1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Active update.microsoft.com redirects to msn.com, possible virus?

Discussion in 'Malware and Virus Removal Archive' started by sls35, 2008/12/25.

  1. 2008/12/25
    sls35

    sls35 Inactive Thread Starter

    Joined:
    2008/12/25
    Messages:
    2
    Likes Received:
    0
    [Active] update.microsoft.com redirects to msn.com, possible virus?

    So I've recently been having problems with my computer freezing and/or being reirected when trying to use microsoft update, in addition none of my programs can update and they all blame the firewall even though mcafee gives them acess. I have already run macafee, windows live cares free scan, superantispyware, adaware, spybot, and none of them fixed it, although several have found things and removed them only to have it not resolve the problem and on further scans with the same programs it refinds teh same infections. I am at my wits end on christmas morning, I would love some help.

    my RSIT are as follows:

    log:
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Notebook Hardware Control\nhc.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\WINDOWS\ehome\RMSysTry.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\ehome\RMSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ehome\McrdSvc.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\HPQ\shared\hpqwmi.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\WINDOWS\system32\DllHost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Documents and Settings\Stecen Seitz\Local Settings\Temporary Internet Files\Content.IE5\U0PF7RSY\RSIT[1].exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\trend micro\Stecen Seitz.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://questionablecontent.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
    O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
    O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe "
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe "
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe "
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab
    O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1A0230A4-DC06-4D4F-A970-71D6655449E1}: NameServer = 85.255.113.149;85.255.112.218
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7C1DE066-2246-49B8-A5BE-AA0CA0FD8502}: NameServer = 85.255.113.149;85.255.112.218
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F188DD69-E097-47D6-99CC-3CAB1C53A490}: NameServer = 85.255.113.149;85.255.112.218
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.149;85.255.112.218
    O17 - HKLM\System\CS2\Services\Tcpip\..\{1A0230A4-DC06-4D4F-A970-71D6655449E1}: NameServer = 85.255.113.149;85.255.112.218
    O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.113.149;85.255.112.218
    O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.113.149;85.255.112.218
    O17 - HKLM\System\CS4\Services\Tcpip\..\{1A0230A4-DC06-4D4F-A970-71D6655449E1}: NameServer = 85.255.113.149;85.255.112.218
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.149;85.255.112.218
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

