Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Mcafee firewall

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Mcafee firewall

Unread postby glaciercold » January 12th, 2012, 8:42 pm

Recently I found my mcafee anti-virus programs cannot activate its firewall, I click the enable option but it just close down right after I enable it. I contacted their official support and they did not find a solution to this problem, in the end they redirected to this website
I downloaded the DDS and here is the log:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24
Run by Tiger Tan at 17:21:25 on 2012-01-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.12279.10178 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Logitech\G35\G35.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 9\firefox.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 9\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 9\plugin-container.exe
C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 9\plugin-container.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120104230647.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mRun: [<NO NAME>]
mRun: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 64.59.135.133 64.59.135.135 64.59.128.120
TCP: Interfaces\{4473A242-CAF6-4C92-BC24-AF86879CBBF0} : DhcpNameServer = 64.59.135.133 64.59.135.135 64.59.128.120
TCP: Interfaces\{4473A242-CAF6-4C92-BC24-AF86879CBBF0}\07F6C69647 : DhcpNameServer = 192.168.1.254 75.153.176.1
TCP: Interfaces\{4473A242-CAF6-4C92-BC24-AF86879CBBF0}\4516E6 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{4473A242-CAF6-4C92-BC24-AF86879CBBF0}\4716E6 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{4473A242-CAF6-4C92-BC24-AF86879CBBF0}\47563747 : DhcpNameServer = 192.168.1.254 199.185.220.254
TCP: Interfaces\{EFA6EDE8-FC26-4D4C-A908-9010347D9DC3} : DhcpNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120104230647.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mRun-x64: [(Default)]
mRun-x64: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Tiger Tan\AppData\Roaming\Mozilla\Firefox\Profiles\auk6vt7k.default\
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-1-10 13336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-1-4 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-1-4 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-1-4 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-1-4 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-1-4 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-1-10 1692480]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 LADF_DHP2;G35 DHP2 Filter Driver;C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys --> C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys [?]
R3 LADF_SBVM;G35 SBVM Filter Driver;C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys --> C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\system32\Drivers\nx6000.sys --> C:\Windows\system32\Drivers\nx6000.sys [?]
R3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/01/10 21:53:58;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-4-26 232944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-1-4 249936]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-01-12 01:48:36 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-12 01:48:36 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-12 01:48:35 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-12 01:48:35 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-12 01:48:14 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-12 01:48:14 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-12 01:48:13 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-12 01:48:13 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-05 06:06:58 -------- d-----w- C:\Program Files (x86)\McAfee.com
2012-01-05 06:06:47 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-01-05 06:06:47 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2012-01-05 06:06:39 75808 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2012-01-05 06:06:39 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-01-05 06:06:39 481768 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-01-05 06:06:39 284648 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-01-05 06:06:39 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-01-05 06:06:39 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2012-01-05 06:06:33 -------- d-----w- C:\Program Files\McAfee.com
2012-01-05 06:06:33 -------- d-----w- C:\Program Files\McAfee
2012-01-05 06:02:52 161168 ----a-w- C:\Windows\System32\mfevtps.exe
2011-12-20 01:55:05 -------- d-----w- C:\ProgramData\eMule
2011-12-15 03:49:49 -------- d-----w- C:\Program Files\iTunes
2011-12-15 03:49:49 -------- d-----w- C:\Program Files\iPod
.
==================== Find3M ====================
.
2012-01-11 06:17:11 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-09 04:32:36 281880 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-01-09 04:32:36 281880 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-01-09 04:32:22 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-01-02 20:44:51 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-05 05:41:43 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-05 04:35:00 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-30 04:24:27 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-10-30 04:24:27 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-10-26 05:21:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-10-26 04:21:54 66560 ----a-w- C:\Windows\System32\OpenVideo64.dll
2011-10-26 04:21:48 56832 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2011-10-26 04:21:40 66560 ----a-w- C:\Windows\System32\OVDecoder64.dll
2011-10-26 04:21:34 56832 ----a-w- C:\Windows\SysWow64\OVDecoder.dll
2011-10-26 04:21:24 16991744 ----a-w- C:\Windows\System32\amdocl64.dll
2011-10-26 04:20:42 13950464 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-10-26 03:05:10 10496512 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-10-26 02:16:06 24866816 ----a-w- C:\Windows\System32\atio6axx.dll
2011-10-26 02:06:10 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-10-26 02:05:58 748544 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-10-26 02:04:28 892416 ----a-w- C:\Windows\System32\aticfx64.dll
2011-10-26 02:01:46 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-10-26 02:01:36 517120 ----a-w- C:\Windows\System32\atieclxx.exe
2011-10-26 02:00:58 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-10-26 01:59:48 18757120 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-10-26 01:59:44 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-10-26 01:59:22 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-10-26 01:59:16 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-10-26 01:59:04 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-10-26 01:58:58 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-10-26 01:58:54 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-10-26 01:58:48 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-10-26 01:55:48 4292096 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-10-26 01:46:12 5041664 ----a-w- C:\Windows\System32\atidxx64.dll
2011-10-26 01:43:48 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-10-26 01:43:24 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-10-26 01:43:12 4044288 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-10-26 01:38:32 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-10-26 01:38:30 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-10-26 01:38:20 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-10-26 01:38:18 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-10-26 01:38:08 9978880 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-10-26 01:35:38 4353536 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-10-26 01:34:56 8449024 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-10-26 01:32:30 4189184 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-10-26 01:29:32 5510144 ----a-w- C:\Windows\System32\atiumd64.dll
2011-10-26 01:29:24 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-10-26 01:22:38 486912 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-10-26 01:22:30 339968 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-10-26 01:22:20 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-10-26 01:22:16 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-10-26 01:22:16 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-10-26 01:22:12 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-10-26 01:22:06 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-10-26 01:21:58 326656 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-10-26 01:21:12 40960 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-10-26 01:21:06 31744 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-10-26 01:21:00 38912 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-10-26 01:20:52 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-10-26 01:20:20 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-10-26 01:16:06 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2011-10-26 01:16:06 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-10-26 01:15:58 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-10-26 01:15:58 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-10-24 20:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-10-24 20:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-10-15 19:16:16 647080 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2011-10-15 19:16:16 160280 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2011-10-15 06:31:56 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-10-15 05:38:59 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
.
============= FINISH: 17:28:20.85 ===============
glaciercold
Active Member
 
Posts: 1
Joined: January 12th, 2012, 8:34 pm
Advertisement
Register to Remove

Re: Mcafee firewall

Unread postby Blade81 » January 15th, 2012, 12:44 pm

Hi,

Post attach.txt contents too.
User avatar
Blade81
Admin/Teacher
Admin/Teacher
 
Posts: 5245
Joined: July 17th, 2006, 3:36 am
Location: Finland

Re: Mcafee firewall

Unread postby deltalima » January 24th, 2012, 5:55 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 48 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware