how to get rid of Malware on my pc ?

aayush
aayush Posts: 1,292
Name Dropper First Anniversary First Post
Forumite
Hi can any one help and advise of free way of getting rid of the above
«1

Comments

  • gonzo127
    gonzo127 Posts: 4,482
    First Anniversary Combo Breaker
    Forumite
    look in the sticky threads at one called how to speed up a slow or infected computer
    Drop a brand challenge
    on a £100 shop you might on average get 70 items save
    10p per product = £7 a week ~ £28 a month
    20p per product = £14 a week ~ £56 a month
    30p per product = £21 a week ~ £84 a month (or in other words one weeks shoping at the new price)
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Post me a DDS log - should take 2-3 minutes - & a brief explanation of what is wrong..

    Download DDS from the link below and save it to your desktop:

    Link

    After you've downloaded it and saved it to your desktop:
    • Double click DDS to run it.
    • Click Start
    • When it's finished, DDS will open two logs:
    1. DDS.txt
    2. Attach.txt
    Save both reports to your desktop.

    Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)
  • aayush
    aayush Posts: 1,292
    Name Dropper First Anniversary First Post
    Forumite
    Dear waddler

    Please see below

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16483
    Run by sanjay at 11:06:42 on 2013-05-18
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2036.633 [GMT 1:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\MyPC Backup\BackupStack.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    C:\Windows\system32\mfevtps.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files\Wajam\Updater\WajamUpdater.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Windows\System32\WUDFHost.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\WINDOWS\RtHDVCpl.exe
    C:\hp\support\hpsysdrv.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\System32\igfxpers.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Users\sanjay\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    C:\Program Files\Zoom Downloader\DownloadManager.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\MyPC Backup\Signup Wizard.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Windows Mail\WinMail.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_content=1&utm_term=6A1B973BAEAD4797
    uDefault_Page_URL = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_content=1&utm_term=6A1B973BAEAD4797
    mStart Page = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_content=1&utm_term=6A1B973BAEAD4797
    mDefault_Page_URL = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_content=1&utm_term=6A1B973BAEAD4797
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Discount Buddy: {11111111-1111-1111-1111-110211671166} - c:\program files\discount buddy\Discount Buddy.dll
    BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
    BHO: AOL Toolbar BHO: {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
    BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - c:\program files\wajam\ie\priam_bho.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - c:\program files\delta\delta\1.8.16.16\bh\delta.dll
    BHO: SafeSearch: {e27d5867-80de-4449-9c03-71707c0db05b} - c:\program files\safesearch\ie\adxloader.dll
    BHO: Zoom Downloader: {E5C66DD8-308B-4a4f-AF0A-3D04F25B5343} -
    TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
    TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
    TB: SafeSearch Toolbar: {fc0c0170-4eb0-430d-a7f3-939ee7ea1a25} - c:\program files\safesearch\ie\adxloader.dll
    TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - c:\program files\delta\delta\1.8.16.16\deltaTlbr.dll
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autorun=AUTORUN
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
    uRun: [Google Update] "c:\users\sanjay\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [MPOptimizer] "c:\program files\maxperforma optimizer\MaxPerforma.exe" /scan
    uRun: [Facebook Update] "c:\users\sanjay\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [SkyDrive] "c:\users\sanjay\appdata\local\microsoft\skydrive\SkyDrive.exe" /background
    uRun: [FDPRO-516] c:\program files\fighters\FighterLauncher.exe FDPRO
    uRun: [DownloadManager] "c:\program files\zoom downloader\DownloadManager.exe" /as
    mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_01\bin\jusched.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    StartupFolder: c:\users\sanjay\appdata\roaming\micros~1\windows\startm~1\programs\startup\mypcba~1.lnk - c:\program files\mypc backup\MyPC Backup.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: &AOL Toolbar Search - c:\programdata\aol\ietoolbar\resources\en-gb\local\search.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    TCP: NameServer = 192.168.1.254 192.168.1.254
    TCP: Interfaces\{6473A8BF-841D-4F18-88C8-76ACE22DA225} : DHCPNameServer = 192.168.1.254 192.168.1.254
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: GoToAssist - c:\program files\citrix\gotoassist\896\G2AWinLogon.dll
    Notify: igfxcui - igfxdev.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2013-2-19 565888]
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
    R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2013-2-19 210608]
    R1 MpKslb1915205;MpKslb1915205;c:\programdata\microsoft\microsoft antimalware\definition updates\{5a209028-1160-44e8-a7aa-0918d35fa0db}\MpKslb1915205.sys [2013-5-18 29904]
    R2 BackupStack;Computer Backup (MyPC Backup);c:\program files\mypc backup\BackupStack.exe [2013-5-11 32808]
    R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
    R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 100328]
    R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2013-5-17 60920]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-5-18 22856]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2013-5-17 235264]
    R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2013-5-17 363080]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2013-5-17 146872]
    S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2013-5-17 65928]
    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2013-5-17 92632]
    .
    =============== Created Last 30 ================
    .
    2013-05-18 09:55:54 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5a209028-1160-44e8-a7aa-0918d35fa0db}\MpKslb1915205.sys
    2013-05-18 07:40:59
    d
    w- c:\users\sanjay\appdata\roaming\Malwarebytes
    2013-05-18 07:40:32
    d
    w- c:\programdata\Malwarebytes
    2013-05-18 07:40:25 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-05-18 07:40:24
    d
    w- c:\program files\Malwarebytes' Anti-Malware
    2013-05-17 22:53:53 7016152 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5a209028-1160-44e8-a7aa-0918d35fa0db}\mpengine.dll
    2013-05-17 19:08:46
    d
    w- c:\users\sanjay\appdata\local\Zoom_Downloader
    2013-05-17 19:08:33
    d
    w- c:\program files\Zoom Downloader
    2013-05-17 19:06:56
    d
    w- c:\users\sanjay\appdata\roaming\Fighters
    2013-05-17 19:06:50
    d
    w- c:\programdata\Fighters
    2013-05-17 19:06:14
    d
    w- c:\program files\MyPC Backup
    2013-05-17 18:04:24
    d
    w- c:\users\sanjay\appdata\local\Wajam
    2013-05-17 18:04:19
    d
    w- c:\program files\Wajam
    2013-05-17 18:03:08
    d
    w- c:\users\sanjay\appdata\roaming\BabSolution
    2013-05-17 18:03:07
    d
    w- c:\program files\Delta
    2013-05-17 18:02:57
    d
    w- c:\users\sanjay\appdata\roaming\Delta
    2013-05-17 18:02:26
    d
    w- c:\users\sanjay\appdata\roaming\Babylon
    2013-05-17 18:02:26
    d
    w- c:\programdata\Babylon
    2013-05-17 10:23:48 146872 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
    2013-05-17 10:22:39 10088 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
    2013-05-17 10:22:21 92632 ----a-w- c:\windows\system32\drivers\mferkdet.sys
    2013-05-17 10:22:21 363080 ----a-w- c:\windows\system32\drivers\mfefirek.sys
    2013-05-17 10:22:20 65928 ----a-w- c:\windows\system32\drivers\mfebopk.sys
    2013-05-17 10:22:20 60920 ----a-w- c:\windows\system32\drivers\cfwids.sys
    2013-05-17 10:22:20 235264 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
    2013-05-17 10:22:12
    d
    w- c:\program files\common files\Mcafee
    2013-05-17 10:22:02
    d
    w- c:\program files\McAfee.com
    2013-05-17 10:21:37
    d
    w- c:\program files\McAfee
    2013-05-17 10:08:03 172416 ----a-w- c:\windows\system32\mfevtps.exe
    2013-05-17 08:13:20 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2013-05-16 21:52:43 7016152 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2013-05-16 18:21:33 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2013-05-16 18:21:33 37376 ----a-w- c:\windows\system32\cdd.dll
    2013-05-16 18:21:07 2049024 ----a-w- c:\windows\system32\win32k.sys
    2013-05-14 21:53:32
    d
    w- c:\users\sanjay\appdata\roaming\LibreOffice
    2013-05-14 21:49:32
    d
    w- c:\windows\System64
    2013-05-14 21:45:42
    d
    w- c:\program files\LibreOffice 4.0
    2013-05-14 21:39:05
    d
    w- c:\users\sanjay\appdata\local\Discount Buddy
    2013-05-14 21:39:00
    d
    w- c:\program files\Discount Buddy
    2013-05-14 21:38:24
    d
    w- c:\users\sanjay\appdata\local\TNT2
    2013-05-14 17:51:27
    d
    w- c:\users\sanjay\appdata\local\Kingsoft
    2013-05-14 17:48:54
    d
    w- c:\users\sanjay\appdata\roaming\Kingsoft
    2013-05-14 17:48:45
    d
    w- c:\programdata\Kingsoft
    2013-05-14 17:48:04
    d
    w- c:\program files\Kingsoft
    2013-05-14 15:27:54
    d
    w- c:\program files\MSECache
    2013-05-14 13:54:33
    d
    w- c:\users\sanjay\appdata\local\ElevatedDiagnostics
    2013-05-05 08:44:15 83968 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPPAR.DLL
    2013-05-05 08:44:15 29184 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPDAR.DLL
    2013-05-05 08:42:53 310272 ----a-w- c:\windows\system32\CNMLMAR.DLL
    2013-05-05 08:39:37 323584 ----a-w- c:\windows\system32\CNC_ARL.dll
    2013-05-05 08:39:37 114688 ----a-w- c:\windows\system32\CNC_ARI.dll
    2013-05-05 08:39:36 286720 ----a-w- c:\windows\system32\CNC_ARC.dll
    2013-05-05 08:39:36 15872 ----a-w- c:\windows\system32\CNHMCA.dll
    2013-05-05 08:39:36 114688 ----a-w- c:\windows\system32\CNC_ARU.dll
    2013-05-02 01:15:43
    d--h--w- C:\SkyDriveTemp
    2013-05-02 01:13:13
    d
    w- c:\program files\Microsoft SkyDrive
    2013-05-02 01:13:13
    d
    r- c:\users\sanjay\SkyDrive
    2013-05-02 01:12:45
    d
    w- c:\programdata\Microsoft SkyDrive
    2013-04-24 11:04:19 706640
    w- c:\programdata\microsoft\microsoft antimalware\definition updates\{594a395e-228c-4e73-abe2-d8612f84fddc}\gapaengine.dll
    .
    ==================== Find3M ====================
    .
    2013-05-02 15:28:50 238872
    w- c:\windows\system32\MpSigStub.exe
    2013-04-04 22:11:34 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2013-04-04 22:02:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-04-04 22:02:17 1129472 ----a-w- c:\windows\system32\wininet.dll
    2013-04-04 21:58:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2013-04-04 21:57:45 420864 ----a-w- c:\windows\system32\vbscript.dll
    2013-03-11 13:25:50 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-03-11 13:25:50 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-03-09 13:42:55 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
    2013-03-09 03:45:04 49152 ----a-w- c:\windows\system32\csrsrv.dll
    2013-03-09 01:28:08 64000 ----a-w- c:\windows\system32\smss.exe
    2013-03-08 03:53:50 376320 ----a-w- c:\windows\system32\winsrv.dll
    2013-03-08 03:52:22 2067968 ----a-w- c:\windows\system32\mstscax.dll
    2013-03-07 14:29:30 588472 ----a-w- c:\windows\system32\ezsvc7x.dll
    2013-03-03 19:07:52 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
    2013-02-19 13:12:24 210608 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
    2013-02-19 13:09:52 565888 ----a-w- c:\windows\system32\drivers\mfehidk.sys
    2013-02-19 13:07:50 133416 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
    .
    ============= FINISH: 11:09:49.11 ===============
  • aayush
    aayush Posts: 1,292
    Name Dropper First Anniversary First Post
    Forumite
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 07/03/2013 14:30:03
    System Uptime: 18/05/2013 10:55:09 (1 hours ago)
    .
    Motherboard: MSI | | Boston
    Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz | Socket 775 | 2000/800mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 223 GiB total, 159.294 GiB free.
    D: is FIXED (NTFS) - 10 GiB total, 1.373 GiB free.
    E: is CDROM ()
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    .
    ==== Installed Programs ======================
    .
    7-Zip 9.20
    Activation Assistant for the 2007 Microsoft Office suites
    Adobe Flash Player ActiveX
    Adobe Reader 8.1.2
    AOL Toolbar 5.0
    BT NetProtect Plus
    Canon MG3100 series MP Drivers
    CCleaner
    Compatibility Pack for the 2007 Office system
    CyberLink DVD Suite Deluxe
    CyberLink PowerDirector
    Delta Chrome Toolbar
    Delta toolbar
    Discount Buddy
    Facebook Video Calling 1.2.0.287
    Google Chrome
    Google Talk Plugin
    Google Update Helper
    GoToAssist Corporate
    Hardware Diagnostic Tools
    Hewlett-Packard Active Check for Health Check
    Hewlett-Packard Asset Agent for Health Check
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Customer Experience Enhancements
    HP Customer Feedback
    HP Demo
    HP Easy Setup - Frontend
    HP Total Care Advisor
    HP Update
    Intel(R) Graphics Media Accelerator Driver
    Java(TM) SE Runtime Environment 6 Update 1
    Kingsoft Office 2012 (8.1.0.3385)
    LabelPrint
    LibreOffice 4.0.3.3
    LightScribe System Software 1.12.37.1
    Malwarebytes Anti-Malware version 1.75.0.1300
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word Viewer 2003
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft SkyDrive
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Works
    muvee autoProducer 6.1
    My HP Games
    MyPC Backup
    Power2Go
    Python 2.5
    Realtek High Definition Audio Driver
    SafeSearch
    Search.us.com
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Shared C Run-time for x86
    Skype Click to Call
    Skype™ 6.3
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Wajam
    Zoom Downloader
    .
    ==== End Of File ===========================
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Uninstall all these:

    Delta Chrome Toolbar
    Delta toolbar
    Discount Buddy
    MyPC Backup
    SafeSearch
    Search.us.com
    Wajam
    Zoom Downloader


    Uninstall or change a program - http://windows.microsoft.com/en-gb/windows-vista/uninstall-or-change-a-program


    Then download AdwCleaner from the link below & save it to your desktop.

    LINK

    Then,
    • Right click AdwCleaner.exe & choose "Run as administrator" to run it.
    • Click Delete.
    • Click OK to the prompt.
    • The tool will run & your computer will be rebooted automatically. A logfile will open after the restart.
    • Post the contents of the logfile with your next reply.
    • You can also find the logfile at C:\AdwCleaner[s1].txt.
  • spud17
    spud17 Posts: 4,393
    Name Dropper Combo Breaker First Post First Anniversary
    Forumite
    waddler_8, assume you noticed multiple av's. :)
    (Just checking, don't want to interfere.)
    Move along, nothing to see.
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Yes - noticed it. ;) We'll get rid of the junkware first. There's Java and Adobe to update too.
  • aayush
    aayush Posts: 1,292
    Name Dropper First Anniversary First Post
    Forumite
    # AdwCleaner v2.301 - Logfile created 05/18/2013 at 16:20:10
    # Updated 16/05/2013 by Xplode
    # Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # User : sanjay - SANJAY-PC
    # Boot Mode : Normal
    # Running from : C:\Users\sanjay\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\END
    Folder Deleted : C:\ProgramData\Babylon
    Folder Deleted : C:\Users\sanjay\AppData\Local\APN
    Folder Deleted : C:\Users\sanjay\AppData\Local\Zoom_Downloader
    Folder Deleted : C:\Users\sanjay\AppData\Roaming\Babylon

    ***** [Registry] *****

    Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
    Key Deleted : HKLM\Software\Babylon
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Software

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16483

    [OK] Registry is clean.

    -\\ Google Chrome v26.0.1410.64

    File : C:\Users\sanjay\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Deleted [l.40] : icon_url = "hxxp://www.ask.com/favicon.ico",
    Deleted [l.43] : keyword = "ask.com",
    Deleted [l.47] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10267&locale=e[...]
    Deleted [l.48] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]

    *************************

    AdwCleaner[S1].txt - [1608 octets] - [18/05/2013 16:20:10]

    ########## EOF - C:\AdwCleaner[S1].txt - [1668 octets] ##########
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    How are things running now after that?

    You need to uninstall one of either Mcafee or Microsoft Security Essentials. Let me know which one you'd like to keep.
  • aayush
    aayush Posts: 1,292
    Name Dropper First Anniversary First Post
    Forumite
    pls advise y i need to uninstall one or the other ?
This discussion has been closed.
Meet your Ambassadors

Categories

  • All Categories
  • 342.5K Banking & Borrowing
  • 249.9K Reduce Debt & Boost Income
  • 449.4K Spending & Discounts
  • 234.6K Work, Benefits & Business
  • 607.1K Mortgages, Homes & Bills
  • 172.8K Life & Family
  • 247.4K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 15.8K Discuss & Feedback
  • 15.1K Coronavirus Support Boards