    --
    End of file - 14852 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\McDefragTask.job
    C:\WINDOWS\tasks\McQcTask.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
    McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2008-10-17 247312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
    scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2008-06-20 58688]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
    McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-11-14 150032]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-11-14 150032]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "WatchDog "=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2005-07-04 184320]
    "SynTPStart "=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
    "SynTPLpr "=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-02-02 102492]
    "SynTPEnh "=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-09-15 1015808]
    "SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "QuickTime Task "=C:\Program Files\QuickTime\qttask.exe [2007-09-17 98304]
    "NotebookHardwareControl "=C:\Program Files\Notebook Hardware Control\nhc.exe [2007-05-03 2629632]
    "MimBoot "=C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe [2005-05-10 11776]
    "Microsoft Works Update Detection "=C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [2003-06-03 50688]
    "McENUI "=C:\PROGRA~1\McAfee\MHN\McENUI.exe [2008-06-13 1176808]
    "mcagent_exe "=C:\Program Files\McAfee.com\Agent\mcagent.exe [2008-07-11 641208]
    "LogitechQuickCamRibbon "=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-07-25 2027792]
    "LogitechCommunicationsManager "=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-07-25 563984]
    "ISUSScheduler "=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
    "ISUSPM Startup "=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
    "hpWirelessAssistant "=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2005-04-01 794624]
    "HP Software Update "=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    "ehTray "=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
    "eabconfg.cpl "=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-12-03 290816]
    "Cpqset "=C:\Program Files\HPQ\Default Settings\cpqset.exe [2004-10-22 229438]
    "ATIPTA "=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2006-07-25 344064]
    "AdobeCS4ServiceManager "=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
    "Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Malwarebytes' Anti-Malware "=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-12-03 399504]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-04 1809648]
    "H/PC Connection Agent "=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    Extender Resource Monitor.lnk - C:\WINDOWS\ehome\RMSysTry.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2006-07-25 86016]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5} "=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 233472]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername "=0
    "legalnoticecaption "=
    "legalnoticetext "=
    "shutdownwithoutlogon "=1
    "undockwithoutlogon "=1
    "InstallVisualStyle "=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme "=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun "=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "C:\Program Files\Messenger\msmsgs.exe "= "C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger "
    "C:\Program Files\LimeWire\LimeWire.exe "= "C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "
    "C:\Program Files\EA Games\Command & Conquer The First Decade\Command & Conquer Red Alert(tm) II\RA2\game.exe "= "C:\Program Files\EA Games\Command & Conquer The First Decade\Command & Conquer Red Alert(tm) II\RA2\game.exe:*:Enabled:Main executable for Red Alert 2 "
    "C:\Program Files\MSN Messenger\msnmsgr.exe "= "C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 "
    "C:\Program Files\MSN Messenger\livecall.exe "= "C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "
    "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:Embedded Web Server Link application "
    "C:\Program Files\Microsoft Games\Halo\halo.exe "= "C:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo "
    "C:\Program Files\Sierra\FEAR\fpupdate.exe "= "C:\Program Files\Sierra\FEAR\fpupdate.exe:*:Enabled:fpupdate "
    "C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe "= "C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe:*:Enabled:McAfee Data Backup "
    "C:\Program Files\Dude\dude.exe "= "C:\Program Files\Dude\dude.exe:*:Enabled:dude "
    "%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "
    "D:\setup\HPZNET01.EXE "= "D:\setup\HPZNET01.EXE:*:Enabled:hpznet01.exe "
    "D:\setup\HPONICIFS01.EXE "= "D:\setup\HPONICIFS01.EXE:*:Enabled:hponicifs01.exe "
    "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe "
    "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe "
    "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe "
    "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe "
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe "
    "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe "
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe "
    "C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe:*:Enabled:hpqcopy.exe "
    "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe "
    "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe "
    "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe "= "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe "
    "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe "= "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe "
    "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe "
    "C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe "= "C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent "
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe "= "C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe "= "C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe "= "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "
    "C:\WINDOWS\ehome\ehshell.exe "= "C:\WINDOWS\ehome\ehshell.exe:LocalSubNet:Enabled:Media Center "
    "C:\Program Files\uTorrent\uTorrent.exe "= "C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent "
    "C:\Program Files\Bonjour\mDNSResponder.exe "= "C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour "
    "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe "= "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 "

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "C:\Program Files\MSN Messenger\msnmsgr.exe "= "C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 "
    "C:\Program Files\MSN Messenger\livecall.exe "= "C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "
    "%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe "= "C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe "= "C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe "= "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "

    ======File associations======

    .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe ", "%1 "

