We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
how to get rid of Malware on my pc ?
aayush
Posts: 1,295 Forumite
in Techie Stuff
Hi can any one help and advise of free way of getting rid of the above
0
Comments
-
look in the sticky threads at one called how to speed up a slow or infected computerDrop a brand challenge
on a £100 shop you might on average get 70 items save
10p per product = £7 a week ~ £28 a month
20p per product = £14 a week ~ £56 a month
30p per product = £21 a week ~ £84 a month (or in other words one weeks shoping at the new price)0 -
Post me a DDS log - should take 2-3 minutes - & a brief explanation of what is wrong..
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- Click Start
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)0 -
Dear waddler
Please see below
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16483
Run by sanjay at 11:06:42 on 2013-05-18
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2036.633 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\MyPC Backup\BackupStack.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Wajam\Updater\WajamUpdater.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\System32\WUDFHost.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\WINDOWS\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\sanjay\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\Zoom Downloader\DownloadManager.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\MyPC Backup\Signup Wizard.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_content=1&utm_term=6A1B973BAEAD4797
uDefault_Page_URL = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_content=1&utm_term=6A1B973BAEAD4797
mStart Page = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_content=1&utm_term=6A1B973BAEAD4797
mDefault_Page_URL = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=31&utm_source=sm&utm_content=1&utm_term=6A1B973BAEAD4797
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Discount Buddy: {11111111-1111-1111-1111-110211671166} - c:\program files\discount buddy\Discount Buddy.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: AOL Toolbar BHO: {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - c:\program files\wajam\ie\priam_bho.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - c:\program files\delta\delta\1.8.16.16\bh\delta.dll
BHO: SafeSearch: {e27d5867-80de-4449-9c03-71707c0db05b} - c:\program files\safesearch\ie\adxloader.dll
BHO: Zoom Downloader: {E5C66DD8-308B-4a4f-AF0A-3D04F25B5343} -
TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: SafeSearch Toolbar: {fc0c0170-4eb0-430d-a7f3-939ee7ea1a25} - c:\program files\safesearch\ie\adxloader.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - c:\program files\delta\delta\1.8.16.16\deltaTlbr.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Google Update] "c:\users\sanjay\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [MPOptimizer] "c:\program files\maxperforma optimizer\MaxPerforma.exe" /scan
uRun: [Facebook Update] "c:\users\sanjay\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [SkyDrive] "c:\users\sanjay\appdata\local\microsoft\skydrive\SkyDrive.exe" /background
uRun: [FDPRO-516] c:\program files\fighters\FighterLauncher.exe FDPRO
uRun: [DownloadManager] "c:\program files\zoom downloader\DownloadManager.exe" /as
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_01\bin\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
StartupFolder: c:\users\sanjay\appdata\roaming\micros~1\windows\startm~1\programs\startup\mypcba~1.lnk - c:\program files\mypc backup\MyPC Backup.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &AOL Toolbar Search - c:\programdata\aol\ietoolbar\resources\en-gb\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{6473A8BF-841D-4F18-88C8-76ACE22DA225} : DHCPNameServer = 192.168.1.254 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\896\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2013-2-19 565888]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2013-2-19 210608]
R1 MpKslb1915205;MpKslb1915205;c:\programdata\microsoft\microsoft antimalware\definition updates\{5a209028-1160-44e8-a7aa-0918d35fa0db}\MpKslb1915205.sys [2013-5-18 29904]
R2 BackupStack;Computer Backup (MyPC Backup);c:\program files\mypc backup\BackupStack.exe [2013-5-11 32808]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 100328]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2013-5-17 60920]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-5-18 22856]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2013-5-17 235264]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2013-5-17 363080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2013-5-17 146872]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2013-5-17 65928]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2013-5-17 92632]
.
=============== Created Last 30 ================
.
2013-05-18 09:55:54 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5a209028-1160-44e8-a7aa-0918d35fa0db}\MpKslb1915205.sys
2013-05-18 07:40:59
d
w- c:\users\sanjay\appdata\roaming\Malwarebytes
2013-05-18 07:40:32
d
w- c:\programdata\Malwarebytes
2013-05-18 07:40:25 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-18 07:40:24
d
w- c:\program files\Malwarebytes' Anti-Malware
2013-05-17 22:53:53 7016152 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5a209028-1160-44e8-a7aa-0918d35fa0db}\mpengine.dll
2013-05-17 19:08:46
d
w- c:\users\sanjay\appdata\local\Zoom_Downloader
2013-05-17 19:08:33
d
w- c:\program files\Zoom Downloader
2013-05-17 19:06:56
d
w- c:\users\sanjay\appdata\roaming\Fighters
2013-05-17 19:06:50
d
w- c:\programdata\Fighters
2013-05-17 19:06:14
d
w- c:\program files\MyPC Backup
2013-05-17 18:04:24
d
w- c:\users\sanjay\appdata\local\Wajam
2013-05-17 18:04:19
d
w- c:\program files\Wajam
2013-05-17 18:03:08
d
w- c:\users\sanjay\appdata\roaming\BabSolution
2013-05-17 18:03:07
d
w- c:\program files\Delta
2013-05-17 18:02:57
d
w- c:\users\sanjay\appdata\roaming\Delta
2013-05-17 18:02:26
d
w- c:\users\sanjay\appdata\roaming\Babylon
2013-05-17 18:02:26
d
w- c:\programdata\Babylon
2013-05-17 10:23:48 146872 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2013-05-17 10:22:39 10088 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2013-05-17 10:22:21 92632 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2013-05-17 10:22:21 363080 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2013-05-17 10:22:20 65928 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2013-05-17 10:22:20 60920 ----a-w- c:\windows\system32\drivers\cfwids.sys
2013-05-17 10:22:20 235264 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2013-05-17 10:22:12
d
w- c:\program files\common files\Mcafee
2013-05-17 10:22:02
d
w- c:\program files\McAfee.com
2013-05-17 10:21:37
d
w- c:\program files\McAfee
2013-05-17 10:08:03 172416 ----a-w- c:\windows\system32\mfevtps.exe
2013-05-17 08:13:20 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-16 21:52:43 7016152 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-05-16 18:21:33 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-16 18:21:33 37376 ----a-w- c:\windows\system32\cdd.dll
2013-05-16 18:21:07 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-05-14 21:53:32
d
w- c:\users\sanjay\appdata\roaming\LibreOffice
2013-05-14 21:49:32
d
w- c:\windows\System64
2013-05-14 21:45:42
d
w- c:\program files\LibreOffice 4.0
2013-05-14 21:39:05
d
w- c:\users\sanjay\appdata\local\Discount Buddy
2013-05-14 21:39:00
d
w- c:\program files\Discount Buddy
2013-05-14 21:38:24
d
w- c:\users\sanjay\appdata\local\TNT2
2013-05-14 17:51:27
d
w- c:\users\sanjay\appdata\local\Kingsoft
2013-05-14 17:48:54
d
w- c:\users\sanjay\appdata\roaming\Kingsoft
2013-05-14 17:48:45
d
w- c:\programdata\Kingsoft
2013-05-14 17:48:04
d
w- c:\program files\Kingsoft
2013-05-14 15:27:54
d
w- c:\program files\MSECache
2013-05-14 13:54:33
d
w- c:\users\sanjay\appdata\local\ElevatedDiagnostics
2013-05-05 08:44:15 83968 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPPAR.DLL
2013-05-05 08:44:15 29184 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPDAR.DLL
2013-05-05 08:42:53 310272 ----a-w- c:\windows\system32\CNMLMAR.DLL
2013-05-05 08:39:37 323584 ----a-w- c:\windows\system32\CNC_ARL.dll
2013-05-05 08:39:37 114688 ----a-w- c:\windows\system32\CNC_ARI.dll
2013-05-05 08:39:36 286720 ----a-w- c:\windows\system32\CNC_ARC.dll
2013-05-05 08:39:36 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2013-05-05 08:39:36 114688 ----a-w- c:\windows\system32\CNC_ARU.dll
2013-05-02 01:15:43
d--h--w- C:\SkyDriveTemp
2013-05-02 01:13:13
d
w- c:\program files\Microsoft SkyDrive
2013-05-02 01:13:13
d
r- c:\users\sanjay\SkyDrive
2013-05-02 01:12:45
d
w- c:\programdata\Microsoft SkyDrive
2013-04-24 11:04:19 706640
w- c:\programdata\microsoft\microsoft antimalware\definition updates\{594a395e-228c-4e73-abe2-d8612f84fddc}\gapaengine.dll
.
==================== Find3M ====================
.
2013-05-02 15:28:50 238872
w- c:\windows\system32\MpSigStub.exe
2013-04-04 22:11:34 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-04-04 22:02:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-04 22:02:17 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-04-04 21:58:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-04 21:57:45 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-03-11 13:25:50 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-11 13:25:50 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-09 13:42:55 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2013-03-09 03:45:04 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-09 01:28:08 64000 ----a-w- c:\windows\system32\smss.exe
2013-03-08 03:53:50 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-03-08 03:52:22 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-03-07 14:29:30 588472 ----a-w- c:\windows\system32\ezsvc7x.dll
2013-03-03 19:07:52 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-02-19 13:12:24 210608 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2013-02-19 13:09:52 565888 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2013-02-19 13:07:50 133416 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
.
============= FINISH: 11:09:49.11 ===============0 -
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 07/03/2013 14:30:03
System Uptime: 18/05/2013 10:55:09 (1 hours ago)
.
Motherboard: MSI | | Boston
Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz | Socket 775 | 2000/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 159.294 GiB free.
is FIXED (NTFS) - 10 GiB total, 1.373 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
7-Zip 9.20
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player ActiveX
Adobe Reader 8.1.2
AOL Toolbar 5.0
BT NetProtect Plus
Canon MG3100 series MP Drivers
CCleaner
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite Deluxe
CyberLink PowerDirector
Delta Chrome Toolbar
Delta toolbar
Discount Buddy
Facebook Video Calling 1.2.0.287
Google Chrome
Google Talk Plugin
Google Update Helper
GoToAssist Corporate
Hardware Diagnostic Tools
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Feedback
HP Demo
HP Easy Setup - Frontend
HP Total Care Advisor
HP Update
Intel(R) Graphics Media Accelerator Driver
Java(TM) SE Runtime Environment 6 Update 1
Kingsoft Office 2012 (8.1.0.3385)
LabelPrint
LibreOffice 4.0.3.3
LightScribe System Software 1.12.37.1
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word Viewer 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft SkyDrive
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
muvee autoProducer 6.1
My HP Games
MyPC Backup
Power2Go
Python 2.5
Realtek High Definition Audio Driver
SafeSearch
Search.us.com
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Shared C Run-time for x86
Skype Click to Call
Skype™ 6.3
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Wajam
Zoom Downloader
.
==== End Of File ===========================0 -
Uninstall all these:
Delta Chrome Toolbar
Delta toolbar
Discount Buddy
MyPC Backup
SafeSearch
Search.us.com
Wajam
Zoom Downloader
Uninstall or change a program - http://windows.microsoft.com/en-gb/windows-vista/uninstall-or-change-a-program
Then download AdwCleaner from the link below & save it to your desktop.
LINK
Then,- Right click AdwCleaner.exe & choose "Run as administrator" to run it.
- Click Delete.
- Click OK to the prompt.
- The tool will run & your computer will be rebooted automatically. A logfile will open after the restart.
- Post the contents of the logfile with your next reply.
- You can also find the logfile at C:\AdwCleaner[s1].txt.
0 -
waddler_8, assume you noticed multiple av's.
(Just checking, don't want to interfere.)Move along, nothing to see.0 -
Yes - noticed it.
We'll get rid of the junkware first. There's Java and Adobe to update too. 0 -
# AdwCleaner v2.301 - Logfile created 05/18/2013 at 16:20:10
# Updated 16/05/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : sanjay - SANJAY-PC
# Boot Mode : Normal
# Running from : C:\Users\sanjay\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\END
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\sanjay\AppData\Local\APN
Folder Deleted : C:\Users\sanjay\AppData\Local\Zoom_Downloader
Folder Deleted : C:\Users\sanjay\AppData\Roaming\Babylon
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Software
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16483
[OK] Registry is clean.
-\\ Google Chrome v26.0.1410.64
File : C:\Users\sanjay\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.40] : icon_url = "hxxp://www.ask.com/favicon.ico",
Deleted [l.43] : keyword = "ask.com",
Deleted [l.47] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10267&locale=e[...]
Deleted [l.48] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]
*************************
AdwCleaner[S1].txt - [1608 octets] - [18/05/2013 16:20:10]
########## EOF - C:\AdwCleaner[S1].txt - [1668 octets] ##########0 -
How are things running now after that?
You need to uninstall one of either Mcafee or Microsoft Security Essentials. Let me know which one you'd like to keep.0 -
pls advise y i need to uninstall one or the other ?0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 349.9K Banking & Borrowing
- 252.6K Reduce Debt & Boost Income
- 453K Spending & Discounts
- 242.8K Work, Benefits & Business
- 619.6K Mortgages, Homes & Bills
- 176.4K Life & Family
- 255.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 15.1K Coronavirus Support Boards