Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@. Skimlinks & other affiliated links are turned on

Search
Page 1
  • gonzo127
    • #2
    • 18th May 13, 8:02 AM
    • #2
    • 18th May 13, 8:02 AM
    look in the sticky threads at one called how to speed up a slow or infected computer
    Drop a brand challenge
    on a £100 shop you might on average get 70 items save
    10p per product = £7 a week ~ £28 a month
    20p per product = £14 a week ~ £56 a month
    30p per product = £21 a week ~ £84 a month (or in other words one weeks shoping at the new price)
  • waddler_8
    • #3
    • 18th May 13, 9:09 AM
    • #3
    • 18th May 13, 9:09 AM
    Post me a DDS log - should take 2-3 minutes - & a brief explanation of what is wrong..

    Download DDS from the link below and save it to your desktop:

    Link

    After you've downloaded it and saved it to your desktop:
    • Double click DDS to run it.
    • Click Start
    • When it's finished, DDS will open two logs:
    1. DDS.txt
    2. Attach.txt
    Save both reports to your desktop.

    Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)
  • aayush
    • #4
    • 18th May 13, 11:12 AM
    • #4
    • 18th May 13, 11:12 AM
    Dear waddler

    Please see below

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16483
    Run by sanjay at 11:06:42 on 2013-05-18
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2036.633 [GMT 1:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\MyPC Backup\BackupStack.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    C:\Windows\system32\mfevtps.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files\Wajam\Updater\WajamUpdater.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Windows\System32\WUDFHost.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\WINDOWS\RtHDVCpl.exe
    C:\hp\support\hpsysdrv.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\System32\igfxpers.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Users\sanjay\AppData\Local\Microsoft\SkyDrive\S kyDrive.exe
    C:\Program Files\Zoom Downloader\DownloadManager.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\Presen tationFontCache.exe
    C:\Program Files\MyPC Backup\Signup Wizard.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Windows Mail\WinMail.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_c ontent=1&utm_term=6A1B973BAEAD4797
    uDefault_Page_URL = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_c ontent=1&utm_term=6A1B973BAEAD4797
    mStart Page = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_c ontent=1&utm_term=6A1B973BAEAD4797
    mDefault_Page_URL = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_c ontent=1&utm_term=6A1B973BAEAD4797
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Discount Buddy: {11111111-1111-1111-1111-110211671166} - c:\program files\discount buddy\Discount Buddy.dll
    BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
    BHO: AOL Toolbar BHO: {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
    BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - c:\program files\wajam\ie\priam_bho.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - c:\program files\delta\delta\1.8.16.16\bh\delta.dll
    BHO: SafeSearch: {e27d5867-80de-4449-9c03-71707c0db05b} - c:\program files\safesearch\ie\adxloader.dll
    BHO: Zoom Downloader: {E5C66DD8-308B-4a4f-AF0A-3D04F25B5343} -
    TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
    TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
    TB: SafeSearch Toolbar: {fc0c0170-4eb0-430d-a7f3-939ee7ea1a25} - c:\program files\safesearch\ie\adxloader.dll
    TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - c:\program files\delta\delta\1.8.16.16\deltaTlbr.dll
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autorun=AUTORUN
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
    uRun: [Google Update] "c:\users\sanjay\appdata\local\google\update\Googl eUpdate.exe" /c
    uRun: [MPOptimizer] "c:\program files\maxperforma optimizer\MaxPerforma.exe" /scan
    uRun: [Facebook Update] "c:\users\sanjay\appdata\local\facebook\update\Fac ebookUpdate.exe" /c /nocrashserver
    uRun: [SkyDrive] "c:\users\sanjay\appdata\local\microsoft\skydrive\ SkyDrive.exe" /background
    uRun: [FDPRO-516] c:\program files\fighters\FighterLauncher.exe FDPRO
    uRun: [DownloadManager] "c:\program files\zoom downloader\DownloadManager.exe" /as
    mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_01\bin\jusched.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    StartupFolder: c:\users\sanjay\appdata\roaming\micros~1\windows\s tartm~1\programs\startup\mypcba~1.lnk - c:\program files\mypc backup\MyPC Backup.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: &AOL Toolbar Search - c:\programdata\aol\ietoolbar\resources\en-gb\local\search.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    TCP: NameServer = 192.168.1.254 192.168.1.254
    TCP: Interfaces\{6473A8BF-841D-4F18-88C8-76ACE22DA225} : DHCPNameServer = 192.168.1.254 192.168.1.254
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: GoToAssist - c:\program files\citrix\gotoassist\896\G2AWinLogon.dll
    Notify: igfxcui - igfxdev.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\insta ller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2013-2-19 565888]
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
    R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2013-2-19 210608]
    R1 MpKslb1915205;MpKslb1915205;c:\programdata\microso ft\microsoft antimalware\definition updates\{5a209028-1160-44e8-a7aa-0918d35fa0db}\MpKslb1915205.sys [2013-5-18 29904]
    R2 BackupStack;Computer Backup (MyPC Backup);c:\program files\mypc backup\BackupStack.exe [2013-5-11 32808]
    R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
    R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 100328]
    R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2013-5-17 60920]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\dr ivers\mbam.sys [2013-5-18 22856]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2013-5-17 235264]
    R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2013-5-17 363080]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK. sys [2013-5-17 146872]
    S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2013-5-17 65928]
    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2013-5-17 92632]
    .
    =============== Created Last 30 ================
    .
    2013-05-18 09:55:54 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5a209028-1160-44e8-a7aa-0918d35fa0db}\MpKslb1915205.sys
    2013-05-18 07:40:59 -------- d-----w- c:\users\sanjay\appdata\roaming\Malwarebytes
    2013-05-18 07:40:32 -------- d-----w- c:\programdata\Malwarebytes
    2013-05-18 07:40:25 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-05-18 07:40:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2013-05-17 22:53:53 7016152 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5a209028-1160-44e8-a7aa-0918d35fa0db}\mpengine.dll
    2013-05-17 19:08:46 -------- d-----w- c:\users\sanjay\appdata\local\Zoom_Downloader
    2013-05-17 19:08:33 -------- d-----w- c:\program files\Zoom Downloader
    2013-05-17 19:06:56 -------- d-----w- c:\users\sanjay\appdata\roaming\Fighters
    2013-05-17 19:06:50 -------- d-----w- c:\programdata\Fighters
    2013-05-17 19:06:14 -------- d-----w- c:\program files\MyPC Backup
    2013-05-17 18:04:24 -------- d-----w- c:\users\sanjay\appdata\local\Wajam
    2013-05-17 18:04:19 -------- d-----w- c:\program files\Wajam
    2013-05-17 18:03:08 -------- d-----w- c:\users\sanjay\appdata\roaming\BabSolution
    2013-05-17 18:03:07 -------- d-----w- c:\program files\Delta
    2013-05-17 18:02:57 -------- d-----w- c:\users\sanjay\appdata\roaming\Delta
    2013-05-17 18:02:26 -------- d-----w- c:\users\sanjay\appdata\roaming\Babylon
    2013-05-17 18:02:26 -------- d-----w- c:\programdata\Babylon
    2013-05-17 10:23:48 146872 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
    2013-05-17 10:22:39 10088 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
    2013-05-17 10:22:21 92632 ----a-w- c:\windows\system32\drivers\mferkdet.sys
    2013-05-17 10:22:21 363080 ----a-w- c:\windows\system32\drivers\mfefirek.sys
    2013-05-17 10:22:20 65928 ----a-w- c:\windows\system32\drivers\mfebopk.sys
    2013-05-17 10:22:20 60920 ----a-w- c:\windows\system32\drivers\cfwids.sys
    2013-05-17 10:22:20 235264 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
    2013-05-17 10:22:12 -------- d-----w- c:\program files\common files\Mcafee
    2013-05-17 10:22:02 -------- d-----w- c:\program files\McAfee.com
    2013-05-17 10:21:37 -------- d-----w- c:\program files\McAfee
    2013-05-17 10:08:03 172416 ----a-w- c:\windows\system32\mfevtps.exe
    2013-05-17 08:13:20 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2013-05-16 21:52:43 7016152 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2013-05-16 18:21:33 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2013-05-16 18:21:33 37376 ----a-w- c:\windows\system32\cdd.dll
    2013-05-16 18:21:07 2049024 ----a-w- c:\windows\system32\win32k.sys
    2013-05-14 21:53:32 -------- d-----w- c:\users\sanjay\appdata\roaming\LibreOffice
    2013-05-14 21:49:32 -------- d-----w- c:\windows\System64
    2013-05-14 21:45:42 -------- d-----w- c:\program files\LibreOffice 4.0
    2013-05-14 21:39:05 -------- d-----w- c:\users\sanjay\appdata\local\Discount Buddy
    2013-05-14 21:39:00 -------- d-----w- c:\program files\Discount Buddy
    2013-05-14 21:38:24 -------- d-----w- c:\users\sanjay\appdata\local\TNT2
    2013-05-14 17:51:27 -------- d-----w- c:\users\sanjay\appdata\local\Kingsoft
    2013-05-14 17:48:54 -------- d-----w- c:\users\sanjay\appdata\roaming\Kingsoft
    2013-05-14 17:48:45 -------- d-----w- c:\programdata\Kingsoft
    2013-05-14 17:48:04 -------- d-----w- c:\program files\Kingsoft
    2013-05-14 15:27:54 -------- d-----w- c:\program files\MSECache
    2013-05-14 13:54:33 -------- d-----w- c:\users\sanjay\appdata\local\ElevatedDiagnostics
    2013-05-05 08:44:15 83968 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPPAR. DLL
    2013-05-05 08:44:15 29184 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPDAR. DLL
    2013-05-05 08:42:53 310272 ----a-w- c:\windows\system32\CNMLMAR.DLL
    2013-05-05 08:39:37 323584 ----a-w- c:\windows\system32\CNC_ARL.dll
    2013-05-05 08:39:37 114688 ----a-w- c:\windows\system32\CNC_ARI.dll
    2013-05-05 08:39:36 286720 ----a-w- c:\windows\system32\CNC_ARC.dll
    2013-05-05 08:39:36 15872 ----a-w- c:\windows\system32\CNHMCA.dll
    2013-05-05 08:39:36 114688 ----a-w- c:\windows\system32\CNC_ARU.dll
    2013-05-02 01:15:43 -------- d--h--w- C:\SkyDriveTemp
    2013-05-02 01:13:13 -------- d-----w- c:\program files\Microsoft SkyDrive
    2013-05-02 01:13:13 -------- d-----r- c:\users\sanjay\SkyDrive
    2013-05-02 01:12:45 -------- d-----w- c:\programdata\Microsoft SkyDrive
    2013-04-24 11:04:19 706640 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{594a395e-228c-4e73-abe2-d8612f84fddc}\gapaengine.dll
    .
    ==================== Find3M ====================
    .
    2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe
    2013-04-04 22:11:34 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2013-04-04 22:02:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-04-04 22:02:17 1129472 ----a-w- c:\windows\system32\wininet.dll
    2013-04-04 21:58:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2013-04-04 21:57:45 420864 ----a-w- c:\windows\system32\vbscript.dll
    2013-03-11 13:25:50 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-03-11 13:25:50 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-03-09 13:42:55 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
    2013-03-09 03:45:04 49152 ----a-w- c:\windows\system32\csrsrv.dll
    2013-03-09 01:28:08 64000 ----a-w- c:\windows\system32\smss.exe
    2013-03-08 03:53:50 376320 ----a-w- c:\windows\system32\winsrv.dll
    2013-03-08 03:52:22 2067968 ----a-w- c:\windows\system32\mstscax.dll
    2013-03-07 14:29:30 588472 ----a-w- c:\windows\system32\ezsvc7x.dll
    2013-03-03 19:07:52 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
    2013-02-19 13:12:24 210608 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
    2013-02-19 13:09:52 565888 ----a-w- c:\windows\system32\drivers\mfehidk.sys
    2013-02-19 13:07:50 133416 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
    .
    ============= FINISH: 11:09:49.11 ===============
  • aayush
    • #5
    • 18th May 13, 11:14 AM
    • #5
    • 18th May 13, 11:14 AM
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 07/03/2013 14:30:03
    System Uptime: 18/05/2013 10:55:09 (1 hours ago)
    .
    Motherboard: MSI | | Boston
    Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz | Socket 775 | 2000/800mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 223 GiB total, 159.294 GiB free.
    D: is FIXED (NTFS) - 10 GiB total, 1.373 GiB free.
    E: is CDROM ()
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    .
    ==== Installed Programs ======================
    .
    7-Zip 9.20
    Activation Assistant for the 2007 Microsoft Office suites
    Adobe Flash Player ActiveX
    Adobe Reader 8.1.2
    AOL Toolbar 5.0
    BT NetProtect Plus
    Canon MG3100 series MP Drivers
    CCleaner
    Compatibility Pack for the 2007 Office system
    CyberLink DVD Suite Deluxe
    CyberLink PowerDirector
    Delta Chrome Toolbar
    Delta toolbar
    Discount Buddy
    Facebook Video Calling 1.2.0.287
    Google Chrome
    Google Talk Plugin
    Google Update Helper
    GoToAssist Corporate
    Hardware Diagnostic Tools
    Hewlett-Packard Active Check for Health Check
    Hewlett-Packard Asset Agent for Health Check
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Customer Experience Enhancements
    HP Customer Feedback
    HP Demo
    HP Easy Setup - Frontend
    HP Total Care Advisor
    HP Update
    Intel(R) Graphics Media Accelerator Driver
    Java(TM) SE Runtime Environment 6 Update 1
    Kingsoft Office 2012 (8.1.0.3385)
    LabelPrint
    LibreOffice 4.0.3.3
    LightScribe System Software 1.12.37.1
    Malwarebytes Anti-Malware version 1.75.0.1300
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word Viewer 2003
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft SkyDrive
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Works
    muvee autoProducer 6.1
    My HP Games
    MyPC Backup
    Power2Go
    Python 2.5
    Realtek High Definition Audio Driver
    SafeSearch
    Search.us.com
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Shared C Run-time for x86
    Skype Click to Call
    Skype™ 6.3
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Wajam
    Zoom Downloader
    .
    ==== End Of File ===========================
  • waddler_8
    • #6
    • 18th May 13, 12:12 PM
    • #6
    • 18th May 13, 12:12 PM
    Uninstall all these:

    Delta Chrome Toolbar
    Delta toolbar
    Discount Buddy
    MyPC Backup
    SafeSearch
    Search.us.com
    Wajam
    Zoom Downloader


    Uninstall or change a program - http://windows.microsoft.com/en-gb/windows-vista/uninstall-or-change-a-program


    Then download AdwCleaner from the link below & save it to your desktop.

    LINK

    Then,
    • Right click AdwCleaner.exe & choose "Run as administrator" to run it.
    • Click Delete.
    • Click OK to the prompt.
    • The tool will run & your computer will be rebooted automatically. A logfile will open after the restart.
    • Post the contents of the logfile with your next reply.
    • You can also find the logfile at C:\AdwCleaner[s1].txt.
  • spud17
    • #7
    • 18th May 13, 1:48 PM
    • #7
    • 18th May 13, 1:48 PM
    waddler_8, assume you noticed multiple av's.
    (Just checking, don't want to interfere.)
  • waddler_8
    • #8
    • 18th May 13, 1:54 PM
    • #8
    • 18th May 13, 1:54 PM
    Yes - noticed it. We'll get rid of the junkware first. There's Java and Adobe to update too.
  • aayush
    • #9
    • 18th May 13, 4:25 PM
    • #9
    • 18th May 13, 4:25 PM
    # AdwCleaner v2.301 - Logfile created 05/18/2013 at 16:20:10
    # Updated 16/05/2013 by Xplode
    # Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # User : sanjay - SANJAY-PC
    # Boot Mode : Normal
    # Running from : C:\Users\sanjay\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\END
    Folder Deleted : C:\ProgramData\Babylon
    Folder Deleted : C:\Users\sanjay\AppData\Local\APN
    Folder Deleted : C:\Users\sanjay\AppData\Local\Zoom_Downloader
    Folder Deleted : C:\Users\sanjay\AppData\Roaming\Babylon

    ***** [Registry] *****

    Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
    Key Deleted : HKLM\Software\Babylon
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Software

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16483

    [OK] Registry is clean.

    -\\ Google Chrome v26.0.1410.64

    File : C:\Users\sanjay\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Deleted [l.40] : icon_url = "hxxp://www.ask.com/favicon.ico",
    Deleted [l.43] : keyword = "ask.com",
    Deleted [l.47] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10267&locale=e[...]
    Deleted [l.48] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]

    *************************

    AdwCleaner[S1].txt - [1608 octets] - [18/05/2013 16:20:10]

    ########## EOF - C:\AdwCleaner[S1].txt - [1668 octets] ##########
  • waddler_8
    How are things running now after that?

    You need to uninstall one of either Mcafee or Microsoft Security Essentials. Let me know which one you'd like to keep.
  • aayush
    pls advise y i need to uninstall one or the other ?
  • waddler_8
    You shouldn't run more than one antivirus. At best you'll see a degradation in system performance as both do the same job, at worst you'll experience conflicts that could crash the entire system.
  • aayush
    ic
    thank you for the information
    i would like to keep mcafee
  • waddler_8
    Then just uninstall Microsoft Security Essentials through programs & features.

    http://windows.microsoft.com/en-gb/windows-vista/uninstall-or-change-a-program

    You also need to update Adobe Reader & Java. These programs can be exploited to facilitate the download and installation of malware with little or no interaction from yourself.

    http://www.securelist.com/en/analysis/204792278/Kaspersky_Lab_report_Evaluating_the_threat_level_o f_software_vulnerabilities


    Uninstall Adobe Reader 8.1.2

    Install the latest version from here (Uncheck the Mcafee Security scan): http://get.adobe.com/reader/

    Also uninstall Java(TM) SE Runtime Environment 6 Update 1

    Install the latest version here: http://java.com/en/download/index.jsp


    Finally, after that run DDS once more & post the new logs.
  • NiftyDigits
    Then just uninstall Microsoft Security Essentials through programs & features.

    http://windows.microsoft.com/en-gb/windows-vista/uninstall-or-change-a-program

    You also need to update Adobe Reader & Java. These programs can be exploited to facilitate the download and installation of malware with little or no interaction from yourself.

    http://www.securelist.com/en/analysis/204792278/Kaspersky_Lab_report_Evaluating_the_threat_level_o f_software_vulnerabilities


    Uninstall Adobe Reader 8.1.2

    Install the latest version from here (Uncheck the Mcafee Security scan): http://get.adobe.com/reader/

    Also uninstall Java(TM) SE Runtime Environment 6 Update 1

    Install the latest version here: http://java.com/en/download/index.jsp


    Finally, after that run DDS once more & post the new logs.
    Originally posted by waddler_8
    Adobe Reader is a bit 'heavy duty', perhaps FoxitReader instead.
  • waddler_8
    Yes, Foxit would be a good alternative to Adobe Reader, so long as that version is uninstalled - Support for 8x ended some time ago now (Nov 2011).
  • NiftyDigits
    Version 5.4.3.0920 is the latest version I have without the Toolbar added.
Welcome to our new Forum!

Our aim's to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

179Posts Today

2,339Users online

Martin's Twitter
  • On train home from Birmingham. Had dinner by the canal there this evening. Lovely area, very sunny and picturesque.

  • Fantastic run by new UK star Zharnell Hughes in @BritAthletics #BritishChamps 200m.I was v proud to present the medal http://t.co/sSSXpM1SBZ

  • Ok a wee bit chuffed. Just been asked if I'd like to present a medal at #Britishchamps, someone is now missing a hand as I bit it off!

  • Follow Martin