Solved Contact list hacked

[Resolved] Contact list hacked

Here is one of the logs I have been requested to supply. My internet provider is @btinternet.com

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-04 11:57:18
-----------------------------
11:57:18.291 OS Version: Windows 6.0.6002 Service Pack 2
11:57:18.291 Number of processors: 2 586 0x170A
11:57:18.291 ComputerName: PAULSACERLAPTOP UserName: Paul
11:57:21.150 Initialize success
11:57:37.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:57:37.266 Disk 0 Vendor: Hitachi_HTS543216L9A300 FB2OC40C Size: 152627MB BusType: 3
11:57:39.294 Disk 0 MBR read successfully
11:57:39.294 Disk 0 MBR scan
11:57:39.294 Disk 0 unknown MBR code
11:57:39.294 Disk 0 scanning sectors +312578048
11:57:39.387 Disk 0 scanning C:\Windows\system32\drivers
11:57:48.149 Service scanning
11:57:52.815 Modules scanning
11:58:27.576 Disk 0 trace - called modules:
11:58:27.607 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys
11:58:27.607 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ae9c988]
11:58:27.607 3 CLASSPNP.SYS[8fc0b8b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8ac89b98]
11:58:27.623 Scan finished successfully
11:59:36.947 Disk 0 MBR has been saved successfully to "C:\Users\Paul\Documents\MBR.dat "
11:59:36.963 The log file has been saved successfully to "C:\Users\Paul\Documents\aswMBR.txt "

 

Contact list hacked

DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vistaâ„¢ Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 22/03/2009 16:57:15
System Uptime: 04/11/2011 11:43:32 (1 hours ago)
.
Motherboard: Acer | | JV50
Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz | U2E1 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 139 GiB total, 66.24 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP545: 04/10/2011 12:33:55 - Windows Update
RP546: 07/10/2011 08:34:07 - Windows Update
RP547: 11/10/2011 08:34:41 - Windows Update
RP548: 12/10/2011 09:00:11 - Windows Update
RP549: 14/10/2011 08:38:14 - Windows Update
RP550: 14/10/2011 09:42:17 - Windows Update
RP551: 15/10/2011 09:12:01 - Windows Update
RP552: 15/10/2011 09:53:27 - Windows Update
RP553: 16/10/2011 08:48:29 - Windows Update
RP554: 18/10/2011 08:36:48 - Windows Update
RP555: 21/10/2011 09:03:22 - Windows Update
RP556: 25/10/2011 08:48:06 - Windows Update
RP557: 26/10/2011 09:03:42 - Installed Java(TM) 6 Update 29
RP558: 28/10/2011 08:46:34 - Windows Update
RP559: 01/11/2011 08:42:40 - Windows Update
RP561: 03/11/2011 15:15:35 - Installed Rapport
RP562: 04/11/2011 08:47:20 - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acer Arcade Deluxe
Acer Backup Manager
Acer eRecovery Management
Acer GridVista
Acer PowerSmart Manager
Acer Product Registration
Acer ScreenSaver
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1)
Agere Systems HDA Modem
Apple Application Support
Apple Software Update
Backup Manager Basic
BBC iPlayer Desktop
Broadcom Gigabit NetLink Controller
BrotherSoft Extreme Toolbar
BT NetProtect Plus
Compatibility Pack for the 2007 Office system
Conduit Engine
Garmin Communicator Plugin
Garmin Communicator Plugin with MyGarmin Agent
Garmin USB Drivers
Garmin WebUpdater
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist Corporate
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Inkjet Printer/Scanner Extended Survey Program
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 29
Launch Manager
Lexmark 1400 Series
Malwarebytes' Anti-Malware version 1.51.2.1300
McAfee Security Scan Plus
McAfee Virtual Technician
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MobileMe Control Panel
MSVC80_x86_v2
MSVC90_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
OGA Notifier 2.0.0048.0
Ovi Desktop Sync Engine
OviMPlatform
PC Connectivity Solution
Quicken 2004
QuickTime
Rapport
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Sibelius Scorch (ActiveX Only)
Spelling Dictionaries Support For Adobe Reader 9
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live ID Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
.
==== Event Viewer Messages From Past Week ========
.
04/11/2011 11:45:42, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxdjCATSCustConnectService service to connect.
04/11/2011 11:45:42, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
04/11/2011 11:45:42, Error: Service Control Manager [7000] - The lxdjCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
04/11/2011 08:42:53, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Software Updater service to connect.
04/11/2011 08:42:53, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gusvc with arguments " " in order to run the server: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
.
==== End Of File ===========================

 

Sorry I don't understand where you want me to post the logs , my original instrunctions were to start a new thread and split them up as they were too big for one thread.

 

I have followed the instructions, created the logs, then it says to go to Maiwear and virus remooval and open a new topic, I then pasted the first log into the topic but each time I tried to paste another log, internet explorer came up with web page closed, I tried this several times and in the end had to open more than one topic to send my logs as your instruction say, You may have to split your logs into 2 or more topics.
The original problem was that everyone on my contact list was sent a mail perporting to be from me, see my original post in Microsoft mail forum.
Regards Paul

 

No I have only got one. But what is the problem I have posted the logs as requested.

 

Please tell me what is missing and I will post it or them.
Regards Paul

 

As far as I am aware I have completed all the steps, is this like a novice like me being made so complicated that you hope I will give up.

 

DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Paul at 12:01:44 on 2011-11-04
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.3000.1573 [GMT 0:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\system32\lxdjcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Users\Paul\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Lexmark 1400 Series\lxdjamon.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe
C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R0JXCL0X\f75g022i.exe
C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\33DB9H08\3mojk7mb.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YE4I2IW7\aswMBR.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=2&o=vb32&d=0309&m=aspire_5738
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=2&o=vb32&d=0309&m=aspire_5738
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=2&o=vb32&d=0309&m=aspire_5738
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: H - No File
uURLSearchHooks: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\tbBrot.dll
mURLSearchHooks: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\tbBrot.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\tbBrot.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110528151037.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\tbBrot.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe "
uRun: [<NO NAME>]
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [Acer ePower Management] c:\program files\acer\acer powersmart manager\ePowerTray.exe
mRun: [PlayMovie] "c:\program files\acer arcade deluxe\playmovie\PMVService.exe "
mRun: [lxdjmon.exe] "c:\program files\lexmark 1400 series\lxdjmon.exe "
mRun: [lxdjamon] "c:\program files\lexmark 1400 series\lxdjamon.exe "
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\users\paul\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Chessmaster%20Challenge/Images/armhelper.ocx
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{291669C1-93C7-44C3-AD31-67D47374E6C0} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{47356C53-8DB9-4698-AC90-1857D162FE25} : DhcpNameServer = 192.168.1.254
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\599\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-8-20 387480]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2011-11-1 64272]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-8-20 64584]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-8-20 165032]
R1 RapportBuka;RapportBuka;c:\windows\system32\drivers\RapportBuka.sys [2010-3-6 390528]
R1 RapportCerberus_32301;RapportCerberus_32301;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\baseline\RapportCerberus32_32301.sys [2011-11-1 227312]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2011-11-1 71440]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2011-11-1 164112]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 CLHNService;CLHNService;c:\program files\acer arcade deluxe\homemedia\kernel\dmp\CLHNService.exe [2009-3-16 75048]
R2 ePowerSvc;Acer ePower Service;c:\program files\acer\acer powersmart manager\ePowerSvc.exe [2009-3-22 666144]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-4 366152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-12-12 94880]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-20 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-20 271480]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-20 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-8-20 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-8-20 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-8-20 141792]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\newtech infosystems\acer backup manager\IScheduleSvc.exe [2009-2-17 44800]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2011-11-1 931640]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-8-20 56064]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-3-23 112128]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2008-9-4 223232]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-4 22216]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-7-25 153280]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-7-25 52320]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-8-20 314088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-31 135664]
S2 lxdjCATSCustConnectService;lxdjCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdjserv.exe [2007-4-27 99248]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-21 179712]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-7-22 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-31 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-11-4 41272]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-20 84488]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-7-25 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-7-25 40552]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-5-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-5-18 8576]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-11-04 11:43:57 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1c4ee8cb-1c98-49d8-962b-cfd163b00f74}\offreg.dll
2011-11-04 11:11:44 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-11-04 10:45:10 -------- d-----w- c:\users\paul\appdata\roaming\Malwarebytes
2011-11-04 10:44:59 -------- d-----w- c:\programdata\Malwarebytes
2011-11-04 10:44:55 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-04 10:44:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-04 08:48:04 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1c4ee8cb-1c98-49d8-962b-cfd163b00f74}\mpengine.dll
2011-11-01 17:34:56 64272 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2011-10-29 08:26:28 0 ---ha-w- c:\users\paul\appdata\local\BITD6AF.tmp
2011-10-24 07:43:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-10-24 07:43:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-10-24 07:43:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-10-24 07:43:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-10-24 07:43:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-10-24 07:43:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-10-24 07:43:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-10-15 08:27:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-15 08:27:14 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-15 08:27:14 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-10-15 08:27:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-14 08:48:27 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-14 08:48:26 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-14 08:48:26 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-14 08:48:26 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-14 08:48:19 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-10-14 08:47:32 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-10-12 08:49:29 -------- d-----w- c:\program files\VideoLAN
.
==================== Find3M ====================
.
2011-10-17 07:31:46 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-03 04:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-01 02:35:59 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 12:02:48.09 ===============

 

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-11-04 11:55:50
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS543216L9A300 rev.FB2OC40C
Running: 3mojk7mb.exe; Driver: C:\Users\Paul\AppData\Local\Temp\kglyiuog.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x8F8401E8]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x8F8401FE]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0x8F8401D4]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Tcp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Udp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

 

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8082

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

04/11/2011 11:10:08
mbam-log-2011-11-04 (11-10-02).txt

Scan type: Quick scan
Objects scanned: 207767
Time elapsed: 22 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\Users\Paul\AppData\Roaming\my security engine (Rogue.MySecurityEngine) -> No action taken.

Files Infected:
c:\Users\Paul\AppData\Roaming\microsoft\internet explorer\quick launch\my security engine.lnk (Rogue.MySecurityEngine) -> No action taken.
c:\Users\Paul\AppData\Roaming\my security engine\instructions.ini (Rogue.MySecurityEngine) -> No action taken.

 

What do you mean "go on" thats all I've got.

 

I have run the malwarebytes scan again but it doesn't find anything so it does not give you the option to fix all issues.