Free Malware Removal Forum

[jaydee]

Same problem as modonnell Antivirus 2008 has changed my desktop, slowed my comp down and several other changes. Have tried numerous things to no avail. TY for expeditious reply
J DDeckard's System Scanner v20071014.68
Run by Administrator on 2008-06-30 00:08:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 510 MiB (512 MiB recommended).


-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:08:36 AM, on 6/30/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\WINDOWS\system32\lphcp3gj0elat.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\antiviirus.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\tmp0.exe
C:\Program Files\tmp1.exe
C:\Program Files\tmp2.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\WINDOWS\system32\mshearts.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\ADMINI~1.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: 931928 helper - {5F6D7A37-A3D1-47F1-920D-3F48370D509B} - C:\WINDOWS\system32\931928\931928.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [lphcp3gj0elat] C:\WINDOWS\system32\lphcp3gj0elat.exe
O4 - HKLM\..\Run: [SMrhct3gj0elat] C:\Program Files\rhct3gj0elat\rhct3gj0elat.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [antiviirus] C:\Program Files\antiviirus.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O21 - SSODL: RunRam - {55ef6de0-5202-4ef8-aa81-20e63e4f18c9} - C:\WINDOWS\Resources\RunRam.dll
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

--
End of file - 7681 bytes

-- Files created between 2008-05-30 and 2008-06-30 -----------------------------

2008-06-29 23:09:22 0 d-------- C:\Program Files\Trend Micro
2008-06-29 22:46:11 0 d-------- C:\Program Files\Common Files\eAcceleration
2008-06-29 21:26:28 0 d-------- C:\Program Files\Enigma Software Group
2008-06-29 20:07:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\AXPFixer
2008-06-28 17:53:07 0 d-------- C:\WINDOWS\system32\931928
2008-06-28 17:53:06 10240 --a------ C:\Program Files\tmp2.exe
2008-06-28 17:53:06 10240 --a------ C:\Program Files\tmp1.exe
2008-06-28 17:53:05 10240 --a------ C:\Program Files\tmp0.exe
2008-06-28 17:53:04 155 --a------ C:\sfygef.bat
2008-06-28 17:53:04 10240 --a------ C:\Program Files\antiviirus.exe
2008-06-28 17:40:37 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-28 17:40:05 0 d-------- C:\Program Files\Common Files\Download Manager
2008-06-28 15:01:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\MSNInstaller
2008-06-28 11:47:15 109056 --a------ C:\WINDOWS\system32\lphcp3gj0elat.exe
2008-06-27 22:10:22 0 d-------- C:\Documents and Settings\LocalService\Desktop
2008-06-27 22:10:22 0 d-------- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-06-27 22:10:16 0 d-------- C:\Program Files\SiteAdvisor
2008-06-27 22:10:16 0 d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-06-27 22:10:16 0 d-------- C:\Documents and Settings\Administrator\Application Data\SiteAdvisor
2008-06-27 22:09:33 143360 --a------ C:\WINDOWS\system32\dunzip32.dll <Not Verified; Inner Media, Inc.; DynaZIP-32 Multi-Threading UnZIP DLL>
2008-06-27 22:06:25 0 d-------- C:\Program Files\McAfee
2008-06-27 22:06:25 0 d-------- C:\Program Files\Common Files\McAfee
2008-06-27 15:02:21 0 d-------- C:\Program Files\McAfee.com
2008-06-27 13:47:57 0 d-------- C:\Program Files\MSXML 4.0
2008-06-27 12:41:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\McAfee
2008-06-27 12:19:05 0 d-------- C:\WINDOWS\McAfee.com
2008-06-27 12:14:49 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee.com
2008-06-27 12:11:10 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-06-27 11:46:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Citrix
2008-06-27 10:47:35 0 d-------- C:\WINDOWS\Profiles
2008-06-27 10:47:33 0 d-------- C:\WINDOWS\system32\Adobe
2008-06-27 10:47:33 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-27 10:47:33 0 d-------- C:\Documents and Settings\Administrator\Application Data\InterTrust
2008-06-27 10:47:26 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-06-27 09:31:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-27 09:31:58 0 d-------- C:\Documents and Settings\Administrator\Application Data\Yahoo!
2008-06-26 21:30:19 0 d-------- C:\WINDOWS\Sun
2008-06-26 21:30:18 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-06-26 21:29:38 0 d-------- C:\Program Files\Java
2008-06-26 21:27:44 0 d-------- C:\Program Files\Common Files\Java
2008-06-26 21:16:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-26 21:16:04 0 d-------- C:\Program Files\Yahoo!
2008-06-26 20:58:05 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-06-26 20:57:53 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-06-26 08:08:37 0 d-------- C:\Documents and Settings\Administrator\Application Data\Template
2008-06-26 08:08:19 426 --a------ C:\Documents and Settings\Administrator\Application Data\wklnhst.dat
2008-06-23 13:31:55 0 d-------- C:\Program Files\Microsoft Works
2008-06-23 13:30:22 0 d-------- C:\Program Files\CyberLink
2008-06-23 13:21:31 0 d-------- C:\WINDOWS\Prefetch
2008-06-23 11:19:11 0 d-------- C:\WINDOWS\system32\scripting
2008-06-23 11:19:11 0 d-------- C:\WINDOWS\l2schemas
2008-06-23 11:19:10 0 d-------- C:\WINDOWS\system32\en
2008-06-23 11:19:10 0 d-------- C:\WINDOWS\system32\bits
2008-06-23 11:17:15 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-23 11:15:20 0 d-------- C:\WINDOWS\network diagnostic
2008-06-23 11:13:53 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-06-23 10:36:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-23 10:36:04 0 d-------- C:\WINDOWS\system32\PreInstall
2008-06-23 10:36:02 0 d--h----- C:\WINDOWS\$hf_mig$
2008-06-23 10:33:19 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-06-23 10:32:28 0 d---s---- C:\Documents and Settings\Administrator\UserData
2008-06-23 10:29:50 135168 --a------ C:\WINDOWS\system32\igfxres.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:27:33 0 d-------- C:\Drivers
2008-06-23 10:26:15 356096 --a------ C:\WINDOWS\system32\rt61.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11 Wireless Adapters>
2008-06-23 10:26:15 243328 --a------ C:\WINDOWS\system32\rt2500.sys <Not Verified; Ralink Technology Inc.; RT2500 802.11g Wireless Adapters>
2008-06-23 10:26:15 243328 --a------ C:\WINDOWS\system32\drivers\RT2500.sys <Not Verified; Ralink Technology Inc.; RT2500 802.11g Wireless Adapters>
2008-06-23 10:26:12 0 d-------- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor
2008-06-23 10:25:42 0 d-------- C:\Linksys Driver
2008-06-23 10:23:29 0 d-------- C:\WINDOWS\VirtualEar
2008-06-23 10:23:29 49152 --a------ C:\WINDOWS\system32\DSndUp.exe <Not Verified; Analog Devices Inc.; adi DSndUp>
2008-06-23 10:23:29 45056 --a------ C:\WINDOWS\system32\CleanUp.exe <Not Verified; adi; adi CleanUp>
2008-06-23 10:23:29 65536 --a------ C:\WINDOWS\system32\Audio3d.dll <Not Verified; Sensaura Ltd; Sensaura>
2008-06-23 10:23:29 0 d-------- C:\Program Files\Analog Devices
2008-06-23 10:23:28 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-23 10:20:31 2310144 --a------ C:\WINDOWS\system32\iglicd32.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
2008-06-23 10:20:31 524288 --a------ C:\WINDOWS\system32\igldev32.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
2008-06-23 10:20:31 114688 --a------ C:\WINDOWS\system32\igfxzoom.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:31 94208 --a------ C:\WINDOWS\system32\igfxtray.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:31 159744 --a------ C:\WINDOWS\system32\igfxsrvc.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:31 57344 --a------ C:\WINDOWS\system32\igfxsrvc.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:31 1503232 --a------ C:\WINDOWS\system32\igfxress.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:30 147456 --a------ C:\WINDOWS\system32\igfxpph.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:30 114688 --a------ C:\WINDOWS\system32\igfxpers.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:30 94208 --a------ C:\WINDOWS\system32\igfxext.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\igfxexps.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:30 86016 --a------ C:\WINDOWS\system32\igfxdo.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:30 135168 --a------ C:\WINDOWS\system32\igfxdev.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:30 446464 --a------ C:\WINDOWS\system32\igfxcfg.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuTRK.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuTHA.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuSVE.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuRUS.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuPTG.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuPTB.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuPLK.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuNOR.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuNLD.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuKOR.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuJPN.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuITA.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuHUN.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuHEB.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuFRC.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuFRA.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuFIN.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuESP.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuENG.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuELL.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 114688 --a------ C:\WINDOWS\system32\ialmudlg.exe <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuDEU.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuDAN.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuCSY.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuCHT.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuCHS.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuARB.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 40960 --a------ C:\WINDOWS\system32\ialmuARA.dll <Not Verified; Intel(r) Corporation; Uninstset Installation Utility>
2008-06-23 10:20:30 36990 --a------ C:\WINDOWS\system32\ialmrnt5.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
2008-06-23 10:20:30 49152 --a------ C:\WINDOWS\system32\ialmrem.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
2008-06-23 10:20:30 118395 --a------ C:\WINDOWS\system32\ialmdnt5.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
2008-06-23 10:20:30 213274 --a------ C:\WINDOWS\system32\ialmdev5.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
2008-06-23 10:20:30 900218 --a------ C:\WINDOWS\system32\ialmdd5.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
2008-06-23 10:20:30 61440 --a------ C:\WINDOWS\system32\iAlmCoIn_v4396.dll <Not Verified; Intel Corporation; i830M>
2008-06-23 10:20:30 77824 --a------ C:\WINDOWS\system32\hkcmd.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:30 73728 --a------ C:\WINDOWS\system32\hccutils.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2008-06-23 10:20:30 1302332 --a------ C:\WINDOWS\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
2008-06-23 10:15:36 94208 --a------ C:\WINDOWS\system32\GTW32N50.dll
2008-06-23 10:15:36 232192 --a------ C:\WINDOWS\system32\drivers\rt73.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11 Wireless Adapters>
2008-06-23 10:15:26 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-23 10:11:17 0 d-------- C:\drvrtmp
2008-06-23 08:47:20 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-06-23 08:46:58 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-06-23 08:46:58 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-06-23 08:46:58 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-23 08:46:58 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-06-23 08:46:58 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-06-23 08:46:58 1310720 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-23 08:46:58 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-23 08:46:58 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-06-23 08:46:58 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-23 08:46:58 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-06-23 08:46:58 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-06-23 08:46:58 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-06-23 08:46:58 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-23 08:46:50 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-06-23 08:46:49 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-06-23 08:46:48 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-06-23 08:46:48 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-06-23 08:46:48 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2008-06-23 08:46:48 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-06-23 08:46:48 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-06-23 08:46:37 225280 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-06-23 08:46:37 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-06-23 08:46:37 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-06-23 08:46:37 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-06-23 08:46:37 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-06-23 08:43:27 0 d-------- C:\WINDOWS\system32\xircom
2008-06-23 08:43:27 0 d-------- C:\Program Files\microsoft frontpage
2008-06-23 08:43:16 262144 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-06-23 08:43:16 0 d-------- C:\DELL
2008-06-23 08:42:58 0 -rahs---- C:\MSDOS.SYS
2008-06-23 08:42:57 0 -rahs---- C:\IO.SYS
2008-06-23 08:42:57 0 --a------ C:\CONFIG.SYS
2008-06-23 08:42:57 0 --a------ C:\AUTOEXEC.BAT
2008-06-23 08:41:48 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-06-23 08:41:37 0 dr------- C:\WINDOWS\Offline Web Pages
2008-06-23 08:41:37 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-06-23 08:41:26 0 d--h----- C:\Program Files\WindowsUpdate
2008-06-23 08:41:05 0 d-------- C:\WINDOWS\system32\DirectX
2008-06-23 08:40:38 0 d---s---- C:\WINDOWS\Tasks
2008-06-23 08:40:37 0 d-------- C:\Program Files\Common Files\MSSoap
2008-06-23 08:40:34 0 d-------- C:\WINDOWS\srchasst
2008-06-23 08:40:33 0 d-------- C:\WINDOWS\system32\Macromed
2008-06-23 08:40:27 0 d-------- C:\Program Files\Movie Maker
2008-06-23 08:40:21 0 d-------- C:\WINDOWS\system32\Restore
2008-06-23 08:39:40 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-06-23 08:39:22 0 d-------- C:\WINDOWS\Registration
2008-06-23 08:39:13 0 d-------- C:\Program Files\Online Services
2008-06-23 08:39:07 0 d-------- C:\Program Files\Messenger
2008-06-23 08:39:04 0 d-------- C:\Program Files\MSN Gaming Zone
2008-06-23 08:38:31 0 d-------- C:\Program Files\Windows NT
2008-06-23 08:38:29 0 d-------- C:\WINDOWS\system32\MsDtc
2008-06-23 08:38:28 0 d-------- C:\WINDOWS\system32\Com
2008-06-23 03:34:21 0 d--hs---- C:\WINDOWS\Installer
2008-06-23 03:34:20 0 d-------- C:\Program Files\Common Files\ODBC
2008-06-23 03:34:17 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-06-23 03:34:16 0 dr------- C:\Program Files
2008-06-23 03:34:16 0 d-------- C:\Program Files\Common Files
2008-06-23 03:33:51 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-06-23 03:33:51 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-06-23 03:33:51 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-06-23 03:33:51 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-06-23 03:33:51 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-06-23 03:33:51 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-06-23 03:33:51 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-06-23 03:33:51 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-06-23 03:33:51 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-06-23 03:33:51 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-06-23 03:33:51 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-06-23 03:33:51 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-06-23 03:33:51 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-06-23 03:33:51 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-06-23 03:33:51 0 dr------- C:\Documents and Settings\All Users\Documents
2008-06-23 03:33:51 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-06-23 03:31:37 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-06-23 03:31:37 0 d-------- C:\WINDOWS\system32\CatRoot
2008-06-23 03:31:31 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-06-23 03:31:31 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-06-23 03:31:31 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-06-23 03:31:31 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-06-23 03:30:36 0 d-------- C:\Documents and Settings
2008-06-23 03:18:55 0 d--hs---- C:\System Volume Information
2008-06-23 03:18:12 0 d-------- C:\WINDOWS
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\WinSxS
2008-06-23 03:18:12 0 dr------- C:\WINDOWS\Web
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\twain_32
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\wins
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\wbem
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\usmt
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\spool
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\ShellExt
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\Setup
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\ras
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\oobe
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\npp
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\mui
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\inetsrv
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\IME
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\icsxml
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\ias
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\export
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\drivers
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-06-23 03:18:12 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\dhcp
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\config
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\3076
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\2052
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\1054
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\1042
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\1041
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\1037
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\1033
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\1031
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\1028
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system32\1025
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\system
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\security
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\Resources
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\repair
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\Provisioning
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\PeerNet
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\pchealth
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\mui
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\msapps
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\msagent
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\Media
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\java
2008-06-23 03:18:12 0 d--h----- C:\WINDOWS\inf
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\ime
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\Help
2008-06-23 03:18:12 0 dr--s---- C:\WINDOWS\Fonts
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\ehome
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\Driver Cache
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\dell
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\Debug
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\Cursors
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\Connection Wizard
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\Config
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\AppPatch
2008-06-23 03:18:12 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2008-06-23 03:33:51 62 --ahs---- C:\Documents and Settings\Administrator\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
11/26/2007 10:46 AM 324936 --a------ c:\PROGRA~1\mcafee\msk\mcapbho.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5F6D7A37-A3D1-47F1-920D-3F48370D509B}]
06/29/2008 08:07 PM 15360 --a------ C:\WINDOWS\system32\931928\931928.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [09/20/2005 10:35 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [09/20/2005 10:32 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [09/20/2005 10:36 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [11/01/2007 07:12 PM]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [08/24/2007 04:57 PM]
"McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [11/30/2007 05:42 AM]
"lphcp3gj0elat"="C:\WINDOWS\system32\lphcp3gj0elat.exe" [06/28/2008 11:47 AM]
"SMrhct3gj0elat"="C:\Program Files\rhct3gj0elat\rhct3gj0elat.exe" []
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [10/14/2004 02:42 PM]
"antiviirus"="C:\Program Files\antiviirus.exe" [06/28/2008 05:53 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [04/13/2008 07:12 PM]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [08/30/2007 05:43 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"=1 (0x1)
"NoDispScrSavPage"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"RunRam"= {55ef6de0-5202-4ef8-aa81-20e63e4f18c9} - C:\WINDOWS\Resources\RunRam.dll [06/28/2008 05:53 PM 12838]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc




-- End of Deckard's System Scanner: finished at 2008-06-30 00:12:13 ------------

[MWR 3 day Mod]

Hi, jaydee

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.

[Shaba]

Due to Lack of Response this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.