McAfee real time scan will not stay on

how to disable mcafee site advisor

Broni Malware Annihilator Posts: 50,674 +314

Welcome aboard

waltd15 TS Rookie Topic Starter

Database version: 6579

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

5/16/2011 11:41:28 AM

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

Registry Data Items Infected:

(No malicious items detected)

(No malicious items detected)

Rootkit quick scan 2011-05-16 12:24:54

Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-8 WDC_WD2500AAKS-00SBA0 rev.12.01B01

---- System - GMER 1.0.15 ----

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwCreateKey [0xF7456D70]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteKey [0xF7456D84]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xF7456DB0]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xF7456E06]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenKey [0xF7456D5C]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenProcess [0xF7456D34]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenThread [0xF7456D48]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwRenameKey [0xF7456D9A]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetSecurityObject [0xF7456DDC]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetValueKey [0xF7456DC6]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xF7456E1C]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0xF7456DF0]

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenProcess

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenThread

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtSetSecurityObject

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)

AttachedDevice \Driver\Tcpip \Device\Ip mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

AttachedDevice \Driver\Tcpip \Device\Tcp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

AttachedDevice \Driver\Tcpip \Device\Udp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

AttachedDevice \Driver\Tcpip \Device\RawIp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

---- EOF - GMER 1.0.15 ----

******************DDS logs***************:

****DDS.txt****

DDS (Ver_11-03-05.01) - NTFSx86

Run by WD at 12:29:44.70 on Mon 05/16/2011

Internet Explorer: 8.0.6001.18702

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

C:\Program Files\ActivIdentity\ActivClient\accoca.exe

C:\Program Files\Common Files\AOL\1180737898\ee\AOLSoftware.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe

C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe

C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\Zune\ZuneLauncher.exe

C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\system32\svchost.exe -k HPService

C:\Program Files\ActivIdentity\ActivClient\acevents.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe

C:\Program Files\ActivIdentity\ActivClient\acsagent.exe

C:\Program

Files\Hp\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\WINDOWS\system32\mfevtps.exe

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\ZuneBusEnum.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\system32\rundll32.exe

svchost.exe

C:\WINDOWS\system32\MDM.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\IObit\Advanced SystemCare 4\ASC.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Vuze\Azureus.exe

1\MICROS

1\DW\DWTRIG20.EXE

C:\Program Files\AOL Desktop 9.6\AOLBrowser\aolbrowser.exe

C:\Documents and Settings\WD\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.aol.com

uSearchMigratedDefaultURL = hxxp://search.aol.com/aolcom/search?query=&invocationType=msie70a

uURLSearchHooks: Best Security Tips Toolbar: - c:\program files\best_security_tips\tbBes1.dll

uURLSearchHooks: Vuze Remote Toolbar: - c:\program files\vuze_remote\prxtbVuze.dll

uURLSearchHooks: McAfee SiteAdvisor Toolbar: <0ebbbe48-bad4-4b4c-8e5a-516abecae064> - c:\progra

1\mcafee\siteadvisor\mcieplg.dll

BHO: HP Print Enhancer: <0347c33e-8762-4905-bf09-768834316c61> - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: AcroIEHlprObj Class: <06849e9f-c8d7-4d59-b87d-784b7d6be0b3> - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

1\mcafee\msk\mskapbho.dll

BHO: Conduit Engine: <30f9b915-b755-4826-820b-08fba6bd249d> - c:\program files\conduitengine\prxConduitEngine.dll

BHO: AOL Toolbar Loader: <3ef64538-8b54-4573-b48f-4d34b0238ab2> - c:\program files\aol toolbar\aoltb.dll

BHO: scriptproxy: <7db2d5a0-7241-4e79-b68d-6309f01c5231> - c:\program files\common files\mcafee\systemcore\ScriptSn.20110514082840.dll

BHO: Search Toolbar: <9d425283-d487-4337-bab6-ab8354a81457> - c:\program files\search toolbar\SearchToolbar.dll

BHO: AcroIEToolbarHelper Class: - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

1\mcafee\siteadvisor\mcieplg.dll

TB: Search Toolbar: <9d425283-d487-4337-bab6-ab8354a81457> - c:\program files\search toolbar\SearchToolbar.dll

TB: AOL Toolbar: - c:\program files\aol toolbar\aoltb.dll

TB: Vuze Remote Toolbar: - c:\program files\vuze_remote\prxtbVuze.dll

TB: Conduit Engine: <30f9b915-b755-4826-820b-08fba6bd249d> - c:\program files\conduitengine\prxConduitEngine.dll

1\mcafee\siteadvisor\mcieplg.dll

EB: Adobe PDF: <182ec0be-5110-49c8-a062-beb1d02a220b> - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

EB: HP Smart Web Printing: <555d4d79-4bd2-4094-a395-cfc534424a05> - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [cdloader] "c:\documents and settings\wd\application data\mjusbsp\cdloader2.exe" MAGICJACK

uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [AOL Fast Start] "c:\program files\aol desktop 9.6\AOL.EXE" -b

uRun: [Advanced SystemCare 4] "c:\program files\iobit\advanced systemcare 4\ASCTray.exe"

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [SkyTel] SkyTel.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [igfxtray] c:\windows\system32\igfxtray.exe

mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

mRun: [igfxpers] c:\windows\system32\igfxpers.exe

mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"

mRun: [HostManager] c:\program files\common files\aol\1180737898\ee\AOLSoftware.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"

mRun: [accrdsub] "c:\program files\actividentity\activclient\accrdsub.exe"

mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe

mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"

mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [DWQueuedReporting] "c:\progra

1\common

1\micros

1\dw\dwtrig20.exe" -t

mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

Source: www.techspot.com

Category: Forex

Similar articles: