John_Doe
2 Iron

Re: XP Anti-Spyware 2011

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-06-03.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 9/26/2008 12:24:25 PM

System Uptime: 6/10/2011 12:00:23 AM (8 hours ago)

.

Motherboard: Dell Inc. |  | 0GM819

Processor: Intel Pentium III Xeon processor | CPU | 2825/1333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 149 GiB total, 128.696 GiB free.

šŸ˜§ is CDROM ()

F: is NetworkDisk (NTFS) - 193 GiB total, 152.399 GiB free.

I: is NetworkDisk (NTFS) - 193 GiB total, 152.399 GiB free.

Y: is NetworkDisk (NTFS) - 1024 GiB total, 161.494 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows

PNP Device ID: ROOT\NET\0000

Service: vpnva

.

==== System Restore Points ===================

.

RP755: 5/8/2011 12:15:26 AM - System Checkpoint

RP756: 5/9/2011 1:03:57 AM - System Checkpoint

RP757: 5/10/2011 1:05:21 AM - System Checkpoint

RP758: 5/11/2011 2:05:19 AM - System Checkpoint

RP759: 5/12/2011 3:05:07 AM - System Checkpoint

RP760: 5/13/2011 4:00:26 AM - Software Distribution Service 3.0

RP761: 5/14/2011 4:02:39 AM - System Checkpoint

RP762: 5/15/2011 4:12:35 AM - System Checkpoint

RP763: 5/16/2011 5:05:38 AM - System Checkpoint

RP764: 5/17/2011 6:03:52 AM - System Checkpoint

RP765: 5/18/2011 7:03:30 AM - System Checkpoint

RP766: 5/19/2011 7:03:49 AM - System Checkpoint

RP767: 5/20/2011 8:03:43 AM - System Checkpoint

RP768: 5/21/2011 9:03:44 AM - System Checkpoint

RP769: 5/22/2011 10:03:42 AM - System Checkpoint

RP770: 5/23/2011 3:12:56 PM - System Checkpoint

RP771: 5/24/2011 6:12:18 PM - System Checkpoint

RP772: 5/26/2011 12:15:09 AM - System Checkpoint

RP773: 5/27/2011 1:03:36 AM - System Checkpoint

RP774: 5/28/2011 2:03:42 AM - System Checkpoint

RP775: 5/29/2011 3:03:39 AM - System Checkpoint

RP776: 5/30/2011 3:16:49 AM - System Checkpoint

RP777: 5/31/2011 4:05:16 AM - System Checkpoint

RP778: 6/1/2011 5:03:54 AM - System Checkpoint

RP779: 6/2/2011 6:03:15 AM - System Checkpoint

RP780: 6/3/2011 7:03:13 AM - System Checkpoint

RP781: 6/3/2011 8:44:13 AM - Installed HiJackThis

RP782: 6/3/2011 8:45:03 AM - Installed HiJackThis

RP783: 6/3/2011 8:47:16 AM - Installed HiJackThis

RP784: 6/3/2011 9:14:28 AM - Installed HiJackThis

RP785: 6/3/2011 9:20:37 AM - Restore Operation

RP786: 6/3/2011 9:45:38 AM - Installed HiJackThis

RP787: 6/3/2011 10:13:23 AM - Installed HiJackThis

RP788: 6/4/2011 11:03:12 AM - System Checkpoint

RP789: 6/5/2011 12:03:11 PM - System Checkpoint

RP790: 6/6/2011 12:10:14 PM - System Checkpoint

RP791: 6/7/2011 12:20:07 PM - System Checkpoint

RP792: 6/8/2011 2:37:25 PM - System Checkpoint

RP793: 6/9/2011 3:15:00 PM - System Checkpoint

.

==== Installed Programs ======================

.

.

32 Bit HP CIO Components Installer

Adobe Acrobat 9 Pro

Adobe Acrobat 9.4.4 - CPSID_83708

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.4.2

Apple Application Support

Apple Software Update

ATI Display Driver

Broadcom Gigabit Integrated Controller

CCleaner

Cisco AnyConnect VPN Client

COMPASSESL Internet Version Setup

Compatibility Pack for the 2007 Office system

Computrace

Critical Update for Windows Media Player 11 (KB959772)

Distinct IntelliTerm 7.0

Google Chrome

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB969084)

Hotfix for Windows XP (KB976002-v5)

Intel(R) Graphics Media Accelerator Driver

Intel(R) PRO Network Connections Drivers

IntelĀ® Active Management Technology

IntelĀ® Management Engine Interface

IZArc 4.1.2

Java Auto Updater

Java(TM) 6 Update 23

Malwarebytes' Anti-Malware version 1.51.0.1200

McAfee Agent

McAfee AntiSpyware Enterprise Module

McAfee Host Intrusion Prevention

McAfee SiteAdvisor Enterprise Plus

McAfee VirusScan Enterprise

MDC Kendall Toolbar

MDC Student Toolbar

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft IntelliPoint 6.3

Microsoft IntelliType Pro 6.3

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft National Language Support Downlevel APIs

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Software Update for Web Folders  (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Mozilla Firefox 4.0.1 (x86 en-US)

MSVCRT

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Online Assessment

PaperCut MF 10.0

PowerDVD

QuickTime

SecureBrowser - 5

SecureCRTConfigOnly

SecureCRTx86

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2466156)

Security Update for 2007 Microsoft Office System (KB2509488)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2464583)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB974455)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB978207)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 (KB936782)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2483614)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165-v2)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Segoe UI

Shadow Copy Client

Sonic Activation Module

SoundMAX

SpywareBlaster 4.3

TDMS Client

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office Outlook 2007 (KB2509470)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Microsoft Windows (KB971513)

Update for Outlook 2007 Junk Email Filter (KB2536413)

Update for Windows Internet Explorer 7 (KB976749)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows Internet Explorer 8 (KB2447568)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2264107)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2492386)

Update for Windows XP (KB943729)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB961503)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VanDyke Software SecureCRT 6.6

VLC media player 1.1.1

WebEx

WebFldrs XP

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Management Framework Core

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player Firefox Plugin

Windows XP Service Pack 3

XML Paper Specification Shared Components Pack 1.0

Yahoo! Messenger

.

==== Event Viewer Messages From Past Week ========

.

6/9/2011 8:13:30 AM, error: Application Popup [877]  - There was error [DATABASE OPEN FAILED] processing the driver database.

6/3/2011 9:53:37 AM, error: Service Control Manager [7000]  - The MSCamSvc service failed to start due to the following error:  The system cannot find the file specified.

6/3/2011 9:51:35 AM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

6/3/2011 9:51:15 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD Fips FireTDI intelppm IPSec mfehidk mfetdik MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

6/3/2011 9:51:15 AM, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.

6/3/2011 9:51:15 AM, error: Service Control Manager [7001]  - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error:  A device attached to the system is not functioning.

6/3/2011 9:51:15 AM, error: Service Control Manager [7001]  - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.

6/3/2011 9:51:15 AM, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.

6/3/2011 9:51:15 AM, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.

6/3/2011 9:51:15 AM, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.

6/3/2011 9:51:15 AM, error: Service Control Manager [7001]  - The Cisco AnyConnect VPN Agent service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.

6/3/2011 9:50:06 AM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

6/3/2011 9:49:46 AM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

6/3/2011 8:34:35 AM, error: Service Control Manager [7034]  - The Remote Procedure Call (RPC) Net service terminated unexpectedly.  It has done this 1 time(s).

6/3/2011 8:31:03 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Fips intelppm mfehidk

6/3/2011 11:32:32 AM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'.  It has stopped monitoring the volume.

.

==== End Of File ===========================

.

DDS (Ver_2011-06-03.01) - NTFSx86

Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_23

Run by sucptabe at 8:13:00 on 2011-06-10

Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2014.1140 [GMT -4:00]

.

AV: VirusScan Enterprise + AntiSpyware Enterprise *Enabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

FW: McAfee Host Intrusion Prevention Firewall *Disabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

svchost.exe

C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe

C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe

C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

C:\Program Files\McAfee\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\mfevtps.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\rpcnet.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\windows\winview.exe

C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\PaperCut MF\providers\print\win\pc-print.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe

C:\WINDOWS\vVX6000.exe

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\Program Files\McAfee\Common Framework\udaterui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\McAfee\Common Framework\McTray.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\mstsc.exe

c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe

C:\Documents and Settings\sucptabe\Local Settings\Apps\2.0\WGHOQVBN.8DT\96W6QNQQ.YPV\smto..tion_e5947a38ebdfc5e7_0003.0000_51c5409011aa2164\SMTOnline.SecureBrowser.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.mdc.edu/home/

uURLSearchHooks: MDC Student Toolbar: {2ff3c827-0a19-4fba-90dc-2bfb0b06084d} - c:\program files\mdc_student\prxtbMDC_.dll

mURLSearchHooks: MDC Student Toolbar: {2ff3c827-0a19-4fba-90dc-2bfb0b06084d} - c:\program files\mdc_student\prxtbMDC_.dll

mURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: MDC Student Toolbar: {2ff3c827-0a19-4fba-90dc-2bfb0b06084d} - c:\program files\mdc_student\prxtbMDC_.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: MDC Kendall Toolbar: {7cdda91a-c8f8-4ba1-9717-76629e4f6d83} - c:\program files\mdc_kendall\prxtbMDC0.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptsn.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll

BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: MDC Kendall Toolbar: {7cdda91a-c8f8-4ba1-9717-76629e4f6d83} - c:\program files\mdc_kendall\prxtbMDC0.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: MDC Student Toolbar: {2ff3c827-0a19-4fba-90dc-2bfb0b06084d} - c:\program files\mdc_student\prxtbMDC_.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [IgfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE

mRun: [McAfee Host Intrusion Prevention Tray] "c:\program files\mcafee\host intrusion prevention\FireTray.exe"

mRun: [VX6000] c:\windows\vVX6000.exe

mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"

mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"

mRun: [<NO NAME>]

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"

mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

uPolicies-system: Wallpaper = \\mykendall\files\common\wallpaper\mdclab1024.bmp

uPolicies-system: WallpaperStyle = 2

mPolicies-system: DefaultLogonDomain = MDCC

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: mdc.edu\vcollege

Trusted Zone: mymdc.net\login

Trusted Zone: myskillstutor.com\www

Trusted Zone: vcollege.org\www

Trusted Zone: mdc.edu\vcollege

Trusted Zone: mymdc.net\login

Trusted Zone: myskillstutor.com\www

Trusted Zone: vcollege.org\www

DPF: {8601F281-659E-4336-900D-FEA0DD4ECF9E} - hxxps://compass.act.org/eCompass/controls/ReportCom.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP25-10481/support/ieatgpc.cab

TCP: DhcpNameServer = 147.70.101.102 147.70.210.102

TCP: Interfaces\{EB6E7F20-9C66-49D9-81DB-486E672AB3EA} : DhcpNameServer = 147.70.101.102 147.70.210.102

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll

Notify: AtiExtEvent - Ati2evxx.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\sucptabe\application data\mozilla\firefox\profiles\7xj8etlc.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig

FF - plugin: c:\documents and settings\sucptabe\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-2-4 344712]

R2 enterceptAgent;McAfee Host Intrusion Prevention Service;c:\program files\mcafee\host intrusion prevention\FireSvc.exe [2010-2-16 1498224]

R2 hips;McAfee HIPSCore Service;c:\program files\mcafee\host intrusion prevention\hipscore\HIPSvc.exe [2010-3-19 35696]

R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\program files\mcafee\siteadvisor enterprise\McSACore.exe [2010-3-25 226624]

R2 McAfeeEngineService;McAfee Engine Service;c:\program files\mcafee\virusscan enterprise\EngineServer.exe [2010-8-25 22816]

R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2011-1-12 120128]

R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2010-8-25 147984]

R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2010-8-25 66880]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2009-2-4 69192]

R2 PCPrintProvider;PaperCut Print Provider;c:\program files\papercut mf\providers\print\win\pc-print.exe [2010-2-10 327680]

R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client\vpnagent.exe [2009-12-17 497856]

R3 etskbd2k;etskbd2k;c:\windows\system32\drivers\etskbd2k.sys [2008-10-1 5888]

R3 FirehkMP;FirehkMP;c:\windows\system32\drivers\firehk.sys [2009-9-29 44680]

R3 HIPK;McAfee Inc. HIPK;c:\windows\system32\drivers\HIPK.sys [2009-9-29 107896]

R3 HIPPSK;McAfee Inc. HIPPSK;c:\windows\system32\drivers\HIPPSK.sys [2009-9-29 38680]

R3 HIPQK;McAfee Inc. HIPQK;c:\windows\system32\drivers\HIPQK.sys [2009-9-29 35584]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-2-4 91896]

S2 _qbotxmsgb;_qbotxmsgb;c:\windows\_qbotxmsgb.exe --> c:\windows\_qbotxmsgb.exe [?]

S3 Firehk;McAfee NDIS Intermediate Filter;c:\windows\system32\drivers\firehk.sys [2009-9-29 44680]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-2-4 43192]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2009-2-4 66536]

S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [2006-6-29 2383152]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-3 14336]

S4 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\intel\amt\UNS.exe [2008-9-19 2521880]

.

=============== Created Last 30 ================

.

2011-06-10 04:01:39 -------- d-----w- c:\program files\Absolute Software Inc

2011-06-10 04:00:58 40328 ----a-w- c:\windows\system32\HIPIS0e011b3.dll

2011-05-13 01:46:25 45568 -c----w- c:\windows\system32\dllcache\dnsrslvr.dll

.

==================== Find3M  ====================

.

2011-06-10 04:01:25 17408 ----a-w- c:\windows\system32\rpcnetp.exe

2011-06-10 04:01:08 17408 ----a-w- c:\windows\system32\rpcnetp.dll

2011-06-10 04:01:07 58288 ----a-w- c:\windows\system32\rpcnet.dll

2011-05-29 13:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 13:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-13 08:16:55 58288 ------w- c:\windows\system32\rpcnet.exe

2011-05-09 02:36:08 136512 ----a-w- c:\windows\system32\KevlarSigs.dll

.

============= FINISH:  8:13:55.74 ===============

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

Database version: 6763

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

6/3/2011 11:04:39 AM

mbam-log-2011-06-03 (11-04-39).txt

Scan type: Full scan (C:\|)

Objects scanned: 400986

Time elapsed: 55 minute(s), 2 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 2

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{511C90F4-EF8B-42A0-B7EC-CF5D1B129D5E} (Password.Stealer) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{511C90F4-EF8B-42A0-B7EC-CF5D1B129D5E} (Password.Stealer) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\documents and settings\sucptabe\application data\Sun\Java\deployment\cache\6.0\61\53fe283d-63853a8f (Trojan.FakeAlert) -> Quarantined and deleted successfully.

c:\documents and settings\sucptabe\local settings\application data\jum.exe (Trojan.ExeShell.Gen) -> Quarantined and deleted successfully.

c:\documents and settings\sucptabe\my documents\downloads\eXplorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

0 Kudos