17:18:11 -------- d-----w- C:\Program Files (x86)\Microsoft Office Communicator
    2011-03-21 17:04:01 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
    2011-03-21 17:01:27 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
    2011-03-21 17:00:52 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
    2011-03-21 17:00:38 -------- d-----w- C:\Users\Tracy\AppData\Local\Microsoft Help
    2011-03-18 21:24:30 -------- d-----w- C:\PROGRA~3\VirtualizedApplications
    2011-03-18 19:11:50 -------- d-----w- C:\Users\Tracy\AppData\Local\SoftGrid Client
    2011-03-18 19:11:49 -------- d-----w- C:\Users\Tracy\AppData\Roaming\SoftGrid Client
    2011-03-18 19:10:58 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
    2011-03-18 19:10:42 -------- d-----w- C:\Users\Tracy\AppData\Roaming\TP
    2011-03-18 18:41:43 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
    2011-03-18 17:47:35 -------- d-----w- C:\Users\Tracy\AppData\Local\Adobe
    2011-03-18 00:54:02 -------- d-----w- C:\Users\Tracy\AppData\Roaming\Any DVD Clone
    2011-03-18 00:53:40 -------- d-----w- C:\Program Files (x86)\Any DVD Clone
    2011-03-17 23:32:18 -------- d-----w- C:\Users\Tracy\AppData\Roaming\Macrovision
    2011-03-16 21:37:05 -------- d-----w- C:\PROGRA~3\NortonInstaller
    2011-03-16 18:23:28 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
    2011-03-16 17:59:17 -------- d-----w- C:\Program Files (x86)\123CopyDVD 2011
    2011-03-15 18:11:56 -------- d-----w- C:\Users\Tracy\AppData\Local\Yahoo
    2011-03-15 17:23:32 -------- d-----w- C:\Users\Tracy\AppData\Local\Yahoo!
    2011-03-15 17:19:32 -------- d-----w- C:\Program Files (x86)\Yahoo!
    2011-03-15 05:54:58 -------- d-----w- C:\Users\Tracy\AppData\Local\Microsoft Games
    2011-03-15 05:10:02 -------- d-----w- C:\Users\Tracy\AppData\Local\Cyberlink
    2011-03-15 01:17:57 -------- d-----w- C:\Program Files\McAfee.com
    2011-03-15 01:17:46 9984 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
    2011-03-15 01:17:02 149032 ----a-w- C:\Windows\System32\mfevtps.exe
    2011-03-15 01:17:00 94864 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
    2011-03-15 01:17:00 75032 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
    2011-03-15 01:17:00 529128 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
    2011-03-15 01:17:00 441328 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
    2011-03-15 01:17:00 283360 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
    2011-03-15 01:17:00 190136 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
    2011-03-15 01:17:00 121248 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
    2011-03-15 01:16:59 62800 ----a-w- C:\Windows\System32\drivers\cfwids.sys
    2011-03-14 19:11:12 -------- d-----w- C:\Users\Tracy\AppData\Local\Diagnostics
    2011-03-14 16:34:29 -------- d-----w- C:\Users\Tracy\AppData\Local\ATI
    2011-03-14 16:33:01 -------- d-----w- C:\Users\Tracy\AppData\Local\VirtualStore
    .
    ==================== Find3M ====================
    .
    2011-02-24 22:03:09 0 ----a-w- C:\Windows\ativpsrm.bin
    2011-02-24 20:40:09 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2011-02-24 20:40:09 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
    2011-02-24 20:40:08 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2011-02-24 20:31:18 80 --sh--r- C:\Windows\CT4CET.bin
    .
    ============= FINISH: 23:16:08.54 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-03-05.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 3/14/2011 12:32:41 PM
    System Uptime: 4/1/2011 2:37:06 PM (9 hours ago)
    .
    Motherboard: Dell Inc. | | 0WTVYR
    Processor: AMD Athlon(tm) II P340 Dual-Core Processor | CPU 1 | 2200/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 284 GiB total, 249.317 GiB free.
    D: is FIXED (NTFS) - 14 GiB total, 7.679 GiB free.
    E: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    .
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.1
    Advanced Audio FX Engine
    Any DVD Clone 1.2.9
    AviSynth 2.5
    Business Contact Manager for Microsoft Outlook 2010
    Canon Easy-WebPrint EX
    Canon MP Navigator EX 3.1
    Canon MX340 series User Registration
    Canon Speed Dial Utility
    Canon Utilities Easy-PhotoPrint EX
    Canon Utilities My Printer
    Canon Utilities Solution Menu
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    CloneDVD2
    Conduit Engine
    CyberLink PowerDVD 9.5
    Dell Webcam Central
    HiJackThis
    Junk Mail filter update
    Live! Cam Avatar Creator
    McAfee SecurityCenter
    Microsoft Chart Controls for Microsoft .NET Framework 3.5
    Microsoft Choice Guard
    Microsoft Office 2010
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Communicator 2007 R2
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Starter 2010 - English
    Microsoft Office Word MUI (English) 2010
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server 2008
    Microsoft SQL Server 2008 Browser
    Microsoft SQL Server 2008 Common Files
    Microsoft SQL Server 2008 Database Engine Services
    Microsoft SQL Server 2008 Database Engine Shared
    Microsoft SQL Server 2008 RsFx Driver
    Microsoft SQL Server 2008 Setup Support Files
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010)
    MSVCRT
    MyITLab ActiveX Installer 2, 9, 8, 65535
    ooVoo
    ooVoo Toolbar
    PHPNukeEN Toolbar
    Roxio Burn
    Service Pack 1 for SQL Server 2008 (KB968369)
    Sql Server Customer Experience Improvement Program
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Yahoo! BrowserPlus 2.9.8
    Yahoo! Messenger
    Yahoo! Software Update
    .
    ==== Event Viewer Messages From Past Week ========
    .
    4/1/2011 2:38:34 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    4/1/2011 2:37:26 PM, Error: Service Control Manager [7000] - The McAfee Anti-Spam Service service failed to start due to the following error: The system cannot find the file specified.
    4/1/2011 10:45:45 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer USER-A16EC19A5E that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CB283010-77C5-487D-8F63-3D13F35DF43D}. The master browser is stopping or an election is being forced.
    3/29/2011 3:41:46 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
    3/28/2011 9:02:25 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    .
    ==== End Of File ===========================
     
  2. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    77,173
    First Name:
    Terry
    If you are infected then McAfee didn't help; you don't plan to keep it anyhow; and I suspect that it may possibly be your networking problem. Uninstall it and run the Removal Tool. The Windows firewall should then run properly.

    Please understand that I am not addressing your malware question at all; that's for the experts here.
     
  3. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,220
    First Name:
    Derek
    OK, it is very unlikely that you are infected
    Windows 7 uses a new system of readinmg whether an antivirus or firewall is working in teh security center alerts & many programs still try to write to the old location so W7 can't read them & gives you the warnings

    Uninstall Mcafee in the way Terry told you to & then reboot
    then try windows upodate & see what happens
    tell us if you can update or not
    if you can't then we will neeed to look deeper

    ignore the missing file reports in the logs, That is normal with a 64 bit system as HJT cannopt see the files, They do exist
     
  4. TracyLWilliams

    TracyLWilliams Thread Starter

    Joined:
    Apr 1, 2011
    Messages:
    7
    Ok... I uninstalled the MacAfee Software, and I still cannot update or turn on my Windows firewall. I tried to check for updates and I recieved the following message: An error occured while checking for new updates on your computer: Code: 80072EE2 (Windows update encountered an unknown error.) Then I went into my security center to check the messages, and it tells me that my network firewall is turned off or set up incorrectly. I tried hitting the turn on button, and nothing happened! I then tried all of the other links in there, and all of those links work (if that helps?) I have a lot of homework to do for school... Can I install Norton yet, or is there something else that I have to do first? I really don't want to leave my computer unprotected! PLEASE HELP! Thank you in advance!!!
     
  5. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,220
    First Name:
    Derek
    Run the fixit on http://support.microsoft.com/kb/971058 Run it in agressive mode & let us know if Windows update works then

    That error code, generally means that either a firewall is blocking Windows update or the update website is extremely busy


    please run dds again & post its new log
     
  6. TracyLWilliams

    TracyLWilliams Thread Starter

    Joined:
    Apr 1, 2011
    Messages:
    7
    I ran the fix it in agressive mode, and the same thing is happening!


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-03-05.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 3/14/2011 12:32:41 PM
    System Uptime: 4/4/2011 2:34:56 PM (0 hours ago)
    .
    Motherboard: Dell Inc. | | 0WTVYR
    Processor: AMD Athlon(tm) II P340 Dual-Core Processor | CPU 1 | 2200/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 284 GiB total, 248.363 GiB free.
    D: is FIXED (NTFS) - 14 GiB total, 7.679 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    .
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.1
    Advanced Audio FX Engine
    Any DVD Clone 1.2.9
    AnyDVD
    AviSynth 2.5
    Business Contact Manager for Microsoft Outlook 2010
    Canon Easy-WebPrint EX
    Canon MP Navigator EX 3.1
    Canon MX340 series User Registration
    Canon Speed Dial Utility
    Canon Utilities Easy-PhotoPrint EX
    Canon Utilities My Printer
    Canon Utilities Solution Menu
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    CloneDVD2
    CyberLink PowerDVD 9.5
    Dell Webcam Central
    HiJackThis
    Junk Mail filter update
    Live! Cam Avatar Creator
    Microsoft Chart Controls for Microsoft .NET Framework 3.5
    Microsoft Choice Guard
    Microsoft Office 2010
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Communicator 2007 R2
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Starter 2010 - English
    Microsoft Office Word MUI (English) 2010
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server 2008
    Microsoft SQL Server 2008 Browser
    Microsoft SQL Server 2008 Common Files
    Microsoft SQL Server 2008 Database Engine Services
    Microsoft SQL Server 2008 Database Engine Shared
    Microsoft SQL Server 2008 RsFx Driver
    Microsoft SQL Server 2008 Setup Support Files
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010)
    MSVCRT
    MyITLab ActiveX Installer 2, 9, 8, 65535
    ooVoo
    ooVoo Toolbar
    PHPNukeEN Toolbar
    Roxio Burn
    Service Pack 1 for SQL Server 2008 (KB968369)
    Sql Server Customer Experience Improvement Program
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Yahoo! BrowserPlus 2.9.8
    Yahoo! Messenger
    Yahoo! Software Update
    .
    ==== Event Viewer Messages From Past Week ========
    .
    4/4/2011 2:36:26 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    4/4/2011 2:35:17 PM, Error: Service Control Manager [7000] - The McAfee Anti-Spam Service service failed to start due to the following error: The system cannot find the file specified.
    4/4/2011 2:34:29 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer USER-A16EC19A5E that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CB283010-77C5-487D-8F63-3D13F35DF43D}. The master browser is stopping or an election is being forced.
    4/4/2011 10:35:53 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.
    4/4/2011 10:35:53 AM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
    4/4/2011 10:35:53 AM, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    4/3/2011 9:55:10 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.
    4/3/2011 10:22:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    4/3/2011 1:02:35 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.






    .
    DDS (Ver_11-03-05.01) - NTFS_AMD64
    Run by Tracy at 14:45:40.59 on Mon 04/04/2011
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1557 [GMT -4:00]
    .
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe
    C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    C:\Windows\System32\StikyNot.exe
    C:\Program Files (x86)\ooVoo\ooVoo.exe
    C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\splwow64.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10n_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Tracy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZIEOH7CD\dds[1].com
    C:\Windows\system32\conhost.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2086743
    uDefault_Page_URL = about:blank
    uURLSearchHooks: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll
    mURLSearchHooks: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll
    mWinlogon: Userinit=userinit.exe
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - C:\Program Files (x86)\McAfee\MSK\MskAPBho.dll
    BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    BHO: ooVoo Toolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AdobeReader: {abbbdb99-fd20-4e38-a2de-18d9bb2948cc} - C:\Users\Tracy\AppData\Roaming\AdobeReader\IE\AdobeReader.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    BHO: Gears: {c526c1b5-6bd8-402e-b365-81dd4c97db17} - C:\Users\Tracy\AppData\Roaming\Gears\IE\Gears.dll
    BHO: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB: ooVoo Toolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
    TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    TB: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll
    TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
    EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
    uRun: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
    uRun: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
    mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
    mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
    mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    mRun: [Communicator] "C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe" /fromrunkey
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14} - hxxp://cdn03.oovoo.com/oovoomelink/oovoome/webvc/ooVooWeb.dll
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL
    BHO-X64: McAfee Phishing Filter - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB-X64: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
    TB-X64: {DD02A4EB-4AFD-4D60-99D8-E67F964CA813} - No File
    TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
    EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File
    mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
    mRun-x64: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    mRun-x64: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-2-24 55280]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [2011-2-24 89600]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-24 202752]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
    R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-2-24 6790144]
    R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-2-24 220672]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-2-24 172704]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2009-12-2 721768]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2009-12-2 269672]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-12-2 25960]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2009-12-2 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-2-24 38456]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
    R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]
    R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-2-24 232480]
    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-2-24 325152]
    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-31 47128]
    S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936]
    .
    =============== Created Last 30 ================
    .
    2011-04-04 18:37:31 -------- d-----w- C:\Windows\System32\catroot2
    2011-04-04 14:23:39 8424784 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{390CBD82-70EC-471D-911E-62CFBB44018E}\mpengine.dll
    2011-04-04 14:23:38 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2011-04-04 03:24:13 -------- d-----w- C:\CloneDVDTemp
    2011-04-04 02:43:53 -------- d-----w- C:\Program Files (x86)\SlySoft
    2011-04-02 03:05:43 388096 ----a-r- C:\Users\Tracy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-04-02 03:05:43 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2011-04-01 01:38:47 683801 ----a-w- C:\Windows\unins000.exe
    2011-04-01 01:38:47 578192 ----a-w- C:\Windows\SysWow64\stub.ocx
    2011-03-30 04:36:19 -------- d-----w- C:\Program Files (x86)\PHPNukeEN
    2011-03-30 04:31:04 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes
    2011-03-29 21:17:28 -------- d-----w- C:\Users\Tracy\AppData\Local\ElevatedDiagnostics
    2011-03-29 00:57:44 344064 ----a-w- C:\Windows\System32\CNMLMA5.DLL
    2011-03-29 00:57:17 307200 ----a-w- C:\Windows\SysWow64\CNC340L.dll
    2011-03-29 00:57:17 102400 ----a-w- C:\Windows\SysWow64\CNC340U.dll
    2011-03-29 00:57:16 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll
    2011-03-29 00:57:15 346624 ----a-w- C:\Windows\System32\CNC340L.dll
    2011-03-29 00:57:15 17920 ----a-w- C:\Windows\System32\CNHMCA6.dll
    2011-03-29 00:57:15 1324544 ----a-w- C:\Windows\System32\CNC340C.dll
    2011-03-29 00:57:15 109568 ----a-w- C:\Windows\System32\CNC340I.dll
    2011-03-28 20:56:35 -------- d-----w- C:\Program Files\Common Files\CANON
    2011-03-28 20:54:43 -------- d-----w- C:\Program Files\Canon
    2011-03-28 20:53:10 84480 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPA5.DLL
    2011-03-28 20:53:10 28672 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDA5.DLL
    2011-03-28 20:51:45 337920 ----a-w- C:\Windows\System32\CNMN6PPM.DLL
    2011-03-28 20:51:45 144384 ----a-w- C:\Windows\System32\CNMN6UI.DLL
    2011-03-28 20:51:45 -------- d-----w- C:\Windows\System32\STRING
    2011-03-28 20:51:43 -------- d-----w- C:\Windows\System32\CHM
    2011-03-28 20:50:18 -------- d-----w- C:\Program Files (x86)\Canon
    2011-03-27 21:24:58 -------- d-----w- C:\Users\Tracy\AppData\Roaming\Gears
    2011-03-27 21:24:58 -------- d-----w- C:\Users\Tracy\AppData\Roaming\AdobeReader
    2011-03-27 21:24:57 -------- d-----w- C:\Users\Tracy\AppData\Roaming\ooVoo Details
    2011-03-27 21:24:38 -------- d-----w- C:\Program Files (x86)\oovootoolbar
    2011-03-27 21:23:29 -------- d-----w- C:\Program Files (x86)\ooVoo
    2011-03-21 17:32:38 -------- d-----w- C:\Users\Tracy\Tracing
    2011-03-21 17:27:50 -------- d-----w- C:\Program Files (x86)\Microsoft Small Business
    2011-03-21 17:27:29 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
    2011-03-21 17:25:32 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$MSSMLBIZ-sqlagtctr10.1.2531.0.dll
    2011-03-21 17:25:18 79896 ----a-w- C:\Windows\SysWow64\perf-MSSQL$MSSMLBIZ-sqlctr10.1.2531.0.dll
    2011-03-21 17:23:14 -------- d-----w- C:\Windows\SysWow64\1033
    2011-03-21 17:23:14 -------- d-----w- C:\Windows\System32\1033
    2011-03-21 17:23:14 -------- d-----w- C:\Program Files\Microsoft SQL Server
    2011-03-21 17:21:02 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
    2011-03-21 17:18:11 -------- d-----w- C:\Program Files (x86)\Microsoft Office Communicator
    2011-03-21 17:04:01 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
    2011-03-21 17:01:27 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
    2011-03-21 17:00:52 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
    2011-03-21 17:00:38 -------- d-----w- C:\Users\Tracy\AppData\Local\Microsoft Help
    2011-03-18 21:24:30 -------- d-----w- C:\PROGRA~3\VirtualizedApplications
    2011-03-18 19:11:50 -------- d-----w- C:\Users\Tracy\AppData\Local\SoftGrid Client
    2011-03-18 19:11:49 -------- d-----w- C:\Users\Tracy\AppData\Roaming\SoftGrid Client
    2011-03-18 19:10:58 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
    2011-03-18 19:10:42 -------- d-----w- C:\Users\Tracy\AppData\Roaming\TP
    2011-03-18 18:41:43 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
    2011-03-18 17:47:35 -------- d-----w- C:\Users\Tracy\AppData\Local\Adobe
    2011-03-18 00:54:02 -------- d-----w- C:\Users\Tracy\AppData\Roaming\Any DVD Clone
    2011-03-18 00:53:40 -------- d-----w- C:\Program Files (x86)\Any DVD Clone
    2011-03-17 23:32:18 -------- d-----w- C:\Users\Tracy\AppData\Roaming\Macrovision
    2011-03-16 21:37:05 -------- d-----w- C:\PROGRA~3\NortonInstaller
    2011-03-16 18:23:28 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
    2011-03-16 17:59:17 -------- d-----w- C:\Program Files (x86)\123CopyDVD 2011
    2011-03-15 18:11:56 -------- d-----w- C:\Users\Tracy\AppData\Local\Yahoo
    2011-03-15 17:23:32 -------- d-----w- C:\Users\Tracy\AppData\Local\Yahoo!
    2011-03-15 17:19:32 -------- d-----w- C:\Program Files (x86)\Yahoo!
    2011-03-15 05:54:58 -------- d-----w- C:\Users\Tracy\AppData\Local\Microsoft Games
    2011-03-15 05:10:02 -------- d-----w- C:\Users\Tracy\AppData\Local\Cyberlink
    2011-03-14 19:11:12 -------- d-----w- C:\Users\Tracy\AppData\Local\Diagnostics
    2011-03-14 16:34:29 -------- d-----w- C:\Users\Tracy\AppData\Local\ATI
    2011-03-14 16:33:01 -------- d-----w- C:\Users\Tracy\AppData\Local\VirtualStore
    2011-03-07 02:08:13 93552 ----a-w- C:\Windows\SysWow64\ElbyCDIO.dll
    .
    ==================== Find3M ====================
    .
    2011-02-24 22:03:09 0 ----a-w- C:\Windows\ativpsrm.bin
    2011-02-24 20:40:09 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2011-02-24 20:40:09 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
    2011-02-24 20:40:08 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2011-02-24 20:31:18 80 --sh--r- C:\Windows\CT4CET.bin
    .
    ============= FINISH: 14:46:14.89 ===============
     
  7. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    77,173
    First Name:
    Terry
    I still see McAfee there. Did you run the Removal Tool? Run it again. Then ...

    (From a JohnWill post)

    TCP/IP stack repair options for use with Vista or 7.

    Start - All Programs - Accessories and right click on Command Prompt, select "Run as Administrator" to open a command prompt.

    Reset WINSOCK entries to installation defaults: netsh winsock reset catalog

    Reset IPv4 TCP/IP stack to installation defaults. netsh int ipv4 reset reset.log

    Reset IPv6 TCP/IP stack to installation defaults. netsh int ipv6 reset reset.log

    Reboot the machine.
     
  8. TracyLWilliams

    TracyLWilliams Thread Starter

    Joined:
    Apr 1, 2011
    Messages:
    7
    I followed the instuctions... My firewall issue is now fixed, but I am still getting the same code for the unknown error when I try to update! The last instruction you gave me to type in the command prompt, said that there was no exact file specified... so nothing was done for the 3rd command... Could that be the reason why? What else can I do?
     
  9. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    77,173
    First Name:
    Terry
    At least we got one thing done. :) Don't install Norton yet though. We don't need any more complications for the other problem.

    Don't worry about that.

    See what Derek has to offer next.
     
  10. TracyLWilliams

    TracyLWilliams Thread Starter

    Joined:
    Apr 1, 2011
    Messages:
    7
    Ok... Thanks for helping with the firewall... DEREK PLEASE HELP!!
     
  11. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,220
    First Name:
    Derek
  12. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/989281

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice