TechSpot

Google redirect problem

By boonie
Jul 20, 2011
  1. Hi guys, having google re-direct issues for the past week. Below are my logs as stated in the 7 steps guidelines:



    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Database version: 7035

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    7/20/2011 12:36:06 PM
    mbam-log-2011-07-20 (12-36-06).txt

    Scan type: Quick scan
    Objects scanned: 219664
    Time elapsed: 6 minute(s), 24 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\documents and settings\mohany.anwar\favorites\antivirus scan.url (Rogue.Link) -> Quarantined and deleted successfully.


    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit quick scan 2011-07-20 12:46:43
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FBEO
    Running: nd04o535.exe; Driver: C:\DOCUME~1\MOHANY~1.ANW\LOCALS~1\Temp\uglyrpog.sys


    ---- System - GMER 1.0.15 ----

    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwCreateKey [0xB9DA90C0]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteKey [0xB9DA90D4]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xB9DA9100]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xB9DA9156]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenKey [0xB9DA90AC]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenProcess [0xB9DA9084]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenThread [0xB9DA9098]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwRenameKey [0xB9DA90EA]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetSecurityObject [0xB9DA912C]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetValueKey [0xB9DA9116]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0xB9DA9180]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xB9DA916C]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0xB9DA9140]
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenProcess
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenThread
    Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtSetSecurityObject

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Ip mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Ip mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Tcp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Tcp mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Udp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Udp mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\RawIp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\RawIp mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

    ---- Threads - GMER 1.0.15 ----

    Thread System [4:180] 8A480E7A
    Thread System [4:184] 8A483008

    ---- EOF - GMER 1.0.15 ----
     
  2. boonie

    boonie TS Rookie Topic Starter

    .
    DDS (Ver_11-05-19.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by SG-Mohany.Anwar at 12:48:12 on 2011-07-20
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3004.2257 [GMT 8:00]
    .
    AV: McAfee® Security-as-a-Service Anti-virus *Enabled/Outdated* {8C354827-2F54-4E28-90DC-AD391E77808C}
    .
    ============== Running Processes ===============
    .
    C:\Program Files\Softex\OmniPass\Omniserv.exe
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    C:\Program Files\Softex\OmniPass\OPXPApp.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\WINDOWS\system32\ccmsetup\ccmsetup.exe
    C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\WINDOWS\system32\mfevtps.exe
    C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32\o2flash.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
    C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
    C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
    C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Softex\OmniPass\scureapp.exe
    C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
    C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
    C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
    C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Documents and Settings\mohany.anwar\Local Settings\Application Data\Skype\Phone\Skype.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\FourJs\gdcax\bin\gdc.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe
    C:\Documents and Settings\mohany.anwar\Desktop\dds.scr
    C:\WINDOWS\system32\WSCRIPT.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com.sg/
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110217123435.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll
    uRun: [Skype] "c:\documents and settings\mohany.anwar\local settings\application data\skype\\phone\Skype.exe" /nosplash /minimized
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [TvOutSwitch] c:\program files\fujitsu\dispswitch\DispSwitchLauncher.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [SoundMan] SOUNDMAN.EXE
    mRun: [AlcWzrd] ALCWZRD.EXE
    mRun: [LoadFujitsuQuickTouch] c:\program files\fujitsu\application panel\QuickTouch.exe
    mRun: [LoadBtnHnd] c:\program files\fujitsu\btnhnd\BtnHnd.exe
    mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
    mRun: [ATSwpNav] "c:\program files\fingerprint sensor\ATSwpNav" -run
    mRun: [IndicatorUtility] c:\program files\fujitsu\fujitsu hotkey utility\IndicatorUty.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [OmniPass] c:\program files\softex\omnipass\scureapp.exe
    mRun: [PSUtility] c:\program files\fujitsu\psutility\TrayManager.exe
    mRun: [SSUtility] c:\program files\fujitsu\ssutility\FJSSDMN.exe
    mRun: [LoadFUJ02E3] c:\program files\fujitsu\fuj02e3\FUJ02E3.exe
    mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
    mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [MVS Splash] "c:\program files\mcafee\managed virusscan\desktopui\XTray.exe"
    mRun: [McAfee Managed Services Tray] c:\program files\mcafee\managed virusscan\desktopui\XTray.Exe
    mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe
    mRun: [Communicator] "c:\program files\microsoft office communicator\communicator.exe" /fromrunkey
    mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ciscos~1.lnk - c:\program files\cisco systems\vpn client\vpngui.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\genero~1.lnk - c:\program files\fourjs\gdcax\bin\gdc.exe
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    DPF: {2311DF65-9D1A-4DDA-94AA-90568D989633} - hxxp://mcdhost.mcd.com.sg:6399/fjs/activex/gdc.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1254969901125
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll
    Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - c:\program files\mcafee\managed virusscan\agent\MyRmProt5.0.0.811.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\docume~1\mohany~1.anw\locals~1\applic~1\skype\shared\SKYPE4~1.DLL
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    Notify: igfxcui - igfxdev.dll
    Notify: OPXPGina - c:\program files\softex\omnipass\opxpgina.dll
    Notify: PSUTY - PSUWNP.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\mohany.anwar\application data\mozilla\firefox\profiles\y3jrqi3w.default\
    FF - component: c:\program files\mcafee\siteadvisor enterprise\components\McFFPlg.dll
    FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: McAfee SiteAdvisor Enterprise: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor Enterprise
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 FJGSDisk;G-Sensor Application Filter Driver;c:\windows\system32\drivers\FJGSDisk.sys [2009-10-8 7168]
    R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-12-31 436728]
    R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2009-10-7 36640]
    R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2009-10-7 35456]
    R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-8-12 88544]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-18 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-11 67656]
    R2 ccmsetup;ccmsetup;c:\windows\system32\ccmsetup\ccmsetup.exe [2010-10-25 236544]
    R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\program files\mcafee\siteadvisor enterprise\McSACore.exe [2010-10-15 324928]
    R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-12-14 159320]
    R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-12-14 145936]
    R2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files\mcafee\managed virusscan\agent\myAgtSvc.exe [2009-12-31 291064]
    R2 RumorServer;McAfee Peer Distribution Service;c:\program files\mcafee\managed virusscan\agent\myAgtSvc.exe [2009-12-31 291064]
    R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [2006-8-5 4864]
    R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2009-10-8 41216]
    R3 MfeAVFK;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-12-31 171296]
    R3 MfeBOPK;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-12-31 58456]
    S2 LvIBTSvr;Logitech IBT Service;c:\program files\common files\logishrd\lvibtsvr\LvIBTSvr.exe [2007-4-2 76576]
    S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-7-20 366640]
    S3 FUJ02E1;%FUJ02E1.DeviceDesc%;c:\windows\system32\drivers\FUJ02E1.sys [2006-8-3 6000]
    S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2010-1-6 102656]
    S3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-7-20 41272]
    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-12 85152]
    S3 MfeRKDK;McAfee Inc. MfeRKDK;c:\windows\system32\drivers\mferkdk.sys [2009-12-31 34248]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-10-8 189792]
    S3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [2007-5-24 14208]
    .
    =============== Created Last 30 ================
    .
    2011-07-20 04:28:23 -------- d-----w- c:\documents and settings\mohany.anwar\application data\Malwarebytes
    2011-07-20 04:28:13 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-07-20 04:28:12 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2011-07-20 04:28:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-07-08 08:25:34 -------- d-----w- c:\program files\CCleaner
    2011-07-08 08:11:40 -------- d-sh--w- c:\documents and settings\mohany.anwar\PrivacIE
    2011-07-08 08:10:36 -------- d-sh--w- c:\documents and settings\mohany.anwar\IETldCache
    2011-07-08 08:07:52 -------- d-----w- c:\windows\ie8updates
    2011-07-08 08:06:21 -------- dc-h--w- c:\windows\ie8
    2011-07-08 08:03:52 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
    2011-07-08 08:03:48 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
    2011-07-08 08:03:46 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
    2011-07-08 08:03:45 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
    2011-07-08 07:34:22 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
    2011-07-08 07:33:02 -------- d-----w- c:\documents and settings\mohany.anwar\local settings\application data\PCHealth
    2011-07-08 06:13:05 -------- d-sha-r- C:\cmdcons
    2011-07-08 06:10:24 208896 ----a-w- c:\windows\MBR.exe
    2011-07-08 06:10:21 98816 ----a-w- c:\windows\sed.exe
    2011-07-08 06:10:21 518144 ----a-w- c:\windows\SWREG.exe
    2011-07-08 06:10:21 256000 ----a-w- c:\windows\PEV.exe
    2011-07-08 04:10:49 -------- d-----w- c:\program files\SUPERAntiSpyware
    .
    ==================== Find3M ====================
    .
    2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
    2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-04-29 17:25:27 151552 ----a-w- c:\windows\system32\schannel.dll
    2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-04-26 11:07:50 33280 ----a-w- c:\windows\system32\csrsrv.dll
    2011-04-26 11:07:50 293376 ----a-w- c:\windows\system32\winsrv.dll
    2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll
    2011-04-25 16:11:11 43520 ------w- c:\windows\system32\licmgr10.dll
    2011-04-25 16:11:11 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2011-04-25 15:51:57 268288 ----a-w- c:\windows\system32\iertutil(2).dll
    2011-04-25 12:01:22 385024 ------w- c:\windows\system32\html.iec
    2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
    .
    ============= FINISH: 12:49:17.98 ===============


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-05-19.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 10/8/2009 9:13:07 AM
    System Uptime: 7/20/2011 12:37:46 PM (0 hours ago)
    .
    Motherboard: FUJITSU | | FJNB1E6
    Processor: Intel Pentium III Xeon processor | Onboard | 2370/266mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 116 GiB total, 40.908 GiB free.
    D: is FIXED (NTFS) - 116 GiB total, 116.305 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Intel(R) Wireless WiFi Link 5300
    Device ID: PCI\VEN_8086&DEV_4235&SUBSYS_11018086&REV_00\4&492937F&1&00E2
    Manufacturer: Intel Corporation
    Name: Intel(R) Wireless WiFi Link 5300
    PNP Device ID: PCI\VEN_8086&DEV_4235&SUBSYS_11018086&REV_00\4&492937F&1&00E2
    Service: NETw5x32
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Cisco Systems VPN Adapter
    Device ID: ROOT\NET\0000
    Manufacturer: Cisco Systems
    Name: Cisco Systems VPN Adapter
    PNP Device ID: ROOT\NET\0000
    Service: CVirtA
    .
    ==== System Restore Points ===================
    .
    RP393: 4/21/2011 8:55:56 AM - System Checkpoint
    RP394: 4/22/2011 3:00:16 AM - Software Distribution Service 3.0
    RP395: 4/26/2011 1:56:26 PM - System Checkpoint
    RP396: 4/27/2011 2:34:50 PM - System Checkpoint
    RP397: 4/28/2011 3:00:15 AM - Software Distribution Service 3.0
    RP398: 4/29/2011 3:25:28 AM - System Checkpoint
    RP399: 4/30/2011 12:20:39 PM - System Checkpoint
    RP400: 5/1/2011 12:30:39 PM - System Checkpoint
    RP401: 5/2/2011 12:31:44 PM - System Checkpoint
    RP402: 5/3/2011 1:13:23 PM - System Checkpoint
    RP403: 5/4/2011 4:41:09 PM - System Checkpoint
    RP404: 5/6/2011 8:51:55 AM - System Checkpoint
    RP405: 5/7/2011 9:19:39 AM - System Checkpoint
    RP406: 5/8/2011 10:27:25 AM - System Checkpoint
    RP407: 5/10/2011 12:15:15 PM - System Checkpoint
    RP408: 5/11/2011 12:16:16 PM - System Checkpoint
    RP409: 5/11/2011 8:37:55 PM - Software Distribution Service 3.0
    RP410: 5/15/2011 7:24:49 PM - System Checkpoint
    RP411: 5/16/2011 9:05:12 PM - System Checkpoint
    RP412: 5/17/2011 9:05:54 PM - System Checkpoint
    RP413: 5/19/2011 10:37:17 AM - System Checkpoint
    RP414: 5/20/2011 11:07:35 AM - System Checkpoint
    RP415: 5/21/2011 12:04:44 PM - System Checkpoint
    RP416: 5/22/2011 12:19:39 PM - System Checkpoint
    RP417: 5/23/2011 1:04:56 PM - System Checkpoint
    RP418: 5/24/2011 2:41:23 PM - System Checkpoint
    RP419: 5/25/2011 3:03:10 PM - System Checkpoint
    RP420: 5/26/2011 4:42:03 PM - System Checkpoint
    RP421: 5/28/2011 5:35:11 PM - System Checkpoint
    RP422: 5/29/2011 7:47:58 PM - System Checkpoint
    RP423: 5/31/2011 12:16:59 AM - System Checkpoint
    RP424: 6/1/2011 12:44:02 AM - System Checkpoint
    RP425: 6/2/2011 1:11:43 AM - System Checkpoint
    RP426: 6/3/2011 2:35:32 AM - System Checkpoint
    RP427: 6/5/2011 4:43:56 PM - System Checkpoint
    RP428: 6/7/2011 8:33:34 AM - System Checkpoint
    RP429: 6/7/2011 12:25:24 PM - Installed iTunes
    RP430: 6/8/2011 12:35:03 PM - System Checkpoint
    RP431: 6/10/2011 8:11:55 AM - System Checkpoint
    RP432: 6/12/2011 11:21:06 PM - System Checkpoint
    RP433: 6/14/2011 12:26:31 PM - System Checkpoint
    RP434: 6/15/2011 8:02:47 PM - System Checkpoint
    RP435: 6/16/2011 3:00:19 AM - Software Distribution Service 3.0
    RP436: 6/17/2011 3:08:59 AM - System Checkpoint
    RP437: 6/20/2011 11:29:48 AM - Restore Operation
    RP438: 6/20/2011 11:41:27 AM - Configured Microsoft Office Professional Plus 2010
    RP439: 6/21/2011 3:00:23 AM - Software Distribution Service 3.0
    RP440: 6/22/2011 3:24:42 AM - System Checkpoint
    RP441: 6/23/2011 3:41:14 AM - System Checkpoint
    RP442: 6/24/2011 5:59:52 PM - System Checkpoint
    RP443: 6/26/2011 9:28:21 PM - System Checkpoint
    RP444: 6/28/2011 1:25:03 PM - System Checkpoint
    RP445: 6/29/2011 10:24:29 PM - System Checkpoint
    RP446: 6/30/2011 3:00:15 AM - Software Distribution Service 3.0
    RP447: 7/1/2011 9:49:38 AM - System Checkpoint
    RP448: 7/2/2011 9:57:55 PM - System Checkpoint
    RP449: 7/3/2011 10:46:42 PM - System Checkpoint
    RP450: 7/5/2011 3:59:56 PM - System Checkpoint
    RP451: 7/7/2011 1:00:00 AM - System Checkpoint
    RP452: 7/8/2011 11:30:50 AM - System Checkpoint
    RP453: 7/8/2011 3:07:22 PM - Restore Operation
    RP454: 7/8/2011 3:36:46 PM - Restore Operation
    RP455: 7/8/2011 4:06:36 PM - Installed Windows Internet Explorer 8.
    RP456: 7/8/2011 4:07:19 PM - Software Distribution Service 3.0
    RP457: 7/9/2011 3:56:02 PM - Software Distribution Service 3.0
    RP458: 7/10/2011 3:34:15 PM - Software Distribution Service 3.0
    RP459: 7/11/2011 5:07:44 PM - System Checkpoint
    RP460: 7/12/2011 11:11:09 PM - System Checkpoint
    RP461: 7/14/2011 8:46:15 AM - Software Distribution Service 3.0
    RP462: 7/15/2011 10:19:48 AM - System Checkpoint
    RP463: 7/16/2011 10:55:56 AM - System Checkpoint
    RP464: 7/17/2011 11:40:10 AM - System Checkpoint
    RP465: 7/18/2011 11:42:17 AM - System Checkpoint
    RP466: 7/19/2011 1:07:37 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 10 ActiveX
    Adobe Reader 8.1.4
    Agere Systems HDA Modem
    AuthenTec Fingerprint Sensor Minimum Install
    AutoUpdate
    Bluetooth Stack for Windows by Toshiba
    CCleaner
    CDBurnerXP
    Compatibility Pack for the 2007 Office system
    Definition update for Microsoft Office 2010 (KB982726)
    DivX Codec
    DivX Content Uploader
    DivX Converter
    DivX Player
    DivX Web Player
    FileZilla Client 3.4.0
    Fujitsu Display Manager
    Fujitsu Hotkey Utility
    Fujitsu System Extension Utility
    Fujitsu WebCam
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    hp deskjet 3820 series
    Inst5657
    Intel PROSet Wireless
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) PROSet/Wireless WiFi Software
    Java(TM) 6 Update 6
    LifeBook Application Panel
    M-Business Client
    Malwarebytes' Anti-Malware version 1.51.1.1800
    McAfee Browser Protection Service
    McAfee SiteAdvisor Enterprise Plus
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Conferencing Add-in for Microsoft Office Outlook
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Communicator 2007 R2
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office Live Meeting 2007
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 14
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Mobile Broadband Modem
    Mozilla Firefox (3.5.4)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6.0 Parser (KB933579)
    O2Micro Flash Memory Card Windows Driver
    OmniPass 5.01.04
    OZ711 SCR Driver V3.0.1.4
    PDF reDirect (remove only)
    Power Saving Utility
    Realtek High Definition Audio Driver
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft Excel 2010 (KB2523021)
    Security Update for Microsoft InfoPath 2010 (KB2510065)
    Security Update for Microsoft Office 2010 (KB2289078)
    Security Update for Microsoft Office 2010 (KB2289161)
    Security Update for Microsoft PowerPoint 2010 (KB2519975)
    Security Update for Microsoft Publisher 2010 (KB2409055)
    Security Update for Microsoft Word 2010 (KB2345000)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371-v2)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972260)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Shock Sensor Utility
    Skype™ 4.2
    Spelling Dictionaries Support For Adobe Reader 8
    SUPERAntiSpyware
    Synaptics Pointing Device Driver
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office 2010 (KB2202188)
    Update for Microsoft Office 2010 (KB2413186)
    Update for Microsoft Office 2010 (KB2523113)
    Update for Microsoft OneNote 2010 (KB2493983)
    Update for Microsoft Outlook Social Connector (KB2441641)
    Update for Windows Internet Explorer 8 (KB2447568)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Visual C++ 8.0 x86 Runtime Setup Package
    VLC media player 1.0.2
    VPN Client
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows Media Format Runtime
    Windows Media Player 10
    Windows Media Player 10 Hotfix [See KB887626 for more information]
    Windows XP Service Pack 3
    ZipGenius 6 (6.0.3.1140)
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/20/2011 12:45:49 PM, error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    7/20/2011 12:45:34 PM, error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    7/20/2011 12:45:27 PM, error: Service Control Manager [7034] - The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).
    7/20/2011 12:45:17 PM, error: Service Control Manager [7034] - The McAfee SiteAdvisor Enterprise Service service terminated unexpectedly. It has done this 1 time(s).
    7/20/2011 12:44:19 PM, error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    7/20/2011 12:38:31 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: atapi PCIIde
    7/20/2011 12:38:29 PM, error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified.
    7/20/2011 12:38:29 PM, error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified.
    7/18/2011 9:17:31 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer LT906-006 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BCF47F3F-5A3A-4B7D. The master browser is stopping or an election is being forced.
    7/18/2011 7:16:17 AM, error: DCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {0C0A3666-30C9-11D0-8F20-00805F2CD064} to the user LT913-006\McAfeeMVSUser SID (S-1-5-21-3067209533-3841961616-1423087579-1007). This security permission can be modified using the Component Services administrative tool.
    7/14/2011 11:13:16 AM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.
    7/14/2011 11:12:12 AM, error: NETLOGON [5719] - No Domain Controller is available for domain AP due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
    .
    ==== End Of File ===========================
     
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot! I'll help you resolve the redirect.

    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.
    If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
    I note you have AV: McAfee® Security-as-a-Service Anti-virus *Enabled/Outdated* . This is cloud AV I believe. But yours is outdated and you need to bring it current. Please do that while I finish checking these logs.

    You may also have a problem running some scans with the McAfee Proxy, so please disable it as follows:
    • Click on Start> Run> type in services.msc> enter
    • Double click on "McAfee Proxy" to open
      Click the "Start" button and type "Services.msc" into the Start Search box.
    • Change the Startup type to Disabled> Stop the Service.
    • Exit the Services> Reboot the computer.
    ==================================================
    Please handle that. I will return after I review these logs.
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Going by the Errors I see from the Event Viewer, McAfee is having trouble running. So you may not have any AV protection in it's current state.
    ====================================================
    We will have to look further for the cause of the redirect:
    Please note: If you have Combofix on the desktop already, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    --------------------------------------
    Download Combofix from HERE or HERE and save to the desktop
    • Double click combofix.exe & follow the prompts.
    • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
      **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
      [​IMG]
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.

    Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.
    ===============================================
    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESETOnlineScan
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
      [o] Double click on the [​IMG]on your desktop.
    • Check 'Yes I accept terms of use.'
    • Click Start button
    • Accept any security warnings from your browser.
      [​IMG]
    • Uncheck 'Remove found threats'
    • Check 'Scan archives/
    • Leave remaining settings as is.
    • Press the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    • When the scan completes, press List of found threats
    • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    • Push the Back button
    • Push Finish

    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.

    Legs in next reply please.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...