    ======List of files/folders created in the last 3 months======

    2008-12-25 07:07:04 ----D---- C:\Program Files\trend micro
    2008-12-25 07:07:02 ----D---- C:\rsit
    2008-12-25 07:01:48 ----D---- C:\Documents and Settings\Stecen Seitz\Application Data\Malwarebytes
    2008-12-25 07:01:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-12-25 07:01:41 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-12-25 05:27:00 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
    2008-12-25 05:26:52 ----D---- C:\Program Files\Security Task Manager
    2008-12-24 21:45:22 ----D---- C:\WINDOWS\pss
    2008-12-24 14:50:39 ----D---- C:\Program Files\Windows Live Safety Center
    2008-12-24 12:48:44 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-12-24 12:48:35 ----D---- C:\Program Files\SUPERAntiSpyware
    2008-12-24 12:48:35 ----D---- C:\Documents and Settings\Stecen Seitz\Application Data\SUPERAntiSpyware.com
    2008-12-24 12:48:14 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2008-12-24 12:17:37 ----D---- C:\WINDOWS\SoftwareDistribution
    2008-12-24 11:43:35 ----D---- C:\WINDOWS\CSC
    2008-12-24 09:40:55 ----A---- C:\WINDOWS\wininit.ini
    2008-12-24 08:45:22 ----D---- C:\Documents and Settings\Stecen Seitz\Application Data\McAfee
    2008-12-20 22:02:02 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
    2008-12-19 19:44:29 ----D---- C:\Program Files\Adobe Media Player
    2008-12-19 19:38:37 ----D---- C:\Program Files\Common Files\Adobe AIR
    2008-12-19 19:27:37 ----D---- C:\Program Files\Common Files\Macrovision Shared
    2008-12-19 17:59:37 ----D---- C:\Documents and Settings\Stecen Seitz\Application Data\Download Manager
    2008-12-18 14:16:37 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
    2008-12-15 17:34:31 ----D---- C:\Program Files\uTorrent
    2008-12-15 17:34:26 ----D---- C:\Documents and Settings\Stecen Seitz\Application Data\uTorrent
    2008-12-10 10:35:57 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
    2008-12-10 10:33:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2008-12-10 10:33:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2008-12-10 10:33:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2008-12-05 17:29:59 ----D---- C:\Documents and Settings\Stecen Seitz\Application Data\Help
    2008-11-21 13:47:56 ----A---- C:\WINDOWS\system32\DivXsm.exe
    2008-11-21 13:47:52 ----A---- C:\WINDOWS\system32\qt-dx331.dll
    2008-11-21 13:46:10 ----A---- C:\WINDOWS\system32\ssldivx.dll
    2008-11-21 13:46:10 ----A---- C:\WINDOWS\system32\libdivx.dll
    2008-11-21 13:45:16 ----AC---- C:\WINDOWS\system32\dtu100.dll.manifest
    2008-11-21 13:45:16 ----AC---- C:\WINDOWS\system32\dtu100.dll
    2008-11-21 13:45:16 ----AC---- C:\WINDOWS\system32\dpl100.dll.manifest
    2008-11-21 13:45:16 ----A---- C:\WINDOWS\system32\dpl100.dll
    2008-11-21 13:45:12 ----AC---- C:\WINDOWS\system32\dpus11.dll
    2008-11-21 13:45:12 ----AC---- C:\WINDOWS\system32\dpuGUI10.dll
    2008-11-21 13:45:12 ----AC---- C:\WINDOWS\system32\dpu10.dll
    2008-11-21 13:45:12 ----A---- C:\WINDOWS\system32\dpv11.dll
    2008-11-21 13:45:12 ----A---- C:\WINDOWS\system32\dpuGUI11.dll
    2008-11-21 13:45:12 ----A---- C:\WINDOWS\system32\dpu11.dll
    2008-11-21 13:45:08 ----A---- C:\WINDOWS\system32\divx_xx11.dll
    2008-11-21 13:45:08 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
    2008-11-21 13:45:08 ----A---- C:\WINDOWS\system32\divx_xx0a.dll
    2008-11-21 13:45:08 ----A---- C:\WINDOWS\system32\divx_xx07.dll
    2008-11-21 13:45:06 ----A---- C:\WINDOWS\system32\DivX.dll
    2008-11-21 13:44:38 ----AC---- C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2008-11-21 13:44:16 ----AC---- C:\WINDOWS\system32\DivXWMPExtType.dll
    2008-11-11 23:06:47 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2008-11-11 23:06:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
    2008-11-11 23:06:23 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2008-11-09 00:06:45 ----D---- C:\nDoors
    2008-11-08 20:00:05 ----D---- C:\Program Files\Neffy
    2008-11-08 14:25:04 ----D---- C:\BEES40e
    2008-11-03 21:11:18 ----D---- C:\Program Files\Notebook Hardware Control
    2008-11-03 21:05:59 ----D---- C:\Program Files\SiteAdvisor
    2008-10-31 09:28:55 ----D---- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
    2008-10-24 09:56:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-10-19 17:27:07 ----D---- C:\Documents and Settings\All Users\Application Data\Citrix
    2008-10-19 16:19:12 ----HDC---- C:\WINDOWS\$NtUninstallKB895961-v4$
    2008-10-19 14:54:21 ----D---- C:\Program Files\T-Mobile Shadow User Manual
    2008-10-19 14:45:51 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
    2008-10-19 14:45:47 ----D---- C:\Program Files\NOS
    2008-10-19 14:43:01 ----D---- C:\WINDOWS\system32\Adobe
    2008-10-15 20:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-15 20:51:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-15 20:51:25 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-15 20:50:45 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-15 20:50:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
    2008-09-26 20:12:09 ----AC---- C:\WINDOWS\system32\javaws.exe
    2008-09-26 20:12:09 ----AC---- C:\WINDOWS\system32\javaw.exe
    2008-09-26 20:12:09 ----AC---- C:\WINDOWS\system32\java.exe

    ======List of files/folders modified in the last 3 months======

    2008-12-25 07:07:04 ----RD---- C:\Program Files
    2008-12-25 07:01:45 ----D---- C:\WINDOWS\system32\drivers
    2008-12-25 06:40:33 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-12-25 06:40:32 ----D---- C:\WINDOWS\system32
    2008-12-25 05:45:11 ----D---- C:\WINDOWS\Temp
    2008-12-25 05:43:37 ----D---- C:\WINDOWS\Microsoft.NET
    2008-12-25 05:35:06 ----D---- C:\WINDOWS\Prefetch
    2008-12-25 05:35:06 ----D---- C:\Program Files\Windows Desktop Search
    2008-12-25 05:19:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-12-25 05:17:18 ----D---- C:\WINDOWS\Registration
    2008-12-25 05:17:06 ----D---- C:\WINDOWS
    2008-12-25 05:11:18 ----SH---- C:\boot.ini
    2008-12-25 05:11:18 ----A---- C:\WINDOWS\win.ini
    2008-12-25 05:11:18 ----A---- C:\WINDOWS\system.ini
    2008-12-24 21:51:49 ----A---- C:\WINDOWS\ntbtlog.txt
    2008-12-24 21:49:10 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-12-24 14:59:50 ----HD---- C:\WINDOWS\inf
    2008-12-24 14:17:55 ----D---- C:\Program Files\Mozilla Firefox
    2008-12-24 13:56:11 ----D---- C:\Documents and Settings
    2008-12-24 13:43:58 ----D---- C:\WINDOWS\network diagnostic
    2008-12-24 12:48:40 ----SHD---- C:\WINDOWS\Installer
    2008-12-24 12:48:39 ----HD---- C:\Config.Msi
    2008-12-24 12:48:14 ----D---- C:\Program Files\Common Files
    2008-12-24 09:53:38 ----D---- C:\Program Files\Lavasoft
    2008-12-24 09:51:26 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-12-24 09:51:25 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-12-23 23:20:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-12-20 22:02:03 ----D---- C:\WINDOWS\WinSxS
    2008-12-19 23:40:07 ----D---- C:\Documents and Settings\Stecen Seitz\Application Data\Adobe
    2008-12-19 23:17:20 ----D---- C:\Program Files\Adobe
    2008-12-19 19:50:35 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-12-19 19:47:51 ----D---- C:\Program Files\Common Files\Adobe
    2008-12-19 19:42:53 ----RSD---- C:\WINDOWS\Fonts
    2008-12-18 17:22:06 ----D---- C:\Documents and Settings\Stecen Seitz\Application Data\Canon
    2008-12-18 17:01:19 ----D---- C:\Documents and Settings\Stecen Seitz\Application Data\ZoomBrowser EX
    2008-12-18 17:01:19 ----D---- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
    2008-12-18 14:03:43 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-12-18 12:59:32 ----D---- C:\WINDOWS\ie7updates
    2008-12-18 12:58:24 ----HD---- C:\WINDOWS\$hf_mig$
    2008-12-18 11:57:44 ----D---- C:\Documents and Settings\Stecen Seitz\Application Data\HP
    2008-12-18 11:52:16 ----D---- C:\Program Files\McAfee
    2008-12-16 18:46:16 ----D---- C:\Program Files\DivX
    2008-12-12 22:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
    2008-12-10 10:43:03 ----D---- C:\Program Files\Internet Explorer
    2008-12-10 10:36:02 ----A---- C:\WINDOWS\imsins.BAK
    2008-12-09 15:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-11-24 18:14:04 ----D---- C:\Documents and Settings\Stecen Seitz\Application Data\LimeWire
    2008-11-24 17:20:01 ----D---- C:\Program Files\LimeWire
    2008-11-23 10:31:44 ----D---- C:\WINDOWS\Help
    2008-11-09 09:04:29 ----D---- C:\Program Files\Outspark
    2008-11-09 09:03:44 ----D---- C:\Documents and Settings\All Users\Application Data\Outspark
    2008-11-08 16:12:30 ----SD---- C:\Documents and Settings\Stecen Seitz\Application Data\Microsoft
    2008-11-03 22:04:32 ----RSD---- C:\WINDOWS\assembly
    2008-11-03 21:00:58 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-11-01 09:31:07 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
    2008-10-31 10:32:38 ----D---- C:\Program Files\Starcraft
    2008-10-23 04:36:14 ----A---- C:\WINDOWS\system32\gdi32.dll
    2008-10-23 02:06:59 ----N---- C:\WINDOWS\system32\tzchange.exe
    2008-10-19 16:45:43 ----D---- C:\WINDOWS\system32\CatRoot
    2008-10-19 16:45:12 ----D---- C:\WINDOWS\ehome
    2008-10-19 16:44:30 ----HDC---- C:\WINDOWS\$NtUninstallKB905589$
    2008-10-19 14:20:30 ----D---- C:\WINDOWS\system32\Macromed
    2008-10-18 16:44:05 ----D---- C:\Program Files\Microsoft ActiveSync
    2008-10-18 16:44:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
    2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
    2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
    2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
    2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
    2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
    2008-10-16 12:38:40 ----A---- C:\WINDOWS\system32\wininet.dll
    2008-10-16 12:38:39 ----N---- C:\WINDOWS\system32\occache.dll
    2008-10-16 12:38:39 ----N---- C:\WINDOWS\system32\mstime.dll
    2008-10-16 12:38:39 ----A---- C:\WINDOWS\system32\webcheck.dll
    2008-10-16 12:38:39 ----A---- C:\WINDOWS\system32\urlmon.dll
    2008-10-16 12:38:39 ----A---- C:\WINDOWS\system32\url.dll
    2008-10-16 12:38:39 ----A---- C:\WINDOWS\system32\pngfilt.dll
    2008-10-16 12:38:38 ----A---- C:\WINDOWS\system32\msrating.dll
    2008-10-16 12:38:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
    2008-10-16 12:38:37 ----N---- C:\WINDOWS\system32\iernonce.dll
    2008-10-16 12:38:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
    2008-10-16 12:38:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
    2008-10-16 12:38:37 ----A---- C:\WINDOWS\system32\jsproxy.dll
    2008-10-16 12:38:37 ----A---- C:\WINDOWS\system32\iertutil.dll
    2008-10-16 12:38:37 ----A---- C:\WINDOWS\system32\ieframe.dll
    2008-10-16 12:38:35 ----N---- C:\WINDOWS\system32\iedkcs32.dll
    2008-10-16 12:38:35 ----N---- C:\WINDOWS\system32\ieaksie.dll
    2008-10-16 12:38:35 ----N---- C:\WINDOWS\system32\ieakeng.dll
    2008-10-16 12:38:35 ----N---- C:\WINDOWS\system32\extmgr.dll
    2008-10-16 12:38:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
    2008-10-16 12:38:35 ----A---- C:\WINDOWS\system32\icardie.dll
    2008-10-16 12:38:34 ----A---- C:\WINDOWS\system32\dxtrans.dll
    2008-10-16 12:38:34 ----A---- C:\WINDOWS\system32\dxtmsft.dll
    2008-10-16 12:38:34 ----A---- C:\WINDOWS\system32\advpack.dll
    2008-10-16 05:11:09 ----N---- C:\WINDOWS\system32\ie4uinit.exe
    2008-10-16 05:11:09 ----A---- C:\WINDOWS\system32\ieudinit.exe
    2008-10-15 08:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
    2008-10-14 23:04:53 ----N---- C:\WINDOWS\system32\ieakui.dll
    2008-10-03 02:02:42 ----A---- C:\WINDOWS\system32\strmdll.dll
    2008-10-02 18:32:15 ----AC---- C:\WINDOWS\ODBC.INI
    2008-09-30 05:48:42 ----SHD---- C:\RECYCLER
    2008-09-26 20:12:07 ----D---- C:\Program Files\Java

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
    R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
    R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2008-06-27 207656]
    R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-06-02 120136]
    R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
    R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
    R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
    R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-07-25 1681408]
    R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-13 604928]
    R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-06-02 16896]
    R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2004-06-02 30235]
    R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-06-02 147864]
    R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-06-02 53816]
    R3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-11-17 293120]
    R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-11-17 280192]
    R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
    R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-12-15 207232]
    R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
    R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
    R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2008-06-27 79240]
    R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2008-06-27 35240]
    R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2008-06-27 40488]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\WINDOWS\system32\drivers\nhcDriver.sys []
    R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-11-20 104320]
    R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
    R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-09-15 213696]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2006-07-06 168448]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
    S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
    S3 ATICDSDr;ATICDSDr; \??\C:\swsetup\SP33644\bin\atiicdxx.sys []
    S3 AVC3310F;AVC-3310/AVC-3610 USB Loader; C:\WINDOWS\System32\Drivers\avcuwfl2.sys [2004-11-02 17536]
    S3 AvcUWil2;Adaptec AVC-3210/3310/3610 USB Device; C:\WINDOWS\system32\DRIVERS\avcuwil2.sys [2004-11-02 1433920]
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
    S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
    S3 HidIr;Microsoft Infrared HID Driver; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200]
    S3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592]
    S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-07-19 2109592]
    S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-19 2142488]
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2007-07-18 41752]
    S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2008-06-20 34152]
    S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-07-18 1278104]
    S3 QWAVEDRV;QWAVE driver; C:\WINDOWS\system32\DRIVERS\qwavedrv.sys [2005-10-20 14336]
    S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    S3 SABProcEnum;SABProcEnum; \??\C:\Program Files\Internet Explorer\SABProcEnum.sys []
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S3 XDva098;XDva098; \??\C:\WINDOWS\system32\XDva098.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-07-25 401408]
    R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2004-06-03 163840]
    R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
    R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
    R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
    R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-19 186904]
    R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-19 137752]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-12-05 206096]
    R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-10-10 792696]
    R2 McNASvc;McAfee Network Agent; c:\program files\common files\mcafee\mna\mcnasvc.exe [2008-07-18 2482848]
    R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2008-07-09 358736]
    R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\McrdSvc.exe [2005-10-20 96256]
    R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2008-06-20 144704]
    R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
    R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2008-07-09 884360]
    R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2008-07-09 25416]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
    R2 RMSvc;Media Center Extender Resource Monitor; C:\WINDOWS\ehome\RMSvc.exe [2005-10-20 28160]
    R3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\shared\hpqwmi.exe [2005-03-04 98304]
    R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2008-09-16 605512]
    S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-19 141848]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-19 655624]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
    S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
    S3 MBackMonitor;MBackMonitor; C:\Program Files\McAfee\MBK\MBackMonitor.exe [2008-07-10 66848]
    S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2008-06-20 361800]
    S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
    S3 QWAVE;QWAVE service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2007-09-28 79360]
    S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

    -----------------EOF-----------------
     
    sls35,
    #1
  2. 2008/12/27
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Welcome to WindowsBBS sls35 :)

    We Need to Verify your DNS Configuration
    • Please download DNSCheck and save it to your desktop
    • Double click the DNSCheck icon on your desktop.
    • Follow the on-screen instructions. When done, a log will open, and be saved to the desktop.
    • Please copy and paste the contents of that log in your next reply.


    How many computers are using your connection?
    Do you have a router in use?
     
    noahdfear,
    #2


  3. to hide this advert.

  4. 2009/01/01
    sls35

    sls35 Inactive Thread Starter

    Joined:
    2008/12/25
    Messages:
    2
    Likes Received:
    0
    I just got to checkign back on this sorry about the delay, I would love to do that in order to help anyone else that might have this problem, but i had it resolved. I had a DNS changing trojan, never had one before and it was an evil little monkey that managed to corrupt mcafee, thuse the reason mcafee could not handel it. I used Microsofts help ( yes it took hours, technically two days :( ) but in the end they ran a program of theirs called combofix that actually failed at its intended task sadly. It accidentaly removed infected parts of mcafee wich allowed me to remove it and block the isp the trojan kept redirecting me to. then upon reinstalling and updating Mcafee, it found the original trojan and virus and removed them thank god.

    thank you verry, much for the response though, im sorry i did not get back to this post before Noahdfear.
     
    sls35,
    #3
  5. 2009/01/01
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    I'm glad to hear you've got the problem sorted. For the record, ComboFix is NOT an MS tool. It was written and is maintained privately by a fellow malware analyst that goes by the username of sUBs. It is also a very powerful tool and should not be used without the supervision of someone trained in it's use. Out of curiosity, was that the PCSafety hotline you were dealing with at MS?

    Please locate and post the contents of C:\ComboFix.txt then post it here. I reckon there might still be some cleanup to do.
     
    noahdfear,
    #4

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...