Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Skyware or Malware infection


  • Please log in to reply
30 replies to this topic

#1 maheshdj

maheshdj

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:07:24 PM

Posted 05 January 2013 - 05:20 AM

Hijjack this on my mozilla and chrome browser when i search for data and click on links they load in the data but they are redirected through site trackks12.com but why is it so

ComboFix 13-01-05.01 - MaheshKJ 01/05/2013 15:14:35.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4084.2409 [GMT 5.5:30]
Running from: c:\users\MaheshKJ\Downloads\Programs\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\MaheshKJ\GoToAssistDownloadHelper.exe
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-12-05 to 2013-01-05 )))))))))))))))))))))))))))))))
.
.
2013-01-05 09:51 . 2013-01-05 09:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-03 23:21 . 2013-01-03 23:21 -------- d-----w- c:\windows\Sun
2013-01-03 12:28 . 2013-01-03 12:28 -------- d-----w- c:\program files (x86)\Hewlett-Packard
2013-01-03 12:22 . 2013-01-03 12:22 -------- d-sh--w- c:\windows\ftpcache
2013-01-03 12:19 . 2013-01-03 12:19 -------- d-----w- c:\program files (x86)\Microsoft
2013-01-03 12:14 . 2013-01-03 12:14 -------- d-----w- c:\programdata\HP
2013-01-03 11:59 . 2013-01-03 11:59 -------- d-----w- c:\program files\HP
2013-01-03 11:59 . 2010-03-31 17:49 350720 ----a-w- c:\windows\system32\mvhlewsi.DLL
2013-01-03 11:59 . 2010-04-28 15:49 212992 ----a-w- c:\windows\system32\m1210wia.dll
2013-01-03 11:59 . 2010-04-28 15:49 16384 ----a-w- c:\windows\system32\drivers\HPM1210FAX.sys
2013-01-03 11:59 . 2010-04-28 15:49 222720 ----a-w- c:\windows\system32\m1210nwia.dll
2013-01-03 11:59 . 2010-04-28 15:49 49152 ----a-w- c:\windows\system32\HPM1210SMs.dll
2013-01-03 08:00 . 2013-01-03 08:01 -------- d-----w- c:\program files\WinRAR
2012-12-28 20:51 . 2013-01-03 11:45 -------- d-----w- c:\program files (x86)\pidgin-otr
2012-12-26 18:40 . 2012-12-26 18:41 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
2012-12-24 07:37 . 2012-11-22 00:43 165112 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2012-12-22 08:01 . 2012-03-23 14:28 11137024 ----a-w- c:\windows\SysWow64\libmfxsw32.dll
2012-12-22 08:01 . 2012-12-22 08:02 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia
2012-12-22 08:00 . 2012-03-23 14:29 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll
2012-12-22 08:00 . 2012-03-23 14:29 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-12-22 08:00 . 2012-12-22 08:10 -------- d-----w- c:\programdata\AVS4YOU
2012-12-22 08:00 . 2012-12-22 08:02 -------- d-----w- c:\program files (x86)\AVS4YOU
2012-12-20 21:30 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-20 21:30 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-20 21:30 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-20 21:30 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-19 23:41 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-12-19 23:41 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-12-19 23:41 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-12-19 23:41 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-12-19 23:39 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-12-19 17:41 . 2012-12-19 17:41 -------- d-----w- c:\windows\system32\SPReview
2012-12-19 17:37 . 2012-12-19 17:37 -------- d-----w- c:\windows\system32\EventProviders
2012-12-19 17:35 . 2012-12-19 17:35 -------- d-----w- c:\program files (x86)\Tata Photon+
2012-12-19 17:34 . 2013-01-05 05:05 -------- d-----w- c:\programdata\DatacardService
2012-12-18 23:03 . 2012-12-18 23:03 -------- d-----w- c:\program files (x86)\ChicaLogic
2012-12-18 23:02 . 2013-01-03 16:57 -------- d-----w- c:\program files (x86)\BitTorrent
2012-12-18 15:22 . 2012-12-18 15:22 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-12-18 15:15 . 2012-12-18 15:15 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-12-18 14:30 . 2012-12-18 14:31 -------- d-----w- c:\users\Chaya
2012-12-18 11:09 . 2012-06-27 08:37 177640 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2012-12-18 11:09 . 2012-06-27 08:37 13800 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2012-12-18 11:09 . 2012-06-27 08:37 36328 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2012-12-18 11:09 . 2012-06-27 08:37 16872 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2012-12-18 11:09 . 2012-06-27 08:37 157672 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2012-12-18 11:09 . 2012-06-27 08:37 13288 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2012-12-18 11:08 . 2012-11-28 08:48 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-12-18 11:08 . 2012-11-28 08:47 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-12-18 11:04 . 2012-12-18 11:09 -------- d-----w- c:\program files (x86)\Samsung
2012-12-18 11:04 . 2012-12-18 11:08 -------- d-----w- c:\programdata\Samsung
2012-12-18 10:19 . 2012-12-18 10:21 -------- d-----w- c:\program files (x86)\HMA! Pro VPN
2012-12-17 14:30 . 2012-12-17 14:30 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-12-17 14:30 . 2012-12-17 14:30 -------- d-----r- c:\program files (x86)\Skype
2012-12-17 14:29 . 2012-12-17 14:30 -------- d-----w- c:\programdata\Skype
2012-12-17 13:46 . 2012-12-17 13:46 -------- d-----w- c:\program files (x86)\GPLGS
2012-12-17 13:44 . 2012-10-04 14:19 87152 ----a-w- c:\windows\system32\cpwmon64.dll
2012-12-17 13:44 . 2012-12-17 13:44 -------- d-----w- c:\program files (x86)\Acro Software
2012-12-17 12:27 . 2010-11-20 13:27 3860992 ----a-w- c:\windows\system32\UIRibbon.dll
2012-12-17 12:26 . 2010-11-20 13:27 605696 ----a-w- c:\windows\system32\wmpeffects.dll
2012-12-17 12:25 . 2010-11-20 13:33 171392 ----a-w- c:\windows\system32\drivers\scsiport.sys
2012-12-17 12:24 . 2010-11-20 13:27 781312 ----a-w- c:\windows\system32\wmdrmsdk.dll
2012-12-17 12:23 . 2010-11-20 13:24 130048 ----a-w- c:\windows\system32\desk.cpl
2012-12-17 12:22 . 2010-11-20 13:27 26112 ----a-w- c:\windows\system32\wsdchngr.dll
2012-12-17 12:21 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2012-12-17 12:20 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-12-17 12:20 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-12-17 12:20 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-12-17 12:13 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-12-17 12:13 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-12-17 12:12 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-12-16 18:29 . 2012-12-16 18:30 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-12-16 18:23 . 2012-12-16 18:24 -------- d-----w- c:\program files (x86)\Google
2012-12-16 18:20 . 2012-12-16 18:20 -------- d-----w- c:\windows\SysWow64\Adobe
2012-12-16 18:19 . 2012-12-18 15:16 -------- d-----w- c:\program files (x86)\Microsoft Works
2012-12-16 18:16 . 2012-12-16 18:16 -------- d-----w- c:\program files\Microsoft Office
2012-12-16 18:16 . 2012-12-16 18:16 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-12-16 18:16 . 2012-12-19 17:54 -------- d-----w- c:\programdata\Microsoft Help
2012-12-16 15:37 . 2012-12-16 15:55 -------- d-----w- c:\program files (x86)\MagicISO
2012-12-16 12:20 . 2012-12-28 20:43 -------- d-----w- c:\program files (x86)\Pidgin
2012-12-16 06:23 . 2012-12-16 06:23 -------- d-----w- c:\program files\Microsoft Silverlight
2012-12-16 06:23 . 2012-12-16 06:23 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-12-16 06:14 . 2012-11-28 10:28 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-16 04:07 . 2012-12-16 04:07 -------- d-----w- c:\windows\SysWow64\Wat
2012-12-16 04:07 . 2012-12-16 04:07 -------- d-----w- c:\windows\system32\Wat
2012-12-16 03:28 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-12-16 03:28 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-16 03:28 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-16 03:28 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-16 03:02 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-16 03:02 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-16 03:02 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-16 03:02 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-16 03:02 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-16 03:02 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-16 03:02 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-16 02:56 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-12-16 02:56 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-12-16 02:56 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-12-16 02:56 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-12-16 02:56 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-12-16 02:54 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-12-16 02:54 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-12-16 02:54 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-12-15 16:14 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-12-15 16:13 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2012-12-15 16:13 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-12-15 16:13 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-12-15 16:13 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2012-12-15 16:13 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2012-12-15 16:11 . 2011-02-24 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-12-15 16:11 . 2011-02-24 05:38 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2012-12-15 16:11 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2012-12-15 16:11 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2012-12-15 16:10 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-12-15 16:10 . 2010-11-20 13:27 33792 ----a-w- c:\windows\system32\profprov.dll
2012-12-15 16:09 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-12-15 16:09 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-12-15 16:09 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2012-12-15 16:09 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-12-15 16:09 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-12-15 16:09 . 2010-11-20 13:26 321024 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-12-15 16:09 . 2010-11-20 12:18 219136 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-12-15 16:08 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-12-15 16:08 . 2010-11-20 13:25 296960 ----a-w- c:\windows\system32\rstrui.exe
2012-12-15 16:08 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-19 17:49 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-12-19 17:49 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-11-28 08:47 . 2012-11-28 08:47 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-11-28 08:47 . 2012-11-28 08:47 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-11-28 08:47 . 2012-11-28 08:47 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-11-28 08:47 . 2012-11-28 08:47 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2012-11-28 08:47 . 2012-11-28 08:47 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2012-11-28 08:47 . 2012-11-28 08:47 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2012-11-28 08:47 . 2012-11-28 08:47 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2012-11-28 08:47 . 2012-11-28 08:47 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2012-11-28 08:47 . 2012-11-28 08:47 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2012-11-28 08:47 . 2012-11-28 08:47 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2012-11-28 08:47 . 2012-11-28 08:47 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2012-11-28 08:47 . 2012-11-28 08:47 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2012-11-28 08:47 . 2012-11-28 08:47 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-11-28 08:47 . 2012-11-28 08:47 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2012-11-28 08:47 . 2012-11-28 08:47 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2012-11-28 08:47 . 2012-11-28 08:47 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2012-11-28 08:47 . 2012-11-28 08:47 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2012-11-28 08:47 . 2012-11-28 08:47 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2012-11-28 08:47 . 2012-11-28 08:47 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2012-11-28 08:47 . 2012-11-28 08:47 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2012-11-28 08:47 . 2012-11-28 08:47 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2012-11-28 08:47 . 2012-11-28 08:47 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2012-11-28 08:47 . 2012-11-28 08:47 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2012-11-28 08:47 . 2012-11-28 08:47 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2012-11-28 08:47 . 2012-11-28 08:47 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2012-11-28 08:47 . 2012-11-28 08:47 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2012-11-28 08:47 . 2012-11-28 08:47 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2012-11-28 08:47 . 2012-11-28 08:47 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2012-11-19 14:50 . 2012-11-19 14:50 30720 ----a-w- c:\windows\system32\drivers\tap0901.sys
2012-11-16 10:17 . 2012-11-16 10:17 829264 ----a-w- c:\windows\system32\msvcr100.dll
2012-11-16 10:17 . 2012-11-16 10:17 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll
2012-11-16 10:17 . 2012-11-16 10:17 608080 ----a-w- c:\windows\system32\msvcp100.dll
2012-11-16 10:17 . 2012-11-16 10:17 158536 ----a-w- c:\windows\system32\atl100.dll
2012-11-16 10:17 . 2012-11-16 10:17 138056 ----a-w- c:\windows\SysWow64\atl100.dll
2012-11-09 01:10 . 2012-11-09 01:10 69672 ----a-w- c:\windows\system32\drivers\cfwids.sys
2012-11-09 01:07 . 2012-11-09 01:07 339776 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2012-11-09 01:05 . 2012-11-09 01:05 771096 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2012-11-09 01:04 . 2012-11-09 01:04 515528 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2012-11-09 01:04 . 2012-11-09 01:04 309400 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2012-11-09 01:03 . 2012-11-09 01:03 178840 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2012-11-01 20:16 . 2012-11-01 20:16 97208 ----a-w- c:\windows\system32\drivers\mfencrk.sys
2012-11-01 20:16 . 2012-11-01 20:16 328976 ----a-w- c:\windows\system32\drivers\mfencbdc.sys
2012-11-01 20:16 . 2012-11-01 20:16 10544 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys
2012-10-16 08:38 . 2012-12-15 16:09 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-15 16:09 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-15 16:09 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD6C6509-FE36-44B0-A917-6C2A0DDBDF88}]
2012-12-14 08:56 2491856 ----a-w- c:\program files (x86)\Hewlett-Packard\Smart Print 2.1\Espresso.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-15 15:21 220632 ----a-w- c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-15 15:21 220632 ----a-w- c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-15 15:21 220632 ----a-w- c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-12-12 3541008]
"googletalk"="c:\users\MaheshKJ\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"dellsupportcenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-10-06 454160]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-24 140520]
"FATrayAlert"="c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2009-06-25 95496]
"VolPanel"="c:\program files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2009-05-04 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-03 309688]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2009-06-25 08:39 140552 ----a-w- c:\program files (x86)\Sensible Vision\Fast Access\FALogNot.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli FAPassSync
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.392.0\BBSvc.exe [2012-06-21 193592]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SessionLauncher;SessionLauncher;c:\users\MaheshKJ\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 WMCoreService;Mobile Broadband Core Service;c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2012-06-27 36328]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.392.0\SeaPort.exe [2012-06-21 240208]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-12-15 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-12-15 79360]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-12-19 117248]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-05-28 197264]
R3 HP1210FAX;HP1210MFP FAX;c:\windows\system32\Drivers\HPM1210FAX.sys [2010-04-28 16384]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2012-11-01 97208]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2012-09-25 20480]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2012-12-15 79360]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2012-06-27 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 177640]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-16 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-11-09 339776]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-19 55280]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-13 66040]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [2009-03-02 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-17 203264]
S2 FAService;FAService;c:\program files (x86)\Sensible Vision\Fast Access\FAService.exe [2009-06-25 2368776]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-06 220856]
S2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;c:\program files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2010-04-29 127800]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2010-11-16 339456]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-11-22 165112]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-12-04 103472]
S2 McMPFSvc;McAfee Personal Firewall;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-06 220856]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-06 220856]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-06 220856]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2012-10-06 1007288]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-11-09 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-11-09 177680]
S2 MOBKbackup;McAfee Online Backup;c:\program files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-04-13 231224]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-02 35104]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-11-09 69672]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-24 238848]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-12-19 86016]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-11-09 515528]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2012-11-01 328976]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-15 13:37]
.
2013-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-16 18:23]
.
2013-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-16 18:23]
.
2013-01-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839620070-3797043088-711385364-1000Core.job
- c:\users\MaheshKJ\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-02 12:03]
.
2013-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839620070-3797043088-711385364-1000UA.job
- c:\users\MaheshKJ\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-02 12:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-15 15:21 244696 ----a-w- c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-15 15:21 244696 ----a-w- c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-15 15:21 244696 ----a-w- c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-11-15 23:07 23496 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 14:41 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 14:41 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 14:41 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2012-09-12 892416]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: network.proxy.ftp - p-de1.biscience.com
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.gopher - p-de1.biscience.com
FF - prefs.js: network.proxy.gopher_port - 80
FF - prefs.js: network.proxy.http - p-de1.biscience.com
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - p-de1.biscience.com
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - p-de1.biscience.com
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-11-21 03:16; mb5StbuWTCsl3tt@KdqBzPGLdJRX2pBpAGh.com; c:\users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\extensions\mb5StbuWTCsl3tt@KdqBzPGLdJRX2pBpAGh.com.xpi
FF - ExtSQL: 2013-01-03 17:58; hpwebprint@hpwebprint.com; c:\users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\extensions\hpwebprint@hpwebprint.com
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-FAStartup - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-839620070-3797043088-711385364-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-839620070-3797043088-711385364-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-05 15:25:30
ComboFix-quarantined-files.txt 2013-01-05 09:55
.
Pre-Run: 49,360,588,800 bytes free
Post-Run: 49,340,170,240 bytes free
.
- - End Of File - - F72E64263B922B8FFD1B7DFFBBB63562


*Moderator Edit: Moved topic from AntiVirus, Firewall and Privacy Products and Protection Methods to the more appropriate forum. Combofix logs are not allowed in other forums. ~ Queen-Evie*
 

Edited by Queen-Evie, 05 January 2013 - 08:58 AM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:24 PM

Posted 06 January 2013 - 10:34 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
    • DDS.scr <- not recommended if you use Chrome to download this .scr file. Use the other options.
    • DDS.pif
    • DDS.COM
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.
===

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • alternate download link 2
    • Make sure you are connected to the Internet.
    • Double-click on Download_mbam-setup.exe to install the application.
    • When the installation begins, follow the prompts and do not make any changes to default settings.
    • When installation has finished, make sure you leave both of these checked:[list]
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

For complete or visual instructions on installing and running Malwarebytes Anti-Malware please read this link

Post back with the Malwarebytes Anti-Malware log once it's complete.
===

Third party programs if not up to date can be an open door for an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Search for AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).

Please post the logs for my review.

Let me know what problem persists.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:24 PM

Posted 12 January 2013 - 10:07 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:24 PM

Posted 14 January 2013 - 11:09 AM

The topic is reopened.

#5 maheshdj

maheshdj
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:07:24 PM

Posted 14 January 2013 - 01:13 PM

As per your request please find in the log and i also ran a scan with malwarebytesd no adware or spyware detected of them.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 12/15/2012 2:13:33 PM
System Uptime: 1/14/2013 11:29:36 AM (4 hours ago)
.
Motherboard: Dell Inc. | | 0Y507R
Processor: Intel® Core™ i7 CPU Q 720 @ 1.60GHz | U2E1 | 1600/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 194 GiB total, 33.117 GiB free.
D: is FIXED (NTFS) - 223 GiB total, 16.29 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_E852&SUBSYS_02FE1028&REV_01\4&9C93D99&0&02E4
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_E852&SUBSYS_02FE1028&REV_01\4&9C93D99&0&02E4
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_E230&SUBSYS_02FE1028&REV_01\4&9C93D99&0&01E4
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_E230&SUBSYS_02FE1028&REV_01\4&9C93D99&0&01E4
Service:
.
==== System Restore Points ===================
.
RP44: 1/3/2013 5:55:11 PM - Installed HP Smart Print 2.1
RP45: 1/5/2013 3:11:34 PM - ComboFix created restore point
RP46: 1/10/2013 1:27:27 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01)
Adobe Shockwave Player 11.6
Advanced Audio FX Engine
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Bing Bar
BitTorrent
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CutePDF Writer 3.0
D3DX10
Dell Mobile Broadband Manager
Dell Resource CD
Dell Support Center (Support Software)
Dell System Detect
Dell Touchpad
Dell Webcam Central
Dell Wireless HSPA Mini-Card Drivers
Dell Wireless WLAN Card Utility
DirectXInstallService
EMC 10 Content
EMCGadgets64
FastAccess
FileZilla Client 3.6.0.2
Google Chrome
Google Talk (remove only)
Google Talk Plugin
Google Update Helper
HMA! Pro VPN 2.7.1.6
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP LaserJet Professional M1130-M1210 MFP Series
HP LaserJet Professional M1210 MFP Series Fax Installer
HP Smart Print 2.1
IDT Audio
Internet Download Manager
Java 7 Update 9
Java Auto Updater
Junk Mail filter update
Live! Cam Avatar Creator
Magic ISO Maker v5.5 (build 0281)
McAfee Internet Security
McAfee Online Backup
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SkyDrive
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
MozBackup 1.5.1
Mozilla Firefox 18.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Photo Common
Pidgin
Pidgin-Encryption Plugin (remove only)
pidgin-otr 4.0.0-1
PowerDVD DX
Quickset64
Roxio Activation Module
Roxio BackOnTrack
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy CD and DVD Burning
Roxio Express Labeler 3
Roxio File Backup
Roxio Update Manager
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Scan To
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Shared C Run-time for x64
Skype™ 6.0
Sonic CinePlayer Decoder Pack
Sound Blaster X-Fi MB
Tata Photon+
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.5
WIDCOMM Bluetooth Software
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
Yawcam 0.3.9
.
==== Event Viewer Messages From Past Week ========
.
1/8/2013 7:26:37 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
1/8/2013 11:04:44 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
1/7/2013 6:45:03 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer INTEL that believes that it is the master browser for the domain on transport NetBT_Tcpip_{99709B9A-3FAE-4CD4-9A87-C425496878B4}. The master browser is stopping or an election is being forced.
1/14/2013 3:52:02 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
1/14/2013 3:51:16 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter
1/14/2013 3:51:02 AM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the file specified.
1/14/2013 3:50:45 AM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
1/14/2013 3:25:49 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Personal Firewall service, but this action failed with the following error: An instance of the service is already running.
1/14/2013 3:24:49 AM, Error: Service Control Manager [7031] - The McAfee Personal Firewall service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/14/2013 12:00:11 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
1/14/2013 12:00:07 PM, Error: atikmdag [43029] - Display is not active
1/12/2013 7:39:34 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.3 with the system having network hardware address 38-16-D1-BD-FD-8B. Network operations on this system may be disrupted as a result.
1/12/2013 12:42:05 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
.
==== End Of File ===========================




DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by MaheshKJ at 15:57:36 on 2013-01-14
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4084.880 [GMT 5.5:30]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
C:\Windows\system32\HPSIsvc.exe
C:\ProgramData\DatacardService\HWDeviceService64.exe
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\PROGRA~1\McAfee\MSC\McAPExe.exe
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\MaheshKJ\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
c:\PROGRA~1\mcafee\msc\mcupdmgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.392.0\BingExt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart Print Helper: {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.1\Espresso.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [googletalk] C:\Users\MaheshKJ\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [FAStartup] <no file>
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: dell.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{09C638C8-DBF6-4FE0-BF74-F8E7A4877895} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{99709B9A-3FAE-4CD4-9A87-C425496878B4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{99709B9A-3FAE-4CD4-9A87-C425496878B4}\14E64627F69646140563038383 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{99709B9A-3FAE-4CD4-9A87-C425496878B4}\2456C6B696E6E273545454 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{99709B9A-3FAE-4CD4-9A87-C425496878B4}\55453547162736F6D6 : DHCPNameServer = 192.168.1.1 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli FAPassSync
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntry
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [fssui] "C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: network.proxy.ftp - p-de1.biscience.com
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.gopher - p-de1.biscience.com
FF - prefs.js: network.proxy.gopher_port - 80
FF - prefs.js: network.proxy.http - p-de1.biscience.com
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - p-de1.biscience.com
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - p-de1.biscience.com
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npRLCT4Player.dll
FF - plugin: C:\Users\MaheshKJ\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: C:\Users\MaheshKJ\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\MaheshKJ\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-11-21 03:16; mb5StbuWTCsl3tt@KdqBzPGLdJRX2pBpAGh.com; C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\extensions\mb5StbuWTCsl3tt@KdqBzPGLdJRX2pBpAGh.com.xpi
FF - ExtSQL: 2013-01-03 17:58; hpwebprint@hpwebprint.com; C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\extensions\hpwebprint@hpwebprint.com
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-11-9 771096]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-11-9 339776]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-12-15 55280]
R1 MOBKFilter;MOBKFilter;C:\Windows\System32\drivers\MOBK.sys [2012-12-15 66040]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [2012-12-15 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2009-6-25 2368776]
R2 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-12-15 57856]
R2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-12-15 220856]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-5-11 362296]
R2 HPSIService;HP SI Service;C:\Windows\System32\HPSIsvc.exe [2013-1-3 127800]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe -/service --> C:\ProgramData\DatacardService\HWDeviceService64.exe -/service [?]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2013-1-9 165112]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2012-12-19 103472]
R2 McMPFSvc;McAfee Personal Firewall;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-12-15 220856]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-12-15 220856]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-12-15 220856]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-12-15 220856]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2012-12-15 1007288]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-12-15 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-12-15 177680]
R2 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
R2 WMCoreService;Mobile Broadband Core Service;C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe [2009-7-10 415232]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-12-15 35104]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-11-9 69672]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-12-15 172704]
R3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-12-19 86016]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-11 270848]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-11-9 309400]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-11-9 515528]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2012-11-2 328976]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.392.0\BBSvc.EXE [2012-6-21 193592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SessionLauncher;SessionLauncher;C:\Users\MaheshKJ\AppData\Local\Temp\DX9\SessionLauncher.exe --> C:\Users\MaheshKJ\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2012-12-18 36328]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.392.0\SeaPort.EXE [2012-6-21 240208]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-12-15 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-12-15 79360]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-12-19 117248]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-12-15 197264]
S3 HP1210FAX;HP1210MFP FAX;C:\Windows\System32\drivers\HPM1210FAX.sys [2013-1-3 16384]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2012-11-2 97208]
S3 mvusbews;USB EWS Device;C:\Windows\System32\drivers\mvusbews.sys [2012-9-25 20480]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-15 20992]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2012-12-15 79360]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2012-12-18 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2012-12-18 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2012-12-18 177640]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-17 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-16 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2013-01-09 18:22:50 3149824 ----a-w- C:\Windows\System32\win32k.sys
2013-01-09 18:15:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-01-09 18:13:33 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-01-09 18:05:28 750592 ----a-w- C:\Windows\System32\win32spl.dll
2013-01-09 18:05:27 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-01-09 17:55:28 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-01-09 17:55:27 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-01-09 17:55:26 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-01-09 17:55:26 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-01-09 17:53:46 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-01-09 17:53:46 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-01-09 17:50:35 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-01-09 17:50:35 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2013-01-09 13:18:34 165112 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2013-01-05 10:03:37 -------- d-sh--w- C:\$RECYCLE.BIN
2013-01-05 09:41:26 98816 ----a-w- C:\Windows\sed.exe
2013-01-05 09:41:26 256000 ----a-w- C:\Windows\PEV.exe
2013-01-05 09:41:26 208896 ----a-w- C:\Windows\MBR.exe
2013-01-03 12:22:50 -------- d-sh--w- C:\Windows\ftpcache
2013-01-03 12:19:24 -------- d-----w- C:\Program Files (x86)\Microsoft
2013-01-03 11:59:28 350720 ----a-w- C:\Windows\System32\mvhlewsi.DLL
2013-01-03 11:59:28 -------- d-----w- C:\Program Files\HP
2013-01-03 11:59:27 212992 ----a-w- C:\Windows\System32\m1210wia.dll
2013-01-03 11:59:27 16384 ----a-w- C:\Windows\System32\drivers\HPM1210FAX.sys
2013-01-03 11:59:26 49152 ----a-w- C:\Windows\System32\HPM1210SMs.dll
2013-01-03 11:59:26 222720 ----a-w- C:\Windows\System32\m1210nwia.dll
2013-01-03 08:14:19 -------- d-----w- C:\Users\MaheshKJ\.sshterm
2013-01-03 08:14:19 -------- d-----w- C:\Users\MaheshKJ\.ssh
2012-12-28 20:51:04 -------- d-----w- C:\Program Files (x86)\pidgin-otr
2012-12-22 08:10:40 -------- d-----w- C:\Users\MaheshKJ\AppData\Roaming\AVS4YOU
2012-12-22 08:01:47 11137024 ----a-w- C:\Windows\SysWow64\libmfxsw32.dll
2012-12-22 08:01:31 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia
2012-12-22 08:00:33 1700352 ----a-w- C:\Windows\SysWow64\GdiPlus.dll
2012-12-22 08:00:32 24576 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-12-22 08:00:29 -------- d-----w- C:\ProgramData\AVS4YOU
2012-12-22 08:00:29 -------- d-----w- C:\Program Files (x86)\AVS4YOU
2012-12-20 21:30:44 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-20 21:30:44 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-20 21:30:43 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-20 21:30:43 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-19 23:41:16 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-12-19 23:41:16 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-12-19 23:41:16 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-12-19 23:41:16 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-12-19 23:39:51 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-12-19 17:41:24 -------- d-----w- C:\Windows\System32\SPReview
2012-12-19 17:37:31 -------- d-----w- C:\Windows\System32\EventProviders
2012-12-19 17:35:09 -------- d-----w- C:\Program Files (x86)\Tata Photon+
2012-12-19 17:34:41 -------- d-----w- C:\ProgramData\DatacardService
2012-12-19 07:21:16 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\ElevatedDiagnostics
2012-12-18 23:03:16 -------- d-----w- C:\Program Files (x86)\ChicaLogic
2012-12-18 23:02:22 -------- d-----w- C:\Program Files (x86)\BitTorrent
2012-12-18 23:00:49 -------- d-----w- C:\Users\MaheshKJ\AppData\Roaming\BitTorrent
2012-12-18 15:22:25 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-12-18 13:52:38 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\Samsung
2012-12-18 13:52:33 -------- d-----w- C:\Users\MaheshKJ\AppData\Roaming\Samsung
2012-12-18 11:09:55 177640 ----a-w- C:\Windows\System32\drivers\ssadmdm.sys
2012-12-18 11:09:55 13800 ----a-w- C:\Windows\System32\drivers\ssadwhnt.sys
2012-12-18 11:09:54 36328 ----a-w- C:\Windows\System32\drivers\ssadadb.sys
2012-12-18 11:09:54 16872 ----a-w- C:\Windows\System32\drivers\ssadmdfl.sys
2012-12-18 11:09:54 157672 ----a-w- C:\Windows\System32\drivers\ssadbus.sys
2012-12-18 11:09:54 13288 ----a-w- C:\Windows\System32\drivers\ssadcmnt.sys
2012-12-18 11:08:15 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll
2012-12-18 11:08:05 821824 ----a-w- C:\Windows\SysWow64\dgderapi.dll
2012-12-18 11:04:17 -------- d-----w- C:\ProgramData\Samsung
2012-12-18 11:04:17 -------- d-----w- C:\Program Files (x86)\Samsung
2012-12-18 10:19:02 -------- d-----w- C:\Program Files (x86)\HMA! Pro VPN
2012-12-17 14:30:14 -------- d-----r- C:\Program Files (x86)\Skype
2012-12-17 13:48:22 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\CutePDF Writer
2012-12-17 13:46:11 -------- d-----w- C:\Program Files (x86)\GPLGS
2012-12-17 13:44:54 87152 ----a-w- C:\Windows\System32\cpwmon64.dll
2012-12-17 13:44:44 -------- d-----w- C:\Program Files (x86)\Acro Software
2012-12-17 12:27:59 4583424 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2012-12-17 12:26:58 605696 ----a-w- C:\Windows\System32\wmpeffects.dll
2012-12-17 12:25:59 41984 ----a-w- C:\Windows\System32\drivers\winusb.sys
2012-12-17 12:24:59 781312 ----a-w- C:\Windows\System32\wmdrmsdk.dll
2012-12-17 12:23:59 99328 ----a-w- C:\Windows\SysWow64\QSVRMGMT.DLL
2012-12-17 12:22:59 26112 ----a-w- C:\Windows\System32\wsdchngr.dll
2012-12-17 12:21:46 189952 ----a-w- C:\Windows\SysWow64\sqmapi.dll
2012-12-17 12:20:57 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2012-12-17 12:20:57 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
2012-12-17 12:20:56 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2012-12-17 12:13:16 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2012-12-17 12:13:15 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2012-12-17 12:12:42 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2012-12-17 11:04:58 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\Adobe
2012-12-16 18:48:15 -------- d-----w- C:\Users\MaheshKJ\AppData\Roaming\.purple
2012-12-16 18:23:47 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\Google
2012-12-16 18:20:37 -------- d-----w- C:\Windows\SysWow64\Adobe
2012-12-16 18:16:47 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-12-16 18:16:02 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\Microsoft Help
2012-12-16 15:37:13 -------- d-----w- C:\Program Files (x86)\MagicISO
2012-12-16 12:20:33 -------- d-----w- C:\Program Files (x86)\Pidgin
2012-12-16 09:04:50 -------- d-----w- C:\Users\MaheshKJ\AppData\Roaming\Windows Live Writer
2012-12-16 09:04:50 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\Windows Live Writer
2012-12-16 04:07:28 -------- d-----w- C:\Windows\SysWow64\Wat
2012-12-16 04:07:28 -------- d-----w- C:\Windows\System32\Wat
2012-12-16 03:28:18 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-12-16 03:28:17 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-12-16 03:28:17 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-12-16 03:28:17 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-12-16 03:02:50 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-12-16 03:02:50 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-12-16 03:02:50 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-12-16 03:02:50 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-12-16 03:02:49 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-12-16 03:02:48 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-12-16 03:02:48 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-12-16 02:56:25 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-12-16 02:56:24 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-12-16 02:56:24 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-12-16 02:56:24 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-12-16 02:56:24 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-12-16 02:54:22 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-12-16 02:54:22 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-12-16 02:54:21 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2012-12-15 16:14:02 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-12-15 16:13:34 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-12-15 16:13:34 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-12-15 16:13:21 2871808 ----a-w- C:\Windows\explorer.exe
2012-12-15 16:13:21 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2012-12-15 16:11:49 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2012-12-15 16:11:49 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2012-12-15 16:11:43 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2012-12-15 16:11:42 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2012-12-15 16:10:22 33792 ----a-w- C:\Windows\System32\profprov.dll
2012-12-15 16:10:22 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-12-15 16:09:26 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-12-15 16:09:25 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-12-15 16:09:14 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2012-12-15 16:09:11 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll
2012-12-15 16:09:11 219136 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2012-12-15 16:09:11 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2012-12-15 16:09:11 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2012-12-15 16:08:11 503808 ----a-w- C:\Windows\System32\srcore.dll
2012-12-15 16:08:11 296960 ----a-w- C:\Windows\System32\rstrui.exe
2012-12-15 16:08:10 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2012-12-15 16:08:03 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-12-15 16:08:02 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-12-15 16:07:50 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2012-12-15 16:07:50 31232 ----a-w- C:\Windows\System32\prevhost.exe
2012-12-15 15:38:58 57856 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2012-12-15 15:38:57 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-12-15 15:38:56 67072 ----a-w- C:\Windows\splwow64.exe
2012-12-15 15:38:44 -------- d-----w- C:\Windows\PCHEALTH
2012-12-15 15:36:44 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2012-12-15 15:36:44 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll
2012-12-15 15:36:44 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll
2012-12-15 15:36:44 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll
2012-12-15 15:36:43 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll
2012-12-15 15:36:43 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2012-12-15 15:36:42 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2012-12-15 15:36:42 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2012-12-15 15:35:21 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2012-12-15 15:35:21 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2012-12-15 15:34:03 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2012-12-15 15:34:03 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2012-12-15 15:21:44 5659096 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\da7a8e691cddad70f\skydrivesetup.exe
2012-12-15 15:21:44 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive
2012-12-15 15:21:42 -------- d-----r- C:\Users\MaheshKJ\SkyDrive
2012-12-15 15:21:34 -------- d-----w- C:\ProgramData\Microsoft SkyDrive
2012-12-15 15:19:18 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8b647cf51cddad70a\DSETUP.dll
2012-12-15 15:19:18 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8b647cf51cddad70a\DXSETUP.exe
2012-12-15 15:19:18 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8b647cf51cddad70a\dsetup32.dll
2012-12-15 15:17:27 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2012-12-15 15:17:26 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2012-12-15 15:17:13 142336 ----a-w- C:\Windows\System32\poqexec.exe
2012-12-15 15:17:12 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2012-12-15 15:14:24 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-12-15 15:14:24 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-12-15 15:14:23 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-12-15 15:14:23 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-12-15 15:13:57 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2012-12-15 15:13:57 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2012-12-15 15:13:56 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2012-12-15 15:13:50 395776 ----a-w- C:\Windows\System32\webio.dll
2012-12-15 15:13:49 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2012-12-15 15:13:11 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2012-12-15 15:13:11 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2012-12-15 15:12:50 889416 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a549384f1cddad601\dotNetFx40_Full_setup.exe
2012-12-15 15:11:14 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\Windows Live
2012-12-15 15:10:59 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2012-12-15 15:10:41 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2012-12-15 15:09:38 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-12-15 15:04:16 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-12-15 15:04:15 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-12-15 15:04:14 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-12-15 15:02:18 100864 ----a-w- C:\Windows\System32\fontsub.dll
2012-12-15 15:02:17 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2012-12-15 15:02:06 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
2012-12-15 15:02:05 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2012-12-15 15:02:05 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2012-12-15 14:58:34 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
2012-12-15 14:58:33 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-12-15 14:58:33 20992 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2012-12-15 14:58:33 162816 ----a-w- C:\Windows\System32\rdpudd.dll
2012-12-15 14:58:17 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-12-15 14:58:12 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-12-15 14:58:10 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-12-15 14:58:09 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-12-15 14:55:50 136704 ----a-w- C:\Windows\System32\browser.dll
2012-12-15 14:55:49 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-12-15 14:55:49 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-12-15 14:55:17 974336 ----a-w- C:\Windows\System32\WFS.exe
2012-12-15 14:55:17 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2012-12-15 14:55:13 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2012-12-15 14:55:13 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2012-12-15 14:55:09 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-12-15 14:55:09 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-12-15 14:53:59 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-12-15 14:49:44 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-12-15 14:49:44 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-12-15 14:49:28 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-12-15 14:49:28 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-12-15 14:49:28 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-12-15 14:49:27 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-12-15 14:49:27 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-12-15 14:49:27 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-12-15 14:36:55 77312 ----a-w- C:\Windows\System32\packager.dll
2012-12-15 14:36:55 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-12-15 14:30:24 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-12-15 14:30:23 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-12-15 14:30:23 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-12-15 14:21:26 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-12-15 14:21:17 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-12-15 14:21:08 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-12-15 14:21:08 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-12-15 13:48:34 -------- d-----w- C:\Program Files\Synaptics
2012-12-15 13:48:10 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2012-12-15 13:48:09 396584 ----a-w- C:\Windows\System32\SynCOM.dll
2012-12-15 13:48:09 318000 ----a-w- C:\Windows\System32\drivers\SynTP.sys
2012-12-15 13:48:09 265000 ----a-w- C:\Windows\System32\SynCtrl.dll
2012-12-15 13:48:09 214824 ----a-w- C:\Windows\System32\SynTPAPI.dll
2012-12-15 13:48:09 210216 ----a-w- C:\Windows\SysWow64\SynCtrl.dll
2012-12-15 13:48:09 173352 ----a-w- C:\Windows\SysWow64\SynCOM.dll
2012-12-15 13:48:09 147752 ----a-w- C:\Windows\System32\SynTPCo4.dll
2012-12-15 13:48:09 107816 ----a-w- C:\Windows\SysWow64\SynTPCOM.dll
2012-12-15 13:40:24 -------- d-----w- C:\ProgramData\Citrix
2012-12-15 13:39:30 -------- d-----w- C:\Program Files (x86)\Citrix
2012-12-15 13:39:03 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\Citrix
2012-12-15 13:37:34 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\Macromedia
2012-12-15 13:28:07 -------- d-----w- C:\Users\MaheshKJ\.yawcam
2012-12-15 13:27:46 -------- d-----w- C:\Program Files (x86)\Yawcam
2012-12-15 13:26:50 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-12-15 13:26:50 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-12-15 13:26:38 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-15 13:10:36 -------- d-----w- C:\Program Files (x86)\MozBackup
2012-12-15 13:09:48 224768 ----a-w- C:\Windows\System32\drivers\CtAudDrv.sys
2012-12-15 13:09:48 172704 ----a-w- C:\Windows\System32\drivers\CtClsFlt.sys
2012-12-15 13:09:40 -------- d-----w- C:\Program Files (x86)\Creative Live! Cam
2012-12-15 13:05:00 -------- d-----w- C:\Program Files (x86)\Cisco
2012-12-15 13:03:02 1114624 ----a-w- C:\Windows\System32\BCMLogon.dll
2012-12-15 12:51:05 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\Deployment
2012-12-15 12:51:05 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\Apps
2012-12-15 11:57:20 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-12-15 11:57:04 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-12-15 11:55:09 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\PowerDVD DX
2012-12-15 11:46:13 110080 ----a-w- C:\Windows\System32\cttele64.dll
2012-12-15 11:46:13 102400 ----a-w- C:\Windows\SysWow64\cttele32.dll
2012-12-15 11:46:10 8704 ------w- C:\Windows\SysWow64\ResDefE.exe
2012-12-15 11:46:10 260608 ------w- C:\Windows\System32\AMBSpiE.exe
2012-12-15 11:46:10 17920 ------w- C:\Windows\System32\AmbRunE.dll
2012-12-15 11:46:10 135680 ------w- C:\Windows\System32\cfgChain.exe
2012-12-15 11:46:09 90112 ------w- C:\Windows\Updreg.EXE
2012-12-15 11:45:43 -------- d-----w- C:\Program Files (x86)\Common Files\Creative
2012-12-15 11:45:40 -------- d--h--w- C:\Program Files (x86)\Creative Installation Information
2012-12-15 11:45:39 89088 ----a-w- C:\Windows\System32\CmdRtr64.DLL
2012-12-15 11:45:39 73728 ----a-w- C:\Windows\SysWow64\CmdRtr.DLL
2012-12-15 11:45:39 191488 ----a-w- C:\Windows\System32\APOMgr64.DLL
2012-12-15 11:45:39 148480 ----a-w- C:\Windows\SysWow64\APOMngr.DLL
2012-12-15 11:45:37 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-12-15 11:45:37 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-12-15 11:45:37 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-12-15 11:45:36 2873822 ------w- C:\Windows\SysWow64\Sens_oal.dll
2012-12-15 11:45:36 1910272 ------w- C:\Windows\System32\Sens_oal.dll
2012-12-15 11:45:36 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-12-15 11:43:17 -------- d-----w- C:\Program Files\Creative
2012-12-15 11:39:55 -------- d-----w- C:\ProgramData\Creative Labs
2012-12-15 11:37:39 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared
2012-12-15 11:34:53 -------- d-----w- C:\Program Files (x86)\Sensible Vision
2012-12-15 11:31:50 75 --sh--r- C:\Windows\CT4CET.bin
2012-12-15 11:31:07 -------- d-----w- C:\Program Files (x86)\Common Files\Reallusion
2012-12-15 11:30:06 -------- d-----w- C:\Program Files (x86)\Creative
2012-12-15 11:28:27 -------- d-----w- C:\Program Files (x86)\Dell Webcam
2012-12-15 11:27:31 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-12-15 11:27:31 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-12-15 11:27:31 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-12-15 11:27:31 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-12-15 11:27:30 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-12-15 11:27:30 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-12-15 11:27:29 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-12-15 11:21:07 -------- d-----w- C:\ProgramData\Uninstall
2012-12-15 11:18:39 55280 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2012-12-15 11:18:39 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2012-12-15 11:18:39 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2012-12-15 11:14:37 -------- d-----w- C:\Program Files (x86)\Common Files\SureThing Shared
2012-12-15 11:13:59 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-12-15 11:13:58 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2012-12-15 11:13:25 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\Programs
2012-12-15 11:13:23 -------- d-----w- C:\Program Files (x86)\Roxio
2012-12-15 11:12:38 506728 ----a-w- C:\Windows\System32\d3dx10_33.dll
2012-12-15 11:12:38 443752 ----a-w- C:\Windows\SysWow64\d3dx10_33.dll
2012-12-15 11:12:38 1400176 ----a-w- C:\Windows\System32\D3DCompiler_33.dll
2012-12-15 11:12:38 1123696 ----a-w- C:\Windows\SysWow64\D3DCompiler_33.dll
2012-12-15 11:12:37 4494184 ----a-w- C:\Windows\System32\d3dx9_33.dll
2012-12-15 11:12:37 3495784 ----a-w- C:\Windows\SysWow64\d3dx9_33.dll
2012-12-15 11:11:01 -------- d-----w- C:\Users\MaheshKJ\AppData\Roaming\Roxio Log Files
2012-12-15 11:06:06 89088 ----a-w- C:\Windows\SysWow64\atl71.dll
2012-12-15 11:06:06 1060864 ----a-w- C:\Windows\SysWow64\MFC71.dll
2012-12-15 11:06:06 1047552 ----a-w- C:\Windows\SysWow64\MFC71u.dll
2012-12-15 11:04:56 197264 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2012-12-15 11:04:52 66040 ----a-w- C:\Windows\System32\drivers\MOBK.sys
2012-12-15 11:04:50 -------- d-----w- C:\Program Files (x86)\McAfee Online Backup
2012-12-15 11:04:23 -------- d-----w- C:\Program Files (x86)\McAfee.com
2012-12-15 11:04:15 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2012-12-15 11:03:03 -------- d-----w- C:\Program Files\McAfee.com
2012-12-15 11:03:03 -------- d-----w- C:\Program Files\McAfee
2012-12-15 11:02:58 -------- d-----w- C:\Program Files (x86)\McAfee
2012-12-15 10:53:39 98344 ----a-w- C:\Windows\System32\drivers\btwaudio.sys
2012-12-15 10:53:39 35104 ----a-w- C:\Windows\System32\drivers\btwl2cap.sys
2012-12-15 10:53:39 21160 ----a-w- C:\Windows\System32\drivers\btwrchid.sys
2012-12-15 10:53:39 132648 ----a-w- C:\Windows\System32\drivers\btwavdt.sys
2012-12-15 10:41:04 -------- d-----w- C:\Users\MaheshKJ\AppData\Local\SupportSoft
2012-12-15 10:40:30 -------- d-----w- C:\ProgramData\PCDr
2012-12-15 10:40:13 -------- d-----w- C:\Program Files (x86)\Dell Support Center
2012-12-15 10:40:12 -------- d-----w- C:\Program Files (x86)\Common Files\supportsoft
2012-12-15 10:39:08 177680 ----a-w- C:\Windows\System32\mfevtps.exe
2012-12-15 10:39:06 -------- d-----w- C:\Program Files\Common Files\McAfee
.
==================== Find3M ====================
.
2013-01-09 18:22:53 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 18:22:53 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-19 17:49:33 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-12-19 17:49:33 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-12-16 06:12:48 86528 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-12-15 10:07:54 0 ----a-w- C:\Windows\ativpsrm.bin
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-19 14:50:38 30720 ----a-w- C:\Windows\System32\drivers\tap0901.sys
2012-11-16 10:17:02 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2012-11-16 10:17:02 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2012-11-16 10:17:02 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2012-11-16 10:17:02 158536 ----a-w- C:\Windows\System32\atl100.dll
2012-11-16 10:17:02 138056 ----a-w- C:\Windows\SysWow64\atl100.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-09 01:10:24 69672 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-11-09 01:07:42 339776 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-11-09 01:05:50 771096 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2012-11-09 01:04:58 515528 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-11-09 01:04:18 309400 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-11-09 01:03:58 178840 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-01 20:16:50 97208 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2012-11-01 20:16:50 328976 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
2012-11-01 20:16:50 10544 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
.
============= FINISH: 15:59:25.05 ===============

#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:24 PM

Posted 15 January 2013 - 10:02 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Delete this file in bold.

c:\users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\extensions\mb5StbuWTCsl3tt@KdqBzPGLdJRX2pBpAGh.com.xpi

Check your Firefox extension and if a reference is also found remove it.
===

Run ComboFix again and post a fresh log.
You may be asked to update the tool, please co.

===

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).

Please post the logs for my review.

Let me know if the problem persists.

#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:24 PM

Posted 21 January 2013 - 10:58 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

#8 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:08:24 PM

Posted 12 February 2013 - 06:43 PM

This topic has been re-opened at the request of the person who originally posted.

#9 maheshdj

maheshdj
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:07:24 PM

Posted 13 February 2013 - 02:50 AM

ComboFix 13-02-12.01 - MaheshKJ 02/13/2013   5:32.3.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.4084.1874 [GMT 5.5:30]
Running from: c:\users\MaheshKJ\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\MaheshKJ\g2mdlhlpx.exe
c:\windows\SysWow64\muzapp.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-01-13 to 2013-02-13  )))))))))))))))))))))))))))))))
.
.
2013-02-13 00:15 . 2013-02-13 00:15    --------    d-----w-    c:\users\Public\AppData\Local\temp
2013-02-13 00:15 . 2013-02-13 00:15    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-02-13 00:15 . 2013-02-13 00:15    --------    d-----w-    c:\users\Chaya\AppData\Local\temp
2013-02-08 11:50 . 2012-08-24 18:09    458712    ----a-w-    c:\windows\system32\drivers\cng.sys
2013-02-08 11:50 . 2012-08-24 18:05    340992    ----a-w-    c:\windows\system32\schannel.dll
2013-02-08 11:50 . 2012-08-24 16:57    247808    ----a-w-    c:\windows\SysWow64\schannel.dll
2013-02-08 11:50 . 2012-08-24 18:13    154480    ----a-w-    c:\windows\system32\drivers\ksecpkg.sys
2013-02-08 11:50 . 2012-08-24 18:03    1448448    ----a-w-    c:\windows\system32\lsasrv.dll
2013-02-08 11:50 . 2012-08-24 16:57    22016    ----a-w-    c:\windows\SysWow64\secur32.dll
2013-02-08 11:50 . 2012-08-24 16:53    96768    ----a-w-    c:\windows\SysWow64\sspicli.dll
2013-02-08 11:49 . 2012-05-04 11:00    366592    ----a-w-    c:\windows\system32\qdvd.dll
2013-02-08 11:49 . 2012-05-04 09:59    514560    ----a-w-    c:\windows\SysWow64\qdvd.dll
2013-02-08 01:21 . 2013-02-08 01:20    95648    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-08 00:34 . 2013-02-08 00:34    --------    d-----w-    c:\program files\ExtraPutty 0.22
2013-02-08 00:31 . 2003-09-02 20:56    192512    ----a-w-    c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2013-02-08 00:31 . 2003-09-02 20:57    69715    ----a-w-    c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2013-02-08 00:31 . 2003-09-02 20:56    266240    ----a-w-    c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2013-02-08 00:31 . 2003-09-02 20:55    5632    ----a-w-    c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2013-02-08 00:31 . 2003-09-02 20:58    724992    ----a-w-    c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2013-02-08 00:31 . 2013-02-08 00:31    184452    ----a-w-    c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2013-02-08 00:31 . 2013-02-08 00:31    311428    ----a-w-    c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2013-02-04 09:42 . 2013-02-04 09:42    --------    d-----w-    c:\programdata\IDM
2013-02-02 13:27 . 2013-02-02 13:27    --------    d-----w-    c:\program files\CPUID
2013-01-29 12:03 . 2012-11-22 00:43    165112    ----a-w-    c:\windows\system32\drivers\idmwfp.sys
2013-01-26 09:13 . 2012-06-27 08:37    177640    ----a-w-    c:\windows\system32\drivers\ssadmdm.sys
2013-01-26 09:13 . 2012-06-27 08:37    16872    ----a-w-    c:\windows\system32\drivers\ssadmdfl.sys
2013-01-26 09:13 . 2012-06-27 08:37    13800    ----a-w-    c:\windows\system32\drivers\ssadwhnt.sys
2013-01-26 09:13 . 2012-06-27 08:37    157672    ----a-w-    c:\windows\system32\drivers\ssadbus.sys
2013-01-26 09:13 . 2012-06-27 08:37    13288    ----a-w-    c:\windows\system32\drivers\ssadcmnt.sys
2013-01-26 00:57 . 2013-01-26 00:57    --------    d-----w-    c:\program files (x86)\MarkAny
2013-01-23 19:50 . 2013-01-23 19:50    --------    d-----w-    c:\program files (x86)\Common Files\Skype
2013-01-23 19:50 . 2013-01-23 19:50    --------    d-----r-    c:\program files (x86)\Skype
2013-01-23 08:40 . 2013-01-23 08:40    --------    d-----w-    c:\users\MaheshKJ\Tracing
2013-01-14 12:08 . 2013-01-14 12:08    --------    d-----w-    c:\users\MaheshKJ\AppData\Roaming\Malwarebytes
2013-01-14 12:07 . 2013-01-14 12:07    --------    d-----w-    c:\programdata\Malwarebytes
2013-01-14 12:07 . 2013-01-14 12:07    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-14 12:07 . 2012-12-14 11:19    24176    ----a-w-    c:\windows\system32\drivers\mbam.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-12 17:17 . 2012-12-15 09:25    74096    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 17:17 . 2012-12-15 09:25    697712    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-08 01:20 . 2012-12-15 13:26    861088    ----a-w-    c:\windows\SysWow64\npDeployJava1.dll
2013-02-08 01:20 . 2012-12-15 13:26    782240    ----a-w-    c:\windows\SysWow64\deployJava1.dll
2013-01-09 20:38 . 2012-12-16 06:14    67599240    ----a-w-    c:\windows\system32\MRT.exe
2012-12-19 17:49 . 2009-07-14 02:36    175616    ----a-w-    c:\windows\system32\msclmd.dll
2012-12-19 17:49 . 2009-07-14 02:36    152576    ----a-w-    c:\windows\SysWow64\msclmd.dll
2012-12-19 17:35 . 2012-12-19 17:36    13952    ----a-w-    c:\windows\system32\drivers\ew_usbenumfilter.sys
2012-12-19 17:35 . 2012-12-19 17:36    1001472    ----a-w-    c:\windows\system32\drivers\mod7700.sys
2012-12-19 17:35 . 2012-12-19 17:36    69632    ----a-w-    c:\windows\system32\drivers\ew_jucdcecm.sys
2012-12-19 17:35 . 2012-12-19 17:36    28672    ----a-w-    c:\windows\system32\drivers\ew_juextctrl.sys
2012-12-19 17:35 . 2012-12-19 17:36    212992    ----a-w-    c:\windows\system32\drivers\ew_juwwanecm.sys
2012-12-19 17:35 . 2012-12-19 17:36    98816    ----a-w-    c:\windows\system32\drivers\ew_jucdcacm.sys
2012-12-19 17:35 . 2012-12-19 17:36    86016    ----a-w-    c:\windows\system32\drivers\ew_jubusenum.sys
2012-12-19 17:35 . 2012-12-19 17:36    117248    ----a-w-    c:\windows\system32\drivers\ew_hwusbdev.sys
2012-12-19 17:35 . 2012-12-19 17:36    421376    ----a-w-    c:\windows\system32\drivers\ewusbwwan.sys
2012-12-19 17:35 . 2012-12-19 17:36    22016    ----a-w-    c:\windows\system32\drivers\ew_hwupgrade.sys
2012-12-19 17:35 . 2012-12-19 17:36    32768    ----a-w-    c:\windows\system32\drivers\ewdcsc.sys
2012-12-19 17:35 . 2012-12-19 17:36    221312    ----a-w-    c:\windows\system32\drivers\ewusbmdm.sys
2012-12-19 17:35 . 2012-12-19 17:36    1490656    ----a-w-    c:\windows\system32\WdfCoInstaller01007.dll
2012-12-19 17:35 . 2012-12-19 17:36    1490656    ----a-w-    c:\windows\system32\drivers\WdfCoInstaller01007.dll
2012-12-16 17:11 . 2012-12-20 21:30    46080    ----a-w-    c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-20 21:30    367616    ----a-w-    c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-20 21:30    295424    ----a-w-    c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-20 21:30    34304    ----a-w-    c:\windows\SysWow64\atmlib.dll
2012-12-16 06:12 . 2012-12-16 06:12    86528    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2012-12-16 06:12 . 2012-12-16 06:12    76800    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2012-12-16 06:12 . 2012-12-16 06:12    74752    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-12-16 06:12 . 2012-12-16 06:12    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2012-12-16 06:12 . 2012-12-16 06:12    1800704    ----a-w-    c:\windows\SysWow64\jscript9.dll
2012-12-16 06:12 . 2012-12-16 06:12    161792    ----a-w-    c:\windows\SysWow64\msls31.dll
2012-12-16 06:12 . 2012-12-16 06:12    1129472    ----a-w-    c:\windows\SysWow64\wininet.dll
2012-12-16 06:12 . 2012-12-16 06:12    110592    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2012-12-16 06:12 . 2012-12-16 06:12    96768    ----a-w-    c:\windows\system32\mshtmled.dll
2012-12-16 06:12 . 2012-12-16 06:12    91648    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2012-12-16 06:12 . 2012-12-16 06:12    89088    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2012-12-16 06:12 . 2012-12-16 06:12    89088    ----a-w-    c:\windows\system32\ie4uinit.exe
2012-12-16 06:12 . 2012-12-16 06:12    85504    ----a-w-    c:\windows\system32\jsproxy.dll
2012-12-16 06:12 . 2012-12-16 06:12    85504    ----a-w-    c:\windows\system32\iesetup.dll
2012-12-16 06:12 . 2012-12-16 06:12    82432    ----a-w-    c:\windows\system32\icardie.dll
2012-12-16 06:12 . 2012-12-16 06:12    816640    ----a-w-    c:\windows\system32\jscript.dll
2012-12-16 06:12 . 2012-12-16 06:12    76800    ----a-w-    c:\windows\system32\tdc.ocx
2012-12-16 06:12 . 2012-12-16 06:12    74752    ----a-w-    c:\windows\SysWow64\iesetup.dll
2012-12-16 06:12 . 2012-12-16 06:12    729088    ----a-w-    c:\windows\system32\msfeeds.dll
2012-12-16 06:12 . 2012-12-16 06:12    65024    ----a-w-    c:\windows\system32\pngfilt.dll
2012-12-16 06:12 . 2012-12-16 06:12    63488    ----a-w-    c:\windows\SysWow64\tdc.ocx
2012-12-16 06:12 . 2012-12-16 06:12    599040    ----a-w-    c:\windows\system32\vbscript.dll
2012-12-16 06:12 . 2012-12-16 06:12    55296    ----a-w-    c:\windows\system32\msfeedsbs.dll
2012-12-16 06:12 . 2012-12-16 06:12    534528    ----a-w-    c:\windows\system32\ieapfltr.dll
2012-12-16 06:12 . 2012-12-16 06:12    49664    ----a-w-    c:\windows\system32\imgutil.dll
2012-12-16 06:12 . 2012-12-16 06:12    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2012-12-16 06:12 . 2012-12-16 06:12    452608    ----a-w-    c:\windows\system32\dxtmsft.dll
2012-12-16 06:12 . 2012-12-16 06:12    448512    ----a-w-    c:\windows\system32\html.iec
2012-12-16 06:12 . 2012-12-16 06:12    420864    ----a-w-    c:\windows\SysWow64\vbscript.dll
2012-12-16 06:12 . 2012-12-16 06:12    403248    ----a-w-    c:\windows\system32\iedkcs32.dll
2012-12-16 06:12 . 2012-12-16 06:12    39936    ----a-w-    c:\windows\system32\iernonce.dll
2012-12-16 06:12 . 2012-12-16 06:12    3695416    ----a-w-    c:\windows\system32\ieapfltr.dat
2012-12-16 06:12 . 2012-12-16 06:12    367104    ----a-w-    c:\windows\SysWow64\html.iec
2012-12-16 06:12 . 2012-12-16 06:12    35840    ----a-w-    c:\windows\SysWow64\imgutil.dll
2012-12-16 06:12 . 2012-12-16 06:12    30720    ----a-w-    c:\windows\system32\licmgr10.dll
2012-12-16 06:12 . 2012-12-16 06:12    282112    ----a-w-    c:\windows\system32\dxtrans.dll
2012-12-16 06:12 . 2012-12-16 06:12    267776    ----a-w-    c:\windows\system32\ieaksie.dll
2012-12-16 06:12 . 2012-12-16 06:12    249344    ----a-w-    c:\windows\system32\webcheck.dll
2012-12-16 06:12 . 2012-12-16 06:12    248320    ----a-w-    c:\windows\system32\ieui.dll
2012-12-16 06:12 . 2012-12-16 06:12    2382848    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2012-12-16 06:12 . 2012-12-16 06:12    2382848    ----a-w-    c:\windows\system32\mshtml.tlb
2012-12-16 06:12 . 2012-12-16 06:12    237056    ----a-w-    c:\windows\system32\url.dll
2012-12-16 06:12 . 2012-12-16 06:12    23552    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2012-12-16 06:12 . 2012-12-16 06:12    2312704    ----a-w-    c:\windows\system32\jscript9.dll
2012-12-16 06:12 . 2012-12-16 06:12    222208    ----a-w-    c:\windows\system32\msls31.dll
2012-12-16 06:12 . 2012-12-16 06:12    2144768    ----a-w-    c:\windows\system32\iertutil.dll
2012-12-16 06:12 . 2012-12-16 06:12    197120    ----a-w-    c:\windows\system32\msrating.dll
2012-12-16 06:12 . 2012-12-16 06:12    17811968    ----a-w-    c:\windows\system32\mshtml.dll
2012-12-16 06:12 . 2012-12-16 06:12    173056    ----a-w-    c:\windows\system32\ieUnatt.exe
2012-12-16 06:12 . 2012-12-16 06:12    165888    ----a-w-    c:\windows\system32\iexpress.exe
2012-12-16 06:12 . 2012-12-16 06:12    163840    ----a-w-    c:\windows\system32\ieakui.dll
2012-12-16 06:12 . 2012-12-16 06:12    160256    ----a-w-    c:\windows\system32\wextract.exe
2012-12-16 06:12 . 2012-12-16 06:12    160256    ----a-w-    c:\windows\system32\ieakeng.dll
2012-12-16 06:12 . 2012-12-16 06:12    152064    ----a-w-    c:\windows\SysWow64\wextract.exe
2012-12-16 06:12 . 2012-12-16 06:12    150528    ----a-w-    c:\windows\SysWow64\iexpress.exe
2012-12-16 06:12 . 2012-12-16 06:12    149504    ----a-w-    c:\windows\system32\occache.dll
2012-12-16 06:12 . 2012-12-16 06:12    1494528    ----a-w-    c:\windows\system32\inetcpl.cpl
2012-12-16 06:12 . 2012-12-16 06:12    145920    ----a-w-    c:\windows\system32\iepeers.dll
2012-12-16 06:12 . 2012-12-16 06:12    142848    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2012-12-16 06:12 . 2012-12-16 06:12    1427968    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2012-12-16 06:12 . 2012-12-16 06:12    1392128    ----a-w-    c:\windows\system32\wininet.dll
2012-12-16 06:12 . 2012-12-16 06:12    135168    ----a-w-    c:\windows\system32\IEAdvpack.dll
2012-12-16 06:12 . 2012-12-16 06:12    1346048    ----a-w-    c:\windows\system32\urlmon.dll
2012-12-16 06:12 . 2012-12-16 06:12    12288    ----a-w-    c:\windows\system32\mshta.exe
2012-12-16 06:12 . 2012-12-16 06:12    11776    ----a-w-    c:\windows\SysWow64\mshta.exe
2012-12-16 06:12 . 2012-12-16 06:12    114176    ----a-w-    c:\windows\system32\admparse.dll
2012-12-16 06:12 . 2012-12-16 06:12    111616    ----a-w-    c:\windows\system32\iesysprep.dll
2012-12-16 06:12 . 2012-12-16 06:12    10925568    ----a-w-    c:\windows\system32\ieframe.dll
2012-12-16 06:12 . 2012-12-16 06:12    10752    ----a-w-    c:\windows\system32\msfeedssync.exe
2012-12-16 06:12 . 2012-12-16 06:12    103936    ----a-w-    c:\windows\system32\inseng.dll
2012-12-16 06:12 . 2012-12-16 06:12    101888    ----a-w-    c:\windows\SysWow64\admparse.dll
2012-12-15 11:57 . 2012-12-15 11:57    42776    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-12-15 11:57 . 2012-12-15 11:57    539984    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-12-15 11:45 . 2012-12-15 11:45    466456    ----a-w-    c:\windows\system32\wrap_oal.dll
2012-12-15 11:45 . 2012-12-15 11:45    444952    ----a-w-    c:\windows\SysWow64\wrap_oal.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-15 15:21    220632    ----a-w-    c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-15 15:21    220632    ----a-w-    c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-15 15:21    220632    ----a-w-    c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2013-01-29 3565432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"FAStartup"="" [BU]
"VolPanel"="c:\program files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2009-05-04 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-24 140520]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-10-06 454160]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"FATrayAlert"="c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2009-06-25 95496]
"dellsupportcenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2009-06-25 08:39    140552    ----a-w-    c:\program files (x86)\Sensible Vision\Fast Access\FALogNot.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ       scecli FAPassSync
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.392.0\BBSvc.exe [2012-06-21 193592]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SessionLauncher;SessionLauncher;c:\users\MaheshKJ\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R2 WMCoreService;Mobile Broadband Core Service;c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.392.0\SeaPort.exe [2012-06-21 240208]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-12-15 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-12-15 79360]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-12-19 117248]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-05-28 197264]
R3 HP1210FAX;HP1210MFP FAX;c:\windows\system32\Drivers\HPM1210FAX.sys [2010-04-28 16384]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2012-11-01 97208]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2012-09-25 20480]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2012-12-15 79360]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2012-06-27 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 177640]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-16 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
R4 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2010-11-16 339456]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-11-09 339776]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-19 55280]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-13 66040]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [2009-03-02 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-17 203264]
S2 FAService;FAService;c:\program files (x86)\Sensible Vision\Fast Access\FAService.exe [2009-06-25 2368776]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-06 220856]
S2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;c:\program files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2010-04-29 127800]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-11-22 165112]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-12-04 103472]
S2 McMPFSvc;McAfee Personal Firewall;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-06 220856]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-06 220856]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-06 220856]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2012-10-06 1007288]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-11-09 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-11-09 177680]
S2 MOBKbackup;McAfee Online Backup;c:\program files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-04-13 231224]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-02 35104]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-11-09 69672]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-24 238848]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-12-19 86016]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-11-09 515528]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2012-11-01 328976]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 06:10    1607120    ----a-w-    c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-15 17:17]
.
2013-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-16 18:23]
.
2013-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-16 18:23]
.
2013-02-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839620070-3797043088-711385364-1000Core.job
- c:\users\MaheshKJ\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-02 12:03]
.
2013-02-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839620070-3797043088-711385364-1000UA.job
- c:\users\MaheshKJ\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-02 12:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-15 15:21    244696    ----a-w-    c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-15 15:21    244696    ----a-w-    c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-15 15:21    244696    ----a-w-    c:\users\MaheshKJ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-11-15 23:07    23496    ----a-w-    c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 14:41    3816248    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 14:41    3816248    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 14:41    3816248    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]
"fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2012-09-12 892416]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: network.proxy.ftp - p-de1.biscience.com
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.gopher - p-de1.biscience.com
FF - prefs.js: network.proxy.gopher_port - 80
FF - prefs.js: network.proxy.http - p-de1.biscience.com
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - p-de1.biscience.com
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - p-de1.biscience.com
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-01-03 17:58; hpwebprint@hpwebprint.com; c:\users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\extensions\hpwebprint@hpwebprint.com
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-839620070-3797043088-711385364-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-839620070-3797043088-711385364-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-839620070-3797043088-711385364-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ad,fd,72,e2,1a,67,c8,a9,a7,1c,9e,55,95,a6,e5,e7,50,17,a8,95,21,
   72,ec,de,d4,59,38,c9,a1,42,fa,0f,92,cd,81,98,29,33,86,31,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-839620070-3797043088-711385364-1000_Classes\Wow6432Node\CLSID\{83a8702e-2f4a-4ccb-9e46-7fd0e35ffcf9}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000026
"Therad"=dword:00000001
"MData"=hex(0):92,fa,83,e0,c4,5c,52,b8,2d,05,a8,8d,80,1d,ed,ac,de,ae,99,4e,b0,
   75,f0,0c,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-02-13  06:11:30
ComboFix-quarantined-files.txt  2013-02-13 00:41
ComboFix2.txt  2013-01-15 16:47
ComboFix3.txt  2013-01-05 09:55
.
Pre-Run: 40,440,922,112 bytes free
Post-Run: 40,664,932,352 bytes free
.
- - End Of File - - 21099392866590E76EAE57BBB39C756E
 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457  BrowserJavaVersion: 10.13.2
Run by MaheshKJ at 5:17:04 on 2013-02-13
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.4084.1454 [GMT 5.5:30]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
C:\Windows\system32\HPSIsvc.exe
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\Explorer.EXE
C:\PROGRA~1\McAfee\MSC\McAPExe.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.392.0\BingExt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart Print Helper: {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.1\Espresso.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
mRun: [FAStartup] <no file>
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: dell.com
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{09C638C8-DBF6-4FE0-BF74-F8E7A4877895} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{99709B9A-3FAE-4CD4-9A87-C425496878B4} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{99709B9A-3FAE-4CD4-9A87-C425496878B4}\2456C6B696E6E273545454 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{99709B9A-3FAE-4CD4-9A87-C425496878B4}\C696E6B6379737 : DHCPNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages =  scecli FAPassSync
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntry
x64-Run: [fssui] "C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: network.proxy.ftp - p-de1.biscience.com
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.gopher - p-de1.biscience.com
FF - prefs.js: network.proxy.gopher_port - 80
FF - prefs.js: network.proxy.http - p-de1.biscience.com
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - p-de1.biscience.com
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - p-de1.biscience.com
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npRLCT4Player.dll
FF - plugin: C:\Users\MaheshKJ\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\MaheshKJ\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\MaheshKJ\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-03 17:58; hpwebprint@hpwebprint.com; C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\extensions\hpwebprint@hpwebprint.com
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-11-9 771096]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-11-9 339776]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-12-15 55280]
R1 MOBKFilter;MOBKFilter;C:\Windows\System32\drivers\MOBK.sys [2012-12-15 66040]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [2012-12-15 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2009-6-25 2368776]
R2 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-12-15 57856]
R2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-12-15 220856]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-5-11 362296]
R2 HPSIService;HP SI Service;C:\Windows\System32\HPSIsvc.exe [2013-1-3 127800]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2013-1-29 165112]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2012-12-19 103472]
R2 McMPFSvc;McAfee Personal Firewall;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-12-15 220856]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-12-15 220856]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-12-15 220856]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-12-15 220856]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2012-12-15 1007288]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-12-15 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-12-15 177680]
R2 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
R2 WMCoreService;Mobile Broadband Core Service;C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe [2009-7-10 415232]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-12-15 35104]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-11-9 69672]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-12-15 172704]
R3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-12-19 86016]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-11 270848]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-11-9 309400]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-11-9 515528]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2012-11-2 328976]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.392.0\BBSvc.EXE [2012-6-21 193592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SessionLauncher;SessionLauncher;C:\Users\MaheshKJ\AppData\Local\Temp\DX9\SessionLauncher.exe --> C:\Users\MaheshKJ\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.392.0\SeaPort.EXE [2012-6-21 240208]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-12-15 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-12-15 79360]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-12-19 117248]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-12-15 197264]
S3 HP1210FAX;HP1210MFP FAX;C:\Windows\System32\drivers\HPM1210FAX.sys [2013-1-3 16384]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-14 24176]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2012-11-2 97208]
S3 mvusbews;USB EWS Device;C:\Windows\System32\drivers\mvusbews.sys [2012-9-25 20480]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-8 19456]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2012-12-15 79360]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2013-1-26 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2013-1-26 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2013-1-26 177640]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-8 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-16 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe -/service --> C:\ProgramData\DatacardService\HWDeviceService64.exe -/service [?]
S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-14 398184]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-14 682344]
.
=============== Created Last 30 ================
.
2013-02-12 22:40:40    --------    d-----w-    C:\Windows\pss
2013-02-08 11:50:16    458712    ----a-w-    C:\Windows\System32\drivers\cng.sys
2013-02-08 11:50:16    340992    ----a-w-    C:\Windows\System32\schannel.dll
2013-02-08 11:50:16    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2013-02-08 11:50:15    154480    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2013-02-08 11:50:15    1448448    ----a-w-    C:\Windows\System32\lsasrv.dll
2013-02-08 11:50:14    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2013-02-08 11:50:14    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2013-02-08 11:49:58    514560    ----a-w-    C:\Windows\SysWow64\qdvd.dll
2013-02-08 11:49:58    366592    ----a-w-    C:\Windows\System32\qdvd.dll
2013-02-08 01:21:07    95648    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-08 00:34:09    --------    d-----w-    C:\Program Files\ExtraPutty 0.22
2013-02-08 00:31:16    192512    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2013-02-08 00:31:15    69715    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2013-02-08 00:31:15    5632    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2013-02-08 00:31:15    266240    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2013-02-08 00:31:14    724992    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2013-02-08 00:31:12    184452    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2013-02-08 00:31:11    311428    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2013-02-04 09:42:12    --------    d-----w-    C:\ProgramData\IDM
2013-02-02 13:27:39    --------    d-----w-    C:\Program Files\CPUID
2013-01-29 14:11:25    60304    ----a-w-    C:\Users\MaheshKJ\g2mdlhlpx.exe
2013-01-29 12:03:10    165112    ----a-w-    C:\Windows\System32\drivers\idmwfp.sys
2013-01-26 09:13:39    177640    ----a-w-    C:\Windows\System32\drivers\ssadmdm.sys
2013-01-26 09:13:39    16872    ----a-w-    C:\Windows\System32\drivers\ssadmdfl.sys
2013-01-26 09:13:39    13800    ----a-w-    C:\Windows\System32\drivers\ssadwhnt.sys
2013-01-26 09:13:38    157672    ----a-w-    C:\Windows\System32\drivers\ssadbus.sys
2013-01-26 09:13:38    13288    ----a-w-    C:\Windows\System32\drivers\ssadcmnt.sys
2013-01-26 01:05:32    172032    ----a-w-    C:\Windows\SysWow64\muzapp.exe
2013-01-26 00:57:50    --------    d-----w-    C:\Program Files (x86)\MarkAny
2013-01-23 19:50:26    --------    d-----r-    C:\Program Files (x86)\Skype
2013-01-23 08:40:58    --------    d-----w-    C:\Users\MaheshKJ\Tracing
2013-01-15 18:43:10    --------    d-sh--w-    C:\$RECYCLE.BIN
2013-01-15 15:57:58    --------    d-----w-    C:\ComboFix
2013-01-14 12:08:09    --------    d-----w-    C:\Users\MaheshKJ\AppData\Roaming\Malwarebytes
2013-01-14 12:07:47    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-01-14 12:07:41    24176    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-01-14 12:07:41    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
.
==================== Find3M  ====================
.
2013-02-12 17:17:42    74096    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 17:17:42    697712    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-08 01:20:57    861088    ----a-w-    C:\Windows\SysWow64\npDeployJava1.dll
2013-02-08 01:20:57    782240    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2012-12-19 17:49:33    175616    ----a-w-    C:\Windows\System32\msclmd.dll
2012-12-19 17:49:33    152576    ----a-w-    C:\Windows\SysWow64\msclmd.dll
2012-12-16 17:11:22    46080    ----a-w-    C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03    367616    ----a-w-    C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28    295424    ----a-w-    C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20    34304    ----a-w-    C:\Windows\SysWow64\atmlib.dll
2012-12-15 13:14:02    75    --sh--r-    C:\Windows\CT4CET.bin
2012-12-15 11:45:37    466456    ----a-w-    C:\Windows\System32\wrap_oal.dll
2012-12-15 11:45:37    444952    ----a-w-    C:\Windows\SysWow64\wrap_oal.dll
2012-12-15 11:45:37    122904    ----a-w-    C:\Windows\System32\OpenAL32.dll
2012-12-15 11:45:36    109080    ----a-w-    C:\Windows\SysWow64\OpenAL32.dll
2012-12-15 10:07:54    0    ----a-w-    C:\Windows\ativpsrm.bin
2012-12-07 13:20:16    441856    ----a-w-    C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31    2746368    ----a-w-    C:\Windows\System32\gameux.dll
2012-12-07 12:26:17    308736    ----a-w-    C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43    2576384    ----a-w-    C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04    30720    ----a-w-    C:\Windows\System32\usk.rs
2012-12-07 11:20:03    43520    ----a-w-    C:\Windows\System32\csrr.rs
2012-12-07 11:20:03    23552    ----a-w-    C:\Windows\System32\oflc.rs
2012-12-07 11:20:01    45568    ----a-w-    C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01    44544    ----a-w-    C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01    20480    ----a-w-    C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00    20480    ----a-w-    C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59    20480    ----a-w-    C:\Windows\System32\pegi.rs
2012-12-07 11:19:58    46592    ----a-w-    C:\Windows\System32\fpb.rs
2012-12-07 11:19:57    40960    ----a-w-    C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57    21504    ----a-w-    C:\Windows\System32\grb.rs
2012-12-07 11:19:57    15360    ----a-w-    C:\Windows\System32\djctq.rs
2012-12-07 11:19:56    55296    ----a-w-    C:\Windows\System32\cero.rs
2012-12-07 11:19:55    51712    ----a-w-    C:\Windows\System32\esrb.rs
2012-11-30 05:45:35    362496    ----a-w-    C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35    243200    ----a-w-    C:\Windows\System32\wow64.dll
2012-11-30 05:45:35    13312    ----a-w-    C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14    215040    ----a-w-    C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12    16384    ----a-w-    C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07    424448    ----a-w-    C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59    274944    ----a-w-    C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48    338432    ----a-w-    C:\Windows\System32\conhost.exe
2012-11-30 02:44:06    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04    14336    ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03    2048    ----a-w-    C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59    6144    ---ha-w-    C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59    4608    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59    3584    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-28 08:48:54    4659712    ----a-w-    C:\Windows\SysWow64\Redemption.dll
2012-11-23 03:26:31    3149824    ----a-w-    C:\Windows\System32\win32k.sys
2012-11-23 03:13:57    68608    ----a-w-    C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23    800768    ----a-w-    C:\Windows\System32\usp10.dll
2012-11-22 04:45:03    626688    ----a-w-    C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2012-11-19 14:50:38    30720    ----a-w-    C:\Windows\System32\drivers\tap0901.sys
2012-11-16 10:17:02    829264    ----a-w-    C:\Windows\System32\msvcr100.dll
2012-11-16 10:17:02    773968    ----a-w-    C:\Windows\SysWow64\msvcr100.dll
2012-11-16 10:17:02    608080    ----a-w-    C:\Windows\System32\msvcp100.dll
2012-11-16 10:17:02    158536    ----a-w-    C:\Windows\System32\atl100.dll
2012-11-16 10:17:02    138056    ----a-w-    C:\Windows\SysWow64\atl100.dll
.
============= FINISH:  5:18:37.98 ===============
 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 12/15/2012 2:13:33 PM
System Uptime: 2/13/2013 4:46:41 AM (1 hours ago)
.
Motherboard: Dell Inc. |  | 0Y507R
Processor: Intel® Core™ i7 CPU       Q 720  @ 1.60GHz | U2E1 | 1600/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 194 GiB total, 37.729 GiB free.
D: is FIXED (NTFS) - 223 GiB total, 107.721 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_E852&SUBSYS_02FE1028&REV_01\4&9C93D99&0&02E4
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_E852&SUBSYS_02FE1028&REV_01\4&9C93D99&0&02E4
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_E230&SUBSYS_02FE1028&REV_01\4&9C93D99&0&01E4
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_E230&SUBSYS_02FE1028&REV_01\4&9C93D99&0&01E4
Service:
.
==== System Restore Points ===================
.
RP55: 2/10/2013 3:20:22 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01)
Adobe Shockwave Player 11.6
Advanced Audio FX Engine
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Bing Bar
BitTorrent
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CPUID HWMonitor 1.21
CutePDF Writer 3.0
D3DX10
Dell Mobile Broadband Manager
Dell Resource CD
Dell Support Center (Support Software)
Dell System Detect
Dell Touchpad
Dell Webcam Central
Dell Wireless HSPA Mini-Card Drivers
Dell Wireless WLAN Card Utility
DirectXInstallService
EMC 10 Content
EMCGadgets64
ExtraPutty 0.22
FastAccess
FileZilla Client 3.6.0.2
Google Chrome
Google Talk (remove only)
Google Talk Plugin
Google Update Helper
GoToMeeting 5.1.0.880
HMA! Pro VPN 2.7.1.7
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP LaserJet Professional M1130-M1210 MFP Series
HP LaserJet Professional M1210 MFP Series Fax Installer
HP Smart Print 2.1
IDT Audio
Internet Download Manager
Java 7 Update 13
Java Auto Updater
Junk Mail filter update
Live! Cam Avatar Creator
Magic ISO Maker v5.5 (build 0281)
Malwarebytes Anti-Malware version 1.70.0.1100
McAfee Internet Security
McAfee Online Backup
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SkyDrive
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
MozBackup 1.5.1
Mozilla Firefox 18.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Photo Common
Pidgin
Pidgin-Encryption Plugin (remove only)
pidgin-otr 4.0.0-1
PowerDVD DX
Quickset64
Roxio Activation Module
Roxio BackOnTrack
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy CD and DVD Burning
Roxio Express Labeler 3
Roxio File Backup
Roxio Update Manager
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Scan To
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Shared C Run-time for x64
Skype™ 6.1
Sonic CinePlayer Decoder Pack
Sound Blaster X-Fi MB
Tata Photon+
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.5
WIDCOMM Bluetooth Software
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
Yawcam 0.3.9
.
==== Event Viewer Messages From Past Week ========
.
2/9/2013 1:58:15 AM, Error: Service Control Manager [7022]  - The Audio Service service hung on starting.
2/8/2013 9:16:57 PM, Error: Service Control Manager [7034]  - The HWDeviceService64.exe service terminated unexpectedly.  It has done this 1 time(s).
2/8/2013 4:05:02 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000101 (0x0000000000000019, 0x0000000000000000, 0xfffff88003163180, 0x0000000000000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020813-36769-01.
2/7/2013 6:07:36 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000101 (0x0000000000000019, 0x0000000000000000, 0xfffff88003163180, 0x0000000000000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020713-18267-01.
2/13/2013 4:48:56 AM, Error: Service Control Manager [7023]  - The Peer Name Resolution Protocol service terminated with the following error:  %%-2140993535
2/13/2013 4:48:56 AM, Error: Service Control Manager [7001]  - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:  %%-2140993535
2/13/2013 4:48:56 AM, Error: Microsoft-Windows-PNRPSvc [102]  - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
2/13/2013 4:48:15 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2/13/2013 4:47:33 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  RxFilter
2/13/2013 4:47:33 AM, Error: Service Control Manager [7000]  - The SessionLauncher service failed to start due to the following error:  The system cannot find the file specified.
2/13/2013 4:46:56 AM, Error: atikmdag [52236]  - CPLIB :: General - Invalid Parameter
2/13/2013 4:46:56 AM, Error: atikmdag [43029]  - Display is not active
2/13/2013 4:02:54 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
2/13/2013 4:02:54 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
2/13/2013 4:02:52 AM, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
2/13/2013 4:01:29 AM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
2/13/2013 4:01:21 AM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
2/13/2013 4:01:21 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/13/2013 4:01:20 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2/13/2013 4:01:17 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/13/2013 4:01:10 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/13/2013 4:01:04 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
2/13/2013 4:00:52 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  discache MOBKFilter RxFilter spldr Wanarpv6
2/13/2013 4:00:41 AM, Error: Service Control Manager [7001]  - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error:  The dependency service or group failed to start.
2/13/2013 2:12:29 AM, Error: BTHUSB [17]  - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
2/12/2013 7:03:46 PM, Error: Service Control Manager [7034]  - The FAService service terminated unexpectedly.  It has done this 1 time(s).
2/12/2013 6:55:45 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Personal Firewall service, but this action failed with the following error:  An instance of the service is already running.
2/12/2013 6:54:45 AM, Error: Service Control Manager [7031]  - The McAfee Personal Firewall service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/10/2013 5:40:18 AM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
.
==== End Of File ===========================
 

 

# AdwCleaner v2.112 - Logfile created 02/13/2013 at 13:19:57
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : MaheshKJ - MAHESHKJ-PC
# Boot Mode : Normal
# Running from : C:\Users\MaheshKJ\Downloads\Programs\adwcleaner0.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\extensions\toolbar@alexa.com.xpi
Folder Found : C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\ConduitCommon

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

File : C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\prefs.js

Found : user_pref("CT2790392..clientLogIsEnabled", false);
Found : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Found : user_pref("CT2790392.CTID", "CT2790392");
Found : user_pref("CT2790392.CurrentServerDate", "19-5-2012");
Found : user_pref("CT2790392.DSInstall", false);
Found : user_pref("CT2790392.DialogsAlignMode", "LTR");
Found : user_pref("CT2790392.DialogsGetterLastCheckTime", "Sat May 19 2012 02:44:25 GMT+0530 (India Standard[...]
Found : user_pref("CT2790392.DownloadReferralCookieData", "");
Found : user_pref("CT2790392.EMailNotifierPollDate", "Sat May 19 2012 02:44:26 GMT+0530 (India Standard Time[...]
Found : user_pref("CT2790392.EnableClickToSearchBox", false);
Found : user_pref("CT2790392.EnableSearchHistory", false);
Found : user_pref("CT2790392.EnableSearchSuggest", false);
Found : user_pref("CT2790392.FeedLastCount129313977501788460", 207);
Found : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
Found : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
Found : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
Found : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
Found : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
Found : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
Found : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
Found : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
Found : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat May 19 2012 02:44:27 GMT+0530 (India Stan[...]
Found : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat May 19 2012 02:44:27 GMT+0530 (India Stan[...]
Found : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat May 19 2012 02:44:27 GMT+0530 (India Stan[...]
Found : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Found : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Found : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Found : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Found : user_pref("CT2790392.FirstServerDate", "19-5-2012");
Found : user_pref("CT2790392.FirstTime", true);
Found : user_pref("CT2790392.FirstTimeFF3", true);
Found : user_pref("CT2790392.FixPageNotFoundErrors", true);
Found : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2790392.HPInstall", false);
Found : user_pref("CT2790392.HasUserGlobalKeys", true);
Found : user_pref("CT2790392.Initialize", true);
Found : user_pref("CT2790392.InitializeCommonPrefs", true);
Found : user_pref("CT2790392.InstallationAndCookieDataSentCount", 1);
Found : user_pref("CT2790392.InstallationId", "fft9BB5.tmp.exe");
Found : user_pref("CT2790392.InstallationType", "XPE");
Found : user_pref("CT2790392.InstalledDate", "Sat May 19 2012 02:44:26 GMT+0530 (India Standard Time)");
Found : user_pref("CT2790392.IsGrouping", false);
Found : user_pref("CT2790392.IsInitSetupIni", true);
Found : user_pref("CT2790392.IsMulticommunity", false);
Found : user_pref("CT2790392.IsOpenThankYouPage", true);
Found : user_pref("CT2790392.IsOpenUninstallPage", false);
Found : user_pref("CT2790392.LanguagePackLastCheckTime", "Sat May 19 2012 02:44:47 GMT+0530 (India Standard [...]
Found : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2790392.LastLogin_3.12.0.8", "Sat May 19 2012 02:44:27 GMT+0530 (India Standard Time)")[...]
Found : user_pref("CT2790392.LatestVersion", "3.12.2.3");
Found : user_pref("CT2790392.Locale", "en");
Found : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Found : user_pref("CT2790392.MCDetectTooltipShow", false);
Found : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Found : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2790392.OriginalFirstVersion", "3.12.0.8");
Found : user_pref("CT2790392.SearchBackToDefaultEngine", false);
Found : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Found : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Found : user_pref("CT2790392.SearchInNewTabEnabled", true);
Found : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sat May 19 2012 02:44:27 GMT+0530 (India Standar[...]
Found : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2790392.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2790392.SearchProtectorToolbarDisabled", true);
Found : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Found : user_pref("CT2790392.ServiceMapLastCheckTime", "Sat May 19 2012 02:44:20 GMT+0530 (India Standard Ti[...]
Found : user_pref("CT2790392.SettingsLastCheckTime", "Sat May 19 2012 02:44:20 GMT+0530 (India Standard Time[...]
Found : user_pref("CT2790392.SettingsLastUpdate", "1337169810");
Found : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Found : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Sat May 19 2012 02:44:20 GMT+0530 (India Stand[...]
Found : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2790392.ToolbarDisabled", true);
Found : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Found : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2790392.UserID", "UN03736310206316651");
Found : user_pref("CT2790392.WeatherNetwork", "");
Found : user_pref("CT2790392.WeatherPollDate", "Sat May 19 2012 02:44:27 GMT+0530 (India Standard Time)");
Found : user_pref("CT2790392.WeatherUnit", "C");
Found : user_pref("CT2790392.alertChannelId", "1182482");
Found : user_pref("CT2790392.approveUntrustedApps", false);
Found : user_pref("CT2790392.autoDisableScopes", -1);
Found : user_pref("CT2790392.backendstorage.cbcountry_000", "494E");
Found : user_pref("CT2790392.backendstorage.cbfirsttime", "536174204D617920313920323031322030323A34343A32392[...]
Found : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Found : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Sat May 19 2012 02:44:42 GMT+0530 (India St[...]
Found : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2790392.initDone", true);
Found : user_pref("CT2790392.isSearchProtectorNotifyChanges", false);
Found : user_pref("CT2790392.myStuffEnabled", true);
Found : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2790392.navigateToUrlOnSearch", false);
Found : user_pref("CT2790392.revertSettingsEnabled", true);
Found : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Found : user_pref("CT2790392.testingCtid", "");
Found : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sat May 19 2012 02:44:25 GMT+0530 (India Sta[...]
Found : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Sat May 19 2012 02:44:27 GMT+0530 (India Sta[...]
Found : user_pref("CT2790392.usageEnabled", false);
Found : user_pref("CT2790392.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\MaheshKJ\\AppData\\Roaming\\Mozilla[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://in.search.yahoo.com/search?fr=mca[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Found : user_pref("CommunityToolbar.globalUserId", "376fc45d-242f-41c4-99f8-f2b5f20282c3");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat May 19 2012 02:44:2[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat May 19 2012 02:44:20 GMT+0530 (I[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "055a6b26-3657-4034-abcb-a8e04bb6943e");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://en-US.start3.mozilla.com/firefox?client=firef[...]
Found : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Found : user_pref("aol_toolbar.surf.date", "1");
Found : user_pref("aol_toolbar.surf.lastDate", "27");
Found : user_pref("aol_toolbar.surf.lastMonth", "10");
Found : user_pref("aol_toolbar.surf.lastYear", "2009");
Found : user_pref("aol_toolbar.surf.month", "1");
Found : user_pref("aol_toolbar.surf.prevMonth", "0");
Found : user_pref("aol_toolbar.surf.total", "1");
Found : user_pref("aol_toolbar.surf.week", "1");
Found : user_pref("aol_toolbar.surf.year", "1");
Found : user_pref("browser.search.defaulturl", "hxxp://aim.search.aol.com/search/search?query={searchTerms}&[...]
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("extensions.alexa.toolbarXMLText", "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<toolbar>\[...]
Found : user_pref("extensions.snipit.askTbInstalled", true);
Found : user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&[...]

File : C:\Users\Chaya\AppData\Roaming\Mozilla\Firefox\Profiles\dhk204n0.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\MaheshKJ\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [14523 octets] - [13/02/2013 05:22:35]
AdwCleaner[R2].txt - [14455 octets] - [13/02/2013 13:19:57]

########## EOF - C:\AdwCleaner[R2].txt - [14516 octets] ##########
 



#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:24 PM

Posted 13 February 2013 - 08:36 AM

Remove the AdWare, PUP (Potentially Unwanted Program) installed on your computer.
 
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Everything that was found will be deleted.
  • Follow the prompts to reboot the computer. A text file will open after the restart.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number)..
  •  
    Please let me know of any remaining issues with this computer.


    #11 maheshdj

    maheshdj
    • Topic Starter

    • Members
    • 21 posts
    • OFFLINE
    •  
    • Local time:07:24 PM

    Posted 13 February 2013 - 08:42 AM

    would appreciate to know which ones to be removed ( like Adware, PUP which are installed on my computer )

     

    Also my system freeqes a lot and non responsive and the only solution to it is to restart the system whcih is very annoying to me. Any specific reasons or suggestions to stop those hardward or software issues rescur again



    #12 nasdaq

    nasdaq

    • Malware Response Team
    • 39,946 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:08:24 PM

    Posted 13 February 2013 - 11:07 AM

    would appreciate to know which ones to be removed ( like Adware, PUP which are installed on my computer )

     

    Remove everything..

     

    Restart the computer and let me know if the problem persists.



    #13 maheshdj

    maheshdj
    • Topic Starter

    • Members
    • 21 posts
    • OFFLINE
    •  
    • Local time:07:24 PM

    Posted 13 February 2013 - 03:05 PM

    # AdwCleaner v2.112 - Logfile created 02/14/2013 at 00:31:51
    # Updated 10/02/2013 by Xplode
    # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
    # User : MaheshKJ - MAHESHKJ-PC
    # Boot Mode : Normal
    # Running from : C:\Users\MaheshKJ\Downloads\Programs\adwcleaner0.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\extensions\toolbar@alexa.com.xpi
    Folder Deleted : C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\ConduitCommon

    ***** [Registry] *****

    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKLM\Software\PIP
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16464

    [OK] Registry is clean.

    -\\ Mozilla Firefox v18.0.2 (en-US)

    File : C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\prefs.js

    C:\Users\MaheshKJ\AppData\Roaming\Mozilla\Firefox\Profiles\mouqbl9h.default\user.js ... Deleted !

    Deleted : user_pref("CT2790392..clientLogIsEnabled", false);
    Deleted : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
    Deleted : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
    Deleted : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
    Deleted : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
    Deleted : user_pref("CT2790392.CTID", "CT2790392");
    Deleted : user_pref("CT2790392.CurrentServerDate", "19-5-2012");
    Deleted : user_pref("CT2790392.DSInstall", false);
    Deleted : user_pref("CT2790392.DialogsAlignMode", "LTR");
    Deleted : user_pref("CT2790392.DialogsGetterLastCheckTime", "Sat May 19 2012 02:44:25 GMT+0530 (India Standard[...]
    Deleted : user_pref("CT2790392.DownloadReferralCookieData", "");
    Deleted : user_pref("CT2790392.EMailNotifierPollDate", "Sat May 19 2012 02:44:26 GMT+0530 (India Standard Time[...]
    Deleted : user_pref("CT2790392.EnableClickToSearchBox", false);
    Deleted : user_pref("CT2790392.EnableSearchHistory", false);
    Deleted : user_pref("CT2790392.EnableSearchSuggest", false);
    Deleted : user_pref("CT2790392.FeedLastCount129313977501788460", 207);
    Deleted : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
    Deleted : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
    Deleted : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
    Deleted : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
    Deleted : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
    Deleted : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
    Deleted : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
    Deleted : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat May 19 2012 02:44:26 GMT+0530 (India Stan[...]
    Deleted : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat May 19 2012 02:44:27 GMT+0530 (India Stan[...]
    Deleted : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat May 19 2012 02:44:27 GMT+0530 (India Stan[...]
    Deleted : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat May 19 2012 02:44:27 GMT+0530 (India Stan[...]
    Deleted : user_pref("CT2790392.FeedTTL129313974171006416", 10);
    Deleted : user_pref("CT2790392.FeedTTL129313977444757117", 15);
    Deleted : user_pref("CT2790392.FeedTTL129313980655381977", 5);
    Deleted : user_pref("CT2790392.FeedTTL129313981234756535", 5);
    Deleted : user_pref("CT2790392.FirstServerDate", "19-5-2012");
    Deleted : user_pref("CT2790392.FirstTime", true);
    Deleted : user_pref("CT2790392.FirstTimeFF3", true);
    Deleted : user_pref("CT2790392.FixPageNotFoundErrors", true);
    Deleted : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
    Deleted : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Deleted : user_pref("CT2790392.HPInstall", false);
    Deleted : user_pref("CT2790392.HasUserGlobalKeys", true);
    Deleted : user_pref("CT2790392.Initialize", true);
    Deleted : user_pref("CT2790392.InitializeCommonPrefs", true);
    Deleted : user_pref("CT2790392.InstallationAndCookieDataSentCount", 1);
    Deleted : user_pref("CT2790392.InstallationId", "fft9BB5.tmp.exe");
    Deleted : user_pref("CT2790392.InstallationType", "XPE");
    Deleted : user_pref("CT2790392.InstalledDate", "Sat May 19 2012 02:44:26 GMT+0530 (India Standard Time)");
    Deleted : user_pref("CT2790392.IsGrouping", false);
    Deleted : user_pref("CT2790392.IsInitSetupIni", true);
    Deleted : user_pref("CT2790392.IsMulticommunity", false);
    Deleted : user_pref("CT2790392.IsOpenThankYouPage", true);
    Deleted : user_pref("CT2790392.IsOpenUninstallPage", false);
    Deleted : user_pref("CT2790392.LanguagePackLastCheckTime", "Sat May 19 2012 02:44:47 GMT+0530 (India Standard [...]
    Deleted : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
    Deleted : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
    Deleted : user_pref("CT2790392.LastLogin_3.12.0.8", "Sat May 19 2012 02:44:27 GMT+0530 (India Standard Time)")[...]
    Deleted : user_pref("CT2790392.LatestVersion", "3.12.2.3");
    Deleted : user_pref("CT2790392.Locale", "en");
    Deleted : user_pref("CT2790392.MCDetectTooltipHeight", "83");
    Deleted : user_pref("CT2790392.MCDetectTooltipShow", false);
    Deleted : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Deleted : user_pref("CT2790392.MCDetectTooltipWidth", "295");
    Deleted : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
    Deleted : user_pref("CT2790392.OriginalFirstVersion", "3.12.0.8");
    Deleted : user_pref("CT2790392.SearchBackToDefaultEngine", false);
    Deleted : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
    Deleted : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
    Deleted : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
    Deleted : user_pref("CT2790392.SearchInNewTabEnabled", true);
    Deleted : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
    Deleted : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sat May 19 2012 02:44:27 GMT+0530 (India Standar[...]
    Deleted : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
    Deleted : user_pref("CT2790392.SearchInNewTabUserEnabled", false);
    Deleted : user_pref("CT2790392.SearchProtectorToolbarDisabled", true);
    Deleted : user_pref("CT2790392.SendProtectorDataViaLogin", true);
    Deleted : user_pref("CT2790392.ServiceMapLastCheckTime", "Sat May 19 2012 02:44:20 GMT+0530 (India Standard Ti[...]
    Deleted : user_pref("CT2790392.SettingsLastCheckTime", "Sat May 19 2012 02:44:20 GMT+0530 (India Standard Time[...]
    Deleted : user_pref("CT2790392.SettingsLastUpdate", "1337169810");
    Deleted : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
    Deleted : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
    Deleted : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Sat May 19 2012 02:44:20 GMT+0530 (India Stand[...]
    Deleted : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
    Deleted : user_pref("CT2790392.ToolbarDisabled", true);
    Deleted : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
    Deleted : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
    Deleted : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
    Deleted : user_pref("CT2790392.UserID", "UN03736310206316651");
    Deleted : user_pref("CT2790392.WeatherNetwork", "");
    Deleted : user_pref("CT2790392.WeatherPollDate", "Sat May 19 2012 02:44:27 GMT+0530 (India Standard Time)");
    Deleted : user_pref("CT2790392.WeatherUnit", "C");
    Deleted : user_pref("CT2790392.alertChannelId", "1182482");
    Deleted : user_pref("CT2790392.approveUntrustedApps", false);
    Deleted : user_pref("CT2790392.autoDisableScopes", -1);
    Deleted : user_pref("CT2790392.backendstorage.cbcountry_000", "494E");
    Deleted : user_pref("CT2790392.backendstorage.cbfirsttime", "536174204D617920313920323031322030323A34343A32392[...]
    Deleted : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
    Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
    Deleted : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Sat May 19 2012 02:44:42 GMT+0530 (India St[...]
    Deleted : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
    Deleted : user_pref("CT2790392.initDone", true);
    Deleted : user_pref("CT2790392.isSearchProtectorNotifyChanges", false);
    Deleted : user_pref("CT2790392.myStuffEnabled", true);
    Deleted : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
    Deleted : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
    Deleted : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
    Deleted : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
    Deleted : user_pref("CT2790392.navigateToUrlOnSearch", false);
    Deleted : user_pref("CT2790392.revertSettingsEnabled", true);
    Deleted : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
    Deleted : user_pref("CT2790392.searchProtectorEnableByLogin", true);
    Deleted : user_pref("CT2790392.testingCtid", "");
    Deleted : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sat May 19 2012 02:44:25 GMT+0530 (India Sta[...]
    Deleted : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Sat May 19 2012 02:44:27 GMT+0530 (India Sta[...]
    Deleted : user_pref("CT2790392.usageEnabled", false);
    Deleted : user_pref("CT2790392.usagesFlag", 2);
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
    Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\MaheshKJ\\AppData\\Roaming\\Mozilla[...]
    Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
    Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://in.search.yahoo.com/search?fr=mca[...]
    Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
    Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
    Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
    Deleted : user_pref("CommunityToolbar.globalUserId", "376fc45d-242f-41c4-99f8-f2b5f20282c3");
    Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat May 19 2012 02:44:2[...]
    Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
    Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
    Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat May 19 2012 02:44:20 GMT+0530 (I[...]
    Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
    Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Deleted : user_pref("CommunityToolbar.notifications.userId", "055a6b26-3657-4034-abcb-a8e04bb6943e");
    Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://en-US.start3.mozilla.com/firefox?client=firef[...]
    Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google");
    Deleted : user_pref("aol_toolbar.surf.date", "1");
    Deleted : user_pref("aol_toolbar.surf.lastDate", "27");
    Deleted : user_pref("aol_toolbar.surf.lastMonth", "10");
    Deleted : user_pref("aol_toolbar.surf.lastYear", "2009");
    Deleted : user_pref("aol_toolbar.surf.month", "1");
    Deleted : user_pref("aol_toolbar.surf.prevMonth", "0");
    Deleted : user_pref("aol_toolbar.surf.total", "1");
    Deleted : user_pref("aol_toolbar.surf.week", "1");
    Deleted : user_pref("aol_toolbar.surf.year", "1");
    Deleted : user_pref("browser.search.defaulturl", "hxxp://aim.search.aol.com/search/search?query={searchTerms}&[...]
    Deleted : user_pref("browser.search.order.1", "Ask.com");
    Deleted : user_pref("extensions.alexa.toolbarXMLText", "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<toolbar>\[...]
    Deleted : user_pref("extensions.snipit.askTbInstalled", true);
    Deleted : user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&[...]

    File : C:\Users\Chaya\AppData\Roaming\Mozilla\Firefox\Profiles\dhk204n0.default\prefs.js

    [OK] File is clean.

    -\\ Google Chrome v24.0.1312.57

    File : C:\Users\MaheshKJ\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [14523 octets] - [13/02/2013 05:22:35]
    AdwCleaner[R2].txt - [14584 octets] - [13/02/2013 13:19:57]
    AdwCleaner[S1].txt - [14949 octets] - [14/02/2013 00:31:51]

    ########## EOF - C:\AdwCleaner[S1].txt - [15010 octets] ##########
     



    #14 nasdaq

    nasdaq

    • Malware Response Team
    • 39,946 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:08:24 PM

    Posted 14 February 2013 - 08:12 AM

    Any remaining issues?



    #15 maheshdj

    maheshdj
    • Topic Starter

    • Members
    • 21 posts
    • OFFLINE
    •  
    • Local time:07:24 PM

    Posted 15 February 2013 - 06:26 PM

    well i do not have any redirects issues at all, but my system being unresponsive and hanging remains the same. Are there any specific reasons for system freezes so badly that I need to restart my system please suggest






    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users